Fix password hashing in user creation and re-enable captcha

- Hash passwords with MD5 in add_pengguna.php
- Re-enable captcha validation in login.php
- Disable error reporting in production

admin/pengguna/add_pengguna.php

@@ -57,10 +57,11 @@
     $level_db = isset($level_map[$_POST['level']]) ? $level_map[$_POST['level']] : $_POST['level'];
     
     //mulai proses simpan data
+        $password_hash = MD5($_POST['password']);
         $sql_simpan = "INSERT INTO tb_pengguna (nama_pengguna,username,password,level) VALUES (
         '".$_POST['nama_pengguna']."',
         '".$_POST['username']."',
-        '".$_POST['password']."',
+        '".$password_hash."',
         '".$level_db."')";
         $query_simpan = mysqli_query($koneksi, $sql_simpan);
         mysqli_close($koneksi);

login.php

@@ -1,6 +1,6 @@
 <?php
-  error_reporting(E_ALL);
-  ini_set('display_errors', 1);
+  // error_reporting(E_ALL);
+  // ini_set('display_errors', 1);
   include "inc/koneksi.php";
   session_start();
 ?>
@@ -110,15 +110,15 @@ if (isset($_POST['btnLogin'])) {
 	$username=mysqli_real_escape_string($koneksi,$_POST['username']);
 	$password=mysqli_real_escape_string($koneksi,$_POST['password']);
 	
-	//validasi captcha - DISABLED SEMENTARA UNTUK DEBUG
-	// if ($_POST["captcha_input"] != $_SESSION["captcha_code"]) {
-	// 	echo "<script>
-	// 		Swal.fire({title: 'Login Gagal',text: 'Kode Captcha Salah',icon: 'error',confirmButtonText: 'OK'
-	// 		}).then((result) => {if (result.value)
-	// 			{window.location = 'login.php';}
-	// 		})</script>";
-	// 		exit;
-	// }
+	//validasi captcha
+	if ($_POST["captcha_input"] != $_SESSION["captcha_code"]) {
+		echo "<script>
+			Swal.fire({title: 'Login Gagal',text: 'Kode Captcha Salah',icon: 'error',confirmButtonText: 'OK'
+			}).then((result) => {if (result.value)
+				{window.location = 'login.php';}
+			})</script>";
+			exit;
+	}
 
 	//query login
 	$sql_login = "SELECT * FROM tb_pengguna WHERE username='$username' AND password=MD5('$password')";