update_log($msg, $table, $susername, 0); $_SESSION['errmsg'] = $msg; } } else { foreach ($field as $k => $val) { $value[$k] = ${$val}; } $field[] = "username"; $value[] = $username; $value[0] = $id; $sql = sql_update($table, $field, $value); $sql = str_replace("''", "NULL", $sql); $query = mysql_query($sql); if ($query == 1) { $msg = "Ubah pengguna berhasil. Id = " . $username . "."; $ocheck = xuserlevel("id, level", "username = '******'"); $ncheck = mysql_num_rows($ocheck); if ($ncheck > 0) { $check = mysql_fetch_array($ocheck); if ($level != $check['level']) { $field = array("id", "level"); $value = array($check['id'], $level); $sql = sql_update("xuserlevel", $field, $value); $query3 = mysql_query($sql); if ($query3 != 1) { $msg .= " Ubah user level gagal. Error = " . mysql_error() . "."; } } } else { if ($level != "") { $field = get_field("xuserlevel");
if ($xlogin == "28B60A2D") { if ($xusername != "") { if ($xpassword != "") { $ouser = xuser("username, password, unit, aktif, reset, kunci", "username = '******'"); $nuser = mysql_num_rows($ouser); if ($nuser == 1) { $xuser = mysql_fetch_array($ouser); if ($xuser['aktif'] == "1") { $len = strlen($xpassword); if (decode_password($xuser['password'], $len) == md5($xpassword)) { $session_name = "Kh41r4"; $_SESSION[$session_name] = 1; $_SESSION['xusername_' . $session_name] = $xuser['username']; $_SESSION['xunit_' . $session_name] = $xuser['unit']; $_SESSION['kunci_' . $session_name] = $xuser['kunci']; $ouserlevel = xuserlevel("level", "username = '******'username'] . "'"); $xuserlevel = mysql_fetch_array($ouserlevel); $_SESSION['xlevel_' . $session_name] = $xuserlevel['level']; $msg = "Login berhasil."; update_log($msg, 'xlogin', $xuser['username'], 1); last_login($xuser['username']); if ($xuser['reset'] == "0") { ?> <meta http-equiv="refresh" content="0;URL=../index.php" /><?php } else { ?> <meta http-equiv="refresh" content="0;URL=../index.php?p=<?php echo enkripsi(55); ?>