update_log($msg, $table, $susername, 0);
$_SESSION['errmsg'] = $msg;
}
} else {
foreach ($field as $k => $val) {
$value[$k] = ${$val};
}
$field[] = "username";
$value[] = $username;
$value[0] = $id;
$sql = sql_update($table, $field, $value);
$sql = str_replace("''", "NULL", $sql);
$query = mysql_query($sql);
if ($query == 1) {
$msg = "Ubah pengguna berhasil. Id = " . $username . ".";
$ocheck = xuserlevel("id, level", "username = '******'");
$ncheck = mysql_num_rows($ocheck);
if ($ncheck > 0) {
$check = mysql_fetch_array($ocheck);
if ($level != $check['level']) {
$field = array("id", "level");
$value = array($check['id'], $level);
$sql = sql_update("xuserlevel", $field, $value);
$query3 = mysql_query($sql);
if ($query3 != 1) {
$msg .= " Ubah user level gagal. Error = " . mysql_error() . ".";
}
}
} else {
if ($level != "") {
$field = get_field("xuserlevel");
if ($xlogin == "28B60A2D") {
if ($xusername != "") {
if ($xpassword != "") {
$ouser = xuser("username, password, unit, aktif, reset, kunci", "username = '******'");
$nuser = mysql_num_rows($ouser);
if ($nuser == 1) {
$xuser = mysql_fetch_array($ouser);
if ($xuser['aktif'] == "1") {
$len = strlen($xpassword);
if (decode_password($xuser['password'], $len) == md5($xpassword)) {
$session_name = "Kh41r4";
$_SESSION[$session_name] = 1;
$_SESSION['xusername_' . $session_name] = $xuser['username'];
$_SESSION['xunit_' . $session_name] = $xuser['unit'];
$_SESSION['kunci_' . $session_name] = $xuser['kunci'];
$ouserlevel = xuserlevel("level", "username = '******'username'] . "'");
$xuserlevel = mysql_fetch_array($ouserlevel);
$_SESSION['xlevel_' . $session_name] = $xuserlevel['level'];
$msg = "Login berhasil.";
update_log($msg, 'xlogin', $xuser['username'], 1);
last_login($xuser['username']);
if ($xuser['reset'] == "0") {
?>
<meta http-equiv="refresh" content="0;URL=../index.php" /><?php
} else {
?>
<meta http-equiv="refresh" content="0;URL=../index.php?p=<?php
echo enkripsi(55);
?>
