diff --git a/login.html b/login.html index 1514bec..fc87fc0 100644 --- a/login.html +++ b/login.html @@ -313,7 +313,7 @@ input:focus {

+ \ No newline at end of file diff --git a/login.php b/login.php index 6c7885f..47d845e 100644 --- a/login.php +++ b/login.php @@ -2,24 +2,30 @@ session_start(); include "koneksi.php"; -$username = $_POST['username']; -$password = $_POST['password']; - -$stmt = mysqli_prepare($conn, "SELECT * FROM user WHERE username=?"); -mysqli_stmt_bind_param($stmt, "s", $username); -mysqli_stmt_execute($stmt); -$result = mysqli_stmt_get_result($stmt); -<<<<<<< HEAD -$row = mysqli_fetch_assoc($result); -======= ->>>>>>> 99c33ab04fa37c4be55d5d09fec7aae16d58e08d - -if ($row && password_verify($password, $row['password'])) { - $_SESSION['username'] = $row['username']; - echo "OK"; - exit; -} else { +if (!isset($_POST['username']) || !isset($_POST['password'])) { echo "Username atau password salah"; exit; } + +$username = $_POST['username']; +$password = $_POST['password']; + +// Ambil user berdasarkan username +$stmt = mysqli_prepare($conn, "SELECT * FROM user WHERE username=?"); +mysqli_stmt_bind_param($stmt, "s", $username); +mysqli_stmt_execute($stmt); + +$result = mysqli_stmt_get_result($stmt); +$row = mysqli_fetch_assoc($result); + +// Kalau username tidak ditemukan ATAU password salah +if (!$row || !password_verify($password, $row['password'])) { + echo "Username atau password salah"; + exit; +} + +// Login sukses +$_SESSION['username'] = $row['username']; +echo "OK"; +exit; ?>