98 lines
3.2 KiB
PHP
98 lines
3.2 KiB
PHP
<?php
|
|
include "koneksi.php";
|
|
session_start();
|
|
|
|
$error = '';
|
|
if(isset($_POST['login'])){
|
|
$username = mysqli_real_escape_string($conn, $_POST['username']);
|
|
$password = $_POST['password'];
|
|
|
|
// PAKAI KOLOM BANK, BUKAN BALANCE
|
|
$sql = "SELECT id, username, password, bank FROM users WHERE username = ?";
|
|
$stmt = mysqli_prepare($conn, $sql);
|
|
mysqli_stmt_bind_param($stmt, "s", $username);
|
|
mysqli_stmt_execute($stmt);
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
|
|
if (mysqli_num_rows($result) > 0) {
|
|
$user = mysqli_fetch_assoc($result);
|
|
|
|
if($password === $user['password']) {
|
|
|
|
// SESSION PAKAI BANK
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['bank'] = intval($user['bank']);
|
|
|
|
$update_sql = "UPDATE users SET last_login = NOW() WHERE id = ?";
|
|
$update_stmt = mysqli_prepare($conn, $update_sql);
|
|
mysqli_stmt_bind_param($update_stmt, "i", $user['id']);
|
|
mysqli_stmt_execute($update_stmt);
|
|
|
|
header("Location: html.php");
|
|
exit;
|
|
} else {
|
|
$error = 'Invalid username or password.';
|
|
}
|
|
} else {
|
|
$error = 'Invalid username or password.';
|
|
}
|
|
mysqli_stmt_close($stmt);
|
|
}
|
|
?>
|
|
<!-- ... form login tetap sama ... -->
|
|
|
|
<?php
|
|
include "koneksi.php";
|
|
session_start();
|
|
|
|
$error = '';
|
|
$success = '';
|
|
|
|
if(isset($_POST['register'])){
|
|
$username = mysqli_real_escape_string($conn, $_POST['username']);
|
|
$password = $_POST['password'];
|
|
$confirm_password = $_POST['confirm_password'];
|
|
|
|
if(empty($username) || empty($password)) {
|
|
$error = 'All fields are required.';
|
|
} elseif($password !== $confirm_password) {
|
|
$error = 'Passwords do not match.';
|
|
} elseif(strlen($password) < 6) {
|
|
$error = 'Password must be at least 6 characters.';
|
|
} else {
|
|
$check_sql = "SELECT id FROM users WHERE username = ?";
|
|
$check_stmt = mysqli_prepare($conn, $check_sql);
|
|
mysqli_stmt_bind_param($check_stmt, "s", $username);
|
|
mysqli_stmt_execute($check_stmt);
|
|
mysqli_stmt_store_result($check_stmt);
|
|
|
|
if(mysqli_stmt_num_rows($check_stmt) > 0) {
|
|
$error = 'Username already exists.';
|
|
} else {
|
|
$hashed_password = $password;
|
|
|
|
// INSERT KE KOLOM BANK, BUKAN BALANCE
|
|
$insert_sql = "INSERT INTO users (username, password, bank, created_at)
|
|
VALUES (?, ?, 1000, NOW())";
|
|
$insert_stmt = mysqli_prepare($conn, $insert_sql);
|
|
mysqli_stmt_bind_param($insert_stmt, "ss", $username, $hashed_password);
|
|
|
|
if(mysqli_stmt_execute($insert_stmt)) {
|
|
$success = 'Registration successful! You can now login.';
|
|
|
|
$user_id = mysqli_insert_id($conn);
|
|
$_SESSION['user_id'] = $user_id;
|
|
$_SESSION['username'] = $username;
|
|
$_SESSION['bank'] = 1000;
|
|
|
|
header("Location: html.php");
|
|
exit;
|
|
} else {
|
|
$error = 'Registration failed. Please try again.';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
?>
|
|
<?
|