setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch(PDOException $e) { echo json_encode(['success' => false, 'message' => 'Database connection failed']); exit(); } $action = isset($_GET['action']) ? $_GET['action'] : ''; if ($action === 'login' && $_SERVER['REQUEST_METHOD'] === 'POST') { $input = json_decode(file_get_contents('php://input'), true); if (!$input || !isset($input['username']) || !isset($input['password'])) { echo json_encode(['success' => false, 'message' => 'Username dan password harus diisi']); exit(); } $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ? AND password = MD5(?)"); $stmt->execute([$input['username'], $input['password']]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user) { echo json_encode([ 'success' => true, 'message' => 'Login berhasil', 'data' => [ 'id' => $user['id'], 'username' => $user['username'], 'role' => $user['role'] ] ]); } else { echo json_encode(['success' => false, 'message' => 'Username atau password salah']); } } else { echo json_encode(['success' => false, 'message' => 'Invalid action']); } ?>