107 lines
3.0 KiB
PHP
107 lines
3.0 KiB
PHP
<?php
|
|
session_start();
|
|
require_once "config.php";
|
|
|
|
/* =====================================================
|
|
JANGAN AKSES auth.php LANGSUNG
|
|
===================================================== */
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header("Location: index.php");
|
|
exit;
|
|
}
|
|
|
|
/* =====================================================
|
|
REGISTER
|
|
===================================================== */
|
|
if (isset($_POST['btn-register'])) {
|
|
|
|
$username = trim($_POST['username']);
|
|
$email = trim($_POST['email']);
|
|
$password = $_POST['password'];
|
|
$confirm = $_POST['confirm_password'];
|
|
|
|
// --- VALIDASI DASAR ---
|
|
|
|
if (!$username || !$email || !$password || !$confirm) {
|
|
// Balik ke index dengan pesan error
|
|
header("Location: index.php?register_error=Data tidak boleh kosong");
|
|
exit;
|
|
}
|
|
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
header("Location: index.php?register_error=Format email tidak valid");
|
|
exit;
|
|
}
|
|
|
|
if (strlen($password) < 6) {
|
|
header("Location: index.php?register_error=Password minimal 6 karakter");
|
|
exit;
|
|
}
|
|
|
|
if ($password !== $confirm) {
|
|
header("Location: index.php?register_error=Konfirmasi password tidak cocok");
|
|
exit;
|
|
}
|
|
|
|
// --- CEK DATABASE (USER SUDAH ADA?) ---
|
|
|
|
$cek = $conn->prepare("SELECT id FROM users WHERE username=? OR email=?");
|
|
$cek->bind_param("ss", $username, $email);
|
|
$cek->execute();
|
|
$cek->store_result();
|
|
|
|
if ($cek->num_rows > 0) {
|
|
// INI YANG SEBELUMNYA MATI, SEKARANG REDIRECT:
|
|
header("Location: index.php?register_error=Username atau Email sudah terdaftar!");
|
|
exit;
|
|
}
|
|
$cek->close();
|
|
|
|
// --- INSERT DATA BARU ---
|
|
|
|
$hash = password_hash($password, PASSWORD_DEFAULT);
|
|
$insert = $conn->prepare("INSERT INTO users (username,email,password) VALUES (?,?,?)");
|
|
$insert->bind_param("sss", $username, $email, $hash);
|
|
|
|
if ($insert->execute()) {
|
|
// Register Berhasil -> Arahkan ke Login (atau mainboard)
|
|
// Kita kosongkan error agar masuk ke state normal
|
|
header("Location: index.php");
|
|
exit;
|
|
} else {
|
|
header("Location: index.php?register_error=Gagal mendaftar, coba lagi nanti.");
|
|
exit;
|
|
}
|
|
|
|
$insert->close();
|
|
}
|
|
|
|
/* =====================================================
|
|
LOGIN
|
|
==================================================== */
|
|
|
|
if (isset($_POST['btn-login'])) {
|
|
|
|
$username = $_POST['username'];
|
|
$password = $_POST['password'];
|
|
|
|
$stmt = $conn->prepare("SELECT * FROM users WHERE username=?");
|
|
$stmt->bind_param("s", $username);
|
|
$stmt->execute();
|
|
|
|
$result = $stmt->get_result();
|
|
$user = $result->fetch_assoc();
|
|
|
|
// Cek Password
|
|
if (!$user || !password_verify($password, $user['password'])) {
|
|
// Redirect dengan parameter 'error=gagal' agar ditangkap JS Login
|
|
header("Location: index.php?error=gagal");
|
|
exit;
|
|
}
|
|
|
|
// Login Sukses
|
|
$_SESSION['user'] = $user;
|
|
header("Location: mainboard.php");
|
|
exit;
|
|
}
|
|
?>
|