<?phpsession_start();require 'config.php';if ( isset($_POST['username']) &

1. <?php
2. session_start();
3. require 'config.php';
4. if ( isset($_POST['username']) && isset($_POST['password']) ) {
5.  
6. $sql_check = "SELECT nama,
7. level_user,
8. id_user
9. FROM users
10. WHERE
11. username=?
12. AND
13. password=?
14. LIMIT 1";
15. $check_log = $dbconnect->prepare($sql_check);
16. $check_log->bind_param('ss', $username, $password);
17. $username = $_POST['username'];
18. $password = md5( $_POST['password'] );
19. $check_log->execute();
20. $check_log->store_result();
21. if ( $check_log->num_rows == 1 ) {
22. $check_log->bind_result($nama, $level_user, $id_user);
23. while ( $check_log->fetch() ) {
24. $_SESSION['user_login'] = $level_user;
25. $_SESSION['sess_id'] = $id_user;
26. $_SESSION['nama'] = $nama;
27.  
28. }
29. $check_log->close();
30. header('location:on-'.$level_user);
31. exit();
32. } else {
33. header('location: login.php?error='.base64_encode('Username dan Password Invalid!!!'));
34. exit();
35. }
36.  
37. } else {
38. header('location:login.php');
39. exit();
40. }