Module Sederhana Login Authentication dan CRUD PHP 7.4 MySQLi di Webserver Apache GNU/Linux


Assalamualaikum Wr.Wb...
dengan diberikan nikmat dan rezeki dari Allah SWT, saya Mr.Gagaltotal666 akan
berbagi kepada anda yaitu tentang Module Sederhana Login Authentication
dan CRUD PHP 7.4 MySQLi di Webserver Apache GNU/Linux.

di tutorial kali ini saya akan mencoba operasi Login dan CRUD PHP 7 native
dengan menggunakan MySQLi, mulai dari melakukan koneksi
ke database, menambah (CREATE) dan Multicreate (nambah banyak),
menampilkan (READ), melakukan rubah (UPDATE)
dan menghapus (DELETE) data. Caranya tidak terlalu sulit,
mungkin bagi anda yang sudah terbiasa dengan perintah query sql
pada umumnya. Karena teknik ini, merupakan teknik yang paling
mendasar atau paling awal jika kita ingin menjadi seorang programmer.

disini saya menggunakan Frontend template Admin LTE V3
dan modal bawaan dari Admin LTE..
untuk di keamanan sudah ada yaitu SQLi dan XSS
tetapi contoh latihan ini belum server side..

sebelum nya saya share :

oke langsung saja ikuti langkah berikut

buat database terlebih dahulu, contoh seperti ini

$ create database latihan_crud;

beserta table

CREATE TABLE `accountdata` (
  `id_accountdata` int NOT NULL,
  `username_accountdata` varchar(225) NOT NULL,
  `password` varchar(255) DEFAULT NULL,
  `fullname_accountdata` varchar(255) NOT NULL,
  `level` int DEFAULT NULL,
  `status` int DEFAULT NULL,
  `createdate` datetime DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;

CREATE TABLE `accountmagang` (
  `id_accountmagang` int NOT NULL,
  `username_accountdata` varchar(255) NOT NULL,
  `email` varchar(255) DEFAULT NULL,
  `alamat` longtext,
  `kota` varchar(255) NOT NULL,
  `provinsi` varchar(255) NOT NULL,
  `tempatlahir` varchar(255) DEFAULT NULL,
  `tgllahir` date DEFAULT NULL,
  `jeniskelamin` varchar(255) DEFAULT NULL,
  `notelpn` varchar(255) DEFAULT NULL,
  `sekolahatauuniversitas` varchar(255) DEFAULT NULL,
  `pendidikanterakhir` varchar(255) NOT NULL,
  `jurusan` varchar(255) NOT NULL,
  `status` int NOT NULL,
  `foto` varchar(255) NOT NULL,
  `created_update` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE `accountmanager` (
  `id_accountmanager` int NOT NULL,
  `username_accountdata` varchar(255) NOT NULL,
  `email` varchar(255) NOT NULL,
  `alamat` longtext NOT NULL,
  `kota` varchar(255) NOT NULL,
  `provinsi` varchar(255) NOT NULL,
  `tempatlahir` varchar(255) NOT NULL,
  `tgllahir` date NOT NULL,
  `jeniskelamin` varchar(255) NOT NULL,
  `notelpn` varchar(255) NOT NULL,
  `foto` varchar(255) NOT NULL,
  `created_update` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE `accountpembimbing` (
  `id_accountpembimbing` int NOT NULL,
  `username_accountdata` varchar(255) NOT NULL,
  `email` varchar(255) NOT NULL,
  `alamat` varchar(255) NOT NULL,
  `kota` varchar(255) NOT NULL,
  `provinsi` varchar(255) NOT NULL,
  `tempatlahir` varchar(255) NOT NULL,
  `tgllahir` date NOT NULL,
  `jeniskelamin` varchar(255) NOT NULL,
  `notelpn` varchar(255) NOT NULL,
  `foto` varchar(255) NOT NULL,
  `created_update` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE `accountstaff` (
  `id_accountstaff` int NOT NULL,
  `username_accountdata` varchar(255) NOT NULL,
  `email` varchar(50) DEFAULT NULL,
  `alamat` longtext,
  `kota` varchar(50) NOT NULL,
  `provinsi` varchar(50) NOT NULL,
  `tempatlahir` varchar(50) DEFAULT NULL,
  `tgllahir` date DEFAULT NULL,
  `jeniskelamin` varchar(30) DEFAULT NULL,
  `nohp` varchar(18) DEFAULT NULL,
  `foto` varchar(100) NOT NULL,
  `created_update` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;

setelah database dan table sudah dibuat, langkah selanjutnya buat config
untuk koneksi ke database, contoh seperti ini

<?php
date_default_timezone_set('Asia/Jakarta');
// deklarasi parameter koneksi database
$server   = "127.0.0.1";
$username = "root";
$password = "";
$database = "latihan_crud_native";

// koneksi database
$koneksi = new mysqli($server, $username, $password, $database);

// cek koneksi
if ($koneksi->connect_error) {
    die('Koneksi Database Gagal Sayang ^_^ : '.$koneksi->connect_error);
}
mysqli_query($koneksi, "SET GLOBAL sql_mode = ''");
mysqli_query($koneksi, "SET SESSION sql_mode = ''");
?>

setelah itu buat index untuk login, contoh sederhana seperti ini

<?php
  include "config/config.php";
  @session_start();

  if(@$_SESSION['manager']){
    header("location: manager/index?home");
  }elseif(@$_SESSION['pembimbing']){
    header("location: pembimbing/index?home");
  }elseif(@$_SESSION['magang']){
    header("location: magang/index?home");
  }
?>

<!DOCTYPE html>
<html>
  <head>
    <meta charset="UTF-8">
    <title>Login CRUD</title>
    <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="description" content="login user">
    <meta name="keywords" content="login user" />

    <!-- favicon -->
    <link rel="shortcut icon" href="images/logo.png" />
    <!-- Bootstrap 3.3.2 -->
    <link href="assets/css-login/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
    <!-- Font Awesome Icons -->
    <link href="assets/css-login/plugins/font-awesome-4.6.3/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
    <!-- Theme style -->
    <link href="assets/css-login/css/AdminLTE.min.css" rel="stylesheet" type="text/css" />
    <!-- iCheck -->
    <link href="assets/css-login/plugins/iCheck/square/blue.css" rel="stylesheet" type="text/css" />
    <!-- Custom CSS -->
    <link href="assets/css-login/css/style.css" rel="stylesheet" type="text/css" />
  </head>
  <body class="login-page bg-login">
    <div class="login-box">
      <div style="color:#00a65a" class="login-logo">
        <a href="/latihan-login-crud"><img src="images/logo.png" width="100"></a>
      </div><!-- /.login-logo -->
      <?php
      if (empty($_GET['alert'])) {
        echo "";
      }
      // jika alert = 1
      // tampilkan pesan Gagal "username atau password salah, cek kembali username dan password Anda"
      elseif ($_GET['alert'] == 1) {
        echo "<div class='alert alert-danger alert-dismissable'>
                <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>&times;</button>
                <h4>  <i class='icon fa fa-times-circle'></i> Login Failed!</h4>
                Username dan password salah senpai T_T...
              </div>";
      }
      // jika alert = 2
      // tampilkan pesan Sukses "Anda telah berhasil logout"
      elseif ($_GET['alert'] == 2) {
        echo "<div class='alert alert-success alert-dismissable'>
                <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>&times;</button>
                <h4>  <i class='icon fa fa-check-circle'></i> Success!</h4>
                Senpai Berhasil keluar loh ^_<...
              </div>";
      }
      // jika alert = 3
      // tampilkan pesan Akun tidak aktif "Akun dinonaktifkan"
      elseif ($_GET['alert'] == 3) {
        echo "<div class='alert alert-danger alert-dismissable'>
                <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>&times;</button>
                <h4>  <i class='icon fa fa-times-circle'></i> Akun Tidak Aktif!</h4>
                akun dinonaktifkan T_T ...
              </div>";
      }
      ?>
      <div class="login-box-body">
        <p class="login-box-msg"><i class="fa fa-user icon-title"></i> Login Staff Auth :
          <a href="staff">Staff</a>
        </p>

        <form action="login-check" method="POST">
          <div class="form-group has-feedback">
            <input type="text" class="form-control" name="username_accountdata" placeholder="Username" required />
            <span class="glyphicon glyphicon-user form-control-feedback"></span>
          </div>
          <div class="form-group has-feedback">
            <input type="password" class="form-control" name="password" placeholder="Password" required />
            <span class="glyphicon glyphicon-lock form-control-feedback"></span>
          </div>
          <div class="form-group">
<select name="level" class="form-control" required>
<option value="">Pilih User</option>
<option value="1">Manager</option>
<option value="2">Pembimbing</option>
<option value="3">Peserta</option>
</select>
</div>
          <div class="row">
            <div class="col-xs-12">
              <input type="submit" class="btn btn-primary btn-lg btn-block btn-flat" name="login" value="Login" />
            </div><!-- /.col -->
          </div>
        </form>

      </div>
    </div>

    <!-- jQuery 2.1.3 -->
    <script src="assets/css-login/plugins/jQuery/jQuery-2.1.3.min.js"></script>
    <!-- Bootstrap 3.3.2 JS -->
    <script src="assets/css-login/js/bootstrap.min.js" type="text/javascript"></script>
  </body>
</html>
<?php
//}
?>

kemudian kita membuat httaccess, agar format .php tidak digunakan
contoh sebagai berikut...

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.*)$ $1.php
</IfModule>

#error halaman
RewriteEngine on

ErrorDocument 404    /latihan-login-crud/404
RewriteRule ^404/?$ 404.php

buat file 404 error juga hanya sekedar tambahan custom saja ^_^
contoh sebagai berikut sederhana 404

<html>
    <head>
        <title>404 Not Found</title>
        <style>
            body{
              background-image: url("images/404error.jpg");
            background-repeat: no-repeat;
            background-position: center;
              background-size: cover;
              font-family: verdana
            }
            h1{color: black; margin-top: 15px}
            div{text-align: center; margin-top: 15px}
            a{color: black}
        </style>
        <link rel="shortcut icon" href="images/logo.png">
    </head>
    <body>
        <div>
            <h1><a href="/latihan-login-crud">Silakan Kembali Ke Aplikasi Latihan Login CRUD !!</a></h1>
        </div>
    </body>
</html>

buat file login-check untuk session login nya,
contoh sebagai berikut

<?php

include "config/config.php";
session_start();

if(isset($_POST['login'])){

$username = mysqli_real_escape_string($koneksi, stripslashes(strip_tags(htmlspecialchars(trim($_POST['username_accountdata'])))));
$password = md5(mysqli_real_escape_string($koneksi, stripslashes(strip_tags(htmlspecialchars(trim($_POST['password']))))));
$level = $_POST['level'];

$query = mysqli_query($koneksi, "SELECT * FROM accountdata WHERE username_accountdata='$username' AND password='$password'");
if(mysqli_num_rows($query) == 0){
header("Location: index?alert=1");
}else{
$row = mysqli_fetch_assoc($query);
if ($row['status'] == 1){
if($row['level'] == 1 && $level == 1){
$_SESSION['id_accountdata'] = $row['id_accountdata'];
$_SESSION['username_accountdata'] = $username;
$_SESSION['username_accountdata'] = $row['username_accountdata'];
$_SESSION['fullname_accountdata'] = $row['fullname_accountdata'];
$_SESSION['manager'] = $row['level'];
$_SESSION['status'] = $row['status'];
$_SESSION['level'] = $row['level'];
//$_SESSION['manager'] = $cek;
header("Location: manager/index?home");
}else if($row['level'] == 2 && $level == 2){
$_SESSION['id_accountdata'] = $row['id_accountdata'];
$_SESSION['username_accountdata'] = $username;
$_SESSION['username_accountdata'] = $row['username_accountdata'];
$_SESSION['fullname_accountdata'] = $row['fullname_accountdata'];
$_SESSION['pembimbing'] = $row['level'];
$_SESSION['status'] = $row['status'];
$_SESSION['level'] = $row['level'];
header("Location: pembimbing/index?home");
}else if($row['level'] == 3 && $level == 3){
$_SESSION['id_accountdata'] = $row['id_accountdata'];
$_SESSION['username_accountdata'] = $username;
$_SESSION['username_accountdata'] = $row['username_accountdata'];
$_SESSION['fullname_accountdata'] = $row['fullname_accountdata'];
$_SESSION['magang'] = $row['level'];
$_SESSION['status'] = $row['status'];
$_SESSION['level'] = $row['level'];
header("Location: magang/index?home");
}else{
header("Location: index?alert=1");
}
}else{
header("Location: index?alert=3");
}
}
}
?>

untuk session login staf atau admin nya,
contoh sebagai berikut

<?php
// panggil file untuk koneksi ke database
require_once "../config/config.php";
session_start();

// ambil data hasil submit dari form
$username = mysqli_real_escape_string($koneksi, stripslashes(strip_tags(htmlspecialchars(trim($_POST['username_accountdata'])))));
$password = md5(mysqli_real_escape_string($koneksi, stripslashes(strip_tags(htmlspecialchars(trim($_POST['password']))))));

// pastikan username dan password adalah berupa huruf atau angka.
if (!ctype_alnum($username) OR !ctype_alnum($password)) {
header("Location: index?alert=1");
}
else {
// ambil data dari tabel user untuk pengecekan berdasarkan inputan username dan passrword
$query = mysqli_query($koneksi, "SELECT * FROM accountdata WHERE username_accountdata='$username' AND password='$password'")
or die('Ada kesalahan pada query user: '.mysqli_error($koneksi));
$rows  = mysqli_num_rows($query);

// jika data ada, jalankan perintah untuk membuat session
if ($rows > 0) {
$data  = mysqli_fetch_assoc($query);
if ($data['status'] == 1){
if($data['level']=="99"){
$_SESSION['staff'] = $username;
$_SESSION['id_accountdata']  = $data['id_accountdata'];
$_SESSION['username_accountdata'] = $data['username_accountdata'];
$_SESSION['password'] = $data['password'];
$_SESSION['fullname_accountdata'] = $data['fullname_accountdata'];
$_SESSION['staff'] = $data['level'];
$_SESSION['level'] = $data['level'];
$_SESSION['status'] = $data['status'];

// lalu alihkan ke halaman user
header("Location: dashboard?home");
}
// jika data tidak ada, alihkan ke halaman login dan tampilkan pesan = 1
else{
header("Location: index?alert=1");
}
}else{
header("Location: index?alert=3");
}
 }
// jika data tidak ada, alihkan ke halaman login dan tampilkan pesan = 1
else{
header("Location: index?alert=1");
}
}
?>



selanjut nya buat form aksi tambah dan edit,
contoh aksi tambah dan tambah multi/banyak

<?php
include("$_SERVER[DOCUMENT_ROOT]/latihan-login-crud/config/config.php");
@session_start();

if(!isset($_SESSION['staff'])){
echo '<script language="javascript">alert("Upss.. Senpai harus Login yah ^_^"); document.location="../";</script>';
}
$staff = mysqli_fetch_array(mysqli_query($koneksi,"SELECT * FROM accountdata where level = '$_SESSION[staff]'"));
?>

<?php
include("$_SERVER[DOCUMENT_ROOT]/latihan-login-crud/config/config.php");

$g=$_GET['send'];
if($g=='add')
{
    $username             = filter_input(INPUT_POST,'username_accountdata', FILTER_SANITIZE_STRING);
    $password             = filter_input(INPUT_POST,'password', FILTER_SANITIZE_STRING);
    $fullname_accountdata = filter_input(INPUT_POST,'fullname_accountdata', FILTER_SANITIZE_STRING);
    $level                = filter_input(INPUT_POST,'level', FILTER_SANITIZE_STRING);
    $status               = filter_input(INPUT_POST,'status', FILTER_SANITIZE_STRING);

    $cek = mysqli_query($koneksi,"SELECT * FROM accountdata WHERE username_accountdata='$username'");

    if($level == 99){
      if(mysqli_num_rows($cek) == 0){
        $query1  = "INSERT INTO accountdata  (username_accountdata,password,fullname_accountdata,level,status) VALUES('$username', md5('$password'),'$fullname_accountdata','$level','$status')";
        $query2  = "INSERT INTO accountstaff (username_accountdata,foto) VALUES('$username', 'logo.png')";
        mysqli_query($koneksi, $query1);
        mysqli_query($koneksi, $query2);

        if($query1 && $query2){
          echo "<script>
          alert('Data berhasil di simpan senpai ^_<');
          window.location.href='user?akun';
          </script>";
        }else{
          echo "<script>
          alert('yah Data gagal di simpan senpai T_T');
          window.location.href='user?akun';
          </script>";
        }
      }else{
        echo "<script>
        alert('Username sudah ada loh senpai T_T');
        window.location.href='user?akun';
        </script>";
      }
    }elseif($level == 1){
      if(mysqli_num_rows($cek) == 0){
        $query1  = "INSERT INTO accountdata  (username_accountdata,password,fullname_accountdata,level,status) VALUES('$username', md5('$password'),'$fullname_accountdata','$level','$status')";
        $query2  = "INSERT INTO accountmanager (username_accountdata,foto) VALUES('$username', 'logo.png')";
        mysqli_query($koneksi, $query1);
        mysqli_query($koneksi, $query2);

        if($query1 && $query2){
          echo "<script>
          alert('Data berhasil di simpan senpai ^_<');
          window.location.href='user?akun';
          </script>";
        }else{
          echo "<script>
          alert('yah Data gagal di simpan senpai T_T');
          window.location.href='user?akun';
          </script>";
        }
      }else{
        echo "<script>
        alert('Username sudah ada loh senpai T_T');
        window.location.href='user?akun';
        </script>";
      }
    }elseif($level == 2){
      if(mysqli_num_rows($cek) == 0){
        $query1  = "INSERT INTO accountdata  (username_accountdata,password,fullname_accountdata,level,status) VALUES('$username', md5('$password'),'$fullname_accountdata','$level','$status')";
        $query2  = "INSERT INTO accountpembimbing (username_accountdata,foto) VALUES('$username', 'logo.png')";
        mysqli_query($koneksi, $query1);
        mysqli_query($koneksi, $query2);

        if($query1 && $query2){
          echo "<script>
          alert('Data berhasil di simpan senpai ^_<');
          window.location.href='user?akun';
          </script>";
        }else{
          echo "<script>
          alert('yah Data gagal di simpan senpai T_T');
          window.location.href='user?akun';
          </script>";
        }
      }else{
        echo "<script>
        alert('Username sudah ada loh senpai T_T');
        window.location.href='user?akun';
        </script>";
      }
    }elseif($level == 3){
      if(mysqli_num_rows($cek) == 0){
        $query1  = "INSERT INTO accountdata  (username_accountdata,password,fullname_accountdata,level,status) VALUES('$username', md5('$password'),'$fullname_accountdata','$level','$status')";
        $query2  = "INSERT INTO accountmagang (username_accountdata,foto) VALUES('$username', 'logo.png')";
        mysqli_query($koneksi, $query1);
        mysqli_query($koneksi, $query2);

        if($query1 && $query2){
          echo "<script>
          alert('Data berhasil di simpan senpai ^_<');
          window.location.href='user?akun';
          </script>";
        }else{
          echo "<script>
          alert('yah Data gagal di simpan senpai T_T');
          window.location.href='user?akun';
          </script>";
        }
      }else{
        echo "<script>
        alert('Username sudah ada loh senpai T_T');
        window.location.href='user?akun';
        </script>";
      }
    }
}


?>


file aksi edit, contoh sebagai berikut

<?php
include("$_SERVER[DOCUMENT_ROOT]/latihan-login-crud/config/config.php");
@session_start();

if(!isset($_SESSION['staff'])){
echo '<script language="javascript">alert("Upss.. Senpai harus Login yah ^_^"); document.location="../";</script>';
}
$staff = mysqli_fetch_array(mysqli_query($koneksi,"SELECT * FROM accountdata where level = '$_SESSION[staff]'"));
?>

<?php

include("$_SERVER[DOCUMENT_ROOT]/latihan-login-crud/config/config.php");


$g=$_GET['send'];
if($g=='edit')
    {

$fullname   = filter_input(INPUT_POST,'fullname_accountdata', FILTER_SANITIZE_STRING);
$status     = filter_input(INPUT_POST,'status', FILTER_SANITIZE_STRING);

$update = mysqli_query($koneksi, "UPDATE accountdata SET fullname_accountdata='$fullname',status='$status'
WHERE id_accountdata='$_POST[id_accountdata]'") or die (mysqli_error());
if($update){
echo "<script>
alert('Data berhasil di update senpai ^_<');
window.location.href='user?akun';
</script>";
}else{
echo "<script>
alert('yah Data gagal di update senpai T_T');
window.location.href='user?akun';
</script>";
}
}
?>


file detele atau hapus, contoh sebagai berikut

<?php
include("$_SERVER[DOCUMENT_ROOT]/latihan-login-crud/config/config.php");
@session_start();

if(!isset($_SESSION['staff'])){
echo '<script language="javascript">alert("Upss.. Senpai harus Login yah ^_^"); document.location="../";</script>';
}
$staff = mysqli_fetch_array(mysqli_query($koneksi,"SELECT * FROM accountdata where level = '$_SESSION[staff]'"));
?>

<?php

include("$_SERVER[DOCUMENT_ROOT]/latihan-login-crud/config/config.php");

$id = mysqli_real_escape_string($koneksi,$_GET['id']);
$result = mysqli_query($koneksi, "DELETE FROM accountdata WHERE id_accountdata = '$id'");

if ($result){ ?>
<script language="javascript">
alert('Data Berhasil Dihapus senpai ^_<');
document.location.href="user?akun";
</script>
<?php
}else{
  ?>
  <script language="javascript">
alert('Yah Data ga Berhasil Dihapus senpai T_T');
document.location.href="user?akun";
</script>
  <?php
}

?>


buat file logout, contoh menggunakan sessions destroy

<?php
session_start();
// hapus session
session_destroy();

// alihkan ke halaman login (index.php) dan berikan alert = 2
header('Location: index?alert=2');
?>


contoh frontend











Download File Latihan Login Crud

Google Drive

oke mungkin itu saja mengenai belajar login dan CRUD
kalau ada kelasahan dan kekurangan nya
mohon berikan masukan nya yak...

sekian dan semoga bermanfaat...

Wasalamualaikum Wr.Wb...

Post a Comment

0 Comments