34 lines
954 B
PHP
34 lines
954 B
PHP
<?php
|
|
session_start();
|
|
|
|
// Tolak akses jika bukan admin
|
|
if (!isset($_SESSION['role']) || $_SESSION['role'] !== 'admin') {
|
|
http_response_code(403); // Status Forbidden
|
|
echo "Akses ditolak! Anda bukan operator.";
|
|
exit;
|
|
}
|
|
|
|
include 'koneksi.php';
|
|
|
|
// Ambil data dari metode POST
|
|
$nama = $_POST['nama'];
|
|
$alamat = $_POST['alamat'];
|
|
$latitude = $_POST['latitude'];
|
|
$longitude = $_POST['longitude'];
|
|
$bantuan = isset($_POST['bantuan']) ? $_POST['bantuan'] : 'Belum Menerima';
|
|
|
|
// Gunakan Prepared Statement untuk mencegah SQL Injection
|
|
$query = $conn->prepare("INSERT INTO penduduk_miskin (nama_kk, alamat, lat, lng, bantuan) VALUES (?, ?, ?, ?, ?)");
|
|
$query->bind_param("ssdds", $nama, $alamat, $latitude, $longitude, $bantuan);
|
|
|
|
// Eksekusi dan kirim respon ke Javascript
|
|
if ($query->execute()) {
|
|
echo "Data Penduduk Miskin berhasil disimpan!";
|
|
} else {
|
|
echo "Gagal menyimpan data: " . $conn->error;
|
|
}
|
|
|
|
$query->close();
|
|
$conn->close();
|
|
?>
|