93 lines
2.8 KiB
PHP
93 lines
2.8 KiB
PHP
<?php
|
|
session_start();
|
|
require_once __DIR__ . '/config/database.php';
|
|
|
|
$error = '';
|
|
|
|
if (isset($_SESSION['user'])) {
|
|
header('Location: dashboard.php');
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$email = trim($_POST['email'] ?? '');
|
|
$password = trim($_POST['password'] ?? '');
|
|
|
|
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = ? LIMIT 1');
|
|
$stmt->execute([$email]);
|
|
$user = $stmt->fetch();
|
|
|
|
$isValid = false;
|
|
if ($user) {
|
|
// Mendukung hash SHA-256 dari seed awal database.
|
|
$isValid = hash('sha256', $password) === $user['password_hash'];
|
|
// Jika nanti kamu memakai password_hash(), baris ini juga tetap mendukungnya.
|
|
if (!$isValid && password_verify($password, $user['password_hash'])) {
|
|
$isValid = true;
|
|
}
|
|
}
|
|
|
|
if ($isValid) {
|
|
$statusAkun = $user['status_akun'] ?? 'Aktif';
|
|
if ($statusAkun !== 'Aktif') {
|
|
if ($statusAkun === 'Menunggu Verifikasi') {
|
|
$error = 'Akun kamu masih menunggu verifikasi administrator.';
|
|
} else {
|
|
$error = 'Akun kamu belum dapat digunakan. Silakan hubungi administrator.';
|
|
}
|
|
} else {
|
|
$_SESSION['user'] = [
|
|
'id' => (int)$user['id'],
|
|
'nama' => $user['nama'],
|
|
'email' => $user['email'],
|
|
'role' => $user['role'],
|
|
'rumah_ibadah_id' => $user['rumah_ibadah_id'] ? (int)$user['rumah_ibadah_id'] : null,
|
|
'status_akun' => $statusAkun,
|
|
];
|
|
header('Location: dashboard.php');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if ($error === '') {
|
|
$error = 'Email atau password salah.';
|
|
}
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="id">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Login - SIPANTAS</title>
|
|
<link rel="stylesheet" href="assets/css/style.css">
|
|
<link rel="stylesheet" href="assets/css/landing.css">
|
|
<link rel="stylesheet" href="assets/css/responsive-fix.css">
|
|
</head>
|
|
<body class="login-page">
|
|
<main class="login-card">
|
|
<div class="brand-badge">SIPANTAS</div>
|
|
<h1>Masuk</h1>
|
|
<p>Gunakan akun yang sudah terdaftar.</p>
|
|
<a class="login-back" href="index.php">← Kembali ke beranda</a>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
|
|
<?php endif; ?>
|
|
|
|
<form method="POST">
|
|
<label>Email</label>
|
|
<input type="email" name="email" placeholder="nama@email.com" required>
|
|
|
|
<label>Password</label>
|
|
<input type="password" name="password" placeholder="Masukkan password" required>
|
|
|
|
<button class="btn btn-primary" type="submit">Masuk</button>
|
|
</form>
|
|
|
|
<p class="auth-switch">Belum punya akun? <a href="register.php">Daftar akun</a>.</p>
|
|
|
|
</main>
|
|
</body>
|
|
</html>
|