diff --git a/api/auth/Login.php b/api/auth/Login.php
index 8e4dd3e61a5577fec5789d57a2bec79bd2ee2637..19b08b93699796e1bdb182850be34abe1d8dbb10 100644
--- a/api/auth/Login.php
+++ b/api/auth/Login.php
@@ -5,18 +5,20 @@ include "../../config/config.php";
include "../../app/core/database.php";
$key = "mahasiswa_leveling";
-
$username = $_POST['username'];
-$uen_password = $_POST['password'];
-$password = openssl_encrypt($uen_password, "AES-256-CBC", $key, 0, substr(md5($key), 0, 16));
-
+$password = $_POST['password'];
+// $password = openssl_encrypt($uen_password, "AES-256-CBC", $key, 0, substr(md5($key), 0, 16));
$conn = Database::getInstance();
+$query = "SELECT * FROM users WHERE username = ?";
+$stmt = $conn->prepare($query);
+$stmt->bind_param("s", $username);
+$stmt->execute();
+$result = $stmt->get_result();
+$data = $result->fetch_assoc();
+$hashPassword = $data['password'];
-$result = $conn->query("SELECT * FROM users WHERE username = '$username' AND password = '$password'");
-
-if ($result->num_rows > 0) {
+if (password_verify($password, $hashPassword)) {
$_SESSION['username'] = $username; // Menyimpan username dalam sesi
- $data = $result->fetch_assoc();
$_SESSION['isAdmin'] = $data['isAdmin']; // Menyimpan isAdmin dalam sesi
echo 'success';
} else {
diff --git a/api/auth/Register.php b/api/auth/Register.php
index 697b1f227344b4891be16865b56056b924c53a96..bda851153fe5abff08087eee07dfe226825e9adb 100644
--- a/api/auth/Register.php
+++ b/api/auth/Register.php
@@ -10,14 +10,67 @@ $email = $_POST['email'];
$password = $_POST['password'];
$key = "mahasiswa_leveling";
-$en_password = openssl_encrypt($password, "AES-256-CBC", $key, 0, substr(md5($key), 0, 16));
+ini_set('display_errors', 1);
+// $en_password = openssl_encrypt($password, "AES-256-CBC", $key, 0, substr(md5($key), 0, 16));
+$en_password = password_hash($password, PASSWORD_BCRYPT);
$conn = Database::getInstance();
-$sql = "INSERT INTO users (username, email, password) VALUES ('$username', '$email', '$en_password')";
-if ($conn->query($sql) === TRUE) {
- $_SESSION['username'] = $username; // Menyimpan username dalam sesi
- echo 'success';
+$conn->begin_transaction();
+
+$sql = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
+$stmt = $conn->prepare($sql);
+$stmt->bind_param("sss", $username, $email, $en_password);
+
+if ($stmt->execute() === TRUE) {
+ try {
+ $arg0 = $username;
+ $arg1 = password_hash($password, PASSWORD_BCRYPT);
+ $requestBody = '<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
+ <Body>
+ <restCode xmlns="http://service.example.org/">
+ <arg0 xmlns="">' . $arg0 . '</arg0>
+ <arg1 xmlns="">' . $arg1 . '</arg1>
+ </restCode>
+ </Body>
+ </Envelope>';
+ // echo $requestBody;
+ $curl = curl_init();
+ curl_setopt($curl, CURLOPT_URL, '192.168.0.218:8081/code');
+ curl_setopt($curl, CURLOPT_POST, true);
+ curl_setopt($curl, CURLOPT_HTTPHEADER, [
+ 'Content-Type: text/xml; charset="utf-8"',
+ 'X-API-KEY: PHPClient',
+ ]);
+ curl_setopt($curl, CURLOPT_POSTFIELDS, $requestBody);
+ curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+
+ $response = curl_exec($curl);
+ if ($response === false) {
+ $error = curl_error($curl);
+ echo 'cURL Error: ' . $error;
+ $conn->rollback();
+ } else {
+ $responseXml = simplexml_load_string($response);
+ $returnValue = $responseXml->xpath('//return');
+ $value = (string) $returnValue[0];
+
+ if ($value === '1') {
+ $conn->commit();
+ echo "success";
+
+ } else {
+ echo "error. failed create token";
+ $conn->rollback();
+ }
+ }
+ curl_close($curl);
+
+
+ } catch (Exception $e) {
+ $conn->rollback();
+ echo "error " . $e->getMessage();
+ }
} else {
echo 'error';
}