Login.php
<
table width
=
"300"
border
=
"0"
align
=
"center"
cellpadding
=
"0"
cellspacing
=
"1"
bgcolor
=
"#CCCCCC"
>
<
tr
>
<
form name
=
"form1"
method
=
"post"
action
=
"checklogin.php"
>
<
td
>
<
table width
=
"100%"
border
=
"0"
cellpadding
=
"3"
cellspacing
=
"1"
bgcolor
=
"#FFFFFF"
>
<
tr
>
<
td colspan
=
"3"
><
strong
>
Member Login
</
strong
></
td
>
</
tr
>
<
tr
>
<
td width
=
"78"
>
Username
</
td
>
<
td width
=
"6"
>:</
td
>
<
td width
=
"294"
><
input name
=
"myusername"
type
=
"text"
id
=
"myusername"
></
td
>
</
tr
>
<
tr
>
<
td
>
Password
</
td
>
<
td
>:</
td
>
<
td
><
input name
=
"mypassword"
type
=
"text"
id
=
"mypassword"
></
td
>
</
tr
>
<
tr
>
<
td
>&
nbsp
;</
td
>
<
td
>&
nbsp
;</
td
>
<
td
><
input type
=
"submit"
name
=
"Submit"
value
=
"Login"
></
td
>
</
tr
>
</
table
>
</
td
>
</
form
>
</
tr
>
</
table
>
Cek login.php
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username dan password yang dikirim dari form login
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// Untuk melindungi MySQL injection (http://us.php.net/mysql_real_escape_string)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// daftarkan $myusername, $mypassword dan diarahkan ke file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username dan password yang dikirim dari form login
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// Untuk melindungi MySQL injection (http://us.php.net/mysql_real_escape_string)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// daftarkan $myusername, $mypassword dan diarahkan ke file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
Kode
Php baru
<?php
ob_start();
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
ob_start();
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
Buat
file login_success.php.
// Cek jika session tidak terdaftar , redirect ke halaman utama.
// Letakkan kode ini di bagian pertama halaman web anda.
<?
session_start
();
if(!
session_is_registered
(
myusername
)){
header
(
"location:main_login.php"
);
}
?>
<html>
<body>
Buat
file logout.php
// Letakkan kode ini di bagian pertama halaman web anda.
<?
session_start();
session_destroy();
?>
<?
session_start();
session_destroy();
?>
Kode
Login Enkripsi
// username and password sent from form
$myusername=$_POST['
myusername
'];
$mypassword=$_POST['
mypassword
'];
// encrypt password
$encrypted_mypassword=md5($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='
$myusername
' and password='
$encrypted_mypassword
";
$result=mysql_query($sql);