Untitled

<?php
session_start();
include('config.php');

$username = $_POST['username'];
$password = $_POST['password'];

// Pastikan koneksi sudah benar
if (!$koneksi) {
    die("Connection failed: " . mysqli_connect_error());
}

// Buat query dengan parameter
$query = "SELECT * FROM dashboard_manajemen WHERE nik = ?";

// Siapkan statement
$stmt = mysqli_prepare($koneksi, $query);

if ($stmt === false) {
    die("Failed to prepare the statement: " . mysqli_error($koneksi));
}

// Ikat parameter
mysqli_stmt_bind_param($stmt, 's', $username);

// Jalankan query
mysqli_stmt_execute($stmt);

// Ambil hasilnya
$result = mysqli_stmt_get_result($stmt);

if (mysqli_num_rows($result) == 1) {
    // Ambil data user
    $user = mysqli_fetch_array($result);

    // Verifikasi password
    if (password_verify($password, $user['pass'])) {
        // Set session jika password valid
        $_SESSION['nama'] = $user['nama'];
        $_SESSION['jnj_jabatan'] = $user['jnj_jabatan'];
        header('location:../site');
    } else {
        // Password salah
        header('location:../index.php?error=1');
    }
} elseif ($username == '' || $password == '') {
    header('location:../index.php?error=2');
} else {
    // Username tidak ditemukan
    header('location:../index.php?error=1');
}

// Tutup statement dan koneksi
mysqli_stmt_close($stmt);
mysqli_close($koneksi);
?>