· 7 years ago · Jul 17, 2018, 02:44 PM
1if (isset($_POST['login'])) {
2 $post_username = mysqli_real_escape_string($db, trim($_POST['username']));
3 $post_password = mysqli_real_escape_string($db, trim($_POST['password']));
4 $captcha = isset($_POST['g-recaptcha-response']) ? $_POST['g-recaptcha-response']:'';
5
6$secret_key = ''; //masukkan secret key-nya berdasarkan secret key masig-masing saat create api key nya
7$error = 'Gagal kirim form: periksa nama, komentar dan captcha nya';
8if (empty($post_username) || empty($post_password)) {
9 $msg_type = "error";
10 $msg_content = "<b>Gagal:</b> Mohon mengisi semua input.";
11
12 } else if (!$captcha) {
13 $msg_type = "error";
14 $msg_content = "<b>Gagal:</b> Anda bukan manusia.";
15} else if ($captcha != '' && $post_username != '' && $post_password != '') {
16 $url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secret_key) . '&response=' . $captcha;
17 $recaptcha = file_get_contents($url);
18 $recaptcha = json_decode($recaptcha, true);
19if (!$recaptcha['success']) {
20 $msg_type = "error";
21 $msg_content = "<b>Gagal:</b> Anda bukan manusia.";
22 } else {
23
24
25
26
27 $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$post_username'");
28
29 if (mysqli_num_rows($check_user) == 0) {
30 $msg_type = "error";
31 $msg_content = "<b>Gagal:</b> Username atau password salah.";
32 } else {
33 $data_user = mysqli_fetch_assoc($check_user);
34 if(!password_verify($post_password, $data_user['password'])) { //
35 $msg_type = "error";
36 $msg_content = "<b>Gagal:</b> Username atau password salah.";
37 } else if ($data_user['status'] == "Suspended") {
38 $msg_type = "error";
39 $msg_content = "<b>Gagal:</b> Akun nonaktif.";
40 } else {
41 $_SESSION['user'] = $data_user;
42 header("Location: ".$cfg_baseurl);
43 }
44 }