Files
UAS_SIG/login.php
T
2026-06-02 03:12:01 +00:00

93 lines
2.8 KiB
PHP

<?php
session_start();
require_once __DIR__ . '/config/database.php';
$error = '';
if (isset($_SESSION['user'])) {
header('Location: dashboard.php');
exit;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = trim($_POST['email'] ?? '');
$password = trim($_POST['password'] ?? '');
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = ? LIMIT 1');
$stmt->execute([$email]);
$user = $stmt->fetch();
$isValid = false;
if ($user) {
// Mendukung hash SHA-256 dari seed awal database.
$isValid = hash('sha256', $password) === $user['password_hash'];
// Jika nanti kamu memakai password_hash(), baris ini juga tetap mendukungnya.
if (!$isValid && password_verify($password, $user['password_hash'])) {
$isValid = true;
}
}
if ($isValid) {
$statusAkun = $user['status_akun'] ?? 'Aktif';
if ($statusAkun !== 'Aktif') {
if ($statusAkun === 'Menunggu Verifikasi') {
$error = 'Akun kamu masih menunggu verifikasi administrator.';
} else {
$error = 'Akun kamu belum dapat digunakan. Silakan hubungi administrator.';
}
} else {
$_SESSION['user'] = [
'id' => (int)$user['id'],
'nama' => $user['nama'],
'email' => $user['email'],
'role' => $user['role'],
'rumah_ibadah_id' => $user['rumah_ibadah_id'] ? (int)$user['rumah_ibadah_id'] : null,
'status_akun' => $statusAkun,
];
header('Location: dashboard.php');
exit;
}
}
if ($error === '') {
$error = 'Email atau password salah.';
}
}
?>
<!DOCTYPE html>
<html lang="id">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login - SIPANTAS</title>
<link rel="stylesheet" href="assets/css/style.css">
<link rel="stylesheet" href="assets/css/landing.css">
<link rel="stylesheet" href="assets/css/responsive-fix.css">
</head>
<body class="login-page">
<main class="login-card">
<div class="brand-badge">SIPANTAS</div>
<h1>Masuk</h1>
<p>Gunakan akun yang sudah terdaftar.</p>
<a class="login-back" href="index.php">← Kembali ke beranda</a>
<?php if ($error): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<form method="POST">
<label>Email</label>
<input type="email" name="email" placeholder="nama@email.com" required>
<label>Password</label>
<input type="password" name="password" placeholder="Masukkan password" required>
<button class="btn btn-primary" type="submit">Masuk</button>
</form>
<p class="auth-switch">Belum punya akun? <a href="register.php">Daftar akun</a>.</p>
</main>
</body>
</html>