2526-web/kelompok06-2048
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Login

Browse Source
This commit is contained in:
Evelyn Sucitro 2025-12-01 14:35:09 +07:00
parent 76f0967456
commit be6b900507
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Login.php
View File

@ -1,12 +1,11 @@
<?php <?php
// ✅ CORS Headers HARUS di paling atas sebelum apapun // ... (Header CORS tetap sama) ...
header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS'); header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Authorization'); header('Access-Control-Allow-Headers: Content-Type, Authorization');
header('Access-Control-Max-Age: 86400'); header('Access-Control-Max-Age: 86400');
header('Content-Type: application/json'); header('Content-Type: application/json');
// ✅ Handle preflight OPTIONS request
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200); http_response_code(200);
exit(); exit();
@ -15,17 +14,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
session_start(); session_start();
include 'Connection.php'; include 'Connection.php';
// Ambil data dari JSON body
$input = json_decode(file_get_contents('php://input'), true); $input = json_decode(file_get_contents('php://input'), true);
$username = $input['username'] ?? ''; $username = $input['username'] ?? '';
$password = $input['password'] ?? ''; $password = $input['password'] ?? '';
if (empty($username) || empty($password)) { // ... (Validasi input kosong tetap sama) ...
echo json_encode(["success" => false, "message" => "Username dan password wajib diisi"]);
exit;
}
$stmt = $conn->prepare("SELECT password FROM users WHERE username = ?"); // 🔴 PERBAIKAN 1: Tambahkan 'id' di dalam SELECT
$stmt = $conn->prepare("SELECT id, password FROM users WHERE username = ?");
$stmt->bind_param("s", $username); $stmt->bind_param("s", $username);
$stmt->execute(); $stmt->execute();
$stmt->store_result(); $stmt->store_result();
@ -37,11 +33,15 @@ if ($stmt->num_rows === 0) {
exit; exit;
} }
$stmt->bind_result($hashedPassword); // 🔴 PERBAIKAN 2: Bind result untuk menangkap 'id' dan 'password'
$stmt->bind_result($userId, $hashedPassword);
$stmt->fetch(); $stmt->fetch();
if (password_verify($password, $hashedPassword)) { if (password_verify($password, $hashedPassword)) {
// 🔴 PERBAIKAN 3: Simpan 'user_id' ke dalam SESSION
$_SESSION['user_id'] = $userId;
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
echo json_encode([ echo json_encode([
"success" => true, "success" => true,
"message" => "Login berhasil", "message" => "Login berhasil",