cek-login versi server ph

1. <?php
2. include "../config/koneksi.php";
3. function antiinjection($data){
4.   $filter_sql = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
5.   return $filter_sql;
6. }
7.  
8. $username = antiinjection($_POST[username]);
9. $pass     = antiinjection(md5($_POST[password]));
10.  
11. $login=mysql_query("SELECT * FROM admins WHERE username='$username' AND password='$pass' AND blokir='N'");
12. $ketemu=mysql_num_rows($login);
13. $r=mysql_fetch_array($login);
14.  
15. // Apabila username dan password ditemukan
16. if ($ketemu > 0){
17.   session_start();
18.  
19.  
20.   $_SESSION['namauser']     = $r['username'];
21.   $_SESSION['namalengkap']  = $r['nama_lengkap'];
22.   $_SESSION['passuser']     = $r['password'];
23.   $_SESSION['leveluser']    = $r['level'];
24.  
25.   header('location:media.php?module=home');
26. }
27. else{
28. echo "<link href='css/screen.css' rel='stylesheet' type='text/css'><link href='css/reset.css' rel='stylesheet' type='text/css'>";
29.   echo "<center><br><br><br><br><br><br><b>LOGIN GAGAL! </b><br>
30.        Username atau Password Anda tidak benar.<br>
31.        Atau account Anda sedang diblokir.<br><br>";
32.         echo "<div> <a href='index.php'><img src='images/seru.png'  height=147 width=176><br><br></a>
33.             </div>";
34.   echo "<input type=button class='tombol' value='ULANGI LAGI' onclick=location.href='index.php'></a></center>";
35.  
36. }
37. ?>