32 lines
1.0 KiB
PHP
32 lines
1.0 KiB
PHP
<?php
|
|
session_start();
|
|
include 'koneksi.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$username = mysqli_real_escape_string($conn, trim($_POST['username']));
|
|
$password = $_POST['password']; // Jangan di-trim jika password mengandung spasi
|
|
|
|
$sql = "SELECT * FROM users WHERE username = '$username' LIMIT 1";
|
|
$result = mysqli_query($conn, $sql);
|
|
|
|
if ($result && mysqli_num_rows($result) === 1) {
|
|
$user = mysqli_fetch_assoc($result);
|
|
|
|
// Verifikasi password (menggunakan hash)
|
|
if (password_verify($password, $user['password'])) {
|
|
$_SESSION['user_id'] = (int)$user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['nama'] = $user['nama'];
|
|
$_SESSION['role'] = $user['role']; // Sesi role diisi di sini
|
|
|
|
// Arahkan ke dashboard
|
|
header("Location: dashboard.php");
|
|
exit;
|
|
} else {
|
|
$error = "Password salah!";
|
|
}
|
|
} else {
|
|
$error = "Username tidak ditemukan!";
|
|
}
|
|
}
|
|
?>
|