Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- /*********************************
- FILENAME : session.php
- CREATE BY : CAHYA DSN
- CREATE DATE: 2013-09-23
- NOTES : latihan session
- **********************************
- USE test;
- DROP TABLE IF EXISTS `tbl_users`;
- CREATE TABLE IF NOT EXISTS `tbl_users` (
- `id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
- `username` VARCHAR(20)NOT NULL,
- `password` VARCHAR(40) NOT NULL,
- `nama` VARCHAR(25) NOT NULL,
- `alamat` VARCHAR(100) NOT NULL,
- `level` TINYINT(2) UNSIGNED NOT NULL DEFAULT '2',
- PRIMARY KEY (`id`)
- ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
- INSERT INTO tbl_users(username,password,nama,alamat,level)
- VALUES
- ('admin',SHA1('password'),'administrator','kota',1),
- ('agus',SHA1('password'),'agus sujatmiko','desa',2),
- ('budi',SHA1('password'),'budi setianto','kampung',2),
- ('carlie',SHA1('password'),'carlie','nagari',2);
- */
- //--- DATABASE CONFIGURATION
- $dbhost='localhost';
- $dbuser='root';
- $dbpass='';
- $dbname='test';
- //--- DATABASE CONNNECTION (MYSQLI)
- $db=new mysqli ($dbhost,$dbuser,$dbpass,$dbname);
- if(isset($_GET['logout']))
- {
- session_destroy();
- header('location:session.php');
- }
- elseif(!isset($_SESSION['level']))
- {
- ?>
- <!DOCTYPE html>
- <html>
- <head><title>Login User</title></head>
- <body>
- <form method="POST">
- <table>
- <tr><td>Username</td><td><input type="text" name="username"/></td></tr>
- <tr><td>Password</td><td><input type="password" name="password"/></td></tr>
- <tr><td colspan="2"><input type="submit" value="login" /></td></tr>
- </table>
- </form>
- </body>
- </html>
- <?php
- }
- elseif(isset($_POST['login']))
- {
- $sql="SELECT id,level "
- ."FROM tbl_users "
- ."WHERE username='".$_POST['username']."' "
- ."AND password=SHA1('".$_POST['password']."')";
- if($result=$db->query($sql))
- {
- if($result->num_rows==1)
- {
- $row=$result->fetch_object();
- $_SESSION['id']=$row->id;
- $_SESSION['level']=$row->level;
- header('location:session.php');
- }
- }
- }
- elseif(isset($_POST['save']))
- {
- $sql="UPDATE tbl_users SET nama='".$_POST['nama']."',alamat='".$_POST['alamat']."' WHERE id='".$_SESSION['id']."'";
- if($result=$db->query($sql)){
- header('location:session.php');
- }
- }
- elseif($_SESSION['level']==1)
- {
- $sql="SELECT id,username,nama,alamat,level FROM tbl_users";
- $data=array();
- if($result=$db->query($sql))
- {
- while($record=$result->fetch_object())
- {
- $data[]=$record;
- }
- $result->close();
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head><title>list User</title></head>
- <body>
- <table>
- <tr>
- <th>No</th><th>username</th><th>Nama</th><th>Alamat</th><th>Level</th>
- </tr>
- <?php
- $i=0;
- foreach($data as $dt)
- {
- echo "<tr>
- <td>".++$i."</td>
- <td>".$dt->username."</td>
- <td>".$dt->nama."</td>
- <td>".$dt->alamat."</td>
- <td>".($dt->level==1?'Admin':'User')."</td>
- </tr>\n";
- }
- ?>
- </table>
- <a href='session.php?logout=1'>logout</a>
- </body>
- </html>
- <?php
- }
- elseif($_SESSION['level']==2)
- {
- $sql="SELECT id,nama,alamat FROM tbl_users WHERE id=".$_SESSION['id'];
- if($result=$db->query($sql))
- {
- $record=$result->fetch_object();
- $data=array($record->id,$record->nama,$record->alamat);
- $result->close();
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head><title>Edit User</title></head>
- <body>
- <form method="POST">
- <table>
- <tr><td>Nama</td><td><input type="text" name="nama" value="<?php echo $data[1];?>" /></td></tr>
- <tr><td>Alamat</td><td><input type="text" name="nama" value="<?php echo $data[2];?>" /></td></tr>
- <tr><td colspan="2"><input type="submit" value="save" /></td></tr>
- </table>
- </form>
- <a href='session.php?logout=1'>logout</a>
- </body>
- </html>
- <?php
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement