Skip to content

Instantly share code, notes, and snippets.

@Aziz-Rahman

Aziz-Rahman/login_sdfjsdjfs.php

Last active February 10, 2016 19:17
Show Gist options
  • Save Aziz-Rahman/b7f50af1a10cdcea2e81 to your computer and use it in GitHub Desktop.
Save Aziz-Rahman/b7f50af1a10cdcea2e81 to your computer and use it in GitHub Desktop.
Download ZIP
Login register with hash password 5.5 with option salt. (option salt deprecated in php 7)
Raw
login_sdfjsdjfs.php
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" role="form" id="login-customer">
<div class="form-group">
<label for="usr">Username</label>
<input type="text" name="username" class="form-control" id="usr">
</div>
<div class="form-group">
<label for="pwd">Password</label>
<input type="password" name="password" class="form-control" id="pwd">
</div>
<div class="form-group">
<button type="submit" name="login-customer" class="btn btn-danger">Masuk</button>
</div>
</form>
<?php
if ( isset( $_POST['login-customer'] ) ) :
include "includes/conn.php";
require_once "includes/functions.php";
$username = anti_injection( $_POST['username'] );
$pure_password = anti_injection( $_POST['password'] );
// hash_pswd
// $algo = PASSWORD_DEFAULT;
$salt = 'ajdf4833dn48fcncbcsh733rbb3bffbf3d';
$cost = 10;
$options = array();
if ( !empty($cost) ) $options['cost'] = (int)$cost;
if ( !empty($salt) ) $options['salt'] = $salt;
// $hash = password_hash($pass, $algo, $options);
$password = password_hash( $pure_password, PASSWORD_DEFAULT, $options );
$sql = $mysqli->query( "SELECT id_kustomer, username, password FROM member WHERE username = '$username' AND password = '$password'" );
$check = $sql->num_rows;
$data = $sql->fetch_assoc();
$verify_pass = password_verify( $pure_password, $password ); // ($pass, $hash)
if ( $check > 0 AND $verify_pass ) {
session_start();
$_SESSION['id_customer'] = $data['id_kustomer'];
$_SESSION['customer'] = $data['username'];
$_SESSION['customer_pswd'] = $data['password'];
header( 'location:check-out' ); // Direct to page check out
} else {
echo "<script>alert('Username atau password salah, silahkan ulangi.'); top.location='login-register';</script>";
}
$mysqli->close();
endif;
Raw
rgstr_jdshfjdsfsjdfsjf.php
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" role="form" id="register-customer">
<div class="form-group">
<input type="text" name="full_name" class="form-control" placeholder="Name Lengkap">
</div>
<div class="form-group">
<input type="email" name="email" class="form-control" placeholder="Email">
</div>
<div class="form-group">
<input type="text" name="telp" class="form-control" placeholder="No Telepon">
</div>
<div class="form-group">
<input type="text" name="city" class="form-control" placeholder="Kota">
</div>
<div class="form-group">
<input type="text" name="pos_code" class="form-control" placeholder="Kode Pos">
</div>
<div class="form-group">
<textarea name="address" class="form-control" rows="6" placeholder="Alamat Lengkap"></textarea>
</div>
<div class="form-group">
<input type="username" name="username" class="form-control" placeholder="Username">
</div>
<div class="form-group">
<input type="password" name="password" class="form-control" placeholder="Password">
</div>
<div class="form-group">
<button type="submit" name="register-customer" class="btn btn-info">Daftar</button>
</div>
</form>
<?php
include "includes/conn.php";
include "includes/functions.php";
if ( isset( $_POST['register-customer'] ) ) :
// var ................
$name =
$email =
$telp =
// etc ................
$pure_password = anti_injection( $_POST['password'] ); // before pswd insert to db must be validated
$salt = 'ajdf4833dn48fcncbcsh733rbb3bffbf3d';
$cost = 10;
$options = array();
if (!empty($cost)) $options['cost'] = (int)$cost;
if (!empty($salt)) $options['salt'] = $salt;
// password_hash($pass, $algo, $options);
$password = password_hash( $pure_password, PASSWORD_DEFAULT, $options ); // pswd an insert after ( validation without hash )
// check data in db
$sql = $mysqli->query( "SELECT username FROM member WHERE username = '$username'" );
$sql2 = $mysqli->query( "SELECT email FROM member WHERE email = '$email'" );
$check_user = $sql->num_rows;
$check_email = $sql2->num_rows;
if ( empty( $name ) || empty( $email ) || empty( $telp ) || empty( $city ) || empty( $pos_code ) || empty( $address ) || empty( $username ) || empty( $pure_password ) ) {
echo "<script>alert( 'Pengisian data harus lengkap, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( !preg_match( "/^[a-zA-Z ]*$/",$name ) ) {
echo "<script>alert( 'Nama tidak valid, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( filter_var( $email, FILTER_VALIDATE_EMAIL) === false ) {
echo "<script>alert( '($email) alamat email tidak valid, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( $check_email != 0 ) {
echo "<script>alert( 'Email sudah digunakan, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( ! is_numeric( $telp ) ) {
echo "<script>alert( 'No. Telp tidak valid, silahkan ulangi. Contoh: 081234234222' );
document.location.href='login-register';</script>";
}
elseif ( !preg_match( "/^[a-zA-Z ]*$/",$city ) ) {
echo "<script>alert( 'Nama kota tidak valid, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( ! is_numeric( $pos_code ) ) {
echo "<script>alert( 'Kode pos tidak valid, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( $check_user != 0 ) {
echo "<script>alert( 'Username sudah digunakan, silahkan ganti dengan yang lain.' );
document.location.href='login-register';</script>";
}
elseif ( !preg_match( "/^[a-zA-Z0-9]*$/",$username ) ) {
echo "<script>alert( 'Username hanya boleh diisi dengan karakter huruf atau angka dan tidak mengandung spasi, silahkan ulangi' );
document.location.href='login-register';</script>";
}
elseif ( strlen( $username ) < 6 ) {
echo "<script>alert( 'Panjang karakter username minimal 6 karakter, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
elseif ( strlen( $pure_password ) < 8 ) {
echo "<script>alert( 'Panjang karakter password minimal 8 karakter, silahkan ulangi.' );
document.location.href='login-register';</script>";
}
else {
//if success
$query = $mysqli->query( "INSERT INTO member( nama_lengkap, email, no_telp, kota, kode_pos, alamat, username, password ) VALUES ('$name','$email', '$telp', '$city', '$pos_code', '$address', '$username', '$password' )");
if ( $query ) {
echo "<script>alert( 'Pendaftaran berhasil disimpan. Silahkan login untuk melanjutkan.' );
document.location.href='login-register&stts=success';</script>";
// echo '<div class="alert alert-success"><a href="#" class="close" data-dismiss="alert" aria-label="close">&times;</a>Data tersimpan !</div>';
} else {
echo "Gagal tersimpan !";
}
}
endif;
Raw
xjjsjjfcjsjcjsfunctions.php
<?php
if ( ! function_exists( 'anti_injection' ) ) {
function anti_injection($data){
$filter = $mysqli->real_escape_string( stripslashes( strip_tags(htmlspecialchars( $data, ENT_QUOTES ) ) ) );
return $filter;
}
}
// etc functions
Raw
zlinkdevonline
https://developers.google.com/speed/libraries/
-jq v2 <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
-
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment