149 lines
5.3 KiB
PHP
149 lines
5.3 KiB
PHP
<?php
|
|
header("Content-Type: application/json; charset=UTF-8");
|
|
require_once '../auth_helper.php';
|
|
requireAdminOrPengelola();
|
|
include_once '../db_connect.php';
|
|
|
|
$id = 0;
|
|
$nama = '';
|
|
$kategori = 'Makan';
|
|
$jumlah_jiwa = 1;
|
|
$lat = 0.0;
|
|
$lng = 0.0;
|
|
|
|
if (!empty($_POST)) {
|
|
$id = (int)($_POST['id'] ?? 0);
|
|
$nama = $conn->real_escape_string($_POST['nama'] ?? '');
|
|
$kategori = $conn->real_escape_string($_POST['kategori_bantuan'] ?? 'Makan');
|
|
$jumlah_jiwa = (int)($_POST['jumlah_jiwa'] ?? 1);
|
|
$lat = (float)($_POST['lat'] ?? 0);
|
|
$lng = (float)($_POST['lng'] ?? 0);
|
|
} else {
|
|
$data = json_decode(file_get_contents("php://input"));
|
|
if ($data) {
|
|
$id = (int)($data->id ?? 0);
|
|
$nama = $conn->real_escape_string($data->nama ?? '');
|
|
$kategori = $conn->real_escape_string($data->kategori_bantuan ?? 'Makan');
|
|
$jumlah_jiwa = (int)($data->jumlah_jiwa ?? 1);
|
|
$lat = (float)($data->lat ?? 0);
|
|
$lng = (float)($data->lng ?? 0);
|
|
}
|
|
}
|
|
|
|
// Validasi pengelola: hanya boleh edit penduduk yang lokasinya dalam radius ibadah yang dikelolanya
|
|
$currentUser = getCurrentUser();
|
|
if ($currentUser && $currentUser['role'] === 'pengelola') {
|
|
$ibadah_id = $currentUser['ibadah_id'];
|
|
if (!$ibadah_id) {
|
|
http_response_code(403);
|
|
echo json_encode(['status' => 'error', 'message' => 'Akun pengelola tidak terhubung ke rumah ibadah manapun.']);
|
|
exit;
|
|
}
|
|
$res = $conn->query("SELECT lat, lng, radius FROM rumah_ibadah WHERE id=$ibadah_id");
|
|
if (!$res || $res->num_rows === 0) {
|
|
http_response_code(403);
|
|
echo json_encode(['status' => 'error', 'message' => 'Rumah ibadah yang dikelola tidak ditemukan.']);
|
|
exit;
|
|
}
|
|
$ib = $res->fetch_assoc();
|
|
// Gunakan koordinat penduduk yang sedang diedit (dari DB jika lat/lng 0, atau dari input)
|
|
$checkLat = $lat;
|
|
$checkLng = $lng;
|
|
if ($checkLat == 0 && $checkLng == 0 && $id > 0) {
|
|
$mRes = $conn->query("SELECT lat, lng FROM penduduk_miskin WHERE id=$id");
|
|
if ($mRes && $mRow = $mRes->fetch_assoc()) {
|
|
$checkLat = (float)$mRow['lat'];
|
|
$checkLng = (float)$mRow['lng'];
|
|
}
|
|
}
|
|
$R = 6371000;
|
|
$lat1 = deg2rad((float)$ib['lat']);
|
|
$lat2 = deg2rad($checkLat);
|
|
$dLat = $lat2 - $lat1;
|
|
$dLng = deg2rad($checkLng - (float)$ib['lng']);
|
|
$a = sin($dLat/2)*sin($dLat/2) + cos($lat1)*cos($lat2)*sin($dLng/2)*sin($dLng/2);
|
|
$dist = $R * 2 * atan2(sqrt($a), sqrt(1-$a));
|
|
if ($dist > (float)$ib['radius']) {
|
|
http_response_code(403);
|
|
echo json_encode(['status' => 'error', 'message' => 'Penduduk ini berada di luar radius rumah ibadah Anda. Tidak diizinkan mengedit.']);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
|
|
if ($id > 0) {
|
|
// Get current files to delete them if updated
|
|
$old_foto_rumah = null;
|
|
$old_foto_kk = null;
|
|
$res = $conn->query("SELECT foto_rumah, foto_kk FROM penduduk_miskin WHERE id=$id");
|
|
if ($res && $row = $res->fetch_assoc()) {
|
|
$old_foto_rumah = $row['foto_rumah'];
|
|
$old_foto_kk = $row['foto_kk'];
|
|
}
|
|
|
|
$upload_dir = dirname(dirname(__DIR__)) . '/uploads/';
|
|
if (!file_exists($upload_dir)) {
|
|
mkdir($upload_dir, 0777, true);
|
|
}
|
|
|
|
$foto_rumah = null;
|
|
$foto_kk = null;
|
|
|
|
function uploadFile($fileKey, $upload_dir) {
|
|
if (isset($_FILES[$fileKey]) && $_FILES[$fileKey]['error'] === UPLOAD_ERR_OK) {
|
|
$fileTmpPath = $_FILES[$fileKey]['tmp_name'];
|
|
$fileName = $_FILES[$fileKey]['name'];
|
|
|
|
$fileNameCmps = explode(".", $fileName);
|
|
$fileExtension = strtolower(end($fileNameCmps));
|
|
|
|
$allowedfileExtensions = array('jpg', 'jpeg', 'png', 'gif');
|
|
if (in_array($fileExtension, $allowedfileExtensions)) {
|
|
$newFileName = uniqid() . '_' . preg_replace('/[^a-zA-Z0-9\._-]/', '_', $fileName);
|
|
$dest_path = $upload_dir . $newFileName;
|
|
|
|
if (move_uploaded_file($fileTmpPath, $dest_path)) {
|
|
return $newFileName;
|
|
}
|
|
}
|
|
}
|
|
return null;
|
|
}
|
|
|
|
$foto_rumah = uploadFile('foto_rumah', $upload_dir);
|
|
$foto_kk = uploadFile('foto_kk', $upload_dir);
|
|
|
|
// Build update fields
|
|
$update_fields = [
|
|
"nama='$nama'",
|
|
"kategori_bantuan='$kategori'",
|
|
"jumlah_jiwa=$jumlah_jiwa",
|
|
"lat=$lat",
|
|
"lng=$lng"
|
|
];
|
|
|
|
if ($foto_rumah !== null) {
|
|
$update_fields[] = "foto_rumah='$foto_rumah'";
|
|
if ($old_foto_rumah && file_exists($upload_dir . $old_foto_rumah)) {
|
|
unlink($upload_dir . $old_foto_rumah);
|
|
}
|
|
}
|
|
if ($foto_kk !== null) {
|
|
$update_fields[] = "foto_kk='$foto_kk'";
|
|
if ($old_foto_kk && file_exists($upload_dir . $old_foto_kk)) {
|
|
unlink($upload_dir . $old_foto_kk);
|
|
}
|
|
}
|
|
|
|
$query = "UPDATE penduduk_miskin SET " . implode(", ", $update_fields) . " WHERE id=$id";
|
|
|
|
if ($conn->query($query)) {
|
|
echo json_encode(["status" => "success", "message" => "Update berhasil."]);
|
|
} else {
|
|
echo json_encode(["status" => "error", "message" => "Gagal update: " . $conn->error]);
|
|
}
|
|
} else {
|
|
echo json_encode(["status" => "error", "message" => "ID tidak diberikan."]);
|
|
}
|
|
?>
|