<?phpinclude('database/koneksi.php');if(isset($_POST['submit'])){ $user =

1. <?php
2. include('database/koneksi.php');
3. if(isset($_POST['submit'])){
4. $user = mysql_real_escape_string(htmlentities($_POST['username']));
5. $pass = mysql_real_escape_string(htmlentities(md5($_POST['password'])));
6.  
7. $sql = mysql_query("SELECT * FROM user WHERE username='$user' AND password='$pass'") or die(mysql_error());
8. if(mysql_num_rows($sql) == 0){
9. echo 'Username atau Password anda salah <br>';
10. echo '<META HTTP-EQUIV="Refresh" Content="2; URL=index.php">';
11. }
12. $row = mysql_fetch_assoc($sql);
13. if($row['level'] == 1){
14. $_SESSION['admin']=$user;
15. echo '<script language="javascript">alert("Anda berhasil Login Admin!"); document.location="administrator.php";</script>';
16. }else{
17. $row = mysql_fetch_assoc($sql);
18. if($row['level'] == 1){
19. $_SESSION['admin']=$user;
20. echo '<script language="javascript">alert("Anda berhasil Login Admin!"); document.location="administrator.php";</script>';
21. }
22. }
23. }
24. ?>