· 7 years ago · Jul 20, 2018, 02:12 PM
1<?php
2session_start();
3
4require("mainconfig.php");
5$msg_type = "nothing";
6$site_key = "6LcRzDIUAAAAALKWHcExLVdoR6HuuZCCaE5Ux9yx";
7$secret_key = "6LcRzDIUAAAAAB0pT4vHiRdKAXMK0vOtZs_qthJc";
8
9 if(isset($_POST['g-recaptcha-response']))
10{
11 $api_url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $secret_key . '&response='.$_POST['g-recaptcha-response'];
12 $response = @file_get_contents($api_url);
13 $recaptcha = json_decode($response, true);
14}
15
16if (isset($_SESSION['user'])) {
17 $sess_username = $_SESSION['user']['username'];
18 $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
19 $data_user = mysqli_fetch_assoc($check_user);
20 if (mysqli_num_rows($check_user) == 0) {
21 header("Location: ".$cfg_baseurl."logout.php");
22 } else if ($data_user['status'] == "Suspended") {
23 header("Location: ".$cfg_baseurl."logout.php");
24 }
25
26 $check_order = mysqli_query($db, "SELECT SUM(price) AS total FROM orders WHERE user = '$sess_username'");
27 $data_order = mysqli_fetch_assoc($check_order);
28 $check_worder = mysqli_query($db, "SELECT * FROM orders WHERE user = '$sess_username'");
29 $count_worder = mysqli_num_rows($check_worder);
30 $count_users = mysqli_num_rows(mysqli_query($db, "SELECT * FROM users"));
31} else {
32 if (isset($_POST['login'])) {
33 if(!isset($_POST['setuju'])){
34 $msg_type = "error";
35 $msg_content = "<b>Gagal:</b> Silahkan ceklis dahulu.";
36 }else{
37 $post_username = mysqli_real_escape_string($db, trim($_POST['username']));
38 $post_password = mysqli_real_escape_string($db, trim($_POST['password']));
39 $post_password = md5($post_password);
40 if (empty($post_username) || empty($post_password)) {
41 $msg_type = "error";
42 $msg_content = "<b>Gagal:</b> Mohon mengisi semua input.";
43 } else {
44 $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$post_username'");
45 if (mysqli_num_rows($check_user) == 0) {
46 $msg_type = "error";
47 $msg_content = "<b>Gagal:</b> Username atau password salah.";
48 } else {
49 $data_user = mysqli_fetch_assoc($check_user);
50 if (!password_verify($post_password, $data_user['password'])) {
51 $msg_type = "error";
52 $msg_content = "<b>Gagal:</b> Username atau password salah.";
53 } else if ($data_user['status'] == "Suspended") {
54 $msg_type = "error";
55 $msg_content = "<b>Gagal:</b> Akun nonaktif.";
56 } else {
57 // kode
58 $agent = $_SERVER['HTTP_USER_AGENT'];
59 $ip = $_SERVER['REMOTE_ADDR'];
60 $db->query("INSERT INTO login_history VALUES('','$post_username','$date','$time','$ip','$agent')");
61 $_SESSION['user'] = $data_user;
62 header("Location: ".$cfg_baseurl);
63 }
64 }
65 }
66 }
67 }
68}
69include("lib/header.php");
70?>
71 <h3>
72 <div class="pull-right text-center">
73 </div><small><?php echo $cfg_webname; ?> -> Masuk </small>
74 </h3>
75
76 <div class="row">
77 <div class="col-md-offset-3 col-md-6">
78 <div class="panel panel-default">
79 <div class="panel-heading">
80 <h3 class="panel-title"><i class="fa fa-user"></i> Masuk</h3>
81 </div>
82 <div class="panel-body">
83 <?php
84 if ($msg_type == "error") {
85 ?>
86 <div class="alert alert-danger">
87 <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
88 <i class="fa fa-times-circle"></i>
89 <?php echo $msg_content; ?>
90 </div>
91 <?php
92 }
93 ?>
94 <form class="form-horizontal" role="form" method="POST">
95 <div class="form-group">
96 <label class="col-md-2 control-label">Username</label>
97 <div class="col-md-10">
98 <input type="text" name="username" class="form-control" placeholder="Username">
99 </div>
100 </div>
101 <div class="form-group">
102 <label class="col-md-2 control-label">Password</label>
103 <div class="col-md-10">
104 <input type="password" name="password" class="form-control" placeholder="Password">
105 </div>
106 </div>
107 <div class="form-group">
108 <label class="col-md-2 control-label"></label>
109 <div class="col-md-10">
110 <div class="checkbox icheck">
111 <label>
112 <input name="setuju" type="checkbox"> Saya menyetujui <a href="/terms">Syarat & Ketentuan</a> dari PanelMedia
113 </label>
114 </div>
115 </div>
116 </div>
117
118 <div class="form-group">
119 <div class="col-md-offset-2 col-md-10">
120 <button type="submit" class="btn btn-success btn-bordered waves-effect w-md waves-light" name="login">Masuk</button>
121 </div></div>
122 <center><div class="rblikebox"> <div> <iframe src="https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/panel-media.net/&width=245&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270" scrolling="no" frameborder="0" scrolling="no" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;"></iframe></div></center>
123
124 </div>
125 </form>
126 </div>
127 <div class="panel-footer">
128 Belum punya akun? <a class="btn btn-default btn-sm" href="<?php echo $cfg_registerurl; ?>">Daftar!</a>
129 Lupa Password? <a class="btn btn-default btn-sm" href="/forgot.php">Klik Disini</a><div><div>
130
131 <center><footer class="main-footer">
132 <!-- To the right -->
133
134 </div>
135 <!-- Default to the left -->
136 <strong>Copyright © 2018 <a href="https://panelmedia.net/">Panel Media</a></strong>
137 </footer>
138
139 </div>
140
141
142 </div>
143 </div>
144 </div>