2526-web/Kelompok02-Memory-Card
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: 2526-web:48638451a26da4193edfc4548dd1c256198cd4c9
Branches Tags
2526-web:main
..
compare: 2526-web:e86444cb0de659929ec4867139ec2cf9465206a9
Branches Tags
2526-web:main

No commits in common. "48638451a26da4193edfc4548dd1c256198cd4c9" and "e86444cb0de659929ec4867139ec2cf9465206a9" have entirely different histories.
48638451a2 ... e86444cb0d

2 changed files with 48 additions and 61 deletions
Show Stats Expand all files Collapse all files

7
Config.php
View File

@ -1,13 +1,12 @@
<?php <?php
$host = "localhost"; $host = "localhost";
$user = "root"; $user = "root";
$password = ""; $password = "";
$database = "users_db"; $database = "users_db";
$conn = new mysqli($host, $user, $password, $database); $conn = mysqli_connect($host, $user, $password, $database);
if ($conn->connect_error) { if (!$conn) {
die("Koneksi gagal: " . $conn->connect_error); die("Koneksi gagal: " . mysqli_connect_error());
} }
?> ?>

102
auth.php
View File

@ -1,18 +1,8 @@
<?php <?php
session_start(); session_start();
require_once "config.php"; require_once "Config.php";
/* ===================================================== // ===================== REGISTER =====================
JANGAN AKSES auth.php LANGSUNG
===================================================== */
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header("Location: index.php");
exit;
}
/* =====================================================
REGISTER
===================================================== */
if (isset($_POST['btn-register'])) { if (isset($_POST['btn-register'])) {
$username = trim($_POST['username']); $username = trim($_POST['username']);
@ -20,73 +10,71 @@ if (isset($_POST['btn-register'])) {
$password = $_POST['password']; $password = $_POST['password'];
$confirm = $_POST['confirm_password']; $confirm = $_POST['confirm_password'];
// Validasi sederhana // validasi
if (empty($username) || empty($email) || empty($password) || empty($confirm)) { if (!$username || !$email || !$password || !$confirm) {
$_SESSION['error'] = "Semua kolom wajib diisi!"; header("Location: index.php?error=kosong");
header("Location: index.php"); exit;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: index.php?error=email");
exit;
}
if (strlen($password) < 6) {
header("Location: index.php?error=pass");
exit; exit;
} }
if ($password !== $confirm) { if ($password !== $confirm) {
$_SESSION['error'] = "Konfirmasi password tidak cocok!"; header("Location: index.php?error=confirm");
header("Location: index.php");
exit; exit;
} }
// Cek user sudah ada atau belum // cek user
$cek = $conn->prepare("SELECT id FROM users WHERE username=? OR email=?"); $cek = mysqli_prepare($conn, "SELECT id FROM users WHERE username=? OR email=?");
$cek->bind_param("ss", $username, $email); mysqli_stmt_bind_param($cek, "ss", $username, $email);
$cek->execute(); mysqli_stmt_execute($cek);
$cek->store_result(); mysqli_stmt_store_result($cek);
if ($cek->num_rows > 0) { if (mysqli_stmt_num_rows($cek) > 0) {
$_SESSION['error'] = "Username atau Email sudah terdaftar!"; header("Location: index.php?error=exist");
header("Location: index.php");
exit; exit;
} }
$cek->close();
// Insert ke database mysqli_stmt_close($cek);
// simpan
$hash = password_hash($password, PASSWORD_DEFAULT); $hash = password_hash($password, PASSWORD_DEFAULT);
$insert = $conn->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)"); $insert = mysqli_prepare($conn, "INSERT INTO users (username,email,password) VALUES (?,?,?)");
$insert->bind_param("sss", $username, $email, $hash); mysqli_stmt_bind_param($insert, "sss", $username, $email, $hash);
mysqli_stmt_execute($insert);
mysqli_stmt_close($insert);
if ($insert->execute()) { header("Location: index.php?success=register");
$_SESSION['success'] = "Registrasi berhasil! Silakan login.";
} else {
$_SESSION['error'] = "Terjadi kesalahan sistem: " . $conn->error;
}
$insert->close();
header("Location: index.php"); // Kembali ke index
exit; exit;
} }
/* ===================================================== // ===================== LOGIN =====================
LOGIN
===================================================== */
if (isset($_POST['btn-login'])) { if (isset($_POST['btn-login'])) {
$username = trim($_POST['username']); $username = $_POST['username'];
$password = $_POST['password']; $password = $_POST['password'];
$stmt = $conn->prepare("SELECT * FROM users WHERE username=?"); $stmt = mysqli_prepare($conn, "SELECT * FROM users WHERE username=?");
$stmt->bind_param("s", $username); mysqli_stmt_bind_param($stmt, "s", $username);
$stmt->execute(); mysqli_stmt_execute($stmt);
$result = $stmt->get_result(); $result = mysqli_stmt_get_result($stmt);
$user = $result->fetch_assoc(); $user = mysqli_fetch_assoc($result);
if ($user && password_verify($password, $user['password'])) { if (!$user || !password_verify($password, $user['password'])) {
// Login Sukses header("Location: index.php?error=login");
$_SESSION['user'] = $user;
header("Location: mainboard.php"); // Pastikan file ini ada!
exit;
} else {
// Login Gagal
$_SESSION['error'] = "Username atau Password salah!";
header("Location: index.php");
exit; exit;
} }
$_SESSION['user'] = $user;
header("Location: mainboard.php");
exit;
} }
?>