diff --git a/loginn.php b/loginn.php index 373cb4d..7fc288b 100644 --- a/loginn.php +++ b/loginn.php @@ -7,7 +7,8 @@ if(isset($_POST['login'])){ $username = mysqli_real_escape_string($conn, $_POST['username']); $password = $_POST['password']; - $sql = "SELECT id, username, password, balance FROM users WHERE username = ?"; + // PAKAI KOLOM BANK, BUKAN BALANCE + $sql = "SELECT id, username, password, bank FROM users WHERE username = ?"; $stmt = mysqli_prepare($conn, $sql); mysqli_stmt_bind_param($stmt, "s", $username); mysqli_stmt_execute($stmt); @@ -16,20 +17,18 @@ if(isset($_POST['login'])){ if (mysqli_num_rows($result) > 0) { $user = mysqli_fetch_assoc($result); - // Password verification - if($password === $user['password']) { // atau password_verify() jika di-hash - - // Set semua data session + if($password === $user['password']) { + + // SESSION PAKAI BANK $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; - $_SESSION['balance'] = intval($user['balance']); // PASTIKAN integer - - // Update last login + $_SESSION['bank'] = intval($user['bank']); + $update_sql = "UPDATE users SET last_login = NOW() WHERE id = ?"; $update_stmt = mysqli_prepare($conn, $update_sql); mysqli_stmt_bind_param($update_stmt, "i", $user['id']); mysqli_stmt_execute($update_stmt); - + header("Location: html.php"); exit; } else { @@ -55,7 +54,6 @@ if(isset($_POST['register'])){ $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; - // Validasi if(empty($username) || empty($password)) { $error = 'All fields are required.'; } elseif($password !== $confirm_password) { @@ -63,7 +61,6 @@ if(isset($_POST['register'])){ } elseif(strlen($password) < 6) { $error = 'Password must be at least 6 characters.'; } else { - // Cek username sudah ada $check_sql = "SELECT id FROM users WHERE username = ?"; $check_stmt = mysqli_prepare($conn, $check_sql); mysqli_stmt_bind_param($check_stmt, "s", $username); @@ -73,27 +70,22 @@ if(isset($_POST['register'])){ if(mysqli_stmt_num_rows($check_stmt) > 0) { $error = 'Username already exists.'; } else { - // Password hashing untuk keamanan - // UNTUK TESTING: simpan plain text (tidak direkomendasikan) - $hashed_password = $password; // HAPUS INI DI PRODUKSI - - // UNTUK PRODUKSI: gunakan password_hash() - // $hashed_password = password_hash($password, PASSWORD_DEFAULT); - - // Insert user baru dengan saldo awal - $insert_sql = "INSERT INTO users (username, password, balance, created_at) - VALUES (?, ?, 1000, NOW())"; + $hashed_password = $password; + + // INSERT KE KOLOM BANK, BUKAN BALANCE + $insert_sql = "INSERT INTO users (username, password, bank, created_at) + VALUES (?, ?, 1000, NOW())"; $insert_stmt = mysqli_prepare($conn, $insert_sql); mysqli_stmt_bind_param($insert_stmt, "ss", $username, $hashed_password); if(mysqli_stmt_execute($insert_stmt)) { $success = 'Registration successful! You can now login.'; - // Auto login setelah register (opsional) + $user_id = mysqli_insert_id($conn); $_SESSION['user_id'] = $user_id; $_SESSION['username'] = $username; - $_SESSION['balance'] = 1000; - + $_SESSION['bank'] = 1000; + header("Location: html.php"); exit; } else { @@ -103,48 +95,4 @@ if(isset($_POST['register'])){ } } ?> - - - - Register - - - -
- - -
- -
- - - -
- - -
-
- - -
- -
- - -
- -
- - -
- - - -
-
-
- - \ No newline at end of file +