Laporan Penyewaan Online Storage

Laporan Website Penyewaan Storage Dalam Internet

Nama :

Yogi Dika Saputra (4812010024)

Kelas:

IT4 Aeu

Jl. Prof. G.A. Siwabessi, Kampus UI, Depok , Telepon 0217270036, Faksimili )21

7270035, www.pnj.ac.id

http://www.pnj.ac.id/

KATA PENGANTAR

Puji syukur penulis panjatkan kehadirat Allah SWT, yang atas rahmat-Nya maka

penulis dapat menyelesaikan penyusunan makalah yang berjudul “Laporan Website

Penyewaan Storage dalam Internet”. Penulisan makalah merupakan salah satu tugas dan

persyaratan untuk menyelesaikan tugas mata Database Programming Politeknik Negeri

Jakarta.

Dalam penulisan makalah ini penulis menyampaikan ucapan terima kasih yang tak

terhingga kepada pihak-pihak yang membantu dalam menyelesaikan makalahini, Secara

khusus penulis menyampaikan terima kasih kepada keluarga tercinta yang telah

memberikan dorongan dan bantuan serta pengertian yang besar kepada penulis.

Semua pihak yang tidak dapat disebutkan satu persatu, yang telah memberikan

bantuan dalam penulisan makalah ini.

Akhirnya penulis berharap semoga Allah memberikan imbalan yang setimpal pada

mereka yang telah memberikan bantuan, dan dapat menjadikan semua bantuan ini sebagai

ibadah, Amiin Yaa Robbal ‘Alamiin.

2

Table of Contents

KATA PENGANTAR.................................................................................................................................2

1. Tema..............................................................................................................................................4

2. Keterangan System........................................................................................................................4

3. Requirements Collection and Analysis...........................................................................................5

3.1 Peninjauan dokumentasi yang ada..............................................................................................5

3.2 Analisa lingkungan operasi dan pemrosesan data.................................................................5

4. Database Design & Application Design..........................................................................................6

4.1 ERD..............................................................................................................................................6

4.2 Table ERD.....................................................................................................................................6

5. Script..............................................................................................................................................7

6. ScreenShoot.................................................................................................................................32

Kata Penutup.......................................................................................................................................34

3

1. TemaWebsite Penyewaan Storage dalam Internet

2. Keterangan SystemNama folder Web : PenyewaanStorageOnline

Database : online_storage.sql

Database username : “root”

Database password : “”

Alamat : localhost/YogiDikaSaputra_tb1_IT5Aeu

Login username : yogi

Password : kartinihasan

( Bisa Melakukan Registrasi Jika ingin membuat username baru)

Keterangan file

Index.php :Halaman utama signup atau registrasi Account.php :halaman untuk membuat account storage baru deleteById.php :fungsi untuk menghapus storage account berdasarkan id homepage.php :halaman utama home user storage.php :halaman untuk melihat list storage account updateById :halaman untuk mengupdate account storage berdasarkan id active.php :fungsi untuk mengaktifkan email login.php :halaman login logout.php :fungsi untuk logout memberpage.php :halaman untuk password.php :fungsi untuk mendeskripsi password dari database

folder pembantu lain seperti :

images folder : berisi beberapa gambar yg digunakan css folder : berisi css file jss folder : berisi javascript dan jquery file includes folder : berisi config.php untuk memiliki fungsi koneksi ke database. Layout folder : berisi layout footer dan header Classes folder : berisi password.php dan user.php Fonts folder : mempunya beberapa tipe font untuk referensi

4

3. Requirements Collection and Analysis

3.1 Peninjauan dokumentasi yang ada.

Form Login

Form Storage Account

3.2 Analisa lingkungan operasi dan pemrosesan data.

Form Login

MemberID

username

password

email

Form Storage Account

ID

First Name

Last Name

Info

5

4. Database Design & Application Design

4.1 ERD

4.2 Table ERD

member

memberID* username pasword email active

1 Yogi ******** [email protected] yes

2 YDS ******** [email protected] yes

Storage_account

ID* fname lname info tag capacity year protection

34 Secret Doc Secret Document document 16GB 10 Superior

36 Winda Photo Shot all 2GB 6 high

5. Script

6

Account.php

<html>



<head>

<meta charset="UTF-8">

<title>New Storage Account </title>

<link rel="stylesheet" href="css/style.css" type="text/css">

<link href="js/hook.css?v=1" rel="stylesheet">

</head>

<body>

<div class="hook" id="hook"></div>

<script src="js/jquery-1.9.1.min.js"></script>

<script src="js/mousewheel.js"></script>

<script src="js/hook.min.js"></script>

<script>

$('#hook').hook();

$('#hook').hook({

reloadage: false,

reloadEl: function(){

console.log('Reload');

}});</script>

<div id="page">

<div id="header">

<div id="logo">

<a href="index.html"><img src="images/logo.png" alt="LOGO"></a>

</div>

<form action="index.html" method="post" class="searchbar">

<input type="text" value="Search" onFocus="this.select();" onMouseUp="return false;">

<input type="submit" value="Go">

</form>

<ul id="navigation">

<li>

<a href="homepage.php">Home</a>

</li>

<li class="selected">

<a href="account.php">New Storage</a>

</li>

<li >

<a href="storage.php">Your Storage</a>

</li>

<li>

<a href="logout.php">Logout</a>

</li>

</ul>

</div>

<div id="contents">

<div id="blogs">

<div>

<?php include 'layout/header.php' ?>

<div class="container home">

<h3> Create New Storage Account </h3><p>

<?php

mysql_connect('localhost','root','');

mysql_select_db('online_storage');

if( isset( $_POST['create'] ) ):

7

$fname = $_POST['fname'];

$lname = $_POST['lname'];

$info = $_POST['info'];

$tag = $_POST['tag'];

$capacity = $_POST['capacity'];

$year = $_POST['year'];

$protection = $_POST['protection'];

mysql_query("INSERT INTO storage_account(fname,lname,info,tag,capacity,year,protection)

VALUES('$fname','$lname','$info','$tag','$capacity','$year','$protection')")

or die(mysql_error());

echo "<label> Successfully Saved. </label>"; /** success message **/

endif;

?>

<form action="" method="POST">

<p>

<label> Storage Name : </label>

<input type="text" placeholder="First Name" class="input-medium" name="fname" />

<input type="text" placeholder="Last Name" class="input-medium" name="lname"/>

</p>

<p>

<label> Tag : </label>

&emsp;&emsp;&emsp;&emsp;&emsp;

<select class="span2" name="tag">

<option value="all">all</option>

<option value="video">Video</option>

<option value="document">Document</option>

<option value="file">File</option>

<option value="software">Software</option>

<option value="picture">Picture</option>

</select>

<p>

<label>

Capacity : </label>&emsp;&emsp;&emsp;

<select class="span2" name="capacity">

<option value="2 GB">2 GB</option>








</select>

<p>

<label>

8

Year Protection: </label>

<select class="span2" name="year">

<option value="1">1 Year</option>

<option value="2">2 Years</option>









</select><p>

<label>Protection</label>

:&emsp;&emsp;

<select class="span2" name="protection">

<option value="medium ">medium</option>

<option value="high ">high</option>

<option value="Superior ">Superior</option>

</select>

<p>

<label>

Information : </label><p>

<textarea name="info" cols="50" rows="5" class="span7"></textarea >

</p>

<br />

<input type="submit" name="create" value="Create New Storage Account" class="btn btn-info" />

</p>

</form>

</div>

</div>

</div>

<div class="pagination"> </div>

</div>

</div>



<div id="footer">

<div>

<ul id="links">

<li>

<h4>Storage</h4>

<ul>

<li>

<a>Movies</a>

</li>

<li>

<a>Music</a>

</li>

<li>

<a>Software</a>

9

</li>

</ul>

</li>

<li>

<h4>Capacity</h4>

<ul>

<li>

<a>2GB</a>

</li>

<li>

<a>64GB</a>

</li>

<li>

<a>128GB</a>

</li>

</ul>

</li>

<li>

<h4>Protection</h4>

<ul>

<li>

<a>Medium</a>

</li>

<li>

<a>High</a>

</li>

<li>

<a>Superior</a>

</li>

</ul>

</li>

<li>

<h4>Social Links</h4>

<ul id="connect">

<li>

<a href="https://twitter.com/" target="_blank" class="twitter">Twitter</a>

</li>

<li>

<a href="https://www.facebook.com/" target="_blank" class="facebook">Facebook</a>

</li>

<li>

<a href="https://plus.google.com/" target="_blank" class="googleplus">Google +</a>

</li>

</ul>

</li>

</ul>

<p class="footnote">

Yogi Dika Saputra

</p>

10

</div>

</div>

</div>

</body>

</html>

Active.php

<?php

require('includes/config.php');

//menerima value dari link

$memberID = $id;

$active = $activasion;

//jika id adalah number dan the active token tidak kosong carry on

if(is_numeric($memberID) && !empty($active)){

deletebyID.php

<?php



$id = $_GET['id'];

mysql_query("DELETE FROM storage_account where ID = '$id'");

header("Location: storage.php");

?>

Homepage.php

$stmt = $db->prepare("UPDATE members SET active = 'Yes' WHERE memberID = :memberID AND active = :active");

$stmt->execute(array(

':memberID' => $memberID,

':active' => $active

));

//jika telah diupdate lakukan redirect

if($stmt->rowCount() == 1){

//redirect ke login page

header('Location: login.php?action=active');

exit;

} else {

echo "Your account could not be activated.";

}

}

?>

Homepage.php

<html>


<?php require('includes/config.php');

if(!$user->is_logged_in()){ header('Location: login.php'); }

$title = 'Home Page';

require('layout/header.php');

?>

<head>




</head>

<body>

11

<li>

<img src="images/gear.png" alt="Img" height="53" width="60">

<h3>New Storage Account</h3>

<p>

Make New Storage Account for your diferent functional on your storage service

</p>

<a href="account.php" class="select">Select</a>

</li>

<li>

<img src="images/graph.png" alt="Img" height="53" width="60">

<h3>Your Storage Account</h3>

<p>

Edit and Delete Your storage Account for better personalization

</p>

<a href="storage.php" class="select">Select</a>

</li>

<li>

<img src="images/globe.png" alt="Img" height="53" width="60">

<h3>HomePage

</h3>

<p>

Back to Homepage and keep stay tune to your storage

</p>

<a href="homepage.php" class="select">Select</a>

</li>

</ul>

</div>

<div id="footer">

<div>

<ul id="links">

<li>

<h4>Storage</h4>

<ul>

<li>

<a>Movies</a>

</li>

<li>

<a>Music</a>

</li>

<li>

<a>Software</a>

</li>

</ul>

</li>

<li>

<h4>Capacity</h4>

<ul>

<li>

<a>2GB</a>

</li>

<li>

13

<a>64GB</a>

</li>

<li>

<a>128GB</a>

</li>

</ul>

</li>

<li>

<h4>Protection</h4>

<ul>

<li>

<a>Medium</a>

</li>

<li>

<a>High</a>

</li>

<li>

<a>Superior</a>

</li>

</ul>

</li>

<li>


<ul id="connect">

<li>


</li>

<li>


</li>

<li>


</li>

</ul>

</li>

</ul>


yogi dika saputra

</p>

</div>

</div>

</div>

</body>

</html>

Storage.php

<html>


<head>


<title>Your Storage </title>

14



</head>

<body>





<script>

$('#hook').hook();

$('#hook').hook({

reloadPage: false,



}});

</script>

<div id="page">

<div id="header">

<div id="logo">


</div>




</form>


<li>


</li>

<li>


</li>



</li>

<li>


</li>

</ul>

</div>

<div id="contents">

<div id="blogs">

<div>

<?php include 'layout/header.php'?>


<h3> Your Storage Account </h3><p><p>

<?php mysql_connect('localhost','root','');

mysql_select_db('online_storage'); ?>

<table width="900" border="1" >

<thead align="center">

<tr>

<th width="35" height="73" align="center" > <div align="center">ID</div></th>

<th width="145" align="center"><div align="center">Name</div></th>

<th width="121" align="center"><div align="center">Tag </div></th>

<th width="220" align="center"><div align="center">Capacity, Year and Protection</div></th>

<th width="193" ><div align="center">Information</div></th>

15

<th width="146"> <div align="center">Operation</div></th>

</tr>

</thead>

<tbody>

<?php

$result = mysql_query("SELECT * FROM storage_account");

while($data = mysql_fetch_object($result) ):

?>

<tr>

<td height = "73"><div align="center"><?php echo $data->ID ?></div></td>

<td><div align="center"><?php echo $data->fname." ".$data->lname ?></div></td>

<td><div align="center"><?php echo $data->tag?></div></td>

<td><div align="center"><?php echo $data->capacity." ".$data->year." year ".$data->protection ?></div></td>

<td><div align="center"><?php echo $data->info?></div></td>

<td align="center">

<div align="center"><a href="updatebyId.php?id=<?php echo $data->ID ?>">

<button class="btn btn-info"> Edit </button>

</a>

<a href="deleteById.php?id=<?php echo $data->ID ?>">

<button class="btn btn-danger"> Delete </button>

</div></td>

</tr>

<?php

endwhile;

?>

</tbody>

</table>

</div>

</div>

</div>


</div>

</div>

<div id="footer">

<div>

<ul id="links">

<li>

<h4>Storage</h4>

<ul>

<li>

<a>Movies</a>

</li>

<li>

<a>Music</a>

</li>

<li>

<a>Software</a>

</li>

</ul>

</li>

<li>

<h4>Capacity</h4>

16

<ul>

<li>

<a>2GB</a>

</li>

<li>

<a>64GB</a>

</li>

<li>

<a>128GB</a>

</li>

</ul>

</li>

<li>

<h4>Protection</h4>

<ul>

<li>

<a>Medium</a>

</li>

<li>

<a>High</a>

</li>

<li>

<a>Superior</a>

</li>

</ul>

</li>

<li>


<ul id="connect">

<li>


</li>

<li>


</li>

<li>


</li>

</ul>

</li>

</ul>


Yogi Dika Saputra

</p>

</div>

</div>

</div>

17

</body>

</html>

Index.php

<html>


<head>


//Jika terlogin redirect ke memberpage

if( $user->is_logged_in() ){ header('Location: memberpage.php'); }

//proses submit

if(isset($_POST['submit'])){

//validasi

if(strlen($_POST['username']) < 3){

$error[] = 'Username Terlalu Pendek';

} else {

$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');

$stmt->execute(array(':username' => $_POST['username']));

$row = $stmt->fetch(PDO::FETCH_ASSOC);

if(!empty($row['username'])){

$error[] = 'Username sudah digunakan';

}

}

if(strlen($_POST['password']) < 3){

$error[] = 'Password Terlalu Pendek';

}

if(strlen($_POST['passwordConfirm']) < 3){

$error[] = 'Confirm password Terlalu Pendek';

}

if($_POST['password'] != $_POST['passwordConfirm']){

$error[] = 'Passwords Tidak Sama';

}

//email validasi

if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){

$error[] = 'Tolong Masukkan Email yang Valid <p>';

} else {

$stmt = $db->prepare('SELECT email FROM members WHERE email = :email');

$stmt->execute(array(':email' => $_POST['email']));

$row = $stmt->fetch(PDO::FETCH_ASSOC);

if(!empty($row['email'])){

$error[] = 'Email Telah digunakan';

}

}

//jika tidak terdapat error

if(!isset($error)){

//hash password

$hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);

//membuat activation code

$activasion = "Yes";

18

try {

//insert into database dengan statement persiapan

$stmt = $db->prepare('INSERT INTO members (username,password,email,active) VALUES (:username, :password, :email, :active)');

$stmt->execute(array(

':username' => $_POST['username'],

':password' => $hashedpassword,

':email' => $_POST['email'],

':active' => $activasion

));

$id = $db->lastInsertId('memberID');

//send email ,note : belum berhasil jika menggunkan localhost

$to = $_POST['email'];

$subject = "Registration Confirmation";

$body = "To activate your account, please click on this link:\n\n ".DIR."activate.php?x=$id&y=$activasion\n\n Regards Site Admin \n\n";

$additionalheaders = "From: <".SITEEMAIL.">\r\n";

$additionalheaders .= "Reply-To: $".SITEEMAIL."";

mail($to, $subject, $body, $additionalheaders);

//redirect ke index page

header('Location: index.php?action=joined');

exit;

//error exception

} catch(PDOException $e) {

$error[] = $e->getMessage();

}

}

}

// page title

$title = 'YDS Storage Online';

//header template


?>

</head>

<body>


<div class="container">

<div class="row">

<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">

<form role="form" method="post" action="" autocomplete="off"><p>

<h1><img src="images/logo.png" width="100" height="78">Online Storage</h1>

<h2>Please Sign Up</h2>

<p>Already a member? <a href='login.php'>Login</a>

<?php

//check error

if(isset($error)){

foreach($error as $error){

echo '<p class="bg-danger">'.$error.'</p>';

}

}

19

//jika action joined maka sukses

if(isset($_GET['action']) && $_GET['action'] == 'joined'){

echo "<h2 class='bg-success'>Registration berhasil, please click Login.</h2>";

}

?>

</p>

<div class="form-group">

<input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">

</div>


<input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email Address" value="<?php if(isset($error)){ echo $_POST['email']; } ?>" tabindex="2">

</div>

<div class="row">

<div class="col-xs-6 col-sm-6 col-md-6">


<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">

</div>

</div>



<input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="4">

</div>

</div>

</div>

<div class="row">

<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Register" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>

</div>

</form>

</div>

</div>

</div>

</body>

</html>

updatebyID.php

<html>


<head>


<title>Update Storage Account </title>



</head>

<body>





<script>

$('#hook').hook();

$('#hook').hook({

reloadPage: false,



20

}});

</script>

<div id="page">

<div id="header">

<div id="logo">


</div>




</form>


<li>

<a href="account.php">Home</a>

</li>

<li >


</li>



</li>

<li>


</li>

</ul>

</div>

<div id="contents">

<div id="blogs">

<div>

<?php include 'layout/header.php' ?>


<h3> Update Your Storage Account</h3><p>

<?php



$ID = $_GET['id'];

if( isset( $_POST['update'] ) ):

$fname = $_POST['fname'];

$lname = $_POST['lname'];

$info = $_POST['info'];

$tag = $_POST['tag'];

$capacity = $_POST['capacity'];

$year = $_POST['year'];

$protection = $_POST['protection'];

mysql_query("UPDATE storage_account SET fname = '$fname', lname = '$lname', info = '$info', tag = '$tag', capacity = '$capacity', year = '$year', protection='$protection' WHERE ID = '$ID'")

or die(mysql_error());

echo "<div class='alert alert-info'> Update Success </div>";

endif;

$result = mysql_query("SELECT * FROM storage_account WHERE ID='$ID'");

$data = mysql_fetch_object( $result );

21

?>

<form action="" method="POST">

<p>

<label> Full Name : </label>

&emsp;

<input type="text" value="<?php echo $data->fname ?>" class="input-medium" name="fname" />

<input type="text" value="<?php echo $data->lname ?>" class="input-medium" name="lname"/>

</p>

<p>

<label> Tag : </label>

&emsp;&emsp;&emsp;&emsp;

<select class="span2" name="tag" >

<option value="all">all</option>

<option value="video">Video</option>

<option value="document">Document</option>

<option value="file">File</option>

<option value="software">Software</option>

<option value="picture">Picture</option>

</select>

<p>

<label>

Capacity: </label>

&emsp;&emsp;

<select class="span2" name="capacity">









</select>

<p>

<label>

Year: </label>

&emsp;&emsp;&emsp;&emsp;

<select class="span2" name="year">

<option value="1 ">1 Year</option>

<option value="2 ">2 Years</option>









</select><p>

<label>Protection :</label>

&emsp;

22

<select class="span2" name="protection">

<option value="medium ">medium</option>

<option value="high ">high</option>

<option value="Superior ">Superior</option>

</select>

<p>

<label>

Information : </label><p>

<textarea class="span7" name="info" cols="50" rows="5"><?php echo $data->info ?></textarea>

</p>

<br />

<input type="submit" name="update" value="Update" class="btn btn-info" />

</p>

</form>

</div>

</div>

</div>




</div>



</div>



<div id="footer">

<div>

<ul id="links">

<li>

<h4>Storage</h4>

<ul>

<li>

<a>Movies</a>

</li>

<li>

<a>Music</a>

</li>

<li>

<a>Software</a>

</li>

</ul>

</li>

<li>

<h4>Capacity</h4>

<ul>

<li>

<a>2GB</a>

</li>

<li>

<a>64GB</a>

</li>

<li>

<a>128GB</a>

</li>

23

</ul>

</li>

<li>

<h4>Protection</h4>

<ul>

<li>

<a>Medium</a>

</li>

<li>

<a>High</a>

</li>

<li>

<a>Superior</a>

</li>

</ul>

</li>

<li>


<ul id="connect">

<li>


</li>

<li>


</li>

<li>


</li>

</ul>

</li>

</ul>




Yogi Dika Saputra

</p>

</div>

</div>



</div>



</body>

</html>

Login.php

<html>


<head>

</head>

<?php

//include config

require_once('includes/config.php');

//check jika sudah terlogin kembali ke index

if( $user->is_logged_in() ){ header('Location: index.php'); }

//proses login jika submit

24

if(isset($_POST['submit'])){

$username = $_POST['username'];

$password = $_POST['password'];

if($user->login($username,$password)){

header('Location: homepage.php');

exit;

} else {

$error[] = 'Salah Username ';

}

}//end if submit

// page title

$title = 'Login';

// header template


?>

</head>

<body>



<div class="row">


<form role="form" method="post" action="" autocomplete="off"><p>

<h1><img src="images/logo.png" width="100" height="78">Online Storage</h1>

<h2>Please Login</h2>

<p><a href='./'>Back to home page</a>

<?php

//check jika terjadi error

if(isset($error)){

foreach($error as $error){

echo '<p class="bg-danger">'.$error.'</p>';

}

}

if(isset($_GET['action'])){

//check action

switch ($_GET['action']) {

case 'active':

echo "<h2 class='bg-success'>Akun anda sekarang sudah aktif.</h2>";

break;

case 'reset':

echo "<h2 class='bg-success'>Silahkan check inbox untuk mendapatkan reset link</h2>";

break;

case 'resetAccount':

echo "<h2 class='bg-success'>Password telah diubah</h2>";

break;

}

}

25

?>

</p>


<input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">

</div>


<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">

</div>

<div class="row">


</div>

</div>

<hr>

<div class="row">

<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Login" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>

</div>

</form>

</div>

</div>

</div>

<?php

//include header template

require('layout/footer.php');

?>

</body>

</html>

Logout.php


//logout

$user->logout();

//redirect ke index.php

header('Location: index.php');

exit;

?>

Memberpage.php

<html>


<head>


//Jika tidak terlogin redirect ke login page

if(!$user->is_logged_in()){ header('Location: login.php'); }

// page title

$title = 'Members Page';

//header template


?>

</head>

<body>


26


<div class="row">


<h2>Back to First Page ?</h2>

<p><a href='logout.php'>OK</a></p>

<hr>

</div>

</div>

</div>

<?php

//header template

require('layout/footer.php');

?>

</body>

</html>

Password.php

<?php

if (!defined('PASSWORD_BCRYPT')) {

define('PASSWORD_BCRYPT', 1);

define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);

}

Class Password {

public function __construct() {}

/** untuk mengdescripsi password dari database

Yogi Dika Saputra IT5 Aeu

* Hash the password using the specified algorithm

*

* @param string $password The password to hash

* @param int $algo The algorithm to use (Defined by PASSWORD_* constants)

* @param array $options The options for the algorithm to use

*

* @return string|false The hashed password, or false on error.

*/

function password_hash($password, $algo, array $options = array()) {

if (!function_exists('crypt')) {

trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING);

return null;

}

if (!is_string($password)) {

trigger_error("password_hash(): Password must be a string", E_USER_WARNING);

return null;

}

if (!is_int($algo)) {

trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING);

return null;

}

switch ($algo) {

case PASSWORD_BCRYPT :

// Note that this is a C constant, but not exposed to PHP, so we don't define it here.

$cost = 10;

if (isset($options['cost'])) {

$cost = $options['cost'];

if ($cost < 4 || $cost > 31) {

27

trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING);

return null;

}

}

// The length of salt to generate

$raw_salt_len = 16;

// The length required in the final serialization

$required_salt_len = 22;

$hash_format = sprintf("$2y$%02d$", $cost);

break;

default :

trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING);

return null;

}

if (isset($options['salt'])) {

switch (gettype($options['salt'])) {

case 'NULL' :

case 'boolean' :

case 'integer' :

case 'double' :

case 'string' :

$salt = (string)$options['salt'];

break;

case 'object' :

if (method_exists($options['salt'], '__tostring')) {

$salt = (string)$options['salt'];

break;

}

case 'array' :

case 'resource' :

default :

trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING);

return null;

}

if (strlen($salt) < $required_salt_len) {

trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", strlen($salt), $required_salt_len), E_USER_WARNING);

return null;

} elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {

$salt = str_replace('+', '.', base64_encode($salt));

}

} else {

$buffer = '';

$buffer_valid = false;

if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {

$buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);

if ($buffer) {

$buffer_valid = true;

}

}

if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {

$buffer = openssl_random_pseudo_bytes($raw_salt_len);

if ($buffer) {


}

}

if (!$buffer_valid && is_readable('/dev/urandom')) {

$f = fopen('/dev/urandom', 'r');

$read = strlen($buffer);

while ($read < $raw_salt_len) {

$buffer .= fread($f, $raw_salt_len - $read);

$read = strlen($buffer);

}

fclose($f);

if ($read >= $raw_salt_len) {


28

}

}

if (!$buffer_valid || strlen($buffer) < $raw_salt_len) {

$bl = strlen($buffer);

for ($i = 0; $i < $raw_salt_len; $i++) {

if ($i < $bl) {

$buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));

} else {

$buffer .= chr(mt_rand(0, 255));

}

}

}

$salt = str_replace('+', '.', base64_encode($buffer));

}

$salt = substr($salt, 0, $required_salt_len);

$hash = $hash_format . $salt;

$ret = crypt($password, $hash);

if (!is_string($ret) || strlen($ret) <= 13) {

return false;

}

return $ret;

}

/**

* Get information about the password hash. Returns an array of the information

* that was used to generate the password hash.

*

* array(

* 'algo' => 1,

* 'algoName' => 'bcrypt',

* 'options' => array(

* 'cost' => 10,

* ),

* )

*

* @param string $hash The password hash to extract info from

*

* @return array The array of information about the hash.

*/

function password_get_info($hash) {

$return = array('algo' => 0, 'algoName' => 'unknown', 'options' => array(), );

if (substr($hash, 0, 4) == '$2y$' && strlen($hash) == 60) {

$return['algo'] = PASSWORD_BCRYPT;

$return['algoName'] = 'bcrypt';

list($cost) = sscanf($hash, "$2y$%d$");

$return['options']['cost'] = $cost;

}

return $return;

}

/**

* Determine if the password hash needs to be rehashed according to the options provided

*

* If the answer is true, after validating the password using password_verify, rehash it.

*

* @param string $hash The hash to test

* @param int $algo The algorithm used for new password hashes

* @param array $options The options array passed to password_hash

*

* @return boolean True if the password needs to be rehashed.

*/

function password_needs_rehash($hash, $algo, array $options = array()) {

29

$info = password_get_info($hash);

if ($info['algo'] != $algo) {

return true;

}

switch ($algo) {

case PASSWORD_BCRYPT :

$cost = isset($options['cost']) ? $options['cost'] : 10;

if ($cost != $info['options']['cost']) {

return true;

}

break;

}

return false;

}

/**

* Verify a password against a hash using a timing attack resistant approach

*

* @param string $password The password to verify

* @param string $hash The hash to verify against

*

* @return boolean If the password matches the hash

*/

public function password_verify($password, $hash) {

if (!function_exists('crypt')) {

trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING);

return false;

}

$ret = crypt($password, $hash);

if (!is_string($ret) || strlen($ret) != strlen($hash) || strlen($ret) <= 13) {

return false;

}

$status = 0;

for ($i = 0; $i < strlen($ret); $i++) {

$status |= (ord($ret[$i]) ^ ord($hash[$i]));

}

return $status === 0;

}

}

User.php

<?php

include('password.php');

class User extends Password{

private $_db;

function __construct($db){

parent::__construct();

$this->_db = $db;

}

private function get_user_hash($username){

try {

$stmt = $this->_db->prepare('SELECT password FROM members WHERE username = :username AND active="Yes" ');

$stmt->execute(array('username' => $username));

$row = $stmt->fetch();

return $row['password'];

} catch(PDOException $e) {

echo '<p class="bg-danger">'.$e->getMessage().'</p>';

30

}

}

public function login($username,$password){

$hashed = $this->get_user_hash($username);

if($this->password_verify($password,$hashed) == 1){

$_SESSION['loggedin'] = true;

return true;

}

}

public function logout(){

session_destroy();

}

public function is_logged_in(){

if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){

return true;

}

}

}

?>

31

6. ScreenShoot

32

Kata Penutup

Demikian yang dapat kami paparkan mengenai materi yang menjadi pokok bahasan

dalam laporan ini, tentunya masih banyak kekurangan dan kelemahan, karena terbatasnya

pengetahuan dan kurangnya rujukan atau referensi yang ada hubungannya dengan makalah

ini.

Penulis banyak berharap para embaca yang budiman memberikan kritik dan saran

yang membangun kepada penulis demi mempersempurnakan makalah ini dan penulisan

makalah pada kesempatan-kesempatan berikutnya. Semoga Berguna pada penulis

khususnya juga para pembaca yang budiman pada umumnya.

34

Laporan Penyewaan Online Storage

Documents

Transcript of Laporan Penyewaan Online Storage