-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlog-member.php
49 lines (40 loc) · 1.33 KB
/
log-member.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
include "config/koneksi.php";
function anti_injection($data){
$filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter;
}
$username = anti_injection($_POST['user']);
$pass = anti_injection(md5($_POST['pass']));
// pastikan username dan password adalah berupa huruf atau angka.
if (!ctype_alnum($username) OR !ctype_alnum($pass)){
echo "<script>window.location=('javascript:history.go(-1)')</script>";
}
else{
$login=mysql_query("SELECT * FROM users WHERE BINARY username='$username' AND password='$pass' ");
$ketemu=mysql_num_rows($login);
$r=mysql_fetch_array($login);
// Apabila username dan password ditemukan
if ($ketemu > 0){
session_start();
include "config/timeout.php";
$_SESSION[anggota] = $r[id_agt];
$_SESSION[user] = $r[username];
$_SESSION[nama] = $r[nama_lengkap];
$_SESSION[pass] = $r[password];
// session timeout
$_SESSION[login] = 1;
timer();
$sid_lama = session_id();
session_regenerate_id();
$sid_baru = session_id();
$tgl=date ('d/m/Y');
$dt=date ('h:i A');
mysql_query("UPDATE users SET id_session='$sid_baru',tgl_log='$tgl',jam_log='$dt' WHERE username='$username'");
echo "<script>window.location=('jsx/index.php?aksi=home')</script>";
}
else{
echo "<script>window.location=('login.php?salah=salah')</script>";
}
}
?>