Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if (isset($_POST['login'])) {
- $post_username = mysqli_real_escape_string($db,stripslashes(strip_tags(htmlspecialchars($_POST['user'],ENT_QUOTES))));
- $post_password = mysqli_real_escape_string($db,stripslashes(strip_tags(htmlspecialchars($_POST['pswd'],ENT_QUOTES))));
- $code = addslashes( $_POST['code'] );
- if (empty($post_username) || empty($post_password) || empty($code)) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Mohon mengisi semua input.";
- } else if ($code != $_SESSION["security_code"] ) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Kode tidak cocok.";
- } else {
- $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$post_username'");
- if (mysqli_num_rows($check_user) == 0) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Username/Password salah";
- } else {
- $data_user = mysqli_fetch_assoc($check_user);
- if (password_verify($post_password, $data_user['password']) == false) {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Username/Password salah";
- } else if ($data_user['status'] == "Suspended") {
- $msg_type = "error";
- $msg_content = "<b>Gagal:</b> Akun nonaktif.";
- } else {
- $_SESSION['user'] = $data_user;
- header("Location: ".$cfg_baseurl);
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement