alert('Password not match'); window.location='index.php?act=ganti_password' "; exit; endif; if (form::is_error()): echo " "; exit; endif; $nim = $_SESSION[membersession][nim]; $passwordhash = md5(serialize($p_password)); $sql = "update {$app[table][student]} set password = '$passwordhash' where nim = '$nim'"; db::qry($sql); echo " "; include "dsp_ganti_password.php"; exit; endif; /******************************************************************************* * Action : login * Description : *******************************************************************************/ if ($act == "login"): form::init(); form::serialize_form(); form::validate('', 'p_nim,p_password'); if (form::is_error()): echo " "; exit; endif; // cek sql injection if( db::anti_sql_injection($_POST['p_nim']) and db::anti_sql_injection($_POST['p_password'])) { // lakukan proses login $passwordhash = md5(serialize($p_password)); $sql = "select * from {$app[table][student]} where nim = '$p_nim' and password = '$passwordhash' and published = 'active' limit 1"; //print_r($sql); db::query($sql, $rs[login], $nr[login]); if (!$nr[login]): echo""; exit; else: form::reset(); //$_SESSION['membersession'] = app::serialize64(db::fetch($rs[login])); $_SESSION['membersession'] = (db::fetch($rs[login])); //print_r($_SESSION['membersession']); /*echo"";*/ // header("location: index.php"); exit; endif; } else { msg::set_msg($app[lang][error]['invalid_login']); msg::build_msg(); header("location: index.php"); exit; } endif; /******************************************************************************* * Action : logout * Description : clear all cookies redirect to admin to login form *******************************************************************************/ if ($act == "logout"): $_SESSION['membersession'] = array(); session_unset($_SESSION['membersession']); //session_destroy(); echo""; exit; endif; if ($act == 'curriculum'): $head_img = db::get_record("head_img", "title = 'Home' and published = 'active'"); if ($kat == '1'): $halaman = db::get_record("page", "page = 'E_031' and published = 'active'"); elseif ($kat == '2'): $halaman = db::get_record("page", "page = 'E_033' and published = 'active'"); elseif ($kat == '3'): $halaman = db::get_record("page", "page = 'E_063' and published = 'active'"); endif; include "dsp_curriculum.php"; exit; endif; if ($act == 'facilities'): $head_img = db::get_record("head_img", "title = 'Facilities' and published = 'active'"); $rs['fasilitas'] = db::get_recordset("facilities", "cat_id = '$kat' and published = 'active'"); include "dsp_facilities.php"; exit; endif; /*if ($act == 'class-configuration'): $head_img = db::get_record("head_img", "title = 'Home' and published = 'active'"); $halaman = db::get_record("page", "page = 'E_032' and published = 'active'"); include "dsp_class_configuration.php"; exit; endif;*/ if ($act == 'class-configuration'): $head_img = db::get_record("head_img", "title = 'Home' and published = 'active'"); //$halaman = db::get_record("page", "page = 'E_032' and published = 'active'"); if ($kat == '1'): $halaman = db::get_record("page", "page = 'E_032' and published = 'active'"); elseif ($kat == '2'): $halaman = db::get_record("page", "page = 'E_034' and published = 'active'"); elseif ($kat == '3'): $halaman = db::get_record("page", "page = 'E_065' and published = 'active'"); endif; include "dsp_class_configuration.php"; exit; endif; if ($act == 'teacher-principal'): $head_img = db::get_record("head_img", "title = 'Home' and published = 'active'"); if ($kat == '1'): $halaman = db::get_record("page", "page = 'E_035' and published = 'active'"); elseif ($kat == '2'): $halaman = db::get_record("page", "page = 'E_036' and published = 'active'"); elseif ($kat == '3'): $halaman = db::get_record("page", "page = 'E_068' and published = 'active'"); endif; $rs['teacher'] = db::get_recordset("teacher_img", "cat_id = '$kat' and published = 'active' order by post_date desc"); $rs['teacher1'] = db::get_recordset("teacher_img", "cat_id = '$kat' and published = 'active' order by post_date desc"); include "dsp_teacher_principal.php"; exit; endif; ?>