Uniga/authenticate.php at main · Hyousetsuu/Uniga · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
session_start();
include 'config.php';

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $username = $_POST['username'];
    $password = $_POST['password'];

    $sql = "SELECT * FROM users WHERE username='$username'";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        $user = $result->fetch_assoc();

        if (password_verify($password, $user['password'])) {
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['username'] = $user['username'];
            $_SESSION['role'] = $user['role'];
            $_SESSION['name'] = $user['name'];
            $_SESSION['id'] = $user['id']; // Pastikan ID diatur

            // Check for mahasiswa role and get jurusan
            if ($user['role'] == 'mahasiswa') {
                $mahasiswa_sql = "SELECT jurusan FROM mahasiswa WHERE user_id=".$user['id'];
                $mahasiswa_result = $conn->query($mahasiswa_sql);
                if ($mahasiswa_result->num_rows > 0) {
                    $mahasiswa = $mahasiswa_result->fetch_assoc();
                    $_SESSION['jurusan'] = $mahasiswa['jurusan'];
                }
            }

            if ($user['role'] == 'admin') {
                header("Location: admin_dashboard.php");
            } elseif ($user['role'] == 'dosen') {
                header("Location: dosen_dashboard.php");
            } elseif ($user['role'] == 'mahasiswa') {
                header("Location: mahasiswa_dashboard.php");
            }
            exit();
        } else {
            echo "Invalid password.";
        }
    } else {
        echo "No user found with this username.";
    }
}
$conn->close();
?>