Mengelola Hak Akses User

Dalam membuat aplikasi yang membutuhkan database, biasanya masing-masing user mempunyai hak akses sendiri-sendiri sesuai tugas dan kewenangannya. Sebagai contoh Admin bisa membuka semua menu dan juga menambah atau menghapus data user, sedangkan staff biasanya terbatas pada update profile, ubah password dan membuka halaman tertentu.

1. Login

2. Admin

3. Staff

Untuk membuat pengelolaan hak akses user, terlebih dahulu kita membuat tabel user.

Isi data user, sebagai contoh disi Budiman sebagai Admin, dan Andi sebagai staff.

Lengkapi kode sbb

1. koneksi.php

<?php 
$host = "localhost";
$user = "root";
$pass = "";
$db   = "db_web";

$koneksi = mysqli_connect($host,$user,$pass,$db);
?>

2. Login.php

<!DOCTYPE html>
<html>
<head>
 <title>Aplikasi Login Sederhana</title>
 <style>
 body { font-family: verdana; font-size: 12px; }
 a { text-decoration: none; color: blue; }
 a:hover { color: green; }
 </style>
</head>
<body>
<h1 align="center">Aplikasi Login Sederhana : PHP Session</h1>
<hr>
<form action="login-proses.php" method="post">
<table width="300" border="0" align="center">
<tr>
 <td width="150">Username</td>
 <td>
  <input type="text" name="username" required>
 </td>
</tr>
<tr>
 <td width="150">Password</td>
 <td>
  <input type="password" name="password" required>
 </td>
</tr>
<tr>
 <td width="150"></td>
 <td>
  <input type="submit" value="login" required>
 </td>
</tr>
</table>
</form>
</body>
</html>

3. Login-proses.php

<?php 
session_start();
include "koneksi.php";

$username = $_POST['username'];
$password = $_POST['password'];

//cek data
$sql = "SELECT * FROM user WHERE username='$username' ";
$qry = mysqli_query($koneksi,$sql);
$usr = mysqli_fetch_array($qry);

if( 
 md5($username) == md5($usr['username'])
 AND
 md5($password) == md5($usr['password'])
  )
{
 $_SESSION['iduser']   = $usr['iduser'];
 $_SESSION['username'] = $usr['username'];
 $_SESSION['nama']     = $usr['nama'];
 $_SESSION['level']    = $usr['level']
 $_SESSION['login']    = 1;
 $pesan = "Login berhasil, selamat datan $username";
} else {
 $pesan = "Login gagal, username atau password anda salah!";
}

?>
<script>
 alert('<?php echo $pesan;?>');
 location='index.php';
</script>

4. index.php

<?php
session_start();
$login = $_SESSION['login'];
if($login == 1)
{
include "koneksi.php";
?>
<!DOCTYPE html>
<html>
<head>
 <title>Aplikasi Login Sederhana</title>
 <style>
 body { font-family: verdana; font-size: 12px; }
 a { text-decoration: none; color: blue; }
 a:hover { color: green; }
 </style>
</head>
<body>
<h1 align="center">Aplikasi Login Dengan Level Akses</h1>
<hr>
<?php 
$level = $_SESSION['level'];
if($level == 1) { include "menu_admin.php"; }
if($level == 2) { include "menu_staff.php"; }
?>
<hr>
<?php 
$nama     = $_SESSION['nama'];
$username = $_SESSION['username'];

echo "Selamat Datang $nama ($username) ";
?>
<hr>
</body>
</html>
<?php
}
else {
 include "login.php";
} 
?>

5. menu_admin.php

<a href="index.php">Beranda</a> | 
<a href="index.php?menu=user">Data User</a> | 
<a href="index.php?menu=rekapitulasi">Data Rekapitulasi</a> | 
<a href="logout.php">Logout</a> | 

6. menu_staff.php

<a href="index.php">Beranda</a> | 
<a href="index.php?menu=absensi">Data Absensi</a> | 
<a href="logout.php">Logout</a> | 

7. logout.php

<?php 
session_start();
session_destroy();
?>
<script>
 alert('Logout berhasil');
 location='index.php';
</script>

Referensi :

1. https://www.belajarwebpedia.com/2019/10/membuat-hak-akses-user-menggunakan-level-dengan-php-mysql.html
2. https://code.tutsplus.com/id/tutorials/how-to-use-sessions-and-session-variables-in-php--cms-31839
3. https://www.simmutu.net/web/SelamatDatang.html
4. https://www.simmutu.net/web/MenjalankanAplikasi.html
5. http://fajarbaskoro.blogspot.com/2021/12/php-manajemen-user.html

Author : Fajar Baskoro

Share this

Related Posts