Compare commits
2 Commits
e86444cb0d
...
48638451a2
| Author | SHA1 | Date | |
|---|---|---|---|
| 48638451a2 | |||
| ca1296df58 |
@ -1,12 +1,13 @@
|
||||
<?php
|
||||
|
||||
$host = "localhost";
|
||||
$user = "root";
|
||||
$password = "";
|
||||
$database = "users_db";
|
||||
|
||||
$conn = mysqli_connect($host, $user, $password, $database);
|
||||
$conn = new mysqli($host, $user, $password, $database);
|
||||
|
||||
if (!$conn) {
|
||||
die("Koneksi gagal: " . mysqli_connect_error());
|
||||
if ($conn->connect_error) {
|
||||
die("Koneksi gagal: " . $conn->connect_error);
|
||||
}
|
||||
?>
|
||||
|
||||
102
auth.php
102
auth.php
@ -1,8 +1,18 @@
|
||||
<?php
|
||||
session_start();
|
||||
require_once "Config.php";
|
||||
require_once "config.php";
|
||||
|
||||
// ===================== REGISTER =====================
|
||||
/* =====================================================
|
||||
JANGAN AKSES auth.php LANGSUNG
|
||||
===================================================== */
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
/* =====================================================
|
||||
REGISTER
|
||||
===================================================== */
|
||||
if (isset($_POST['btn-register'])) {
|
||||
|
||||
$username = trim($_POST['username']);
|
||||
@ -10,71 +20,73 @@ if (isset($_POST['btn-register'])) {
|
||||
$password = $_POST['password'];
|
||||
$confirm = $_POST['confirm_password'];
|
||||
|
||||
// validasi
|
||||
if (!$username || !$email || !$password || !$confirm) {
|
||||
header("Location: index.php?error=kosong");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
header("Location: index.php?error=email");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (strlen($password) < 6) {
|
||||
header("Location: index.php?error=pass");
|
||||
// Validasi sederhana
|
||||
if (empty($username) || empty($email) || empty($password) || empty($confirm)) {
|
||||
$_SESSION['error'] = "Semua kolom wajib diisi!";
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($password !== $confirm) {
|
||||
header("Location: index.php?error=confirm");
|
||||
$_SESSION['error'] = "Konfirmasi password tidak cocok!";
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
// cek user
|
||||
$cek = mysqli_prepare($conn, "SELECT id FROM users WHERE username=? OR email=?");
|
||||
mysqli_stmt_bind_param($cek, "ss", $username, $email);
|
||||
mysqli_stmt_execute($cek);
|
||||
mysqli_stmt_store_result($cek);
|
||||
// Cek user sudah ada atau belum
|
||||
$cek = $conn->prepare("SELECT id FROM users WHERE username=? OR email=?");
|
||||
$cek->bind_param("ss", $username, $email);
|
||||
$cek->execute();
|
||||
$cek->store_result();
|
||||
|
||||
if (mysqli_stmt_num_rows($cek) > 0) {
|
||||
header("Location: index.php?error=exist");
|
||||
if ($cek->num_rows > 0) {
|
||||
$_SESSION['error'] = "Username atau Email sudah terdaftar!";
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
$cek->close();
|
||||
|
||||
mysqli_stmt_close($cek);
|
||||
|
||||
// simpan
|
||||
// Insert ke database
|
||||
$hash = password_hash($password, PASSWORD_DEFAULT);
|
||||
$insert = mysqli_prepare($conn, "INSERT INTO users (username,email,password) VALUES (?,?,?)");
|
||||
mysqli_stmt_bind_param($insert, "sss", $username, $email, $hash);
|
||||
mysqli_stmt_execute($insert);
|
||||
mysqli_stmt_close($insert);
|
||||
$insert = $conn->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)");
|
||||
$insert->bind_param("sss", $username, $email, $hash);
|
||||
|
||||
header("Location: index.php?success=register");
|
||||
if ($insert->execute()) {
|
||||
$_SESSION['success'] = "Registrasi berhasil! Silakan login.";
|
||||
} else {
|
||||
$_SESSION['error'] = "Terjadi kesalahan sistem: " . $conn->error;
|
||||
}
|
||||
|
||||
$insert->close();
|
||||
header("Location: index.php"); // Kembali ke index
|
||||
exit;
|
||||
}
|
||||
|
||||
// ===================== LOGIN =====================
|
||||
/* =====================================================
|
||||
LOGIN
|
||||
===================================================== */
|
||||
if (isset($_POST['btn-login'])) {
|
||||
|
||||
$username = $_POST['username'];
|
||||
$username = trim($_POST['username']);
|
||||
$password = $_POST['password'];
|
||||
|
||||
$stmt = mysqli_prepare($conn, "SELECT * FROM users WHERE username=?");
|
||||
mysqli_stmt_bind_param($stmt, "s", $username);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$stmt = $conn->prepare("SELECT * FROM users WHERE username=?");
|
||||
$stmt->bind_param("s", $username);
|
||||
$stmt->execute();
|
||||
|
||||
$result = mysqli_stmt_get_result($stmt);
|
||||
$user = mysqli_fetch_assoc($result);
|
||||
$result = $stmt->get_result();
|
||||
$user = $result->fetch_assoc();
|
||||
|
||||
if (!$user || !password_verify($password, $user['password'])) {
|
||||
header("Location: index.php?error=login");
|
||||
if ($user && password_verify($password, $user['password'])) {
|
||||
// Login Sukses
|
||||
$_SESSION['user'] = $user;
|
||||
header("Location: mainboard.php"); // Pastikan file ini ada!
|
||||
exit;
|
||||
} else {
|
||||
// Login Gagal
|
||||
$_SESSION['error'] = "Username atau Password salah!";
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
$_SESSION['user'] = $user;
|
||||
|
||||
header("Location: mainboard.php");
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
Loading…
x
Reference in New Issue
Block a user