Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include "koneksi/koneksi.php";
- session_start();
- // untuk mencegah sql injection
- function anti_injection($data){
- $filter=mysql_real_escape_string( stripslashes ( strip_tags ( htmlspecialchars($data, ENT_QUOTES))));
- return $filter;
- }
- $username = anti_injection($_POST['username']);
- $password = anti_injection(md5($_POST['password']));
- //pastikan username dan password berupa huruf atau angka
- $cek = mysql_query("SELECT * FROM siswa WHERE username='$username' and password='$password'");
- $id = mysql_fetch_array($cek);
- if(mysql_num_rows($cek)>=1){
- @$_SESSION['username'] = $id['username'];
- @$_SESSION['password'] = $id['password'];
- header('location: user');
- }else{
- echo "<script>alert('Username atau password salah!'); document.location.href=\"index.php\"</script>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement