<?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors = array(); $username = $password = FALSE; if (empty($_POST['username'])) { $errors[] = "username"; } else { $username = mysqli_real_escape_string($dbc, strip_tags($_POST['username'])); } if (isset($_POST['password']) && preg_match('/^[\\w]{4,20}$/', $_POST['password'])) { $password = mysqli_real_escape_string($dbc, $_POST['password']); } else { $errors[] = 'password'; } if (empty($errors)) { $result = login_admin($username, $password); if (mysqli_num_rows($result) == 1) { $user = mysqli_fetch_array($result, MYSQLI_ASSOC); $_SESSION['uid'] = $user['user_id']; $_SESSION['username'] = $user['username']; $_SESSION['email'] = $user['email']; $_SESSION['first_name'] = $user['first_name']; $_SESSION['last_name'] = $user['last_name']; $_SESSION['fullname'] = $user['fullname']; $_SESSION['date_of_birth'] = $user['date_of_birth']; $_SESSION['gender'] = $user['gender']; $_SESSION['website'] = $user['website']; $_SESSION['bio'] = $user['bio']; $_SESSION['avatar'] = $user['avatar']; $_SESSION['user_level'] = $user['user_level']; $_SESSION['LAST_ACTIVITY'] = time();
<?php // Controleur secondaire - back-office/login admin if (isset($_SESSION["admin"])) { header('Location:?module=page&action=index'); } else { if (isset($_POST["email"])) { $mail = $_POST["email"]; $mdp = md5($_POST["mdp"]); include_once "modele/admin/login_admin.php"; $admin = login_admin($mail, $mdp); if ($admin == false) { //echo "pas trouvé"; header('Location:?module=admin&action=login_admin'); } else { //echo "trouvé"; $_SESSION["admin"] = $admin; // Création du cookie header('Location:?module=page&action=index'); } } else { include_once "vue/admin/login_admin.php"; } }
$hasil = mysql_query("DELETE FROM tb_iklan WHERE timestamp<{$waktu_itu}"); // cek status if (!$hasil) { $admin .= "<p>Error: gagal menghapus iklan pada database.<br>\n{$kembali}</p>\n"; } } break; case 'proses_login': $username = filter_str($_POST['username']); $password = filter_str($_POST['password']); $password = balik_md5($password); // enkripsi password // kosongkan variabel $admin_menu $admin_menu = ''; // cek kecocokan data dengan fungsi login if (!login_admin('member', $username, $password)) { $admin = "<p>Username atau password salah.<br>\n{$kembali}</p>"; } else { $admin = "<p>Login berhasil. klik <a href='index.php'>disini</a>" . " untuk masuk admin area</p>\n"; // buatkan session karena berhasil login $_SESSION['admin'] = $username; } break; case 'logout': if (!logout('admin')) { $admin_menu = ''; // kosongkan menu $admin = "<p>Tidak bisa logout. <a href='index.php'>Login</a> dulu.</p>\n"; } else { $admin_menu = ''; // kosongkan menu
<?php ob_start(); if (isset($_SESSION['isloginAdmin']) && $_SESSION['isloginAdmin'] == true) { header('Location: admin'); } /*It can't be back to the login page once you are log-in and redirect you to admin page */ $msg = ''; $username = ''; $password = ''; if (isset($_POST['login'])) { $username = trim($_POST['username']); $password = trim($_POST['password']); if (login_admin($username, $password)) { if ($_SESSION['isloginAdmin'] == true) { header("location: admin"); } } else { $msg = '<code>Invalid login!</code>'; header('Refresh: 1'); } } ?> <header id="top" class="header"> <div class="text-vertical-center"> <form class="form-signin" method="post"> <h2><font style="color:white;">Sign in</font></h2> <label for="inputEmail" class="sr-only">Username</label> <input type="username" name="username" id="inputEmail" class="form-control" placeholder="Username" required autofocus>