1. index.php
2. login_check.php
3. admin_area.php
4. logout.php
1. index.php
<?php
error_reporting(0);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<form id="form1" name="form1" method="post" action="login_check.php">
<br /><br /><br />
<p align="center">
<?php
if($_GET['action']=='gagal'){
echo"<b>Login Dulu Gan</b>";
}elseif($_GET['action']=='logout'){
echo"<b>Anda Sudah Logout</b>";
}elseif($_GET['action']=='logindulu'){
echo"<b>Anda tidak mempunyai akses ke sistem</b>";
}
?>
</p>
<table border="0" align="center">
<tr>
<td>Username</td>
<td>:</td>
<td>
<input type="text" name="frm_username" id="frm_username" />
</td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td>
<input type="password" name="frm_password" id="frm_password" />
</td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>
<input type="submit" name="Submit" value="Login" id="Submit" />
</td>
</tr>
</table>
</form>
</body>
</html>
2.login_check.php
<?php
mysql_connect('localhost','root','');
mysql_select_db('db_ruangprogramer'); //sesuaikan dengan nama database anda
function antiinjection($data){
$filter_sql = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter_sql;
}
$var_username = antiinjection($_POST['frm_username']);
$var_password = antiinjection(md5($_POST['frm_password']));
$sqlShow="SELECT admin_id,admin_username,admin_password FROM tb_admin WHERE admin_username='$var_username' AND admin_password='$var_password'";
$result=mysql_query($sqlShow);
$rows=mysql_num_rows($result);
// Apabila username dan password ditemukan
if ($rows > 0){
session_start();
$data=mysql_fetch_array($result);
$_SESSION['username'] = $data['admin_username'];
$_SESSION['password'] = $data['admin_password'];
// echo "login berhasil";
header('location:admin_area.php');
}
else{
header('location: index.php?action=gagal');
}
?>
3.admin_area.php
<?php
session_start();
if(empty($_SESSION['username'])){
header('location: index.php?action=logindulu');
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<h2>Administrator</h2>
<p>Anda login sebagai <b><?php echo $_SESSION['username']; ?></b></p>
<br />
<a href="logout.php">logout</a>
</body>
</html>
<?php
}
?>
4.logout.php
<?php
session_start();
session_destroy();
header('location: index.php?action=logout');
?>
donwload file
2. login_check.php
3. admin_area.php
4. logout.php
1. index.php
<?php
error_reporting(0);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<form id="form1" name="form1" method="post" action="login_check.php">
<br /><br /><br />
<p align="center">
<?php
if($_GET['action']=='gagal'){
echo"<b>Login Dulu Gan</b>";
}elseif($_GET['action']=='logout'){
echo"<b>Anda Sudah Logout</b>";
}elseif($_GET['action']=='logindulu'){
echo"<b>Anda tidak mempunyai akses ke sistem</b>";
}
?>
</p>
<table border="0" align="center">
<tr>
<td>Username</td>
<td>:</td>
<td>
<input type="text" name="frm_username" id="frm_username" />
</td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td>
<input type="password" name="frm_password" id="frm_password" />
</td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>
<input type="submit" name="Submit" value="Login" id="Submit" />
</td>
</tr>
</table>
</form>
</body>
</html>
2.login_check.php
<?php
mysql_connect('localhost','root','');
mysql_select_db('db_ruangprogramer'); //sesuaikan dengan nama database anda
function antiinjection($data){
$filter_sql = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter_sql;
}
$var_username = antiinjection($_POST['frm_username']);
$var_password = antiinjection(md5($_POST['frm_password']));
$sqlShow="SELECT admin_id,admin_username,admin_password FROM tb_admin WHERE admin_username='$var_username' AND admin_password='$var_password'";
$result=mysql_query($sqlShow);
$rows=mysql_num_rows($result);
// Apabila username dan password ditemukan
if ($rows > 0){
session_start();
$data=mysql_fetch_array($result);
$_SESSION['username'] = $data['admin_username'];
$_SESSION['password'] = $data['admin_password'];
// echo "login berhasil";
header('location:admin_area.php');
}
else{
header('location: index.php?action=gagal');
}
?>
3.admin_area.php
<?php
session_start();
if(empty($_SESSION['username'])){
header('location: index.php?action=logindulu');
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<h2>Administrator</h2>
<p>Anda login sebagai <b><?php echo $_SESSION['username']; ?></b></p>
<br />
<a href="logout.php">logout</a>
</body>
</html>
<?php
}
?>
4.logout.php
<?php
session_start();
session_destroy();
header('location: index.php?action=logout');
?>
donwload file
Tidak ada komentar:
Posting Komentar