Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- include "config/class_database.php";
- include "config/serverconfig.php";
- include "config/debug.php";
- function anti_injection($data){
- $filter = stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES)));
- return $filter;
- }
- $username = anti_injection(mysql_real_escape_string(strip_tags($_POST['username'])));
- $password = anti_injection(mysql_real_escape_string(strip_tags(md5($_POST['password']))));
- $level = $_POST['level'];
- session_start();
- $sql_tglaktif = $db->database_prepare("SELECT * From thnakademik where status = 1")->execute();
- $data_tglaktif = $db->database_fetch_array($sql_tglaktif);
- $tglaktif=date('Y-m-d');
- if ($tglaktif>=$data_tglaktif['awalsmst'] && $tglaktif<=$data_tglaktif['tglyudisium']){
- $_SESSION['tgll']='Y';//date('Y-m-d');;
- }else{
- $_SESSION['tgll'] = 'T';
- }
- if ($_POST["level"] == 1){
- $sql = $db->database_prepare("SELECT * FROM admin WHERE username = ? AND password = ?")->execute($username,$password);
- }
- else{
- if ($_POST["level"] == 2){
- $sql = $db->database_prepare("SELECT * FROM dosen WHERE username = ? AND password = ? AND aktif = 'Y'")->execute($username,$password);
- }
- else{
- if ($_POST["level"] == 3){
- $sql = $db->database_prepare("SELECT * FROM karyawan WHERE username = ? AND password = ? AND aktif = 'Y'")->execute($username,$password);
- }else{
- if ($_POST["level"] == 4){
- $sql = $db->database_prepare("SELECT * FROM mahasiswa WHERE username = ? AND password = ? AND aktif = 'Y'")->execute($username,$password);
- }else{
- $sql = $db->database_prepare("SELECT * FROM as_users WHERE email = ? AND password = ? AND aktif = 'Y' AND blokir = 'N'")->execute($username,$password);
- }
- }
- }
- }
- $nums = $db->database_num_rows($sql);
- $data = $db->database_fetch_array($sql);
- if ($nums > 0){
- $last_login = date('Y-m-d H:i:s');
- if ($level == '1'){
- $_SESSION['nama_lengkap'] = $data['nama'];
- $_SESSION['username'] = $data['username'];
- $_SESSION['password'] = $data['password'];
- $_SESSION['userid'] = $data['--'];
- $_SESSION['useri'] = $data['id'];
- $_SESSION['foto'] = $data['foto'];
- $_SESSION['level'] = $data['id_level'];
- $_SESSION['level_admin'] = $data['level_admin'];
- $_SESSION['4dm1np0lsr1'] = 'nimda';
- $_SESSION['last_login'] = date('Y-m-d H:i:s');
- $_SESSION['ip'] = $_SERVER["REMOTE_ADDR"];
- $_SESSION['aktif'] = $data['aktif'];
- $db->database_prepare("UPDATE admin SET last_login = ?, ip = ? WHERE id = ?")->execute($last_login,$_SERVER["REMOTE_ADDR"],$data["id"]);
- if ($_SESSION['level_admin']==1){
- header("Location: admin/utamakar.php?code=1");
- }else{
- if ($_SESSION['level_admin']==2 OR $_SESSION['level_admin']==3){
- header("Location: subadmin/utamakar.php?code=1");
- }else{
- header("Location: index.php?code=1");
- }
- }
- }
- if ($level == '2'){
- $_SESSION['id_dosen'] = $data['dosen_ID'];
- $_SESSION['foto'] = $data['foto'];
- $_SESSION['username'] = $data['username'];
- $_SESSION['password'] = $data['password'];
- $_SESSION['identitas'] = $data['Identitas_ID'];
- $_SESSION['kode_jurusan'] = $data['Homebase'];
- $_SESSION['level'] = $data['id_level'];
- $_SESSION['nama_lengkap'] = $data['nama'];
- $_SESSION['jabatan_id'] = $data['Jabatan_ID'];
- $_SESSION['aktif'] = $data['aktif'];
- $_SESSION['4dm1nd0s3n'] = 'nimda';
- //$_SESSION['blokir'] = $data['blokir'];
- $_SESSION['last_login'] = date('Y-m-d H:i:s');
- $_SESSION['ip'] = $_SERVER["REMOTE_ADDR"];
- $db->database_prepare("UPDATE dosen SET last_login = ?, ip = ? WHERE dosen_ID = ?")->execute($last_login,$_SERVER["REMOTE_ADDR"],$data["dosen_ID"]);
- header("Location: dosen/utamakar.php?code=1");
- }
- if($level == '3'){
- $_SESSION['id'] = $data['id'];
- $_SESSION['username'] = $data['username'];
- $_SESSION['password'] = $data['password'];
- $_SESSION['identitas'] = $data['Identitas_ID'];
- $_SESSION['kode_jurusan'] = $data['kode_jurusan'];
- $_SESSION['level'] = $data['id_level'];
- $_SESSION['nama_lengkap'] = $data['nama'];
- //$_SESSION['nama_panggil'] = $data['nama_panggil'];
- $_SESSION['aktif'] = $data['aktif'];
- $_SESSION['foto'] = $data['foto'];
- $_SESSION['4dm1njurusan'] = 'nimda';
- $_SESSION['last_login'] = date('Y-m-d H:i:s');
- $_SESSION['ip'] = $_SERVER["REMOTE_ADDR"];
- $db->database_prepare("UPDATE karyawan SET last_login = ?, ip = ? WHERE id = ?")->execute($last_login,$_SERVER["REMOTE_ADDR"],$data["id"]);
- // echo $_SERVER["REMOTE_ADDR"];
- header("Location: karyawan/utamakar.php?code=1");
- //echo $_SESSION['nama_lengkap'];
- //echo $level;
- }
- //echo $nums;
- if($level == '4'){
- $_SESSION['mhs_ID'] = $data['mhs_ID'];
- $_SESSION['username'] = $data['username'];
- $_SESSION['password'] = $data['password'];
- $_SESSION['identitas'] = $data['Identitas_ID'];
- $_SESSION['kode_jurusan'] = $data['kode_jurusan'];
- $_SESSION['level'] = $data['id_level'];
- $_SESSION['nama_lengkap'] = $data['nama'];
- //$_SESSION['nama_panggil'] = $data['nama_panggil'];
- $_SESSION['aktif'] = $data['aktif'];
- $_SESSION['Foto'] = $data['Foto'];
- //$_SESSION['blokir'] = $data['blokir'];
- $_SESSION['last_login'] = date('Y-m-d H:i:s');
- $_SESSION['ip'] = $_SERVER["REMOTE_ADDR"];
- //$db->database_prepare("UPDATE karyawan SET last_login = ?, ip = ? WHERE id = ?")->execute($last_login,$_SERVER["REMOTE_ADDR"],$data["id"]);
- // echo $_SERVER["REMOTE_ADDR"];
- header("Location: mahasiswa/utamakar.php?code=1");
- //echo $_SESSION['nama_lengkap'];
- //echo $level;
- }
- //echo $nums;
- }
- else{
- header("Location: index.php?code=1");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement