<?phpsession_start();require("mainconfig.php");$msg_type = "nothing";$

1. <?php
2. session_start();
3.  
4. require("mainconfig.php");
5. $msg_type = "nothing";
6. $site_key = "6LcRzDIUAAAAALKWHcExLVdoR6HuuZCCaE5Ux9yx";
7. $secret_key = "6LcRzDIUAAAAAB0pT4vHiRdKAXMK0vOtZs_qthJc";
8.  
9. if(isset($_POST['g-recaptcha-response']))
10. {
11. $api_url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $secret_key . '&response='.$_POST['g-recaptcha-response'];
12. $response = @file_get_contents($api_url);
13. $recaptcha = json_decode($response, true);
14. }
15.  
16. if (isset($_SESSION['user'])) {
17. $sess_username = $_SESSION['user']['username'];
18. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
19. $data_user = mysqli_fetch_assoc($check_user);
20. if (mysqli_num_rows($check_user) == 0) {
21. header("Location: ".$cfg_baseurl."logout.php");
22. } else if ($data_user['status'] == "Suspended") {
23. header("Location: ".$cfg_baseurl."logout.php");
24. }
25.  
26. $check_order = mysqli_query($db, "SELECT SUM(price) AS total FROM orders WHERE user = '$sess_username'");
27. $data_order = mysqli_fetch_assoc($check_order);
28. $check_worder = mysqli_query($db, "SELECT * FROM orders WHERE user = '$sess_username'");
29. $count_worder = mysqli_num_rows($check_worder);
30. $count_users = mysqli_num_rows(mysqli_query($db, "SELECT * FROM users"));
31. } else {
32. if (isset($_POST['login'])) {
33. if(!isset($_POST['setuju'])){
34. $msg_type = "error";
35. $msg_content = "<b>Gagal:</b> Silahkan ceklis dahulu.";
36. }else{
37. $post_username = mysqli_real_escape_string($db, trim($_POST['username']));
38. $post_password = mysqli_real_escape_string($db, trim($_POST['password']));
39. $post_password = md5($post_password);
40. if (empty($post_username) || empty($post_password)) {
41. $msg_type = "error";
42. $msg_content = "<b>Gagal:</b> Mohon mengisi semua input.";
43. } else {
44. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$post_username'");
45. if (mysqli_num_rows($check_user) == 0) {
46. $msg_type = "error";
47. $msg_content = "<b>Gagal:</b> Username atau password salah.";
48. } else {
49. $data_user = mysqli_fetch_assoc($check_user);
50. if (!password_verify($post_password, $data_user['password'])) {
51. $msg_type = "error";
52. $msg_content = "<b>Gagal:</b> Username atau password salah.";
53. } else if ($data_user['status'] == "Suspended") {
54. $msg_type = "error";
55. $msg_content = "<b>Gagal:</b> Akun nonaktif.";
56. } else {
57. // kode
58. $agent = $_SERVER['HTTP_USER_AGENT'];
59. $ip = $_SERVER['REMOTE_ADDR'];
60. $db->query("INSERT INTO login_history VALUES('','$post_username','$date','$time','$ip','$agent')");
61. $_SESSION['user'] = $data_user;
62. header("Location: ".$cfg_baseurl);
63. }
64. }
65. }
66. }
67. }
68. }
69. include("lib/header.php");
70. ?>
71. <h3>
72. <div class="pull-right text-center">
73. </div><small><?php echo $cfg_webname; ?> -> Masuk </small>
74. </h3>
75.  
76. <div class="row">
77. <div class="col-md-offset-3 col-md-6">
78. <div class="panel panel-default">
79. <div class="panel-heading">
80. <h3 class="panel-title"><i class="fa fa-user"></i> Masuk</h3>
81. </div>
82. <div class="panel-body">
83. <?php
84. if ($msg_type == "error") {
85. ?>
86. <div class="alert alert-danger">
87. <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
88. <i class="fa fa-times-circle"></i>
89. <?php echo $msg_content; ?>
90. </div>
91. <?php
92. }
93. ?>
94. <form class="form-horizontal" role="form" method="POST">
95. <div class="form-group">
96. <label class="col-md-2 control-label">Username</label>
97. <div class="col-md-10">
98. <input type="text" name="username" class="form-control" placeholder="Username">
99. </div>
100. </div>
101. <div class="form-group">
102. <label class="col-md-2 control-label">Password</label>
103. <div class="col-md-10">
104. <input type="password" name="password" class="form-control" placeholder="Password">
105. </div>
106. </div>
107. <div class="form-group">
108. <label class="col-md-2 control-label"></label>
109. <div class="col-md-10">
110. <div class="checkbox icheck">
111. <label>
112. <input name="setuju" type="checkbox"> Saya menyetujui <a href="/terms">Syarat & Ketentuan</a> dari PanelMedia
113. </label>
114. </div>
115. </div>
116. </div>
117.  
118. <div class="form-group">
119. <div class="col-md-offset-2 col-md-10">
120. <button type="submit" class="btn btn-success btn-bordered waves-effect w-md waves-light" name="login">Masuk</button>
121. </div></div>
122. <center><div class="rblikebox"> <div> <iframe src="https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/panel-media.net/&width=245&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270" scrolling="no" frameborder="0" scrolling="no" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;"></iframe></div></center>
123.  
124. </div>
125. </form>
126. </div>
127. <div class="panel-footer">
128. Belum punya akun? <a class="btn btn-default btn-sm" href="<?php echo $cfg_registerurl; ?>">Daftar!</a>
129. Lupa Password? <a class="btn btn-default btn-sm" href="/forgot.php">Klik Disini</a><div><div>
130.  
131. <center><footer class="main-footer">
132. <!-- To the right -->
133.  
134. </div>
135. <!-- Default to the left -->
136. <strong>Copyright © 2018 <a href="https://panelmedia.net/">Panel Media</a></strong>
137. </footer>
138.  
139. </div>
140.  
141.  
142. </div>
143. </div>
144. </div>