Belajar PHP: Membuat File LoginCheck.php

Berikut ini adalah contoh-contoh kode sederhana untuk membuat file login check dengan bahasa php yang saat ini sedang saya pelajari dengan metode ATM (Amati Tiru Modifikasi), dari beberapa tutorial php yang saya dapat dari internet kemudian saya amati dan pelajari, saya tiru dan saya coba di localhost, kemudian saya modifikasi. Dibawah ini akan ada 3 contoh file login check yang hampir sama namun terdapat beberapa perbedaan pada bagian retrieve username and password.

Kode ke-1


<?php

// Initialize session
session_start();

// Include database connection settings
include('config.inc');

// Connect to server and select database.
mysql_connect("$hostname", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select database");

// username and password sent from form
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

// encrypt password
$encrypted_mypassword = md5($mypassword);

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

// Retrieve username and password from database according to user's input
$sql = "SELECT * FROM $tbl_name WHERE username = '$myusername' and password = '$encrypted_mypassword'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
// Register $myusername, $mypassword and redirect to file "securedpage.php"
session_register("myusername");
session_register("mypassword");
header("location: securedpage.php");
}
else {
// Jump to login page
header('Location: index.php');
}

?>

Kode ke-2

<?php

// Initialize session
session_start();

// Include database connection settings
include('config.inc');

// Connect to server and select database.
mysql_connect("$hostname", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select database");

// username and password sent from form
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);

// Retrieve username and password from database according to user's input
$result = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['myusername']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['mypassword'])) . "')");

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
// Register $myusername, $mypassword and redirect to file "securedpage.php"
session_register("myusername");
session_register("mypassword");
header("location: securedpage.php");
}
else {
// Jump to login page
header('Location: index.php');
}

?>

Kode ke-3

<?php

// Initialize session
session_start();

// Include database connection settings
include('config.inc');

// Connect to server and select database.
mysql_connect("$hostname", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select database");

// username and password sent from form
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);

// Retrieve username and password from database according to user's input
$sql = "SELECT * FROM $tbl_name WHERE (username = '" . mysql_real_escape_string($_POST['myusername']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['mypassword'])) . "')";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
// Register $myusername, $mypassword and redirect to file "securedpage.php"
session_register("myusername");
session_register("mypassword");
header("location: securedpage.php");
}
else {
// Jump to login page
header('Location: index.php');
}

?>

Ke tiga kode diatas sudah saya coba di localhost dan berhasil, namun kode manakah yang paling efektif dan efisien secara fungsional? adakah dari kalian yang mampu menjelaskan dan membantu saya memahami php :)

About these ads
This entry was posted in computer science, my notes, php and tagged . Bookmark the permalink.

5 Responses to Belajar PHP: Membuat File LoginCheck.php

  1. Neng Ucrit says:

    kode pertama, soalnya kurang suka klo manggil fungsi untuk dipanggil di command sqlnya (kepanjangan).
    trus koneksi dbnya koq ga dibikin file include aja sm kayak config? biar ga dipanggil berulang2 maksudnya :D
    btw, ini kodenya koq ga ada syntax highlightingnya? :mrgreen:

    • Prasetyo Muchlas says:

      Terima kasih Prihandini Astuti atas masukannya, saya terima dengan baik ^^
      udah di update dengan syntax highlight-nya, untuk koneksi database-nya bisa juga di bikin file include, namun biarlah.. biar yang membaca bisa ngerti koneksi ke database, mungkin insya Alloh kedepannya mau posting halaman login sederhana yang lengkap ^^

  2. Nisa says:

    wah.. saya mumet bacanya, gak ngerti bahasa pemrogaman.. ^^”

  3. Thomaz Thom says:

    saya lagi belajar ni…. baru bisa html aja.. pengen lanjut malah bingung.. >_<

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s