| Server IP : 2.57.91.168 / Your IP : 216.73.216.163 Web Server : LiteSpeed System : Linux id-dci-web1986.main-hosting.eu 5.14.0-611.26.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jan 29 05:24:47 EST 2026 x86_64 User : u686484674 ( 686484674) PHP Version : 8.0.30 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/u686484674/domains/idikotabandung.com/public_html/IDI/ |
Upload File : |
<?php
ob_start();
?>
<!DOCTIPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
<meta name="description" content="">
<meta name="author" content="">
<link rel="icon" href="assets/img/icon.png">
<title>IDI</title>
</head>
<body>
<?php
session_start();
include "koneksi.php";
// VARIABEL ini akan memastikan bahwa inputan user tidak mengandung ciri ciri tindakan SQL Injection
$username = mysqli_real_escape_string($konek, $_POST['username']);
$p = mysqli_real_escape_string($konek,md5( $_POST['password']));
//$username = $_POST["username"];
//$p = md5($_POST["password"]);
$sql = "select * from mahasiswa where npm='".$username."' and password='".$p."' and status='aktif' limit 1";
$hasil = mysqli_query ($konek,$sql);
$jumlah = mysqli_num_rows($hasil);
if ($jumlah>0) {
$row = mysqli_fetch_assoc($hasil);
if($row['level']=='admin'){
$_SESSION['username'] = $username;
$_SESSION['status'] = "login";
$_SESSION['level']= "admin";
$_SESSION['npm']= $row['npm'];
$_SESSION['nama_mhs']= $row['nama_mhs'];
header("Location:../admin/dashboard.php");
}else if($row['level']=='user'){
$_SESSION['npm']= $row['npm'];
$_SESSION['nama_mhs']= $row['nama_mhs'];
$_SESSION['level']= "user";
// jika tombol login telah diset/ diklik
// $_SESSION["npm"] = $row['npm']; // didapatkan dari inputan Username
//$_SESSION["last_login_timestamp"] = time(); // waktu model UNIX
date_default_timezone_set("Asia/Jakarta");
$agent=@$_SERVER[HTTP_USER_AGENT];
$ip=@$_SERVER['REMOTE_ADDR'];
mysqli_query($konek, "INSERT INTO user_log(npm,ip,agent,waktu)
VALUES('$row[npm]','$ip','$agent',now())");
//user login update status
/* set default timezone */
$waktu = date('Y-m-d H:i');
;
$update = mysqli_query($konek, "UPDATE mahasiswa SET login='Y',waktu='$waktu',ip='$ip',agent='$agent' WHERE npm='$row[npm]'");//kalo pake enum("Y","N")
// $query = mysqli_query($konek, "SELECT import FROM h_anggota where npm='$row[npm]' ");
// $data = mysqli_fetch_array($query);
IF( $row['active']== 1){
header("Location:project/data_pri.php?npm=$row[npm]");
//$sql2 = "select * from h_anggota where npm='".$username."' ";
// $hasil2 = mysqli_query ($konek,$sql2);
// $da = mysqli_num_rows($hasil2);
// IF( $da > 0){
// header("Location:project/datap_rev.php?npm=$row[npm]");
// }else{
// header("Location:project/ang_inp.php?npm=$row[npm]");
// }
}else{
header('Location:project/index.php');
}
// cek jika user login sebagai pengurus
}else if($row['level']=='supervisor'){
$_SESSION['npm']= $row['npm'];
$_SESSION['project']= $row['project'];
$_SESSION['nama_mhs']= $row['nama_mhs'];
$_SESSION['level']= "supervisor";
header('Location:supervisor/index.php');
}else if($row['level']=='anggota'){
$_SESSION['npm']= $row['npm'];
$_SESSION['nama_mhs']= $row['nama_mhs'];
$_SESSION['level']= "user";
header('Location:anggota/index.php');
}else if($row['level']=='direktur'){
$_SESSION['npm']= $row['npm'];
$_SESSION['project']= $row['project'];
$_SESSION['nama_mhs']= $row['nama_mhs'];
$_SESSION['level']= "direktur";
header('Location:direktur/index.php');
}else if($row['level']=='superadmin'){
$_SESSION['username'] = $username;
$_SESSION['npm']= $row['npm'];
$_SESSION['nama_mhs']= $row['nama_mhs'];
$_SESSION['level']= "supervisor";
$_SESSION['status'] = "login";
header('Location:superadmin/dashboard.php');
}else {
echo "Username atau password salah <br><a href='login2.php'>Kembali</a>";
echo "<script class ='merah'>window.alert('Notif: Username atau password salah')
window.location='login2.php'</script>";
}
}else{
echo "<script class ='merah'>window.alert('Notif: Username,Password salah..') window.location='login2.php'</script>";
header("location:login2.php?pesan=Login gagal,Username Atau Password salah..!");
}
?>
</body>
</html>
<?php
ob_end_flush();
?>