Postingan lainnya
register tidak masuk database
registernya sih berhasil tapi gak masuk ke dalam table ya?
register.php
<?php
require_once 'core/init.php';
if(session::exists('username')){
header('location: profile.php');
}
$errors = array();
if ( input::get('submit')) {
//call validation
$validation = new validation();
// ngecek
$validation = $validation->check(array(
'username' => array(
'required' => true,
'min' => 3,
'max' => 50,
),
'password' => array(
'required' => true,
'min' => 3,
)
));
//finish
if( $validation->passed() ){
$user->register_user(array(
'username' => input::get('username'),
'password' => password_hash(input::get('password'), PASSWORD_DEFAULT)
));
session::set('username', input::get('username'));
header('Location: profile.php');
}
else{
$errors = $validation->errors();
}
}
?>
<div class="panel panel-default">
<div class="panel-heading">
<div class="panel-title"><h1>Register</h1></div>
</div>
<form action="register.php" method="post">
<div class="panel-body">
<tr>
<td><input type='text' name='username' class="form-control" placeholder="Username"></td>
</tr>
<div class="clearfix"></div><br />
<tr>
<td><input type='password' name='password' class='form-control' placeholder="Password"></td>
</tr>
<div class="clearfix"></div><br />
<tr>
<td><input type="submit" class="btn btn-large btn-success" name="submit" value="Daftar"></td>
</tr>
<?php if(!empty($errors)){?>
<div id="errors">
<?php foreach ($errors as $error){ ?>
<li> <?php echo $error;?> </li>
<?php } ?>
</div>
<?php } ?>
</div>
</form>
</div>
user.php
<?php
class user extends db{
private $table = 'person';
private $pengguna = 'users';
public function __construct()
{
parent::__construct();
}
public function insert($pemakai,$fields = array())
{
//ambil kolom
$column = implode(",", array_keys($fields));
//ambil nilai
$valueArrays = array();
$i = 0;
foreach ($fields as $key=>$values) {
if( is_int($values) ){
$valueArrays[$i] = $this->escape($values) ;
}else{
$valueArrays[$i] = "'" . $this->escape($values) . "'";
$i++;}
}
$values = implode(",", $valueArrays);
$query = "INSERT INTO $pemakai ($column) VALUES ($values)";
return $this->run_prepare($query, 'have problem when you input data');
}
public function get_info( $pemakai,$column, $value)
{
if( !is_int($value) )
$value = "'" . $value . "'";
$query = "SELECT * FROM $pemakai WHERE $column = $value";
$result = $this->_db->prepare($query);
$result->execute();
while($row = $result->fetch(PDO::FETCH_ASSOC)) {
return $row;
}
}
public function run_prepare($query, $msg){
if($this->_db->prepare($query)) return true;
else die($msg);
}
public function escape($name){
return $this->_db->quote($name);
}
public function register_user($fields = array())
{
if( $this->insert($this->pengguna,$fields) ) return true;
else return false;
}
public function login_user($username , $password)
{
$data = $this->get_info($this->pengguna, 'username', $username);
if(password_verify(input::get('password'), $data['password']) )
return true;
else return false;
}
public function cek_nama($username)
{
$data = $this->get_info($this->pengguna, 'username', $username);
if(empty($data)) return false;
else return true;
}
public function filterinjection($value){
// Karakter yang sering digunakan untuk sqlInjection
$char = array ('-','/','\\',',','.','#',':',';','\'','"',"'",'[',']','{','}',')','(','|','`','~','!','@','%','$','^','&','*','=','?','+');
// Hilangkan karakter yang telah disebutkan di array $char
$cleanval = str_replace($char, '', trim($value));
return $cleanval;
}
public function read(){
$query = "SELECT * FROM $this->table";
$result = $this->_db->prepare($query);
$result->execute();
while($row = $result->fetch(PDO::FETCH_ASSOC))
$hasil[]=$row;
return $hasil;
}
public function post( $value)
{
$value = "'" . $value . "'";
$query = "SELECT * FROM $this->table WHERE id=$value";
$result = $this->_db->prepare($query);
$result->execute();
while($row = $result->fetch(PDO::FETCH_ASSOC))
return $row;
}
public function cari( $value, $column, $column2)
{
$value = "'%" . $value . "%'";
$query = "SELECT * FROM $this->table WHERE $column LIKE $value OR $column2 LIKE $value";
$result = $this->_db->prepare($query);
$result->execute();
while($row = $result->fetch(PDO::FETCH_ASSOC))
$hasil[]=$row;
return $hasil;
}
public function input($nama,$alamat,$gambar){
$query = "INSERT INTO $this->table VALUES('','$nama','$alamat','$gambar')";
$result = $this->_db->prepare($query);
$result->execute();
}
public function hapus($value){
$query = "DELETE FROM $this->table WHERE id='$value'";
$result = $this->_db->prepare($query);
$result->execute();
}
public function update($nama,$alamat,$gambar,$id){
$query = "UPDATE $this->table SET nama='$nama', alamat='$alamat', gambar='$gambar' WHERE id='$id'";
$result = $this->_db->prepare($query);
$result->execute();
}
public function update2($id,$nama,$alamat){
$query = "UPDATE $this->table SET nama='$nama', alamat='$alamat' WHERE id='$id'";
$result = $this->_db->prepare($query);
$result->execute();
} function Paginate($values,$per_page){
$total_values = count($values);
if(abs((int) isset($_GET['page']))){
$current_page = abs((int) $_GET['page']);
}else{
$current_page = 1;
}
$counts = ceil($total_values / $per_page);
$param1 = ($current_page - 1) * $per_page;
$this->data = array_slice($values,$param1,$per_page);
for($x=1; $x<= $counts; $x++){
$numbers[] = $x;
}
return $numbers;
}
function fetchResult(){
$resultsValues = $this->data;
return $resultsValues;
}
/*Installer*/
//membuat koneksi ke mysql
//membuat database
public function createdatabase($konek2,$databases){
mysqli_prepare($konek2,"create database ".$databases."") or die('NAMA HOSTING,USERNAME DAN PASSWORD DI HOSTING HARUS BENAR');
echo "└ konek ke server... ✓<br/>";
echo "└ berhasil membuat database! ✓<br/>";}
//membuka database yang telah dibuat
public function opendatabase($konek2,$databases){
mysqli_select_db($konek2,$databases);
echo "└ database telah ditemukan... ✓<br/>";}
//membuat table user dengan user standar
public function createtable($konek2){
mysqli_prepare($konek2,"create table users(username varchar(30) primary key not null, password varchar(32) not null)");
echo "└ berhasil membuat table! ✓<br/>";}
}
?>
db.php
<?php
/*
8"""" 8""8""8
8 eeeee eeeee e e eeee e 8 8 8 e e eeeee eeeee e e e e
8eeee 8 8 8 8 8 8 8 8 8e 8 8 8 8 8 8 8 8 8 8 8 8
88 8eee8 8e 8 8eee8 8eee 8e 88 8 8 8e 8 8eee8e 8eee8 8eee8 8eeee8
88 88 8 88 8 88 8 88 88 88 8 8 88 8 88 8 88 88 8 88
88 88 8 88ee8 88 8 88ee 88eee 88 8 8 88ee8 88 8 88 88 8 88
*/
class db{
protected $_db;
private $HOST = 'localhost',
$DBNAME = 'cekula',
$USER = 'fadhel',
$PASS = '';
public function __construct(){
try
{
$this->_db = new PDO( "mysql:host=$this->HOST;dbname=$this->DBNAME",$this->USER,$this->PASS );
$this->_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e)
{
echo $e->getMessage();
echo "<br/>";
echo "GAGAL KONEK";
}
}
}
?>
input.php
<?php
class input {
public static function get($name){
if( isset($_POST[$name]) ){
return $_POST[$name];
}
else if( isset($_GET[$name]) ) {
return $_GET[$name];
}
return false;
}
}
?>
session.php
<?php
class session{
public static function exists($nama){
return(isset($_SESSION[$nama])) ? true : false ;
}
public static function set($nama, $nilai){
return $_SESSION[$nama] = $nilai;
}
public static function get($nama){
return $_SESSION[$nama];
}
}
?>
validation.php
<?php
class validation{
private $_passed = false,
$_errors = array();
public function check($items = array()){
foreach ($items as $item => $rules) {
foreach ($rules as $rule => $rule_value) {
switch ($rule) {
case 'required':
if( trim(input::get($item)) == false && $rule_value == true ) {
$this->addError(" $item wajib diisi ");
}
break;
case 'min':
if( strlen(input::get($item)) < $rule_value ) {
$this->addError(" $item minimal $rule_value 3 character ");
}
break;
case 'max':
if( strlen(input::get($item)) > $rule_value ) {
$this->addError(" $item maximal $rule_value 3 character ");
}
break;
default:
break;
}
}
}//end first foreach
if(empty($this->_errors)){
$this->_passed = true;
}
return $this;
}
private function addError($error){
$this->_errors[] = $error;
}
public function errors(){
return $this->_errors;
}
public function passed(){
return $this->_passed;
}
}
?>
core/init.php
<?php
session_start();
//load kelas
spl_autoload_register(function($class){
include 'classes/' .$class. '.php';
});
$user = new user();
?>
0
1 Jawaban:
pada user.php, menjadi gini
public function insert($pemakai, $fields = array())
{
//ambil kolom
$column = implode(',', array_keys($fields));
//ambil nilai
$valueArrays = array();
$i = 0;
foreach ($fields as $key => $values) {
$valueArrays[$i] = $this->escape($values);
++$i;
}
$values = implode(',', $valueArrays);
$query = "INSERT INTO $pemakai ($column) VALUES ($values)";
return $this->run_prepare($query, 'have problem when you input data');
}
untuk script
if( is_int($values) ){
$valueArrays[$i] = $this->escape($values) ;
}else{
$valueArrays[$i] = "'" . $this->escape($values) . "'";
$i++;}
}
dirubah karna menurut saya akan mebuat duplicate ' , jadi VALUES(blalbalba , ' 'password_hashds2346sd' ')
dan pada function prepare
public function run_prepare($query, $msg)
{
$stmt = $this->_db->prepare($query);
if ($stmt->execute()) {
return true;
} else {
die($msg);
}
}
query belum di execute..
saya udah coba, dan berhasil masukdatabase, tapi saya gak tau password yang diinput sesaui atau tidak karna menggunakan hash password :) , semoga membantu permasalahnnya
0
