laporan penyewaan online storage
DESCRIPTION
WebTRANSCRIPT
Laporan Website Penyewaan Storage Dalam Internet
Nama :
Yogi Dika Saputra (4812010024)
Kelas:
IT4 Aeu
Jl. Prof. G.A. Siwabessi, Kampus UI, Depok , Telepon 0217270036, Faksimili )21
7270035, www.pnj.ac.id
KATA PENGANTAR
Puji syukur penulis panjatkan kehadirat Allah SWT, yang atas rahmat-Nya maka
penulis dapat menyelesaikan penyusunan makalah yang berjudul “Laporan Website
Penyewaan Storage dalam Internet”. Penulisan makalah merupakan salah satu tugas dan
persyaratan untuk menyelesaikan tugas mata Database Programming Politeknik Negeri
Jakarta.
Dalam penulisan makalah ini penulis menyampaikan ucapan terima kasih yang tak
terhingga kepada pihak-pihak yang membantu dalam menyelesaikan makalahini, Secara
khusus penulis menyampaikan terima kasih kepada keluarga tercinta yang telah
memberikan dorongan dan bantuan serta pengertian yang besar kepada penulis.
Semua pihak yang tidak dapat disebutkan satu persatu, yang telah memberikan
bantuan dalam penulisan makalah ini.
Akhirnya penulis berharap semoga Allah memberikan imbalan yang setimpal pada
mereka yang telah memberikan bantuan, dan dapat menjadikan semua bantuan ini sebagai
ibadah, Amiin Yaa Robbal ‘Alamiin.
2
Table of Contents
KATA PENGANTAR.................................................................................................................................2
1. Tema..............................................................................................................................................4
2. Keterangan System........................................................................................................................4
3. Requirements Collection and Analysis...........................................................................................5
3.1 Peninjauan dokumentasi yang ada..............................................................................................5
3.2 Analisa lingkungan operasi dan pemrosesan data.................................................................5
4. Database Design & Application Design..........................................................................................6
4.1 ERD..............................................................................................................................................6
4.2 Table ERD.....................................................................................................................................6
5. Script..............................................................................................................................................7
6. ScreenShoot.................................................................................................................................32
Kata Penutup.......................................................................................................................................34
3
1. TemaWebsite Penyewaan Storage dalam Internet
2. Keterangan SystemNama folder Web : PenyewaanStorageOnline
Database : online_storage.sql
Database username : “root”
Database password : “”
Alamat : localhost/YogiDikaSaputra_tb1_IT5Aeu
Login username : yogi
Password : kartinihasan
( Bisa Melakukan Registrasi Jika ingin membuat username baru)
Keterangan file
Index.php :Halaman utama signup atau registrasi Account.php :halaman untuk membuat account storage baru deleteById.php :fungsi untuk menghapus storage account berdasarkan id homepage.php :halaman utama home user storage.php :halaman untuk melihat list storage account updateById :halaman untuk mengupdate account storage berdasarkan id active.php :fungsi untuk mengaktifkan email login.php :halaman login logout.php :fungsi untuk logout memberpage.php :halaman untuk password.php :fungsi untuk mendeskripsi password dari database
folder pembantu lain seperti :
images folder : berisi beberapa gambar yg digunakan css folder : berisi css file jss folder : berisi javascript dan jquery file includes folder : berisi config.php untuk memiliki fungsi koneksi ke database. Layout folder : berisi layout footer dan header Classes folder : berisi password.php dan user.php Fonts folder : mempunya beberapa tipe font untuk referensi
4
3. Requirements Collection and Analysis
3.1 Peninjauan dokumentasi yang ada.
Form Login
Form Storage Account
3.2 Analisa lingkungan operasi dan pemrosesan data.
Form Login
MemberID
username
password
Form Storage Account
ID
First Name
Last Name
Info
5
4. Database Design & Application Design
4.1 ERD
4.2 Table ERD
member
memberID* username pasword email active
1 Yogi ******** [email protected] yes
2 YDS ******** [email protected] yes
Storage_account
ID* fname lname info tag capacity year protection
34 Secret Doc Secret Document document 16GB 10 Superior
36 Winda Photo Shot all 2GB 6 high
5. Script
6
Account.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<head>
<meta charset="UTF-8">
<title>New Storage Account </title>
<link rel="stylesheet" href="css/style.css" type="text/css">
<link href="js/hook.css?v=1" rel="stylesheet">
</head>
<body>
<div class="hook" id="hook"></div>
<script src="js/jquery-1.9.1.min.js"></script>
<script src="js/mousewheel.js"></script>
<script src="js/hook.min.js"></script>
<script>
$('#hook').hook();
$('#hook').hook({
reloadage: false,
reloadEl: function(){
console.log('Reload');
}});</script>
<div id="page">
<div id="header">
<div id="logo">
<a href="index.html"><img src="images/logo.png" alt="LOGO"></a>
</div>
<form action="index.html" method="post" class="searchbar">
<input type="text" value="Search" onFocus="this.select();" onMouseUp="return false;">
<input type="submit" value="Go">
</form>
<ul id="navigation">
<li>
<a href="homepage.php">Home</a>
</li>
<li class="selected">
<a href="account.php">New Storage</a>
</li>
<li >
<a href="storage.php">Your Storage</a>
</li>
<li>
<a href="logout.php">Logout</a>
</li>
</ul>
</div>
<div id="contents">
<div id="blogs">
<div>
<?php include 'layout/header.php' ?>
<div class="container home">
<h3> Create New Storage Account </h3><p>
<?php
mysql_connect('localhost','root','');
mysql_select_db('online_storage');
if( isset( $_POST['create'] ) ):
7
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$info = $_POST['info'];
$tag = $_POST['tag'];
$capacity = $_POST['capacity'];
$year = $_POST['year'];
$protection = $_POST['protection'];
mysql_query("INSERT INTO storage_account(fname,lname,info,tag,capacity,year,protection)
VALUES('$fname','$lname','$info','$tag','$capacity','$year','$protection')")
or die(mysql_error());
echo "<label> Successfully Saved. </label>"; /** success message **/
endif;
?>
<form action="" method="POST">
<p>
<label> Storage Name : </label>
<input type="text" placeholder="First Name" class="input-medium" name="fname" />
<input type="text" placeholder="Last Name" class="input-medium" name="lname"/>
</p>
<p>
<label> Tag : </label>
     
<select class="span2" name="tag">
<option value="all">all</option>
<option value="video">Video</option>
<option value="document">Document</option>
<option value="file">File</option>
<option value="software">Software</option>
<option value="picture">Picture</option>
</select>
<p>
<label>
Capacity : </label>   
<select class="span2" name="capacity">
<option value="2 GB">2 GB</option>
<option value="4 GB">4 GB</option>
<option value="8 GB">8 GB</option>
<option value="16 GB">16 GB</option>
<option value="32 GB">32 GB</option>
<option value="64 GB">64 GB</option>
<option value="128 GB">128 GB</option>
<option value="256 GB">256 GB</option>
</select>
<p>
<label>
8
Year Protection: </label>
<select class="span2" name="year">
<option value="1">1 Year</option>
<option value="2">2 Years</option>
<option value="3">3 Years</option>
<option value="4">4 Years</option>
<option value="5">5 Years</option>
<option value="6">6 Years</option>
<option value="7">7 Years</option>
<option value="8">8 Years</option>
<option value="9">9 Years</option>
<option value="10">10 Years</option>
</select><p>
<label>Protection</label>
:  
<select class="span2" name="protection">
<option value="medium ">medium</option>
<option value="high ">high</option>
<option value="Superior ">Superior</option>
</select>
<p>
<label>
Information : </label><p>
<textarea name="info" cols="50" rows="5" class="span7"></textarea >
</p>
<br />
<input type="submit" name="create" value="Create New Storage Account" class="btn btn-info" />
</p>
</form>
</div>
</div>
</div>
<div class="pagination"> </div>
</div>
</div>
<!-- /#contents -->
<div id="footer">
<div>
<ul id="links">
<li>
<h4>Storage</h4>
<ul>
<li>
<a>Movies</a>
</li>
<li>
<a>Music</a>
</li>
<li>
<a>Software</a>
9
</li>
</ul>
</li>
<li>
<h4>Capacity</h4>
<ul>
<li>
<a>2GB</a>
</li>
<li>
<a>64GB</a>
</li>
<li>
<a>128GB</a>
</li>
</ul>
</li>
<li>
<h4>Protection</h4>
<ul>
<li>
<a>Medium</a>
</li>
<li>
<a>High</a>
</li>
<li>
<a>Superior</a>
</li>
</ul>
</li>
<li>
<h4>Social Links</h4>
<ul id="connect">
<li>
<a href="https://twitter.com/" target="_blank" class="twitter">Twitter</a>
</li>
<li>
<a href="https://www.facebook.com/" target="_blank" class="facebook">Facebook</a>
</li>
<li>
<a href="https://plus.google.com/" target="_blank" class="googleplus">Google +</a>
</li>
</ul>
</li>
</ul>
<p class="footnote">
Yogi Dika Saputra
</p>
10
</div>
</div>
</div>
</body>
</html>
Active.php
<?php
require('includes/config.php');
//menerima value dari link
$memberID = $id;
$active = $activasion;
//jika id adalah number dan the active token tidak kosong carry on
if(is_numeric($memberID) && !empty($active)){
deletebyID.php
<?php
mysql_connect('localhost','root','');
mysql_select_db('online_storage');
$id = $_GET['id'];
mysql_query("DELETE FROM storage_account where ID = '$id'");
header("Location: storage.php");
?>
Homepage.php
$stmt = $db->prepare("UPDATE members SET active = 'Yes' WHERE memberID = :memberID AND active = :active");
$stmt->execute(array(
':memberID' => $memberID,
':active' => $active
));
//jika telah diupdate lakukan redirect
if($stmt->rowCount() == 1){
//redirect ke login page
header('Location: login.php?action=active');
exit;
} else {
echo "Your account could not be activated.";
}
}
?>
Homepage.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<?php require('includes/config.php');
if(!$user->is_logged_in()){ header('Location: login.php'); }
$title = 'Home Page';
require('layout/header.php');
?>
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/style.css" type="text/css">
<link href="js/hook.css?v=1" rel="stylesheet">
</head>
<body>
11
<div class="hook" id="hook"></div>
<script src="js/jquery-1.9.1.min.js"></script>
<script src="js/mousewheel.js"></script>
<script src="js/hook.min.js"></script>
<script>
$('#hook').hook();
$('#hook').hook({
reloadPage: false,
reloadEl: function(){
console.log('Reload');
}});
</script>
<div id="page">
<div id="header">
<div id="logo">
<a href="homepage.php"><img src="images/logo.png" alt="LOGO"></a>
</div>
<form action="homepage.php" method="post" class="searchbar">
<input type="text" value="Search" onFocus="this.select();" onMouseUp="return false;">
<input type="submit" value="Go">
</form>
<ul id="navigation">
<li class="selected">
<a href="homepage.php">Home</a>
</li>
<li>
<a href="account.php">New Storage </a
></li>
<li>
<a href="storage.php">Your Storage</a>
</li>
<li>
<a href="logout.php">Logout</a>
</li>
</ul>
</div>
<div id="contents">
<div id="adbox">
<div class="info">
<h1>Welcome to YDS Online Storage</h1>
<p>YDS Online Storage is a Website that give service leasing storage for various types of files with many choices of capacity and the type of protection options.</p>
<p> </p>
<p>Click button below for create new storage account..</p>
<a href="account.php" class="more">New Storage</a>
</div>
<img src="images/home_cloud.png" alt="Img" height="404" width="639"> </div>
<!-- /#adbox -->
<h1>Rental of storage on the Internet</h1>
<div class="section">
<p class="column2">
YDS Online Storage is a Website that give service leasing storage</p>
<p class="column2">
Storage for various types of files with many choices of capacity and the type of protection options.
</p>
<h4>contact : [email protected]</h4>
</div>
<ul id="categories" class="section">
12
<li>
<img src="images/gear.png" alt="Img" height="53" width="60">
<h3>New Storage Account</h3>
<p>
Make New Storage Account for your diferent functional on your storage service
</p>
<a href="account.php" class="select">Select</a>
</li>
<li>
<img src="images/graph.png" alt="Img" height="53" width="60">
<h3>Your Storage Account</h3>
<p>
Edit and Delete Your storage Account for better personalization
</p>
<a href="storage.php" class="select">Select</a>
</li>
<li>
<img src="images/globe.png" alt="Img" height="53" width="60">
<h3>HomePage
</h3>
<p>
Back to Homepage and keep stay tune to your storage
</p>
<a href="homepage.php" class="select">Select</a>
</li>
</ul>
</div>
<div id="footer">
<div>
<ul id="links">
<li>
<h4>Storage</h4>
<ul>
<li>
<a>Movies</a>
</li>
<li>
<a>Music</a>
</li>
<li>
<a>Software</a>
</li>
</ul>
</li>
<li>
<h4>Capacity</h4>
<ul>
<li>
<a>2GB</a>
</li>
<li>
13
<a>64GB</a>
</li>
<li>
<a>128GB</a>
</li>
</ul>
</li>
<li>
<h4>Protection</h4>
<ul>
<li>
<a>Medium</a>
</li>
<li>
<a>High</a>
</li>
<li>
<a>Superior</a>
</li>
</ul>
</li>
<li>
<h4>Social Links</h4>
<ul id="connect">
<li>
<a href="https://twitter.com/" target="_blank" class="twitter">Twitter</a>
</li>
<li>
<a href="https://www.facebook.com/" target="_blank" class="facebook">Facebook</a>
</li>
<li>
<a href="https://plus.google.com/" target="_blank" class="googleplus">Google +</a>
</li>
</ul>
</li>
</ul>
<p class="footnote">
yogi dika saputra
</p>
</div>
</div>
</div>
</body>
</html>
Storage.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<head>
<meta charset="UTF-8">
<title>Your Storage </title>
14
<link rel="stylesheet" href="css/style.css" type="text/css">
<link href="js/hook.css?v=1" rel="stylesheet">
</head>
<body>
<div class="hook" id="hook"></div>
<script src="js/jquery-1.9.1.min.js"></script>
<script src="js/mousewheel.js"></script>
<script src="js/hook.min.js"></script>
<script>
$('#hook').hook();
$('#hook').hook({
reloadPage: false,
reloadEl: function(){
console.log('Reload');
}});
</script>
<div id="page">
<div id="header">
<div id="logo">
<a href="homepage.php"><img src="images/logo.png" alt="LOGO"></a>
</div>
<form action="index.html" method="post" class="searchbar">
<input type="text" value="Search" onFocus="this.select();" onMouseUp="return false;">
<input type="submit" value="Go">
</form>
<ul id="navigation">
<li>
<a href="homepage.php">Home</a>
</li>
<li>
<a href="account.php">New Storage</a>
</li>
<li class="selected">
<a href="storage.php">Your Storage</a>
</li>
<li>
<a href="logout.php">Logout</a>
</li>
</ul>
</div>
<div id="contents">
<div id="blogs">
<div>
<?php include 'layout/header.php'?>
<div class="container home">
<h3> Your Storage Account </h3><p><p>
<?php mysql_connect('localhost','root','');
mysql_select_db('online_storage'); ?>
<table width="900" border="1" >
<thead align="center">
<tr>
<th width="35" height="73" align="center" > <div align="center">ID</div></th>
<th width="145" align="center"><div align="center">Name</div></th>
<th width="121" align="center"><div align="center">Tag </div></th>
<th width="220" align="center"><div align="center">Capacity, Year and Protection</div></th>
<th width="193" ><div align="center">Information</div></th>
15
<th width="146"> <div align="center">Operation</div></th>
</tr>
</thead>
<tbody>
<?php
$result = mysql_query("SELECT * FROM storage_account");
while($data = mysql_fetch_object($result) ):
?>
<tr>
<td height = "73"><div align="center"><?php echo $data->ID ?></div></td>
<td><div align="center"><?php echo $data->fname." ".$data->lname ?></div></td>
<td><div align="center"><?php echo $data->tag?></div></td>
<td><div align="center"><?php echo $data->capacity." ".$data->year." year ".$data->protection ?></div></td>
<td><div align="center"><?php echo $data->info?></div></td>
<td align="center">
<div align="center"><a href="updatebyId.php?id=<?php echo $data->ID ?>">
<button class="btn btn-info"> Edit </button>
</a>
<a href="deleteById.php?id=<?php echo $data->ID ?>">
<button class="btn btn-danger"> Delete </button>
</div></td>
</tr>
<?php
endwhile;
?>
</tbody>
</table>
</div>
</div>
</div>
<div class="pagination"> </div>
</div>
</div>
<div id="footer">
<div>
<ul id="links">
<li>
<h4>Storage</h4>
<ul>
<li>
<a>Movies</a>
</li>
<li>
<a>Music</a>
</li>
<li>
<a>Software</a>
</li>
</ul>
</li>
<li>
<h4>Capacity</h4>
16
<ul>
<li>
<a>2GB</a>
</li>
<li>
<a>64GB</a>
</li>
<li>
<a>128GB</a>
</li>
</ul>
</li>
<li>
<h4>Protection</h4>
<ul>
<li>
<a>Medium</a>
</li>
<li>
<a>High</a>
</li>
<li>
<a>Superior</a>
</li>
</ul>
</li>
<li>
<h4>Social Links</h4>
<ul id="connect">
<li>
<a href="https://twitter.com/" target="_blank" class="twitter">Twitter</a>
</li>
<li>
<a href="https://www.facebook.com/" target="_blank" class="facebook">Facebook</a>
</li>
<li>
<a href="https://plus.google.com/" target="_blank" class="googleplus">Google +</a>
</li>
</ul>
</li>
</ul>
<p class="footnote">
Yogi Dika Saputra
</p>
</div>
</div>
</div>
17
</body>
</html>
Index.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<head>
<?php require('includes/config.php');
//Jika terlogin redirect ke memberpage
if( $user->is_logged_in() ){ header('Location: memberpage.php'); }
//proses submit
if(isset($_POST['submit'])){
//validasi
if(strlen($_POST['username']) < 3){
$error[] = 'Username Terlalu Pendek';
} else {
$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
$stmt->execute(array(':username' => $_POST['username']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if(!empty($row['username'])){
$error[] = 'Username sudah digunakan';
}
}
if(strlen($_POST['password']) < 3){
$error[] = 'Password Terlalu Pendek';
}
if(strlen($_POST['passwordConfirm']) < 3){
$error[] = 'Confirm password Terlalu Pendek';
}
if($_POST['password'] != $_POST['passwordConfirm']){
$error[] = 'Passwords Tidak Sama';
}
//email validasi
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
$error[] = 'Tolong Masukkan Email yang Valid <p>';
} else {
$stmt = $db->prepare('SELECT email FROM members WHERE email = :email');
$stmt->execute(array(':email' => $_POST['email']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if(!empty($row['email'])){
$error[] = 'Email Telah digunakan';
}
}
//jika tidak terdapat error
if(!isset($error)){
//hash password
$hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);
//membuat activation code
$activasion = "Yes";
18
try {
//insert into database dengan statement persiapan
$stmt = $db->prepare('INSERT INTO members (username,password,email,active) VALUES (:username, :password, :email, :active)');
$stmt->execute(array(
':username' => $_POST['username'],
':password' => $hashedpassword,
':email' => $_POST['email'],
':active' => $activasion
));
$id = $db->lastInsertId('memberID');
//send email ,note : belum berhasil jika menggunkan localhost
$to = $_POST['email'];
$subject = "Registration Confirmation";
$body = "To activate your account, please click on this link:\n\n ".DIR."activate.php?x=$id&y=$activasion\n\n Regards Site Admin \n\n";
$additionalheaders = "From: <".SITEEMAIL.">\r\n";
$additionalheaders .= "Reply-To: $".SITEEMAIL."";
mail($to, $subject, $body, $additionalheaders);
//redirect ke index page
header('Location: index.php?action=joined');
exit;
//error exception
} catch(PDOException $e) {
$error[] = $e->getMessage();
}
}
}
// page title
$title = 'YDS Storage Online';
//header template
require('layout/header.php');
?>
</head>
<body>
<link rel="stylesheet" href="css/style.css" type="text/css">
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form role="form" method="post" action="" autocomplete="off"><p>
<h1><img src="images/logo.png" width="100" height="78">Online Storage</h1>
<h2>Please Sign Up</h2>
<p>Already a member? <a href='login.php'>Login</a>
<?php
//check error
if(isset($error)){
foreach($error as $error){
echo '<p class="bg-danger">'.$error.'</p>';
}
}
19
//jika action joined maka sukses
if(isset($_GET['action']) && $_GET['action'] == 'joined'){
echo "<h2 class='bg-success'>Registration berhasil, please click Login.</h2>";
}
?>
</p>
<div class="form-group">
<input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">
</div>
<div class="form-group">
<input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email Address" value="<?php if(isset($error)){ echo $_POST['email']; } ?>" tabindex="2">
</div>
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">
</div>
</div>
<div class="col-xs-6 col-sm-6 col-md-6">
<div class="form-group">
<input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="4">
</div>
</div>
</div>
<div class="row">
<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Register" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>
</div>
</form>
</div>
</div>
</div>
</body>
</html>
updatebyID.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<head>
<meta charset="UTF-8">
<title>Update Storage Account </title>
<link rel="stylesheet" href="css/style.css" type="text/css">
<link href="js/hook.css?v=1" rel="stylesheet">
</head>
<body>
<div class="hook" id="hook"></div>
<script src="js/jquery-1.9.1.min.js"></script>
<script src="js/mousewheel.js"></script>
<script src="js/hook.min.js"></script>
<script>
$('#hook').hook();
$('#hook').hook({
reloadPage: false,
reloadEl: function(){
console.log('Reload');
20
}});
</script>
<div id="page">
<div id="header">
<div id="logo">
<a href="homepage.php"><img src="images/logo.png" alt="LOGO"></a>
</div>
<form action="index.html" method="post" class="searchbar">
<input type="text" value="Search" onFocus="this.select();" onMouseUp="return false;">
<input type="submit" value="Go">
</form>
<ul id="navigation">
<li>
<a href="account.php">Home</a>
</li>
<li >
<a href="account.php">New Storage</a>
</li>
<li class="selected">
<a href="storage.php">Your Storage</a>
</li>
<li>
<a href="logout.php">Logout</a>
</li>
</ul>
</div>
<div id="contents">
<div id="blogs">
<div>
<?php include 'layout/header.php' ?>
<div class="container home">
<h3> Update Your Storage Account</h3><p>
<?php
mysql_connect('localhost','root','');
mysql_select_db('online_storage');
$ID = $_GET['id'];
if( isset( $_POST['update'] ) ):
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$info = $_POST['info'];
$tag = $_POST['tag'];
$capacity = $_POST['capacity'];
$year = $_POST['year'];
$protection = $_POST['protection'];
mysql_query("UPDATE storage_account SET fname = '$fname', lname = '$lname', info = '$info', tag = '$tag', capacity = '$capacity', year = '$year', protection='$protection' WHERE ID = '$ID'")
or die(mysql_error());
echo "<div class='alert alert-info'> Update Success </div>";
endif;
$result = mysql_query("SELECT * FROM storage_account WHERE ID='$ID'");
$data = mysql_fetch_object( $result );
21
?>
<form action="" method="POST">
<p>
<label> Full Name : </label>
 
<input type="text" value="<?php echo $data->fname ?>" class="input-medium" name="fname" />
<input type="text" value="<?php echo $data->lname ?>" class="input-medium" name="lname"/>
</p>
<p>
<label> Tag : </label>
    
<select class="span2" name="tag" >
<option value="all">all</option>
<option value="video">Video</option>
<option value="document">Document</option>
<option value="file">File</option>
<option value="software">Software</option>
<option value="picture">Picture</option>
</select>
<p>
<label>
Capacity: </label>
  
<select class="span2" name="capacity">
<option value="2 GB">2 GB</option>
<option value="4 GB">4 GB</option>
<option value="2 GB">8 GB</option>
<option value="4 GB">16 GB</option>
<option value="2 GB">32 GB</option>
<option value="4 GB">64 GB</option>
<option value="2 GB">128 GB</option>
<option value="4 GB">256 GB</option>
</select>
<p>
<label>
Year: </label>
    
<select class="span2" name="year">
<option value="1 ">1 Year</option>
<option value="2 ">2 Years</option>
<option value="3 ">3 Years</option>
<option value="4 ">4 Years</option>
<option value="5 ">5 Years</option>
<option value="6 ">6 Years</option>
<option value="7 ">7 Years</option>
<option value="8 ">8 Years</option>
<option value="9 ">9 Years</option>
<option value="10">10 Years</option>
</select><p>
<label>Protection :</label>
 
22
<select class="span2" name="protection">
<option value="medium ">medium</option>
<option value="high ">high</option>
<option value="Superior ">Superior</option>
</select>
<p>
<label>
Information : </label><p>
<textarea class="span7" name="info" cols="50" rows="5"><?php echo $data->info ?></textarea>
</p>
<br />
<input type="submit" name="update" value="Update" class="btn btn-info" />
</p>
</form>
</div>
</div>
</div>
<div class="pagination"> </div>
<!-- /.pagination -->
</div>
<!-- /#blogs --><!-- /#categories -->
</div>
<!-- /#contents -->
<div id="footer">
<div>
<ul id="links">
<li>
<h4>Storage</h4>
<ul>
<li>
<a>Movies</a>
</li>
<li>
<a>Music</a>
</li>
<li>
<a>Software</a>
</li>
</ul>
</li>
<li>
<h4>Capacity</h4>
<ul>
<li>
<a>2GB</a>
</li>
<li>
<a>64GB</a>
</li>
<li>
<a>128GB</a>
</li>
23
</ul>
</li>
<li>
<h4>Protection</h4>
<ul>
<li>
<a>Medium</a>
</li>
<li>
<a>High</a>
</li>
<li>
<a>Superior</a>
</li>
</ul>
</li>
<li>
<h4>Social Links</h4>
<ul id="connect">
<li>
<a href="https://twitter.com/" target="_blank" class="twitter">Twitter</a>
</li>
<li>
<a href="https://www.facebook.com/" target="_blank" class="facebook">Facebook</a>
</li>
<li>
<a href="https://plus.google.com/" target="_blank" class="googleplus">Google +</a>
</li>
</ul>
</li>
</ul>
<!-- /#links -->
<p class="footnote">
Yogi Dika Saputra
</p>
</div>
</div>
<!-- /#footer -->
</div>
<!-- /#page -->
</body>
</html>
Login.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<head>
</head>
<?php
//include config
require_once('includes/config.php');
//check jika sudah terlogin kembali ke index
if( $user->is_logged_in() ){ header('Location: index.php'); }
//proses login jika submit
24
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
if($user->login($username,$password)){
header('Location: homepage.php');
exit;
} else {
$error[] = 'Salah Username ';
}
}//end if submit
// page title
$title = 'Login';
// header template
require('layout/header.php');
?>
</head>
<body>
<link rel="stylesheet" href="css/style.css" type="text/css">
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form role="form" method="post" action="" autocomplete="off"><p>
<h1><img src="images/logo.png" width="100" height="78">Online Storage</h1>
<h2>Please Login</h2>
<p><a href='./'>Back to home page</a>
<?php
//check jika terjadi error
if(isset($error)){
foreach($error as $error){
echo '<p class="bg-danger">'.$error.'</p>';
}
}
if(isset($_GET['action'])){
//check action
switch ($_GET['action']) {
case 'active':
echo "<h2 class='bg-success'>Akun anda sekarang sudah aktif.</h2>";
break;
case 'reset':
echo "<h2 class='bg-success'>Silahkan check inbox untuk mendapatkan reset link</h2>";
break;
case 'resetAccount':
echo "<h2 class='bg-success'>Password telah diubah</h2>";
break;
}
}
25
?>
</p>
<div class="form-group">
<input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">
</div>
<div class="row">
<div class="col-xs-9 col-sm-9 col-md-9">
</div>
</div>
<hr>
<div class="row">
<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Login" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>
</div>
</form>
</div>
</div>
</div>
<?php
//include header template
require('layout/footer.php');
?>
</body>
</html>
Logout.php
<?php require('includes/config.php');
//logout
$user->logout();
//redirect ke index.php
header('Location: index.php');
exit;
?>
Memberpage.php
<html>
<!--Yogi Dika Saputra IT5Aeu-->
<head>
<?php require('includes/config.php');
//Jika tidak terlogin redirect ke login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
// page title
$title = 'Members Page';
//header template
require('layout/header.php');
?>
</head>
<body>
<link rel="stylesheet" href="css/style.css" type="text/css">
26
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<h2>Back to First Page ?</h2>
<p><a href='logout.php'>OK</a></p>
<hr>
</div>
</div>
</div>
<?php
//header template
require('layout/footer.php');
?>
</body>
</html>
Password.php
<?php
if (!defined('PASSWORD_BCRYPT')) {
define('PASSWORD_BCRYPT', 1);
define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);
}
Class Password {
public function __construct() {}
/** untuk mengdescripsi password dari database
Yogi Dika Saputra IT5 Aeu
* Hash the password using the specified algorithm
*
* @param string $password The password to hash
* @param int $algo The algorithm to use (Defined by PASSWORD_* constants)
* @param array $options The options for the algorithm to use
*
* @return string|false The hashed password, or false on error.
*/
function password_hash($password, $algo, array $options = array()) {
if (!function_exists('crypt')) {
trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING);
return null;
}
if (!is_string($password)) {
trigger_error("password_hash(): Password must be a string", E_USER_WARNING);
return null;
}
if (!is_int($algo)) {
trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING);
return null;
}
switch ($algo) {
case PASSWORD_BCRYPT :
// Note that this is a C constant, but not exposed to PHP, so we don't define it here.
$cost = 10;
if (isset($options['cost'])) {
$cost = $options['cost'];
if ($cost < 4 || $cost > 31) {
27
trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING);
return null;
}
}
// The length of salt to generate
$raw_salt_len = 16;
// The length required in the final serialization
$required_salt_len = 22;
$hash_format = sprintf("$2y$%02d$", $cost);
break;
default :
trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING);
return null;
}
if (isset($options['salt'])) {
switch (gettype($options['salt'])) {
case 'NULL' :
case 'boolean' :
case 'integer' :
case 'double' :
case 'string' :
$salt = (string)$options['salt'];
break;
case 'object' :
if (method_exists($options['salt'], '__tostring')) {
$salt = (string)$options['salt'];
break;
}
case 'array' :
case 'resource' :
default :
trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING);
return null;
}
if (strlen($salt) < $required_salt_len) {
trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", strlen($salt), $required_salt_len), E_USER_WARNING);
return null;
} elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
$salt = str_replace('+', '.', base64_encode($salt));
}
} else {
$buffer = '';
$buffer_valid = false;
if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
$buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
if ($buffer) {
$buffer_valid = true;
}
}
if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
$buffer = openssl_random_pseudo_bytes($raw_salt_len);
if ($buffer) {
$buffer_valid = true;
}
}
if (!$buffer_valid && is_readable('/dev/urandom')) {
$f = fopen('/dev/urandom', 'r');
$read = strlen($buffer);
while ($read < $raw_salt_len) {
$buffer .= fread($f, $raw_salt_len - $read);
$read = strlen($buffer);
}
fclose($f);
if ($read >= $raw_salt_len) {
$buffer_valid = true;
28
}
}
if (!$buffer_valid || strlen($buffer) < $raw_salt_len) {
$bl = strlen($buffer);
for ($i = 0; $i < $raw_salt_len; $i++) {
if ($i < $bl) {
$buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
} else {
$buffer .= chr(mt_rand(0, 255));
}
}
}
$salt = str_replace('+', '.', base64_encode($buffer));
}
$salt = substr($salt, 0, $required_salt_len);
$hash = $hash_format . $salt;
$ret = crypt($password, $hash);
if (!is_string($ret) || strlen($ret) <= 13) {
return false;
}
return $ret;
}
/**
* Get information about the password hash. Returns an array of the information
* that was used to generate the password hash.
*
* array(
* 'algo' => 1,
* 'algoName' => 'bcrypt',
* 'options' => array(
* 'cost' => 10,
* ),
* )
*
* @param string $hash The password hash to extract info from
*
* @return array The array of information about the hash.
*/
function password_get_info($hash) {
$return = array('algo' => 0, 'algoName' => 'unknown', 'options' => array(), );
if (substr($hash, 0, 4) == '$2y$' && strlen($hash) == 60) {
$return['algo'] = PASSWORD_BCRYPT;
$return['algoName'] = 'bcrypt';
list($cost) = sscanf($hash, "$2y$%d$");
$return['options']['cost'] = $cost;
}
return $return;
}
/**
* Determine if the password hash needs to be rehashed according to the options provided
*
* If the answer is true, after validating the password using password_verify, rehash it.
*
* @param string $hash The hash to test
* @param int $algo The algorithm used for new password hashes
* @param array $options The options array passed to password_hash
*
* @return boolean True if the password needs to be rehashed.
*/
function password_needs_rehash($hash, $algo, array $options = array()) {
29
$info = password_get_info($hash);
if ($info['algo'] != $algo) {
return true;
}
switch ($algo) {
case PASSWORD_BCRYPT :
$cost = isset($options['cost']) ? $options['cost'] : 10;
if ($cost != $info['options']['cost']) {
return true;
}
break;
}
return false;
}
/**
* Verify a password against a hash using a timing attack resistant approach
*
* @param string $password The password to verify
* @param string $hash The hash to verify against
*
* @return boolean If the password matches the hash
*/
public function password_verify($password, $hash) {
if (!function_exists('crypt')) {
trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING);
return false;
}
$ret = crypt($password, $hash);
if (!is_string($ret) || strlen($ret) != strlen($hash) || strlen($ret) <= 13) {
return false;
}
$status = 0;
for ($i = 0; $i < strlen($ret); $i++) {
$status |= (ord($ret[$i]) ^ ord($hash[$i]));
}
return $status === 0;
}
}
User.php
<?php
include('password.php');
class User extends Password{
private $_db;
function __construct($db){
parent::__construct();
$this->_db = $db;
}
private function get_user_hash($username){
try {
$stmt = $this->_db->prepare('SELECT password FROM members WHERE username = :username AND active="Yes" ');
$stmt->execute(array('username' => $username));
$row = $stmt->fetch();
return $row['password'];
} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
30
}
}
public function login($username,$password){
$hashed = $this->get_user_hash($username);
if($this->password_verify($password,$hashed) == 1){
$_SESSION['loggedin'] = true;
return true;
}
}
public function logout(){
session_destroy();
}
public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
}
}
}
?>
31
6. ScreenShoot
32
33
Kata Penutup
Demikian yang dapat kami paparkan mengenai materi yang menjadi pokok bahasan
dalam laporan ini, tentunya masih banyak kekurangan dan kelemahan, karena terbatasnya
pengetahuan dan kurangnya rujukan atau referensi yang ada hubungannya dengan makalah
ini.
Penulis banyak berharap para embaca yang budiman memberikan kritik dan saran
yang membangun kepada penulis demi mempersempurnakan makalah ini dan penulisan
makalah pada kesempatan-kesempatan berikutnya. Semoga Berguna pada penulis
khususnya juga para pembaca yang budiman pada umumnya.
34