0) { $stmt = $db->prepare( "SELECT ri.id, ri.nama, ri.jenis, ri.alamat, ri.no_wa, ri.latitude, ri.longitude, ri.radius_meter, ri.created_at, u.username FROM rumah_ibadah ri LEFT JOIN users u ON u.rumah_ibadah_id = ri.id WHERE ri.id = ?" ); $stmt->bind_param('i', $id); $stmt->execute(); $row = $stmt->get_result()->fetch_assoc(); if ($row) { $row['latitude'] = (float)$row['latitude']; $row['longitude'] = (float)$row['longitude']; $row['radius_meter'] = (int)$row['radius_meter']; } $row ? sendSuccess($row) : sendError('Data tidak ditemukan', 404); } else { $sql = "SELECT ri.id, ri.nama, ri.jenis, ri.alamat, ri.no_wa, ri.latitude, ri.longitude, ri.radius_meter, ri.created_at, u.username FROM rumah_ibadah ri LEFT JOIN users u ON u.rumah_ibadah_id = ri.id ORDER BY ri.created_at DESC"; $result = $db->query($sql); $rows = []; while ($r = $result->fetch_assoc()) { $r['latitude'] = (float)$r['latitude']; $r['longitude'] = (float)$r['longitude']; $r['radius_meter'] = (int)$r['radius_meter']; $rows[] = $r; } sendSuccess($rows); } break; // ── POST: tambah data baru ──────────────────────────────────────── case 'POST': $body = getBody(); $required = ['nama', 'jenis', 'latitude', 'longitude', 'radius_meter']; foreach ($required as $field) { if (empty($body[$field]) && $body[$field] !== 0) { sendError("Field '$field' wajib diisi"); } } $db->begin_transaction(); try { $stmt = $db->prepare( "INSERT INTO rumah_ibadah (nama, jenis, alamat, no_wa, latitude, longitude, radius_meter) VALUES (?, ?, ?, ?, ?, ?, ?)" ); $stmt->bind_param( 'ssssddi', $body['nama'], $body['jenis'], $body['alamat'], $body['no_wa'], $body['latitude'], $body['longitude'], $body['radius_meter'] ); executeOrFail($stmt, 'Gagal menyimpan rumah ibadah'); $newId = $db->insert_id; // Handle user account creation $username = isset($body['username']) ? trim($body['username']) : ''; $password = isset($body['password']) ? trim($body['password']) : ''; if ($username !== '') { // Check if username already exists $stmtUserCheck = $db->prepare("SELECT id FROM users WHERE username = ?"); $stmtUserCheck->bind_param('s', $username); $stmtUserCheck->execute(); if ($stmtUserCheck->get_result()->num_rows > 0) { throw new Exception('Username sudah digunakan'); } if ($password === '') { throw new Exception('Password wajib diisi jika username ditentukan'); } $hashedPassword = password_hash($password, PASSWORD_BCRYPT); $stmtUser = $db->prepare( "INSERT INTO users (username, password, password_plain, role, rumah_ibadah_id) VALUES (?, ?, ?, 'petugas_lapangan', ?)" ); $stmtUser->bind_param('sssi', $username, $hashedPassword, $password, $newId); executeOrFail($stmtUser, 'Gagal membuat akun petugas lapangan'); } $db->commit(); sendSuccess(['id' => $newId], 'Rumah Ibadah dan Akun Petugas berhasil disimpan', 201); } catch (Exception $e) { $db->rollback(); sendError($e->getMessage()); } break; // ── PUT: update data ────────────────────────────────────────────── case 'PUT': if ($id <= 0) sendError('ID wajib disertakan'); $body = getBody(); $db->begin_transaction(); try { $stmt = $db->prepare( "UPDATE rumah_ibadah SET nama=?, jenis=?, alamat=?, no_wa=?, latitude=?, longitude=?, radius_meter=? WHERE id=?" ); $stmt->bind_param( 'ssssddii', $body['nama'], $body['jenis'], $body['alamat'], $body['no_wa'], $body['latitude'], $body['longitude'], $body['radius_meter'], $id ); executeOrFail($stmt, 'Gagal memperbarui rumah ibadah'); // Handle user account creation/update (only if user is admin) if (isset($_SESSION['role']) && $_SESSION['role'] === 'admin') { $username = isset($body['username']) ? trim($body['username']) : ''; $password = isset($body['password']) ? trim($body['password']) : ''; if ($username !== '') { // Check if username belongs to another user $stmtUserCheck = $db->prepare("SELECT id, rumah_ibadah_id FROM users WHERE username = ?"); $stmtUserCheck->bind_param('s', $username); $stmtUserCheck->execute(); $resUserCheck = $stmtUserCheck->get_result()->fetch_assoc(); if ($resUserCheck && (int)$resUserCheck['rumah_ibadah_id'] !== $id) { throw new Exception('Username sudah digunakan oleh akun lain'); } // Check if account already exists for this rumah_ibadah $stmtExisting = $db->prepare("SELECT id FROM users WHERE rumah_ibadah_id = ?"); $stmtExisting->bind_param('i', $id); $stmtExisting->execute(); $existing = $stmtExisting->get_result()->fetch_assoc(); if ($existing) { // Update existing user if ($password !== '') { $hashedPassword = password_hash($password, PASSWORD_BCRYPT); $stmtUpdate = $db->prepare("UPDATE users SET username = ?, password = ?, password_plain = ? WHERE id = ?"); $stmtUpdate->bind_param('sssi', $username, $hashedPassword, $password, $existing['id']); } else { $stmtUpdate = $db->prepare("UPDATE users SET username = ? WHERE id = ?"); $stmtUpdate->bind_param('si', $username, $existing['id']); } executeOrFail($stmtUpdate, 'Gagal memperbarui akun petugas lapangan'); } else { // Create new user for this rumah ibadah if ($password === '') { throw new Exception('Password wajib diisi untuk pembuatan akun baru'); } $hashedPassword = password_hash($password, PASSWORD_BCRYPT); $stmtUser = $db->prepare( "INSERT INTO users (username, password, password_plain, role, rumah_ibadah_id) VALUES (?, ?, ?, 'petugas_lapangan', ?)" ); $stmtUser->bind_param('sssi', $username, $hashedPassword, $password, $id); executeOrFail($stmtUser, 'Gagal membuat akun petugas lapangan'); } } else { // Delete the associated user account if username is cleared $stmtDeleteUser = $db->prepare("DELETE FROM users WHERE rumah_ibadah_id = ?"); $stmtDeleteUser->bind_param('i', $id); $stmtDeleteUser->execute(); } } $db->commit(); sendSuccess(null, 'Rumah Ibadah berhasil diperbarui'); } catch (Exception $e) { $db->rollback(); sendError($e->getMessage()); } break; // ── DELETE: hapus data ──────────────────────────────────────────── case 'DELETE': if ($id <= 0) sendError('ID wajib disertakan'); $stmt = $db->prepare("DELETE FROM rumah_ibadah WHERE id=?"); $stmt->bind_param('i', $id); executeOrFail($stmt, 'Gagal menghapus rumah ibadah'); $stmt->affected_rows > 0 ? sendSuccess(null, 'Rumah Ibadah berhasil dihapus') : sendError('Data tidak ditemukan', 404); break; default: sendError('Method tidak diizinkan', 405); }