Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("config/config.php");
- if (isset($_POST['login'])) {
- $username = filter_input(INPUT_POST, 'username',FILTER_SANITIZE_STRING);
- $password = filter_input(INPUT_POST, 'password',FILTER_SANITIZE_STRING);
- $sentence = "";
- if (empty($username) || empty($password)) {
- $sentence .= "username dan password tidak boleh kosong";
- }
- $query = "SELECT * FROM users WHERE username =:username";
- $query_param = array(
- ":username" => $username
- );
- try {
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_param);
- } catch (PDOException $error) {
- die("error cant access");
- }
- $login_ok = false;
- $row = $stmt->fetch();
- // jika garapan database sama dengan post cek pssword
- if ($row) {
- // mencoba hash gabungan post password & salt
- $check_password = hash('sha256', $_POST['password'] . $row['salt']);
- // login true
- if ($check_password === $row['password']) {
- $login_ok = true;
- }
- }
- if ($login_ok) {
- // menyembunyikan row salt dan password
- unset($row['salt']);
- unset($row['password']);
- // memasukan semua garapan $row ke session
- $_SESSION['user'] = $row['username'];
- header("Location: index.php");
- }else{
- $sentence .= "Login failed";
- exit();
- }
- }
- else{
- $sentence ="";
- $username ="";
- $password = "";
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <title>Login Form</title>
- <link rel="stylesheet" type="text/css" href="assets/form.css">
- </head>
- <body>
- <div class="container">
- <h1>Selamat Datang</h1>
- <h3>Sistem Informasi sekolahku</h3>
- <?php
- // tampilkan pesan jika ada
- if (isset($pesan)) {
- echo "<div class=\"pesan\">$pesan</div>";
- }
- // tampilkan error jika ada
- if ($sentence !== "") {
- echo "<div class=\"error\">$sentence</div>";
- }
- ?>
- <form action="login.php" method="post">
- <fieldset>
- <legend>Login</legend>
- <p>
- <label for="username">Username : </label>
- <input type="text" name="username" id="username"
- value="<?php echo $username ?>">
- </p>
- <p>
- <label for="password">Password : </label>
- <input type="password" name="password" id="password"
- value="<?php echo $username ?>">
- </p>
- <button class="button" type="submit" name="login">Login</button>
- </fieldset>
- <p style="text-align: center;"><a href="register.php">not have account? register now</p>
- </form>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement