PDO (PHP Data Objects),
adalah extension atau penambahan fitur dalam PHP yang dirancang sebagai interface
universal untuk pengaksesan berbagai jenis database (tidak hanya MySQL).
Contohnya, jika kita menggunakan PDO dalam menulis kode pemograman, lalu suatu
saat website kita bertukar database dari MySQL ke Oracle, maka kita tidak perlu
mengubah semua kode program, cukup mengubah cara pemanggilan PDO diawal program
saja.
Apa kelebihan PDO
dibanding dengan Mysql dan Mysqli?
dan menurut saya PDO itu jenis koneksi yang paling aman terhadap inject.
untuk membuat login page sederhana kita membutuhkan
config.php
index.php
logout.php
session.php
welcome.php
admin.sql
lansung aja yah
config.php
config.php
PHP:
<?php
define('DBHOST','localhost');
define('DBUSER','databaseuser');
define('DBPASS','databasepass');
define('DBNAME','databasename');
try {
//create PDO connection
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
//show error
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
exit;
}
?>
define('DBHOST','localhost');
define('DBUSER','databaseuser');
define('DBPASS','databasepass');
define('DBNAME','databasename');
try {
//create PDO connection
$db = new PDO("mysql:host=".DBHOST.";port=8889;dbname=".DBNAME, DBUSER, DBPASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
//show error
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
exit;
}
?>
index.php
PHP:
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username and passcode = :passcode');
$admin->execute(array(
':username' => $_POST['username'],
'passcode' => $_POST['password']
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
if(empty($row['username'])){
echo "Your Login Name or Password is invalid";
}else {
$_SESSION['login_user'] = $_POST['username'];
header("location: welcome.php");
}
}
?>
<form action="" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username and passcode = :passcode');
$admin->execute(array(
':username' => $_POST['username'],
'passcode' => $_POST['password']
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
if(empty($row['username'])){
echo "Your Login Name or Password is invalid";
}else {
$_SESSION['login_user'] = $_POST['username'];
header("location: welcome.php");
}
}
?>
<form action="" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
logout.php
PHP:
<?php
session_start();
if(session_destroy())
{
header("Location: index.php");
}
?>
session_start();
if(session_destroy())
{
header("Location: index.php");
}
?>
session.php
PHP:
<?php
include("config.php");
session_start();
$user_check=$_SESSION['login_user'];
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username');
$admin->execute(array(
':username' => $user_check
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
$login_session=$row['username'];
if(!isset($login_session))
{
header("Location: login.php");
}
?>
include("config.php");
session_start();
$user_check=$_SESSION['login_user'];
$admin = $db->prepare('SELECT * FROM admin WHERE username = :username');
$admin->execute(array(
':username' => $user_check
));
$row = $admin->fetch(PDO::FETCH_ASSOC);
$login_session=$row['username'];
if(!isset($login_session))
{
header("Location: login.php");
}
?>
welcome.php
PHP:
<?php
include('session.php');
?>
<body>
<h1>Welcome <?php echo $login_session; ?></h1>
<a href='logout.php'>logout</a>
</body>
include('session.php');
?>
<body>
<h1>Welcome <?php echo $login_session; ?></h1>
<a href='logout.php'>logout</a>
</body>
admin.sql
Code:
CREATE TABLE IF NOT
EXISTS `admin` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(30) COLLATE
utf8_unicode_ci DEFAULT NULL,
`passcode` varchar(30) COLLATE
utf8_unicode_ci DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci
AUTO_INCREMENT=2 ;
INSERT INTO `admin`
(`id`, `username`, `passcode`) VALUES
(1, 'admin', 'admin');
Terimakasih Telah Berkunjung Semoga Artikel Saya Bermanfaat .