2526-web/Kelompok02-Memory-Card
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://git-eng.ukwms.ac.id/2526-web/Kelompok02-Memory-Card

Browse Source
This commit is contained in:
Yustina 2025-12-15 23:18:07 +07:00
commit 1fd4ece237
2 changed files with 61 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Config.php
View File

@ -1,12 +1,13 @@
<?php <?php
$host = "localhost"; $host = "localhost";
$user = "root"; $user = "root";
$password = ""; $password = "";
$database = "users_db"; $database = "users_db";
$conn = mysqli_connect($host, $user, $password, $database); $conn = new mysqli($host, $user, $password, $database);
if (!$conn) { if ($conn->connect_error) {
die("Koneksi gagal: " . mysqli_connect_error()); die("Koneksi gagal: " . $conn->connect_error);
} }
?> ?>

102
auth.php
View File

@ -1,8 +1,18 @@
<?php <?php
session_start(); session_start();
require_once "Config.php"; require_once "config.php";
// ===================== REGISTER ===================== /* =====================================================
JANGAN AKSES auth.php LANGSUNG
===================================================== */
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header("Location: index.php");
exit;
}
/* =====================================================
REGISTER
===================================================== */
if (isset($_POST['btn-register'])) { if (isset($_POST['btn-register'])) {
$username = trim($_POST['username']); $username = trim($_POST['username']);
@ -10,71 +20,73 @@ if (isset($_POST['btn-register'])) {
$password = $_POST['password']; $password = $_POST['password'];
$confirm = $_POST['confirm_password']; $confirm = $_POST['confirm_password'];
// validasi // Validasi sederhana
if (!$username || !$email || !$password || !$confirm) { if (empty($username) || empty($email) || empty($password) || empty($confirm)) {
header("Location: index.php?error=kosong"); $_SESSION['error'] = "Semua kolom wajib diisi!";
exit; header("Location: index.php");
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: index.php?error=email");
exit;
}
if (strlen($password) < 6) {
header("Location: index.php?error=pass");
exit; exit;
} }
if ($password !== $confirm) { if ($password !== $confirm) {
header("Location: index.php?error=confirm"); $_SESSION['error'] = "Konfirmasi password tidak cocok!";
header("Location: index.php");
exit; exit;
} }
// cek user // Cek user sudah ada atau belum
$cek = mysqli_prepare($conn, "SELECT id FROM users WHERE username=? OR email=?"); $cek = $conn->prepare("SELECT id FROM users WHERE username=? OR email=?");
mysqli_stmt_bind_param($cek, "ss", $username, $email); $cek->bind_param("ss", $username, $email);
mysqli_stmt_execute($cek); $cek->execute();
mysqli_stmt_store_result($cek); $cek->store_result();
if (mysqli_stmt_num_rows($cek) > 0) { if ($cek->num_rows > 0) {
header("Location: index.php?error=exist"); $_SESSION['error'] = "Username atau Email sudah terdaftar!";
header("Location: index.php");
exit; exit;
} }
$cek->close();
mysqli_stmt_close($cek); // Insert ke database
// simpan
$hash = password_hash($password, PASSWORD_DEFAULT); $hash = password_hash($password, PASSWORD_DEFAULT);
$insert = mysqli_prepare($conn, "INSERT INTO users (username,email,password) VALUES (?,?,?)"); $insert = $conn->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($insert, "sss", $username, $email, $hash); $insert->bind_param("sss", $username, $email, $hash);
mysqli_stmt_execute($insert);
mysqli_stmt_close($insert);
header("Location: index.php?success=register"); if ($insert->execute()) {
$_SESSION['success'] = "Registrasi berhasil! Silakan login.";
} else {
$_SESSION['error'] = "Terjadi kesalahan sistem: " . $conn->error;
}
$insert->close();
header("Location: index.php"); // Kembali ke index
exit; exit;
} }
// ===================== LOGIN ===================== /* =====================================================
LOGIN
===================================================== */
if (isset($_POST['btn-login'])) { if (isset($_POST['btn-login'])) {
$username = $_POST['username']; $username = trim($_POST['username']);
$password = $_POST['password']; $password = $_POST['password'];
$stmt = mysqli_prepare($conn, "SELECT * FROM users WHERE username=?"); $stmt = $conn->prepare("SELECT * FROM users WHERE username=?");
mysqli_stmt_bind_param($stmt, "s", $username); $stmt->bind_param("s", $username);
mysqli_stmt_execute($stmt); $stmt->execute();
$result = mysqli_stmt_get_result($stmt); $result = $stmt->get_result();
$user = mysqli_fetch_assoc($result); $user = $result->fetch_assoc();
if (!$user || !password_verify($password, $user['password'])) { if ($user && password_verify($password, $user['password'])) {
header("Location: index.php?error=login"); // Login Sukses
$_SESSION['user'] = $user;
header("Location: mainboard.php"); // Pastikan file ini ada!
exit;
} else {
// Login Gagal
$_SESSION['error'] = "Username atau Password salah!";
header("Location: index.php");
exit; exit;
} }
$_SESSION['user'] = $user;
header("Location: mainboard.php");
exit;
} }
?>