Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //memulai session
- session_start();
- //Include file koneksi ke database
- require_once('koneksi.php');
- //fungsi untuk membersihkan nilai yang diterima dari form. mencegah SQL injection
- function clean($str) {
- $str = trim($str);
- if(get_magic_quotes_gpc()) {
- $str = stripslashes($str);
- }
- return mysql_real_escape_string($str);
- }
- //mengambil nilai inputan form dan menyimpan ke variabel
- $username = clean($_POST['username']);
- $password = clean($_POST['password']);
- //buat query
- $qry="SELECT * FROM login WHERE username='{$username}' AND password='{$password}'";
- $result=mysql_query($qry) or die("ada kesalahan query [{$sql}] dengan pesan:".mysql_error());
- //Check query telah sukses
- //if($result) {
- if(mysql_num_rows($result) == 1) {
- //Login berhasil
- session_regenerate_id();
- $user = mysql_fetch_assoc($result);
- ("username");//isi variabel session dengan query tabel
- ("password");//isi variabel session dengan query tabel
- session_write_close();
- echo "<meta http-equiv='refresh' content='0; url=admin/index.php'>"; exit();
- }else {
- //Login gagal akan diarahkan ke halaman failed login
- echo "<script>alert('Anda Gagal Login Ulangi Kembali');</script>";
- echo "<meta http-equiv='refresh' content='0; url=index.php'>";
- exit();
- /* }
- }else {
- die("Query failed");
- }*/
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement