diff --git a/backend/login.php b/backend/login.php index 8c0c264..6b05b4f 100644 --- a/backend/login.php +++ b/backend/login.php @@ -23,19 +23,28 @@ if (empty($username) || empty($password)) { exit; } -$stmt = $c->prepare("SELECT id, username, password FROM users WHERE username = ?"); -$stmt->bind_param("s", $username); -$stmt->execute(); -$result = $stmt->get_result(); +try { + $stmt = $c->prepare("SELECT id, username, password FROM users WHERE username = ?"); + $stmt->bind_param("s", $username); + $stmt->execute(); + $result = $stmt->get_result(); -if ($row = $result->fetch_assoc()) { - if (password_verify($password, $row['password'])) { - // Success - $_SESSION['user_id'] = $row['id']; - $_SESSION['username'] = $row['username']; - echo json_encode(['status' => 'success', 'message' => 'Login successful']); - exit; + if ($row = $result->fetch_assoc()) { + if (password_verify($password, $row['password'])) { + // Success + $_SESSION['user_id'] = $row['id']; + $_SESSION['username'] = $row['username']; + echo json_encode(['status' => 'success', 'message' => 'Login successful']); + exit; + } } -} -echo json_encode(['status' => 'error', 'message' => 'Invalid username or password']); + echo json_encode(['status' => 'error', 'message' => 'Invalid username or password']); +} catch (mysqli_sql_exception $e) { + http_response_code(500); + echo json_encode([ + 'status' => 'error', + 'message' => 'Terjadi kesalahan query database', + 'error_detail' => $e->getMessage() + ]); +}