} if ($dbu->anti_sql_injection($_POST['p_uname']) and $dbu->anti_sql_injection($_POST['p_uname'])) { // lakukan proses login $passwordhash = md5(serialize($p_pwdx)); $sql = "select *\n\t\t\t\tfrom " . $app['table']['pengguna'] . "\n\t\t\t\twhere username = '******'\n\t\t\t\t\t and password = '******' and status = 'aktif'\n\t\t\t\tlimit 1"; $dbu->query($sql, $rs['login'], $nr['login']); //echo $nr['login'];exit; if ($nr['login']) { $formix->reset(); // $_SESSION['inline_edit'] = "on"; $_SESSION['adminsession'] = $appx->serialize64($dbu->fetch($rs['login'])); header("location: " . $app['webmin'] . "/index.php?act=home"); exit; } else { //echo "masuk jeh nang kene";exit; $msgx->set_msg($app[lang][error]['invalid_login']); $msgx->build_msg(); header("location: index.php"); exit; } } else { $msgx->set_msg($app[lang][error]['invalid_login']); $msgx->build_msg(); header("location: index.php"); exit; } } /******************************************************************************* * aksi : logout * deskripsi : clear all cookies redirect to admin to login form *******************************************************************************/
function validate($type, $fields, $param = '') { global $app; $msgx = new msg(); $fields = "\$" . str_replace(",", ",\$", $fields); //print_r($fields); eval("global {$fields};"); $arr = explode(",", $fields); if ($type == '') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); $cmd = "\$v = {$v};"; eval($cmd); if (!trim($v)) { $msgx->set_msg("" . $app['lang']['field'][$field] . "" . $app['lang']['error']['empty'] . ""); $_SESSION['error_flag'] = 1; } } } if ($type == 'checkbox') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); $cmd = "\$v = {$v};"; eval($cmd); if (!@count($v)) { $msgx->set_msg("" . $app['lang']['field'][$field] . "" . $app['lang']['error']['checkbox'] . ""); $_SESSION['error_flag'] = 1; } } } if ($type == 'select') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); eval("\$v = {$v};"); if (!trim($v)) { $msgx->set_msg("" . $app['lang']['field'][$field] . "" . $app['lang']['error']['select'] . ""); $_SESSION['error_flag'] = 1; } } } if ($type == 'email') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); eval("\$v = {$v};"); if (!ereg("/^(.+)@(.+)\\.(.+)\$/i", $v)) { $msgx->set_msg("" . $app['lang']['field'][$field] . "" . $app['lang']['error']['email'] . ""); $_SESSION['error_flag'] = 1; } } } if ($type == 'date') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); eval("\$v = {$v};"); list($year, $month, $date) = explode('-', $v); if (!checkdate($month, $day, $year)) { $msgx->set_msg("" . $app['lang']['field'][$field] . "" . $app['lang']['error']['date'] . ""); $_SESSION['error_flag'] = 1; } } } if ($type == 'image') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); $var = substr($v, 1); eval("\$v = {$v};"); list($file_max_size, $min_width, $max_width, $min_height, $max_height) = explode('|', $param); $file['tmp_name'] = $_FILES[$var]['tmp_name']; $file['name'] = $_FILES[$var]['name']; $file['size'] = $_FILES[$var]['size']; if ($file['size'] > 0) { $pict = getimagesize($file['tmp_name']); //print_r($pict);exit; /*if (!(($pict[2] == 1) || ($pict[2] == 2) || ($pict[2] == 13))): $error = 'ERR_TYPE'; if ($error): $msgx->set_msg("{$app[lang][field][$field]} {$app[lang][error]['image.'.$error]}"); $_SESSION[error_flag] = 1; endif; endif;*/ if ($pict[0] < $min_width || $pict[0] > $max_width || $pict[1] < $min_height || $pict[1] > $max_height) { $error = 'ERR_WIDTH'; if ($error) { $msgx->set_msg("" . $app['lang']['field'][$field] . " " . $app['lang']['error']['image.' . $error] . ""); $_SESSION['error_flag'] = 1; } } if ($file[size] > $file_max_size * 1024) { $error = 'ERR_SIZE'; if ($error) { $msgx->set_msg("" . $app['lang']['field'][$field] . " " . $app['lang']['error']['image.' . $error] . ""); $_SESSION['error_flag'] = 1; } } } } } if ($type == 'file') { while (list($k, $v) = each($arr)) { $field = substr($v, 3); $var = substr($v, 1); eval("\$v = {$v};"); list($file_max_size) = explode('|', $param); $file['tmp_name'] = $_FILES[$var]['tmp_name']; $file['name'] = $_FILES[$var]['name']; $file['size'] = $_FILES[$var]['size']; if ($file['size'] > 0) { $pict = getimagesize($file['tmp_name']); if ($file['size'] > $file_max_size * 1024) { $error = 'ERR_SIZE'; if ($error) { $msgx->set_msg("" . $app['lang']['error']['file' . $error] . ""); $_SESSION['error_flag'] = 1; } } } } } }