Files
webgis_Ikbal/webgis-poverty-pontianak/api/penduduk_miskin/update.php
T
2026-06-11 16:37:05 +07:00

149 lines
5.2 KiB
PHP

<?php
header("Content-Type: application/json; charset=UTF-8");
require_once '../auth_helper.php';
requireAdminOrPengelola();
include_once '../db_connect.php';
$id = 0;
$nama = '';
$kategori = 'Makan';
$jumlah_jiwa = 1;
$lat = 0.0;
$lng = 0.0;
if (!empty($_POST)) {
$id = (int)($_POST['id'] ?? 0);
$nama = $conn->real_escape_string($_POST['nama'] ?? '');
$kategori = $conn->real_escape_string($_POST['kategori_bantuan'] ?? 'Makan');
$jumlah_jiwa = (int)($_POST['jumlah_jiwa'] ?? 1);
$lat = (float)($_POST['lat'] ?? 0);
$lng = (float)($_POST['lng'] ?? 0);
} else {
$data = json_decode(file_get_contents("php://input"));
if ($data) {
$id = (int)($data->id ?? 0);
$nama = $conn->real_escape_string($data->nama ?? '');
$kategori = $conn->real_escape_string($data->kategori_bantuan ?? 'Makan');
$jumlah_jiwa = (int)($data->jumlah_jiwa ?? 1);
$lat = (float)($data->lat ?? 0);
$lng = (float)($data->lng ?? 0);
}
}
// Validasi pengelola: hanya boleh edit penduduk yang lokasinya dalam radius ibadah yang dikelolanya
$currentUser = getCurrentUser();
if ($currentUser && $currentUser['role'] === 'pengelola') {
$ibadah_id = $currentUser['ibadah_id'];
if (!$ibadah_id) {
http_response_code(403);
echo json_encode(['status' => 'error', 'message' => 'Akun pengelola tidak terhubung ke rumah ibadah manapun.']);
exit;
}
$res = $conn->query("SELECT lat, lng, radius FROM rumah_ibadah WHERE id=$ibadah_id");
if (!$res || $res->num_rows === 0) {
http_response_code(403);
echo json_encode(['status' => 'error', 'message' => 'Rumah ibadah yang dikelola tidak ditemukan.']);
exit;
}
$ib = $res->fetch_assoc();
// Gunakan koordinat penduduk yang sedang diedit (dari DB jika lat/lng 0, atau dari input)
$checkLat = $lat;
$checkLng = $lng;
if ($checkLat == 0 && $checkLng == 0 && $id > 0) {
$mRes = $conn->query("SELECT lat, lng FROM penduduk_miskin WHERE id=$id");
if ($mRes && $mRow = $mRes->fetch_assoc()) {
$checkLat = (float)$mRow['lat'];
$checkLng = (float)$mRow['lng'];
}
}
$R = 6371000;
$lat1 = deg2rad((float)$ib['lat']);
$lat2 = deg2rad($checkLat);
$dLat = $lat2 - $lat1;
$dLng = deg2rad($checkLng - (float)$ib['lng']);
$a = sin($dLat/2)*sin($dLat/2) + cos($lat1)*cos($lat2)*sin($dLng/2)*sin($dLng/2);
$dist = $R * 2 * atan2(sqrt($a), sqrt(1-$a));
if ($dist > (float)$ib['radius']) {
http_response_code(403);
echo json_encode(['status' => 'error', 'message' => 'Penduduk ini berada di luar radius rumah ibadah Anda. Tidak diizinkan mengedit.']);
exit;
}
}
if ($id > 0) {
// Get current files to delete them if updated
$old_foto_rumah = null;
$old_foto_kk = null;
$res = $conn->query("SELECT foto_rumah, foto_kk FROM penduduk_miskin WHERE id=$id");
if ($res && $row = $res->fetch_assoc()) {
$old_foto_rumah = $row['foto_rumah'];
$old_foto_kk = $row['foto_kk'];
}
$upload_dir = "../../uploads/";
if (!file_exists($upload_dir)) {
mkdir($upload_dir, 0777, true);
}
$foto_rumah = null;
$foto_kk = null;
function uploadFile($fileKey, $upload_dir) {
if (isset($_FILES[$fileKey]) && $_FILES[$fileKey]['error'] === UPLOAD_ERR_OK) {
$fileTmpPath = $_FILES[$fileKey]['tmp_name'];
$fileName = $_FILES[$fileKey]['name'];
$fileNameCmps = explode(".", $fileName);
$fileExtension = strtolower(end($fileNameCmps));
$allowedfileExtensions = array('jpg', 'jpeg', 'png', 'gif');
if (in_array($fileExtension, $allowedfileExtensions)) {
$newFileName = uniqid() . '_' . preg_replace('/[^a-zA-Z0-9\._-]/', '_', $fileName);
$dest_path = $upload_dir . $newFileName;
if (move_uploaded_file($fileTmpPath, $dest_path)) {
return $newFileName;
}
}
}
return null;
}
$foto_rumah = uploadFile('foto_rumah', $upload_dir);
$foto_kk = uploadFile('foto_kk', $upload_dir);
// Build update fields
$update_fields = [
"nama='$nama'",
"kategori_bantuan='$kategori'",
"jumlah_jiwa=$jumlah_jiwa",
"lat=$lat",
"lng=$lng"
];
if ($foto_rumah !== null) {
$update_fields[] = "foto_rumah='$foto_rumah'";
if ($old_foto_rumah && file_exists($upload_dir . $old_foto_rumah)) {
unlink($upload_dir . $old_foto_rumah);
}
}
if ($foto_kk !== null) {
$update_fields[] = "foto_kk='$foto_kk'";
if ($old_foto_kk && file_exists($upload_dir . $old_foto_kk)) {
unlink($upload_dir . $old_foto_kk);
}
}
$query = "UPDATE penduduk_miskin SET " . implode(", ", $update_fields) . " WHERE id=$id";
if ($conn->query($query)) {
echo json_encode(["status" => "success", "message" => "Update berhasil."]);
} else {
echo json_encode(["status" => "error", "message" => "Gagal update: " . $conn->error]);
}
} else {
echo json_encode(["status" => "error", "message" => "ID tidak diberikan."]);
}
?>