From a3aaaa3dcaffe95423d6b9bfc5eea2576bb4ddb0 Mon Sep 17 00:00:00 2001
From: aldo <rinaldoaldo156@gmail.com>
Date: Tue, 16 Dec 2025 01:20:04 +0700
Subject: [PATCH] perbaikan

---
 db.php          | 16 +++------
 leaderboard.php | 42 ++++++++++++----------
 login.php       | 46 +++++++++++-------------
 register.php    | 33 ++++++++++--------
 save_score.php  | 19 +++++-----
 setup.php       | 93 +++++++++++++++++++++++--------------------------
 6 files changed, 121 insertions(+), 128 deletions(-)

diff --git a/db.php b/db.php
index 31ae715..e2f20a2 100644
--- a/db.php
+++ b/db.php
@@ -1,20 +1,12 @@
 <?php
 $host = 'localhost';
-$db   = 'sudoku';
 $user = 'root';
 $pass = '';
-$charset = 'utf8mb4';
+$db   = 'sudoku';
 
-$dsn = "mysql:host=$host;dbname=$db;charset=$charset";
-$options = [
-    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
-    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
-    PDO::ATTR_EMULATE_PREPARES   => false,
-];
+$conn = mysqli_connect($host, $user, $pass, $db);
 
-try {
-    $conn = new PDO($dsn, $user, $pass, $options);
-} catch (\PDOException $e) {
-    throw new \PDOException($e->getMessage(), (int)$e->getCode());
+if (!$conn) {
+    die("Connection failed: " . mysqli_connect_error());
 }
 ?>
\ No newline at end of file
diff --git a/leaderboard.php b/leaderboard.php
index 600401a..ab8e2e2 100644
--- a/leaderboard.php
+++ b/leaderboard.php
@@ -2,20 +2,18 @@
 require_once 'db.php';
 
 
-try {
-    $checkTable = $conn->query("SHOW TABLES LIKE 'leaderboard_sudoku'");
-    if ($checkTable->rowCount() == 0) {
-        $createSql = "
-        CREATE TABLE leaderboard_sudoku (
-            id INT AUTO_INCREMENT PRIMARY KEY,
-            username VARCHAR(50),
-            difficulty VARCHAR(10),
-            time_seconds INT,
-            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-        )";
-        $conn->exec($createSql);
-    }
-} catch (PDOException $e) {
+// Check table existence (using MySQLi)
+$checkTable = mysqli_query($conn, "SHOW TABLES LIKE 'leaderboard_sudoku'");
+if (mysqli_num_rows($checkTable) == 0) {
+    $createSql = "
+    CREATE TABLE leaderboard_sudoku (
+        id INT AUTO_INCREMENT PRIMARY KEY,
+        username VARCHAR(50),
+        difficulty VARCHAR(10),
+        time_seconds INT,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+    )";
+    mysqli_query($conn, $createSql);
 }
 
 function getLeaderboard($conn, $difficulty) {
@@ -27,13 +25,21 @@ function getLeaderboard($conn, $difficulty) {
     $sql = "
         SELECT username, time_seconds, created_at
         FROM leaderboard_sudoku
-        WHERE difficulty = :difficulty
+        WHERE difficulty = ?
         ORDER BY time_seconds ASC
         LIMIT 10
     ";
-    $stmt = $conn->prepare($sql);
-    $stmt->execute(['difficulty' => $difficulty]);
-    return $stmt->fetchAll(PDO::FETCH_ASSOC);
+    
+    $stmt = mysqli_prepare($conn, $sql);
+    mysqli_stmt_bind_param($stmt, "s", $difficulty);
+    mysqli_stmt_execute($stmt);
+    $result = mysqli_stmt_get_result($stmt);
+    
+    $rows = [];
+    while ($row = mysqli_fetch_assoc($result)) {
+        $rows[] = $row;
+    }
+    return $rows;
 }
 
 if (isset($_GET['api']) && isset($_GET['difficulty'])) {
diff --git a/login.php b/login.php
index dbd63e9..36273d5 100644
--- a/login.php
+++ b/login.php
@@ -16,36 +16,31 @@ if (isset($_POST['login'])) {
     if ($username_input === '' || $pass === '') {
         $err = "Username dan password harus diisi.";
     } else {
-        try {
-            // 1. Ambil data user berdasarkan username
-            // Menggunakan Prepared Statement
-            $stmt = $conn->prepare("SELECT id, username, password FROM users WHERE username = ?");
-            $stmt->execute([$username_input]);
-            $user_data = $stmt->fetch(PDO::FETCH_ASSOC);
+        // 1. Ambil data user berdasarkan username
+        // Menggunakan Prepared Statement MySQLi
+        $stmt = mysqli_prepare($conn, "SELECT id, username, password FROM users WHERE username = ?");
+        mysqli_stmt_bind_param($stmt, "s", $username_input);
+        mysqli_stmt_execute($stmt);
+        $result = mysqli_stmt_get_result($stmt);
+        $user_data = mysqli_fetch_assoc($result);
 
-            // 2. Verifikasi Password
-            // password_verify akan mencocokkan input user dengan HASH di database
-            if ($user_data && password_verify($pass, $user_data['password'])) {
-                
-                // Regenerasi ID Session
-                session_regenerate_id(true);
+        // 2. Verifikasi Password
+        if ($user_data && password_verify($pass, $user_data['password'])) {
+            
+            session_regenerate_id(true);
 
-                // Simpan data ke session
-                $_SESSION['user_id'] = $user_data['id'];
-                $_SESSION['username'] = $user_data['username'];
-                $_SESSION['login'] = true;
+            $_SESSION['user_id'] = $user_data['id'];
+            $_SESSION['username'] = $user_data['username'];
+            $_SESSION['login'] = true;
 
-                // Arahkan ke halaman game
-                header("Location: sudoku.php"); 
-                exit();
+            header("Location: sudoku.php"); 
+            exit();
 
-            } else {
-                $err = "Username atau password salah.";
-            }
-
-        } catch (PDOException $e) {
-            $err = "Terjadi kesalahan sistem database.";
+        } else {
+            $err = "Username atau password salah.";
         }
+        
+        mysqli_stmt_close($stmt);
     }
 }
 ?>
@@ -53,7 +48,6 @@ if (isset($_POST['login'])) {
 <head>
 <title>Login</title>
 <style>
-/* Style disamakan persis dengan register.php Anda */
 body { font-family: Arial; background:aliceblue; display:flex; height:100vh; justify-content:center; align-items:center; margin:0; }
 .card { width:350px; background:white; padding:20px; border-radius:10px; box-shadow:0 6px 20px rgba(0,0,0,0.1); }
 .input { width:100%; padding:10px; margin:8px 0; border:1px solid lightgray; border-radius:8px; box-sizing: border-box; }
diff --git a/register.php b/register.php
index 5e142b9..11d9500 100644
--- a/register.php
+++ b/register.php
@@ -25,25 +25,30 @@ if (isset($_POST['register'])) {
         $err = "Password terlalu pendek. Minimal 6 karakter.";
     } 
     else {
-        try {
-            $check = $conn->prepare("SELECT id FROM users WHERE username = ?");
-            $check->execute([$username_input]);
+        // 1. Check Username
+        $check = mysqli_prepare($conn, "SELECT id FROM users WHERE username = ?");
+        mysqli_stmt_bind_param($check, "s", $username_input);
+        mysqli_stmt_execute($check);
+        mysqli_stmt_store_result($check);
+        
+        if(mysqli_stmt_num_rows($check) > 0){
+            $err = "Username sudah terdaftar, silakan pilih nama lain.";
+        } else {
+            $hashed_pass = password_hash($pass, PASSWORD_DEFAULT);
+
+            // 2. Insert User
+            $stmt = mysqli_prepare($conn, "INSERT INTO users (username, password) VALUES (?, ?)");
+            mysqli_stmt_bind_param($stmt, "ss", $username_input, $hashed_pass);
             
-            if($check->rowCount() > 0){
-                $err = "Username sudah terdaftar, silakan pilih nama lain.";
-            } else {
-                $hashed_pass = password_hash($pass, PASSWORD_DEFAULT);
-
-                $stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
-                $stmt->execute([$username_input, $hashed_pass]);
-                
+            if (mysqli_stmt_execute($stmt)) {
                 $success = "Registrasi berhasil! Silakan <a href='login.php'>Login disini</a>.";
-
                 $username_input = ''; 
+            } else {
+                $err = "Gagal mendaftar: " . mysqli_error($conn);
             }
-        } catch (PDOException $e) {
-            $err = "Terjadi kesalahan sistem: " . $e->getMessage();
+            mysqli_stmt_close($stmt);
         }
+        mysqli_stmt_close($check);
     }
 }
 ?>
diff --git a/save_score.php b/save_score.php
index e8eecd8..d0c795c 100644
--- a/save_score.php
+++ b/save_score.php
@@ -16,15 +16,16 @@ $username   = $_SESSION['username'];
 $difficulty = $_POST['difficulty'];
 $time       = (int) $_POST['time'];
 
-$sql = "INSERT INTO leaderboard_sudoku 
-        (username, difficulty, time_seconds) 
-        VALUES (:username, :difficulty, :time)";
+$sql = "INSERT INTO leaderboard_sudoku (username, difficulty, time_seconds) VALUES (?, ?, ?)";
 
-$stmt = $conn->prepare($sql);
-$stmt->execute([
-    ':username'   => $username,
-    ':difficulty' => $difficulty,
-    ':time'       => $time
-]);
+$stmt = mysqli_prepare($conn, $sql);
+mysqli_stmt_bind_param($stmt, "ssi", $username, $difficulty, $time);
+
+if (mysqli_stmt_execute($stmt)) {
+    echo "SUCCESS";
+} else {
+    echo "ERROR: " . mysqli_error($conn);
+}
+mysqli_stmt_close($stmt);
 
 echo "SUCCESS";
\ No newline at end of file
diff --git a/setup.php b/setup.php
index 41da8ea..57e326a 100644
--- a/setup.php
+++ b/setup.php
@@ -2,72 +2,67 @@
 $host = 'localhost';
 $user = 'root';
 $pass = ''; // Default XAMPP password
-$charset = 'utf8mb4';
+$db = 'sudoku';
 
 // 1. Connect to MySQL server (without DB) to create database
-try {
-    $pdo = new PDO("mysql:host=$host;charset=$charset", $user, $pass);
-    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-    
-    // Create Database if not exists
-    $pdo->exec("CREATE DATABASE IF NOT EXISTS sudoku CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci");
+$conn = mysqli_connect($host, $user, $pass);
+
+if (!$conn) {
+    die("Connection failed: " . mysqli_connect_error());
+}
+
+// Create Database if not exists
+$sql = "CREATE DATABASE IF NOT EXISTS sudoku CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci";
+if (mysqli_query($conn, $sql)) {
     echo "Database 'sudoku' successfully checked/created.<br>";
-} catch (PDOException $e) {
-    die("DB Connection failed: " . $e->getMessage());
+} else {
+    echo "Error creating database: " . mysqli_error($conn) . "<br>";
 }
 
 // 2. Connect to the specific Database 'sudoku'
-try {
-    $dsn = "mysql:host=$host;dbname=sudoku;charset=$charset";
-    $conn = new PDO($dsn, $user, $pass);
-    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-} catch (PDOException $e) {
-    die("Connection to 'sudoku' failed: " . $e->getMessage());
-}
+mysqli_select_db($conn, $db);
 
 // 3. Create 'users' table
-try {
-    $sqlUsers = "
-    CREATE TABLE IF NOT EXISTS users (
-        id INT AUTO_INCREMENT PRIMARY KEY,
-        username VARCHAR(50) NOT NULL UNIQUE,
-        password VARCHAR(255) NOT NULL
-    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci";
-    
-    $conn->exec($sqlUsers);
+$sqlUsers = "
+CREATE TABLE IF NOT EXISTS users (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    username VARCHAR(50) NOT NULL UNIQUE,
+    password VARCHAR(255) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci";
+
+if (mysqli_query($conn, $sqlUsers)) {
     echo "Table 'users' successfully checked/created.<br>";
 
     // Seed default users if table is empty
-    $check = $conn->query("SELECT count(*) FROM users")->fetchColumn();
-    if ($check == 0) {
+    $checkResult = mysqli_query($conn, "SELECT count(*) as total FROM users");
+    $row = mysqli_fetch_assoc($checkResult);
+    
+    if ($row['total'] == 0) {
         $password = password_hash('123456', PASSWORD_DEFAULT); // Default password
-        $sqlInsert = "INSERT INTO users (username, password) VALUES 
-            ('admin', '$password'),
-            ('player1', '$password')";
-        $conn->exec($sqlInsert);
-        echo "Default users (admin, player1) created with password '123456'.<br>";
+        // Using prepare statement for insertion to be safe, though not strictly necessary for hardcoded
+        $sqlInsert = "INSERT INTO users (username, password) VALUES ('admin', '$password'), ('player1', '$password')";
+        if (mysqli_query($conn, $sqlInsert)) {
+            echo "Default users (admin, player1) created with password '123456'.<br>";
+        }
     }
-
-} catch (PDOException $e) {
-    echo "Error Creating 'users': " . $e->getMessage() . "<br>";
+} else {
+    echo "Error Creating 'users': " . mysqli_error($conn) . "<br>";
 }
 
 // 4. Create 'leaderboard_sudoku' table
-try {
-    $sqlLeaderboard = "
-    CREATE TABLE IF NOT EXISTS leaderboard_sudoku (
-        id INT AUTO_INCREMENT PRIMARY KEY,
-        username VARCHAR(50),
-        difficulty VARCHAR(10),
-        time_seconds INT,
-        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-    )";
-    
-    $conn->exec($sqlLeaderboard);
-    echo "Table 'leaderboard_sudoku' successfully checked/created.<br>";
+$sqlLeaderboard = "
+CREATE TABLE IF NOT EXISTS leaderboard_sudoku (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    username VARCHAR(50),
+    difficulty VARCHAR(10),
+    time_seconds INT,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+)";
 
-} catch (PDOException $e) {
-    echo "Error Creating 'leaderboard_sudoku': " . $e->getMessage() . "<br>";
+if (mysqli_query($conn, $sqlLeaderboard)) {
+    echo "Table 'leaderboard_sudoku' successfully checked/created.<br>";
+} else {
+    echo "Error Creating 'leaderboard_sudoku': " . mysqli_error($conn) . "<br>";
 }
 
 echo "<hr><strong>Setup Complete!</strong> You can now use the application.";