From 9ea5612980c1de1bba21364fe2605b03ea400dfc Mon Sep 17 00:00:00 2001
From: Evelyn Sucitro <eevelynsucitro@gmail.com>
Date: Wed, 12 Nov 2025 20:07:16 +0700
Subject: [PATCH] php

---
 Database.php   | 14 ++++++++------
 Login.php      | 33 +++++++++++++++++++++++++++++++++
 Logout.php     | 14 ++++++++++++++
 Register.php   | 37 +++++++++++++++++++++++++++++++++++++
 Save Score.php | 16 ++++++++++++++++
 5 files changed, 108 insertions(+), 6 deletions(-)
 create mode 100644 Logout.php

diff --git a/Database.php b/Database.php
index a284bf0..51580a0 100644
--- a/Database.php
+++ b/Database.php
@@ -1,11 +1,13 @@
 <?php
-$host = "localhost";
-$user = "root";
-$pass = "";
-$db   = "game2048";
+$DB_HOST = "";
+$DB_USER = "";
+$DB_PASS = "";
+$DB_NAME = "";
 
-$conn = new mysqli($host, $user, $pass, $db);
+$conn = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
 if ($conn->connect_error) {
-    die("Koneksi gagal: " . $conn->connect_error);
+    http_response_code(500);
+    die(json_encode(["status"=>"error","message"=>"Database connection failed"]));
 }
+$conn->set_charset("utf8mb4");
 ?>
\ No newline at end of file
diff --git a/Login.php b/Login.php
index e69de29..a26feed 100644
--- a/Login.php
+++ b/Login.php
@@ -0,0 +1,33 @@
+<?php
+header('Content-Type: application/json');
+include 'Database.php';
+session_start();
+
+$data = $_POST;
+if (empty($data['username']) || empty($data['password'])) {
+    echo json_encode(["status"=>"error","message"=>"Username & password dibutuhkan"]);
+    exit;
+}
+
+$username = trim($data['username']);
+$password = $data['password'];
+
+$stmt = $conn->prepare("SELECT id, password FROM users WHERE username = ?");
+$stmt->bind_param("s", $username);
+$stmt->execute();
+$stmt->bind_result($id, $hash);
+if ($stmt->fetch()) {
+    if (password_verify($password, $hash)) {
+        session_regenerate_id(true);
+        $_SESSION['user_id'] = $id;
+        $_SESSION['username'] = $username;
+        echo json_encode(["status"=>"success","message"=>"Login berhasil"]);
+    } else {
+        echo json_encode(["status"=>"error","message"=>"Password salah"]);
+    }
+} else {
+    echo json_encode(["status"=>"error","message"=>"User tidak ditemukan"]);
+}
+$stmt->close();
+$conn->close();
+?>
\ No newline at end of file
diff --git a/Logout.php b/Logout.php
new file mode 100644
index 0000000..ddc1066
--- /dev/null
+++ b/Logout.php
@@ -0,0 +1,14 @@
+<?php
+header('Content-Type: application/json');
+session_start();
+$_SESSION = [];
+if (ini_get("session.use_cookies")) {
+    $params = session_get_cookie_params();
+    setcookie(session_name(), '', time() - 42000,
+        $params["path"], $params["domain"],
+        $params["secure"], $params["httponly"]
+    );
+}
+session_destroy();
+echo json_encode(["status"=>"success","message"=>"Logout berhasil"]);
+?>
\ No newline at end of file
diff --git a/Register.php b/Register.php
index e69de29..1f8e16a 100644
--- a/Register.php
+++ b/Register.php
@@ -0,0 +1,37 @@
+<?php
+header('Content-Type: application/json');
+include 'Database.php';
+session_start();
+
+$data = $_POST;
+if (empty($data['username']) || empty($data['password'])) {
+    echo json_encode(["status"=>"error","message"=>"Username & password dibutuhkan"]);
+    exit;
+}
+
+$username = trim($data['username']);
+$password = $data['password'];
+
+$stmt = $conn->prepare("SELECT id FROM users WHERE username = ?");
+$stmt->bind_param("s", $username);
+$stmt->execute();
+$stmt->store_result();
+if ($stmt->num_rows > 0) {
+    echo json_encode(["status"=>"error","message"=>"Username sudah terpakai"]);
+    exit;
+}
+$stmt->close();
+
+$hash = password_hash($password, PASSWORD_DEFAULT);
+$stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
+$stmt->bind_param("ss", $username, $hash);
+if ($stmt->execute()) {
+    $_SESSION['user_id'] = $stmt->insert_id;
+    $_SESSION['username'] = $username;
+    echo json_encode(["status"=>"success","message"=>"Register berhasil"]);
+} else {
+    echo json_encode(["status"=>"error","message"=>"Gagal mendaftar"]);
+}
+$stmt->close();
+$conn->close();
+?>
\ No newline at end of file
diff --git a/Save Score.php b/Save Score.php
index e69de29..e8a5302 100644
--- a/Save Score.php	
+++ b/Save Score.php	
@@ -0,0 +1,16 @@
+<?php
+include 'Database.php';
+session_start();
+
+if (isset($_SESSION['username'])) {
+    $username = $_SESSION['username'];
+    $score = $_POST['score'];
+
+    $query = "INSERT INTO leaderboard (username, score) VALUES ('$username', '$score')";
+    mysqli_query($conn, $query);
+
+    echo json_encode(["status" => "success"]);
+} else {
+    echo json_encode(["status" => "error", "message" => "Not logged in"]);
+}
+?>
\ No newline at end of file