From 394bbaf918123d37cd982643dfec2c1e8b7b516e Mon Sep 17 00:00:00 2001
From: Iqbal <iqbalkhowarizmi@ymail.com>
Date: Thu, 5 Oct 2017 23:59:46 +0700
Subject: [PATCH] Added hashing for password.
---
src/controller/LoginController.php | 3 ++-
src/controller/RegisterController.php | 9 +++++----
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/controller/LoginController.php b/src/controller/LoginController.php
index 0dc3c71..e4fca67 100644
--- a/src/controller/LoginController.php
+++ b/src/controller/LoginController.php
@@ -21,8 +21,9 @@
}
if (isset($_POST['username'])) {
- if ($userData[$_POST['username']] === $_POST['password']) {
+ if ($userData[$_POST['username']] === md5($_POST['password'])) {
$_SESSION['username'] = $_POST['username'];
+ //header untuk redirect
echo "<script type='application/javascript'> alert('Login berhasil'); </script>";
} else {
echo "<script type='application/javascript'> alert('Username atau password salah'); </script>";
diff --git a/src/controller/RegisterController.php b/src/controller/RegisterController.php
index 067dad9..ad3f27b 100644
--- a/src/controller/RegisterController.php
+++ b/src/controller/RegisterController.php
@@ -9,12 +9,14 @@
include_once "Controller.php";
include_once "../model/User.php";
+ $hashedPassword = md5($_POST['password']);
+
$newUser = array(
"id" => 0,
"name" => $_POST['name'],
"username" => $_POST['username'],
"email" => $_POST['email'],
- "password" => $_POST['password'],
+ "password" => $hashedPassword,
"phone" => $_POST['phone'],
"photo" => "http://www.simian-risk.com/wp-content/themes/custom/images/empty-profile.png",
"is_driver" => 0
@@ -26,6 +28,5 @@
$pdo = DB::getInstance();
User::InsertUser($newUser, $pdo);
-
- $allUser = User::GetAllUsernameAndPassword($pdo);
- print_r($allUser);
\ No newline at end of file
+ //header untuk redirect
+ echo "<script> alert('Registrasi berhasil.');</script>";
\ No newline at end of file
--
GitLab