wichaksono/contoh-code-rapi.php

## contoh-code-rapi.php
<?php
session_start();
require 'config.php';
/**
 * Check POST request
 */
if (isset($_POST['username']) && isset($_POST['password'])) {
    // SQL syntax to get username & password
    $sql_check = "SELECT nama,
                         level_user,
                         id_user
                  FROM users
                  WHERE
                       username=?
                       AND
                       password=?
                  LIMIT 1";

    // start prepare
    $check_log = $dbconnect->prepare($sql_check);
    $check_log->bind_param('ss', $username, $password);

    $username = $_POST['username'];
    $password = md5($_POST['password']);

    $check_log->execute();

    $check_log->store_result();

    // check result, if valid username & password
    if ($check_log->num_rows == 1) {
        $check_log->bind_result($nama, $level_user, $id_user);

        // save user ID to session
        while ($check_log->fetch()) {
            $_SESSION['user_login'] = $level_user;
            $_SESSION['sess_id']    = $id_user;
            $_SESSION['nama']       = $nama;
        }

        $check_log->close();

        // redirect
        header('location:on-'.$level_user);
        exit();
    } else {
        // if username & password not valid
        header('location: login.php?error='.base64_encode('Username dan Password Invalid!!!'));
        exit();
    }
} else {
    header('location:login.php');
    exit();
}
	<?php
	session_start();
	require 'config.php';
	/**
	* Check POST request
	*/
	if (isset($_POST['username']) && isset($_POST['password'])) {
	// SQL syntax to get username & password
	$sql_check = "SELECT nama,
	level_user,
	id_user
	FROM users
	WHERE
	username=?
	AND
	password=?
	LIMIT 1";

	// start prepare
	$check_log = $dbconnect->prepare($sql_check);
	$check_log->bind_param('ss', $username, $password);

	$username = $_POST['username'];
	$password = md5($_POST['password']);

	$check_log->execute();

	$check_log->store_result();

	// check result, if valid username & password
	if ($check_log->num_rows == 1) {
	$check_log->bind_result($nama, $level_user, $id_user);

	// save user ID to session
	while ($check_log->fetch()) {
	$_SESSION['user_login'] = $level_user;
	$_SESSION['sess_id'] = $id_user;
	$_SESSION['nama'] = $nama;
	}

	$check_log->close();

	// redirect
	header('location:on-'.$level_user);
	exit();
	} else {
	// if username & password not valid
	header('location: login.php?error='.base64_encode('Username dan Password Invalid!!!'));
	exit();
	}
	} else {
	header('location:login.php');
	exit();
	}