Rabu, 21 April 2010

Autentifikasi dengan session

Kode untuk halaman muka, simpan dengan nama index.php :

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

<title>Halaman Administrator</title>

<style type="text/css">

.inner {

margin: 200px auto;

padding: 20px;

width: 240px;

border: 1px solid #333;

bgcolor: grey;

}

</style>

</head>

<body>

<?php

ini_set('display_errors', 1);

define('_VALID', 1);

// include file eksternal

require_once('./authSES.php');

init_login();

validate();

?>

<h3>Simulasi Halaman Admin</h3>

<p>

<a href="?m=logout">Logout</a>

<p>

Menu-menu admin ada di sini

</body>

</html>


kode untuk proses authentifikasi, simpan dengan nama authSES.php:

<?php

session_start();

defined('_VALID') or die('not allowed');

function init_login() {

// Simulasi data account nama dan password

$nama = 'habi';

$pass = 'ahmad';

if (isset($_POST['nama']) && isset($_POST['pass'])) {

$n = trim($_POST['nama']);

$p = trim($_POST['pass']);

if ( ($n === $nama) && ($p === $pass) ) {

// Jika sama, set cookie

$_SESSION['nlogin'] = '$n';

$_SESSION['time'] = 'time()';

// redireksi

?>

<script type="text/javascript">

document.location.href="./";

</script>

<?php

} else {

echo 'Nama/Password Tidak Sesuai';

return false;

}

}

}

function validate() {

if (!isset($_SESSION['nlogin']) || !isset($_SESSION['time']) ) { ?>

<div class="inner">

<form action="" method="post">

<table bgcolor='green' border=0 cellpadding=5>

<tr>

<td>Nama</td>

<td><input type="text" name="nama" /></td>

</tr>

<tr>

<td>Password</td>

<td><input type="password" name="pass" /></td>

</tr>

<tr>

<td></td>

<td><input type="submit" value="LOGIN" /></td>

</tr>

</table>

</form>

</div>

<?php

exit;

}

if (isset($_GET['m']) && $_GET['m'] == 'logout') {

// Hapus cookie

if (isset($_SESSION['nlogin'])) {

unset ($_SESSION ['nlogin']);

$_SESSION [time()] = 'time() - 1';

}

if (isset($_SESSION['time'])) {

unset ($_SESSION ['time']);

$_SESSION ['time'] = 'time() - 1';

}

// redireksi halaman

?>

<script type="text/javascript">

document.location.href="./";

</script>

<?php

}

}

?>

Tidak ada komentar:

Posting Komentar