proseslogin.php

1. <?php
2.  
3. if(isset($_POST['username']) && ($_POST['password'])){
4.  
5.     session_start();
6.  
7.     include('./database/connect.php'); //Database Connection File
8.  
9.     $username = $mysqli->real_escape_string($_POST['username']);
10.     $password = $mysqli->real_escape_string($_POST['password']);
11.  
12.     $queryShowUser = $mysqli -> query("select * from user where username = '{$username}'");
13.     $queryFetchShowUser = $queryShowUser -> fetch_array(MYSQLI_ASSOC); //Fetch Data
14.  
15.     //Save user information
16.     $saveid = $queryFetchShowUser['id'];
17.     $saveusername = $queryFetchShowUser['username'];
18.     $savepassword = $queryFetchShowUser['password'];
19.     $namapenuh = $queryFetchShowUser['fullname'];
20.     $jawatan = $queryFetchShowUser['jawatan'];
21.  
22.     $_SESSION['username'] = $saveusername;
23.     $_SESSION['id'] = $saveid;
24.     $_SESSION['fullname'] = $namapenuh;
25.     $_SESSION['jawatan'] = $jawatan;
26.  
27.         if(($_POST['password']) == $savepassword){ //Compare Password User Entered In Database if True
28.  
29.         /*
30.         Jawatan :
31.         -admin
32.         -pekerja
33.         -pegawai
34.         */
35.  
36.         if($jawatan == 'pekerja'){ echo "<script>location.href = 'user/index.php'</script>"; }
37.  
38.         else if($jawatan == 'pegawai' || $jawatan == 'admin'){ echo "<script>location.href = 'admin/index.php'</script>"; }
39.  
40.  
41.         }else {
42.  
43.             echo "Nama atau Kata Laluan Salah !";
44.         }
45.  
46.   }
47.  
48. ?>