Senin, 13 September 2021

CodeigNeter SQL Inject

URI SEGMENT
 ucfirst($this->uri->segment(1));

 ucfirst($this->uri->segment(2));



LIBRARY

public function __construct(){
        parent::__construct();
        $this->load->model("admin_model");

$this->load->model("periode_model");

$this->load->library('session');

                $this->load->library('form_validation');

    }

    public function index() { 

        $this->load->view("login1/index1");//halaman_login 

    } 

public function Kembali() { 

     redirect(base_url()); 

    } 


function getGuru($db,$kode){
$out=$kode;
if(strlen($kode)>0){
$field="nama_guru";
$sql="Select `$field` from `tb_guru` where `nip`='$kode'";    
$query = $db->query($sql);
$arr= $query->row();//result_array
$out= $arr->$field;
}
return $out;
}



 SeTTING SESSION

 public function proses_login() { 

        $user = $this->input->post("username");
        $pass = $this->input->post("password"); 

$loginSiswa = $this->siswa_model->cek_login($user, $pass);
if (!empty($loginSiswa)) { 

$NISN=$loginSiswa["nisn"];

$ar = $this->periode_model->getAktif();
                        $id_periode=$ar->id_periode;
                        $nama_periode=$ar->nama_periode; 

$sql1="select * from `tb_peserta`,`tb_kelas` where `tb_peserta`.`id_periode`='$id_periode' and `tb_peserta`.`nisn`='$NISN' and  `tb_peserta`.`id_kelas`=`tb_kelas`.`id_kelas` ";

$ARRAY=$this->periode_model->getSQL($sql1);
                                        $id_kelas=($ARRAY["id_kelas"]) +0; 

$this->session->set_userdata('nisn',$NISN);
$this->session->set_userdata('id_periode',$id_periode)$this->session->set_userdata('nama_periode',$nama_periode);

$this->session->set_userdata('level',$level);
                        $this->session->set_userdata('kelas',$kelas);
                        $this->session->set_userdata('id_kelas',$id_kelas);
                        $this->session->set_userdata('nama_kelas',$nama_kelas);

            $this->session->set_userdata($ar1); 

            redirect(base_url("index.php/admin")); 

        } 


else { 

            $this->session->set_flashdata("gagal", "Username atau Password Salah!"); 

            redirect(base_url()); 


Menangkap Session


$_level=$this->session->userdata("level");
$_nip=$this->session->userdata("nip");

$_id_periode=$this->session->userdata("id_periode");
$_nama_periode=$this->session->userdata("nama_periode");
$_id_kelas=$this->session->userdata("id_kelas");
$_nama_kelas=$this->session->userdata("nama_kelas"); 

$nama=getGuru($this->db,$_nip);


if($_level=="Administrator"){$this->load->view("admin/_partials/sidebaradmin.php") ;}

else if($_level=="Wali Kelas"){$this->load->view("admin/_partials/sidebarwali.php") ; }

else if($_level=="Kepala Sekolah"){$this->load->view("admin/_partials/sidebarkepsek.php"); }

else if($_level=="Guru"){$this->load->view("admin/_partials/sidebarguru.php") ;}

else if($_level=="Siswa"){$this->load->view("admin/_partials/sidebarsiswa.php") ;}




/////////////
MODEL:

public function getSQL($sql)  {

return $this->db->query($sql)->row_array();

    }

public function getSQLALL($sql)  {

return $this->db->query($sql)->result();

    }

di Tidak ada komentar:
Langganan: Postingan (Atom)

Mencari Tanggal Terakhir Suatu Bulan

  $a_date = "$tahun-$bulan-01"; $lastdate= date('t',strtotime($a_date));//Y-m-t <?php require_once"koneksivar.php&...

  • Membuat Soal Random menggunakan SESSION
    Teman2 ...mungkin sering dapat kode random..... btw ini ada share sedikit ttg membuat soal random.....yang beda disini adalah sy menggunaka...
  • Kode Download PHP
    <?php //  <a href='download.php?file=$file' title='Download File'>Download Dokumen</a>  $direktori = "...
  • Source Code Koleksi
    <?php  $sql="select `id_admin` from `$tbadmin` order by `id_admin` desc";   $jum= getJum($conn,$sql);   $kd="ADM"...