PDO (PHP Data
Objects), adalah extension atau penambahan fitur dalam PHP yang
dirancang sebagai interface universal untuk pengaksesan berbagai jenis
database (tidak hanya MySQL). Contohnya, jika kita menggunakan PDO dalam
menulis kode pemograman, lalu suatu saat website kita bertukar database dari MySQL
ke Oracle, maka kita tidak perlu mengubah semua kode program, cukup
mengubah cara pemanggilan PDO diawal program saja.
Apa kelebihan PDO dibanding dengan Mysql dan Mysqli?
dan menurut saya PDO itu jenis koneksi yang paling aman terhadap inject.
untuk membuat login page sederhana kita membutuhkan
dan menurut saya PDO itu jenis koneksi yang paling aman terhadap inject.
untuk membuat login page sederhana kita membutuhkan
- config.php
- index.php
- logout.php
- session.php
- welcome.php
- admin.sql
lansung aja yah
config.php
PHP:
<?php
define('DBHOST','localhost');
define('DBUSER','databaseuser');
define('DBPASS','databasepass');
define('DBNAME','databasename');
try {
//create PDO connection
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
//show error
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
exit;
}
?>
define('DBHOST','localhost');
define('DBUSER','databaseuser');
define('DBPASS','databasepass');
define('DBNAME','databasename');
try {
//create PDO connection
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
//show error
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
exit;
}
?>
index.php
PHP:
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username and passcode = :passcode');
$admin->execute(array(
':username' => $_POST['username'],
'passcode' => $_POST['password']
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
if(empty($row['username'])){
echo "Your Login Name or Password is invalid";
}else {
$_SESSION['login_user'] = $_POST['username'];
header("location: welcome.php");
}
}
?>
<form action="" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username and passcode = :passcode');
$admin->execute(array(
':username' => $_POST['username'],
'passcode' => $_POST['password']
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
if(empty($row['username'])){
echo "Your Login Name or Password is invalid";
}else {
$_SESSION['login_user'] = $_POST['username'];
header("location: welcome.php");
}
}
?>
<form action="" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
logout.php
PHP:
<?php
session_start();
if(session_destroy())
{
header("Location: index.php");
}
?>
session_start();
if(session_destroy())
{
header("Location: index.php");
}
?>
session.php
PHP:
<?php
include("config.php");
session_start();
$user_check=$_SESSION['login_user'];
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username');
$admin->execute(array(
':username' => $user_check
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
$login_session=$row['username'];
if(!isset($login_session))
{
header("Location: login.php");
}
?>
include("config.php");
session_start();
$user_check=$_SESSION['login_user'];
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username');
$admin->execute(array(
':username' => $user_check
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
$login_session=$row['username'];
if(!isset($login_session))
{
header("Location: login.php");
}
?>
welcome.php
PHP:
<?php
include('session.php');
?>
<body>
<h1>Welcome <?php echo $login_session; ?></h1>
<a href='logout.php'>logout</a>
</body>
include('session.php');
?>
<body>
<h1>Welcome <?php echo $login_session; ?></h1>
<a href='logout.php'>logout</a>
</body>
admin.sql
Code:
CREATE
TABLE IF NOT EXISTS `admin` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(30) COLLATE
utf8_unicode_ci DEFAULT NULL,
`passcode` varchar(30) COLLATE
utf8_unicode_ci DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
)
ENGINE=MyISAM DEFAULT CHARSET=utf8
COLLATE=utf8_unicode_ci AUTO_INCREMENT=2 ;
INSERT
INTO `admin` (`id`, `username`, `passcode`) VALUES
(1,
'admin', 'admin');
.jpeg)
No comments:
Post a Comment