add files

This commit is contained in:
luthfihadinugroho79
2026-06-10 19:42:59 +07:00
parent 7bf3c98e59
commit e950468760
3541 changed files with 0 additions and 0 deletions
+193
View File
@@ -0,0 +1,193 @@
<?php
// api/anggota.php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'list';
// ── GET ───────────────────────────────────────────────────
if ($method === 'GET') {
if ($action === 'list' && isset($_GET['id_penduduk'])) {
$pid = (int)$_GET['id_penduduk'];
$res = $conn->query("SELECT *,
TIMESTAMPDIFF(YEAR, tanggal_lahir, CURDATE()) AS umur,
CASE
WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) < 6 THEN 'Balita'
WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) < 13 THEN 'Anak-anak'
WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) < 18 THEN 'Remaja'
WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) < 60 THEN 'Dewasa'
ELSE 'Lansia'
END AS kelompok_usia
FROM anggota_keluarga WHERE id_penduduk=$pid ORDER BY id");
$data = [];
while ($r = $res->fetch_assoc()) {
// Tambahkan riwayat pendidikan tiap anggota
$pend = $conn->query("SELECT * FROM riwayat_pendidikan WHERE id_anggota={$r['id']} ORDER BY tahun_masuk DESC");
$pendList = [];
while ($p = $pend->fetch_assoc()) $pendList[] = $p;
$r['riwayat_pendidikan'] = $pendList;
$data[] = $r;
}
jsonResponse($data);
} elseif ($action === 'get' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$row = $conn->query("SELECT *,
TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) AS umur
FROM anggota_keluarga WHERE id=$id")->fetch_assoc();
if ($row) {
$pend = $conn->query("SELECT * FROM riwayat_pendidikan WHERE id_anggota=$id ORDER BY tahun_masuk DESC");
$pendList = [];
while ($p = $pend->fetch_assoc()) $pendList[] = $p;
$row['riwayat_pendidikan'] = $pendList;
}
jsonResponse($row ?: ['error'=>'Tidak ditemukan']);
} elseif ($action === 'statistik_usia') {
// Distribusi usia seluruh anggota keluarga
$res = $conn->query("SELECT
COUNT(*) AS total,
SUM(CASE WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) < 6 THEN 1 ELSE 0 END) AS balita,
SUM(CASE WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) BETWEEN 6 AND 12 THEN 1 ELSE 0 END) AS anak,
SUM(CASE WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) BETWEEN 13 AND 17 THEN 1 ELSE 0 END) AS remaja,
SUM(CASE WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) BETWEEN 18 AND 59 THEN 1 ELSE 0 END) AS dewasa,
SUM(CASE WHEN TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) >= 60 THEN 1 ELSE 0 END) AS lansia
FROM anggota_keluarga WHERE status_hidup='hidup'");
jsonResponse($res->fetch_assoc());
} elseif ($action === 'statistik_pendidikan') {
$res = $conn->query("SELECT rp.jenjang, COUNT(*) AS jumlah
FROM riwayat_pendidikan rp
JOIN anggota_keluarga ak ON rp.id_anggota=ak.id
WHERE rp.status_pendidikan='lulus' OR rp.status_pendidikan='putus_sekolah'
GROUP BY rp.jenjang ORDER BY jumlah DESC");
$data=[];
while($r=$res->fetch_assoc())$data[]=$r;
jsonResponse($data);
}
}
// ── POST: tambah anggota ──────────────────────────────────
if ($method === 'POST') {
requireLogin(['admin','pengurus_ibadah','masyarakat']);
$d = json_decode(file_get_contents('php://input'), true) ?: $_POST;
$id_penduduk= (int)($d['id_penduduk']??0);
$nik = esc($conn,$d['nik']??'');
$nama = esc($conn,$d['nama']??'');
$hub = esc($conn,$d['hubungan']??'Anak');
$jk = esc($conn,$d['jenis_kelamin']??'L');
$tgl = esc($conn,$d['tanggal_lahir']??'2000-01-01');
$tmp = esc($conn,$d['tempat_lahir']??'');
$agm = esc($conn,$d['agama']??'Islam');
$pkj = esc($conn,$d['pekerjaan']??'');
$hp = esc($conn,$d['no_hp']??'');
if (!$id_penduduk || !$nama)
jsonResponse(['success'=>false,'error'=>'ID penduduk dan nama wajib diisi'],400);
$sql = "INSERT INTO anggota_keluarga
(id_penduduk,nik,nama,hubungan,jenis_kelamin,tanggal_lahir,tempat_lahir,agama,pekerjaan,no_hp)
VALUES ($id_penduduk,'$nik','$nama','$hub','$jk','$tgl','$tmp','$agm','$pkj','$hp')";
if ($conn->query($sql)) {
$aid = $conn->insert_id;
// Tambah riwayat pendidikan jika ada
$pendList = $d['riwayat_pendidikan'] ?? [];
foreach ($pendList as $pd) {
$jj = esc($conn,$pd['jenjang']??'');
$ni = esc($conn,$pd['nama_institusi']??'');
$jur= esc($conn,$pd['jurusan']??'');
$tm = (int)($pd['tahun_masuk']??0)?:'NULL';
$tl = (int)($pd['tahun_lulus']??0)?:'NULL';
$sp = esc($conn,$pd['status_pendidikan']??'lulus');
$ket= esc($conn,$pd['keterangan']??'');
if ($jj) {
$conn->query("INSERT INTO riwayat_pendidikan
(id_anggota,jenjang,nama_institusi,jurusan,tahun_masuk,tahun_lulus,status_pendidikan,keterangan)
VALUES ($aid,'$jj','$ni','$jur',$tm,$tl,'$sp','$ket')");
}
}
// Update jumlah_anggota di KK
$conn->query("UPDATE penduduk SET jumlah_anggota=(SELECT COUNT(*) FROM anggota_keluarga WHERE id_penduduk=$id_penduduk) WHERE id=$id_penduduk");
logAktivitas($conn,'tambah_anggota','anggota_keluarga',$aid,"KK:$id_penduduk - $nama");
jsonResponse(['success'=>true,'id'=>$aid,'message'=>'Anggota keluarga berhasil ditambahkan']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── PUT: update anggota / status hidup ───────────────────
if ($method === 'PUT') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)$d['id'];
$action2 = $d['action'] ?? 'update';
if ($action2 === 'status') {
// Update status hidup saja (dari verifikasi laporan)
$status = esc($conn,$d['status_hidup']??'hidup');
$sql = "UPDATE anggota_keluarga SET status_hidup='$status' WHERE id=$id";
if ($conn->query($sql)) {
logAktivitas($conn,'update_status_anggota','anggota_keluarga',$id,"Status: $status");
jsonResponse(['success'=>true,'message'=>'Status diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
} else {
// Full update
$nama = esc($conn,$d['nama']??'');
$hub = esc($conn,$d['hubungan']??'');
$tgl = esc($conn,$d['tanggal_lahir']??'');
$agm = esc($conn,$d['agama']??'');
$pkj = esc($conn,$d['pekerjaan']??'');
$hp = esc($conn,$d['no_hp']??'');
$sh = esc($conn,$d['status_hidup']??'hidup');
$sql = "UPDATE anggota_keluarga SET nama='$nama',hubungan='$hub',tanggal_lahir='$tgl',
agama='$agm',pekerjaan='$pkj',no_hp='$hp',status_hidup='$sh' WHERE id=$id";
if ($conn->query($sql)) {
// Update pendidikan jika ada
if (!empty($d['riwayat_pendidikan'])) {
$conn->query("DELETE FROM riwayat_pendidikan WHERE id_anggota=$id");
foreach ($d['riwayat_pendidikan'] as $pd) {
$jj=$conn->real_escape_string($pd['jenjang']??'');
$ni=$conn->real_escape_string($pd['nama_institusi']??'');
$tm=(int)($pd['tahun_masuk']??0)?:'NULL';
$tl=(int)($pd['tahun_lulus']??0)?:'NULL';
$sp=$conn->real_escape_string($pd['status_pendidikan']??'lulus');
if($jj)$conn->query("INSERT INTO riwayat_pendidikan (id_anggota,jenjang,nama_institusi,tahun_masuk,tahun_lulus,status_pendidikan) VALUES ($id,'$jj','$ni',$tm,$tl,'$sp')");
}
}
logAktivitas($conn,'edit_anggota','anggota_keluarga',$id,"Edit: $nama");
jsonResponse(['success'=>true,'message'=>'Data anggota diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
}
// ── DELETE ────────────────────────────────────────────────
if ($method === 'DELETE') {
requireLogin(['admin','pengurus_ibadah']);
$id = (int)($_GET['id']??0);
$row = $conn->query("SELECT id_penduduk FROM anggota_keluarga WHERE id=$id")->fetch_assoc();
if ($conn->query("DELETE FROM anggota_keluarga WHERE id=$id")) {
if ($row) {
$pid = (int)$row['id_penduduk'];
$conn->query("UPDATE penduduk SET jumlah_anggota=(SELECT COUNT(*) FROM anggota_keluarga WHERE id_penduduk=$pid) WHERE id=$pid");
}
logAktivitas($conn,'hapus_anggota','anggota_keluarga',$id,'');
jsonResponse(['success'=>true,'message'=>'Data dihapus']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
?>
+309
View File
@@ -0,0 +1,309 @@
<?php
// api/auth.php
header('Content-Type: application/json; charset=utf-8');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
startSession();
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? '';
// ── GET: statistik publik untuk halaman login ─────────────
if ($method === 'GET' && $action === 'stats') {
$kk = $conn->query("SELECT COUNT(*) c FROM penduduk")->fetch_assoc()['c'];
$ibadah = $conn->query("SELECT COUNT(*) c FROM rumah_ibadah")->fetch_assoc()['c'];
$bantuan = $conn->query("SELECT COUNT(*) c FROM bantuan")->fetch_assoc()['c'];
jsonResponse(['kk'=>(int)$kk,'ibadah'=>(int)$ibadah,'bantuan'=>(int)$bantuan]);
}
// ── GET: cek sesi aktif ───────────────────────────────────
if ($method === 'GET' && $action === 'me') {
if (!empty($_SESSION['user_id'])) {
jsonResponse(['logged_in'=>true,'user'=>currentUser()]);
}
jsonResponse(['logged_in'=>false]);
}
// ── GET: logout ───────────────────────────────────────────
if ($method === 'GET' && $action === 'logout') {
$_SESSION = [];
session_destroy();
header('Location: ../login.php');
exit;
}
// ── GET: daftar pengurus pending (admin only) ─────────────
if ($method === 'GET' && $action === 'pending_list') {
requireLogin(['admin']);
$res = $conn->query("SELECT id,nama_lengkap,username,no_hp,email,nama_ibadah,jenis_ibadah,
latitude,longitude,alamat,kelurahan,kecamatan,radius,status,catatan_admin,created_at
FROM pengurus_pending ORDER BY created_at DESC");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── GET: daftar rumah ibadah tersedia untuk pendaftar ─────
if ($method === 'GET' && $action === 'ibadah_list') {
$res = $conn->query("SELECT id, nama, jenis, alamat, kelurahan, kecamatan FROM rumah_ibadah ORDER BY nama");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── POST: login ───────────────────────────────────────────
if ($method === 'POST' && ($action === '' || $action === 'login')) {
$raw = file_get_contents('php://input');
$d = json_decode($raw, true);
if (!$d) $d = $_POST;
$username = trim($d['username'] ?? '');
$password = $d['password'] ?? '';
$roleReq = $d['role'] ?? '';
if (!$username || !$password) {
jsonResponse(['success'=>false,'error'=>'Username dan kata sandi wajib diisi.'], 400);
}
$uname = $conn->real_escape_string($username);
$row = $conn->query(
"SELECT * FROM users WHERE (username='$uname' OR no_hp='$uname') AND is_active=1 LIMIT 1"
)->fetch_assoc();
if (!$row || !password_verify($password, $row['password_hash'])) {
jsonResponse(['success'=>false,'error'=>'Username atau kata sandi salah.'], 401);
}
// Validasi role jika dipilih
if ($roleReq && $row['role'] !== 'admin' && $row['role'] !== $roleReq) {
$roleLabel = ['masyarakat'=>'Masyarakat','pengurus_ibadah'=>'Pengurus Ibadah','pemerintah'=>'Pemerintah'];
jsonResponse(['success'=>false,'error'=>'Akun ini bukan akun '.($roleLabel[$roleReq] ?? $roleReq).'. Pilih tab yang sesuai.'], 403);
}
// Set session
session_regenerate_id(true);
$_SESSION['user_id'] = $row['id'];
$_SESSION['nama'] = $row['nama_lengkap'];
$_SESSION['role'] = $row['role'];
$_SESSION['id_rumah_ibadah'] = $row['id_rumah_ibadah'];
$_SESSION['id_penduduk'] = $row['id_penduduk'];
$_SESSION['login_time'] = time();
$uid = (int)$row['id'];
$conn->query("UPDATE users SET last_login=NOW() WHERE id=$uid");
logAktivitas($conn,'login','users',$uid,'Login dari '.$_SERVER['REMOTE_ADDR']);
$redirectMap = [
'admin' => 'dashboard/pengurus.php',
'pengurus_ibadah' => 'dashboard/pengurus.php',
'masyarakat' => 'dashboard/masyarakat.php',
'pemerintah' => 'dashboard/pemerintah.php',
];
$redirect = $redirectMap[$row['role']] ?? 'index.php';
jsonResponse(['success'=>true,'role'=>$row['role'],'redirect'=>$redirect,'nama'=>$row['nama_lengkap']]);
}
// ── POST: register masyarakat ─────────────────────────────
if ($method === 'POST' && $action === 'register') {
$raw = file_get_contents('php://input');
$d = json_decode($raw, true);
if (!$d) $d = $_POST;
$nama = trim($d['nama_lengkap'] ?? '');
$username = trim($d['username'] ?? '');
$no_hp = trim($d['no_hp'] ?? '');
$email = trim($d['email'] ?? '');
$password = $d['password'] ?? '';
$no_kk = trim($d['no_kk'] ?? '');
if (!$nama) jsonResponse(['success'=>false,'error'=>'Nama lengkap wajib diisi.'], 400);
if (!$username) jsonResponse(['success'=>false,'error'=>'Username wajib diisi.'], 400);
if (!$no_hp) jsonResponse(['success'=>false,'error'=>'Nomor HP wajib diisi.'], 400);
if (!$password) jsonResponse(['success'=>false,'error'=>'Kata sandi wajib diisi.'], 400);
if (strlen($username) < 4) jsonResponse(['success'=>false,'error'=>'Username minimal 4 karakter.'], 400);
if (strlen($password) < 6) jsonResponse(['success'=>false,'error'=>'Kata sandi minimal 6 karakter.'], 400);
if (preg_match('/\s/', $username)) jsonResponse(['success'=>false,'error'=>'Username tidak boleh mengandung spasi.'], 400);
$uname_e = $conn->real_escape_string($username);
$hp_e = $conn->real_escape_string($no_hp);
$cekUser = $conn->query("SELECT id FROM users WHERE username='$uname_e' LIMIT 1")->fetch_assoc();
if ($cekUser) jsonResponse(['success'=>false,'error'=>'Username sudah digunakan, coba username lain.'], 409);
$cekHp = $conn->query("SELECT id FROM users WHERE no_hp='$hp_e' LIMIT 1")->fetch_assoc();
if ($cekHp) jsonResponse(['success'=>false,'error'=>'Nomor HP sudah terdaftar.'], 409);
$hash = password_hash($password, PASSWORD_DEFAULT);
$nama_e = $conn->real_escape_string($nama);
$email_e = $conn->real_escape_string($email);
$hash_e = $conn->real_escape_string($hash);
$id_penduduk = 'NULL';
if ($no_kk) {
$kk_e = $conn->real_escape_string($no_kk);
$kk = $conn->query("SELECT id FROM penduduk WHERE no_kk='$kk_e' LIMIT 1")->fetch_assoc();
if ($kk) $id_penduduk = (int)$kk['id'];
}
$sql = "INSERT INTO users (nama_lengkap, username, no_hp, email, password_hash, role, id_penduduk)
VALUES ('$nama_e', '$uname_e', '$hp_e', '$email_e', '$hash_e', 'masyarakat', $id_penduduk)";
if ($conn->query($sql)) {
$newId = $conn->insert_id;
logAktivitas($conn,'register','users',$newId,"Daftar baru: $username");
jsonResponse(['success'=>true,'message'=>'Akun berhasil dibuat. Silakan login dengan username dan kata sandi Anda.']);
} else {
jsonResponse(['success'=>false,'error'=>'Gagal membuat akun: '.$conn->error], 500);
}
}
// ── POST: register pengurus ibadah (langsung aktif, tanpa pending) ────────
if ($method === 'POST' && $action === 'register_pengurus') {
$raw = file_get_contents('php://input');
$d = json_decode($raw, true);
if (!$d) $d = $_POST;
// Validasi bidang akun
$nama = trim($d['nama_lengkap'] ?? '');
$username = trim($d['username'] ?? '');
$no_hp = trim($d['no_hp'] ?? '');
$email = trim($d['email'] ?? '');
$password = $d['password'] ?? '';
// Validasi bidang rumah ibadah
$nama_ibadah = trim($d['nama_ibadah'] ?? '');
$jenis = $d['jenis_ibadah'] ?? 'Masjid';
$lat = (float)($d['latitude'] ?? 0);
$lon = (float)($d['longitude'] ?? 0);
$alamat = trim($d['alamat'] ?? '');
$kelurahan = trim($d['kelurahan'] ?? '');
$kecamatan = trim($d['kecamatan'] ?? '');
$radius = max(50, min(2000, (int)($d['radius'] ?? 300)));
// Cek wajib
if (!$nama) jsonResponse(['success'=>false,'error'=>'Nama lengkap wajib diisi.'], 400);
if (!$username) jsonResponse(['success'=>false,'error'=>'Username wajib diisi.'], 400);
if (!$no_hp) jsonResponse(['success'=>false,'error'=>'Nomor HP wajib diisi.'], 400);
if (!$password) jsonResponse(['success'=>false,'error'=>'Kata sandi wajib diisi.'], 400);
if (!$nama_ibadah) jsonResponse(['success'=>false,'error'=>'Nama rumah ibadah wajib diisi.'], 400);
if (!$lat || !$lon) jsonResponse(['success'=>false,'error'=>'Lokasi rumah ibadah wajib ditentukan.'], 400);
if (strlen($username) < 4) jsonResponse(['success'=>false,'error'=>'Username minimal 4 karakter.'], 400);
if (strlen($password) < 6) jsonResponse(['success'=>false,'error'=>'Kata sandi minimal 6 karakter.'], 400);
if (preg_match('/\s/', $username)) jsonResponse(['success'=>false,'error'=>'Username tidak boleh mengandung spasi.'], 400);
$valid_jenis = ['Masjid','Gereja','Vihara','Pura','Klenteng','Lainnya'];
if (!in_array($jenis, $valid_jenis)) $jenis = 'Masjid';
$uname_e = $conn->real_escape_string($username);
$hp_e = $conn->real_escape_string($no_hp);
// Cek duplikat di users
if ($conn->query("SELECT id FROM users WHERE username='$uname_e' LIMIT 1")->fetch_assoc())
jsonResponse(['success'=>false,'error'=>'Username sudah digunakan.'], 409);
if ($conn->query("SELECT id FROM users WHERE no_hp='$hp_e' LIMIT 1")->fetch_assoc())
jsonResponse(['success'=>false,'error'=>'Nomor HP sudah terdaftar.'], 409);
// Siapkan data
$hash = password_hash($password, PASSWORD_DEFAULT);
$nama_e = $conn->real_escape_string($nama);
$email_e = $conn->real_escape_string($email);
$hash_e = $conn->real_escape_string($hash);
$nibd_e = $conn->real_escape_string($nama_ibadah);
$jenis_e = $conn->real_escape_string($jenis);
$alamat_e = $conn->real_escape_string($alamat);
$kel_e = $conn->real_escape_string($kelurahan);
$kec_e = $conn->real_escape_string($kecamatan);
// Buat rumah ibadah dan akun pengguna dalam transaksi agar atomic
$conn->begin_transaction();
$ok = $conn->query("INSERT INTO rumah_ibadah (nama,jenis,kontak,email,latitude,longitude,alamat,kelurahan,kecamatan,radius)
VALUES ('$nibd_e','$jenis_e','$hp_e','$email_e',$lat,$lon,'$alamat_e','$kel_e','$kec_e',$radius)");
if (!$ok) {
$conn->rollback();
jsonResponse(['success'=>false,'error'=>'Gagal membuat rumah ibadah: '.$conn->error], 500);
}
$ibadahId = $conn->insert_id;
$ok = $conn->query("INSERT INTO users (nama_lengkap,username,no_hp,email,password_hash,role,id_rumah_ibadah,is_active)
VALUES ('$nama_e','$uname_e','$hp_e','$email_e','$hash_e','pengurus_ibadah',$ibadahId,1)");
if (!$ok) {
$conn->rollback();
jsonResponse(['success'=>false,'error'=>'Gagal membuat akun pengurus: '.$conn->error], 500);
}
$userId = $conn->insert_id;
$conn->commit();
logAktivitas($conn,'register_pengurus','users',$userId,"Pengurus baru langsung aktif: $username, ibadah $ibadahId");
jsonResponse([
'success' => true,
'message' => 'Pendaftaran berhasil. Akun pengurus dan rumah ibadah telah dibuat dan aktif.',
'user_id' => (int)$userId,
'ibadah_id' => (int)$ibadahId
]);
}
// ── PUT: approve / reject pengurus pending (admin) ────────
if ($method === 'PUT' && $action === 'approve_pengurus') {
requireLogin(['admin']);
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)($d['id'] ?? 0);
$status = $d['status'] ?? ''; // 'approved' | 'rejected'
$catatan = $conn->real_escape_string($d['catatan'] ?? '');
if (!$id || !in_array($status, ['approved','rejected']))
jsonResponse(['success'=>false,'error'=>'Parameter tidak valid.'], 400);
$pending = $conn->query("SELECT * FROM pengurus_pending WHERE id=$id AND status='pending' LIMIT 1")->fetch_assoc();
if (!$pending) jsonResponse(['success'=>false,'error'=>'Data pendaftaran tidak ditemukan.'], 404);
if ($status === 'approved') {
// Buat rumah ibadah baru
$ni = $conn->real_escape_string($pending['nama_ibadah']);
$ji = $conn->real_escape_string($pending['jenis_ibadah']);
$hp = $conn->real_escape_string($pending['no_hp']);
$em = $conn->real_escape_string($pending['email']);
$al = $conn->real_escape_string($pending['alamat']);
$ke = $conn->real_escape_string($pending['kelurahan']);
$kc = $conn->real_escape_string($pending['kecamatan']);
$lat = (float)$pending['latitude'];
$lon = (float)$pending['longitude'];
$rad = (int)$pending['radius'];
$conn->query("INSERT INTO rumah_ibadah (nama,jenis,kontak,email,latitude,longitude,alamat,kelurahan,kecamatan,radius)
VALUES ('$ni','$ji','$hp','$em',$lat,$lon,'$al','$ke','$kc',$rad)");
$ibadahId = $conn->insert_id;
// Buat user pengurus
$un = $conn->real_escape_string($pending['username']);
$nm = $conn->real_escape_string($pending['nama_lengkap']);
$pw = $conn->real_escape_string($pending['password_hash']);
$eme = $conn->real_escape_string($pending['email']);
$hpe = $conn->real_escape_string($pending['no_hp']);
$conn->query("INSERT INTO users (nama_lengkap,username,no_hp,email,password_hash,role,id_rumah_ibadah,is_active)
VALUES ('$nm','$un','$hpe','$eme','$pw','pengurus_ibadah',$ibadahId,1)");
$userId = $conn->insert_id;
logAktivitas($conn,'approve_pengurus','pengurus_pending',$id,"Approved → user $userId, ibadah $ibadahId");
}
$conn->query("UPDATE pengurus_pending SET status='$status', catatan_admin='$catatan' WHERE id=$id");
jsonResponse([
'success' => true,
'message' => $status === 'approved' ? 'Pendaftaran disetujui. Akun dan rumah ibadah berhasil dibuat.' : 'Pendaftaran ditolak.'
]);
}
// Fallback
jsonResponse(['error'=>'Endpoint tidak valid'], 404);
?>
+158
View File
@@ -0,0 +1,158 @@
<?php
// api/bantuan.php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
startSession();
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'list';
// ── GET ───────────────────────────────────────────────────
if ($method === 'GET') {
if ($action === 'list') {
$where = "WHERE 1=1";
if (isset($_GET['id_penduduk']) && $_GET['id_penduduk'])
$where .= " AND b.id_penduduk=".(int)$_GET['id_penduduk'];
if (!empty($_SESSION['role']) && $_SESSION['role']==='pengurus_ibadah') {
$iid = (int)$_SESSION['id_rumah_ibadah'];
$where .= " AND b.id_rumah_ibadah=$iid";
}
if (isset($_GET['id_ibadah']) && $_GET['id_ibadah'])
$where .= " AND b.id_rumah_ibadah=".(int)$_GET['id_ibadah'];
$res = $conn->query("SELECT b.*,
p.nama_kepala_keluarga,p.alamat,p.kelurahan,p.kecamatan,
kb.nama AS jenis_bantuan, kb.sumber AS sumber_bantuan,
ri.nama AS nama_ibadah, rim.nama AS nama_mitra,
u.nama_lengkap AS dicatat_oleh
FROM bantuan b
JOIN penduduk p ON b.id_penduduk=p.id
JOIN kategori_bantuan kb ON b.id_kategori_bantuan=kb.id
LEFT JOIN rumah_ibadah ri ON b.id_rumah_ibadah=ri.id
LEFT JOIN rumah_ibadah rim ON b.id_rumah_ibadah_mitra=rim.id
LEFT JOIN users u ON b.id_pengurus_input=u.id
$where ORDER BY b.tanggal_bantuan DESC LIMIT 500");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
} elseif ($action === 'kategori') {
$res = $conn->query("SELECT * FROM kategori_bantuan ORDER BY sumber,nama");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
} elseif ($action === 'statistik') {
$where = "WHERE status_bantuan='disalurkan'";
if (!empty($_SESSION['role']) && $_SESSION['role'] === 'pengurus_ibadah') {
$iid = (int)($_SESSION['id_rumah_ibadah'] ?? 0);
$where .= " AND id_rumah_ibadah=$iid";
}
if (isset($_GET['id_ibadah']) && $_GET['id_ibadah']) {
$where .= " AND id_rumah_ibadah=".(int)$_GET['id_ibadah'];
}
$total = $conn->query("SELECT COUNT(*) c, COALESCE(SUM(jumlah_nominal),0) nom FROM bantuan $where")->fetch_assoc();
$per_jenis = [];
$res = $conn->query("SELECT kb.nama,kb.sumber,COUNT(*) jumlah,COALESCE(SUM(b.jumlah_nominal),0) nominal
FROM bantuan b JOIN kategori_bantuan kb ON b.id_kategori_bantuan=kb.id
$where GROUP BY kb.id ORDER BY jumlah DESC");
while ($r = $res->fetch_assoc()) $per_jenis[] = $r;
$per_ibadah = [];
$res2 = $conn->query("SELECT ri.nama,COUNT(b.id) jumlah FROM bantuan b
JOIN rumah_ibadah ri ON b.id_rumah_ibadah=ri.id
$where GROUP BY ri.id ORDER BY jumlah DESC");
while ($r = $res2->fetch_assoc()) $per_ibadah[] = $r;
jsonResponse([
'total_bantuan' => (int)$total['c'],
'total_nominal' => (float)$total['nom'],
'per_jenis' => $per_jenis,
'per_ibadah' => $per_ibadah,
]);
}
}
// ── POST: tambah bantuan ──────────────────────────────────
if ($method === 'POST') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true) ?: $_POST;
$id_penduduk = (int)($d['id_penduduk']??0);
$id_kategori = (int)($d['id_kategori_bantuan']??0);
$id_ibadah = (int)($d['id_rumah_ibadah']??$_SESSION['id_rumah_ibadah']??0) ?: 'NULL';
$id_mitra = (int)($d['id_rumah_ibadah_mitra']??0) ?: 'NULL';
$donatur = esc($conn,$d['nama_donatur']??'');
$tgl = esc($conn,$d['tanggal_bantuan']??date('Y-m-d'));
$nominal = (float)($d['jumlah_nominal']??0) ?: 'NULL';
$bentuk = esc($conn,$d['bentuk_bantuan']??'');
$kondisi = esc($conn,$d['kondisi_saat_diberikan']??'');
$catatan = esc($conn,$d['catatan_tambahan']??'');
$uid = (int)$_SESSION['user_id'];
$status = esc($conn,$d['status_bantuan']??'disalurkan');
$foto = uploadFile('foto_dokumentasi','bantuan');
$foto_e = $foto ? esc($conn,$foto) : '';
$sql = "INSERT INTO bantuan
(id_penduduk,id_kategori_bantuan,id_rumah_ibadah,id_rumah_ibadah_mitra,nama_donatur,
tanggal_bantuan,jumlah_nominal,bentuk_bantuan,kondisi_saat_diberikan,catatan_tambahan,
foto_dokumentasi,status_bantuan,id_pengurus_input)
VALUES ($id_penduduk,$id_kategori,$id_ibadah,$id_mitra,'$donatur','$tgl',$nominal,
'$bentuk','$kondisi','$catatan','$foto_e','$status',$uid)";
if ($conn->query($sql)) {
$bid = $conn->insert_id;
// Notif ke user masyarakat yang terdaftar pada KK ini
$user_kk = $conn->query("SELECT id FROM users WHERE id_penduduk=$id_penduduk AND role='masyarakat'")->fetch_assoc();
if ($user_kk) {
kirimNotifikasi($conn,(int)$user_kk['id'],
'Bantuan Baru Diterima',
"Keluarga Anda menerima bantuan: $bentuk pada ".date('d/m/Y',strtotime($tgl)),
'bantuan_baru',$bid);
}
logAktivitas($conn,'tambah_bantuan','bantuan',$bid,"KK ID:$id_penduduk - $bentuk");
jsonResponse(['success'=>true,'id'=>$bid,'message'=>'Bantuan berhasil dicatat']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── PUT: update bantuan ───────────────────────────────────
if ($method === 'PUT') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)$d['id'];
$bentuk = esc($conn,$d['bentuk_bantuan']??'');
$catatan = esc($conn,$d['catatan_tambahan']??'');
$status = esc($conn,$d['status_bantuan']??'disalurkan');
$mitra = (int)($d['id_rumah_ibadah_mitra']??0) ?: 'NULL';
$sql = "UPDATE bantuan SET bentuk_bantuan='$bentuk',catatan_tambahan='$catatan',
status_bantuan='$status',id_rumah_ibadah_mitra=$mitra WHERE id=$id";
if ($conn->query($sql)) {
logAktivitas($conn,'edit_bantuan','bantuan',$id,'');
jsonResponse(['success'=>true,'message'=>'Bantuan diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── DELETE ────────────────────────────────────────────────
if ($method === 'DELETE') {
requireLogin(['admin','pengurus_ibadah']);
$id = (int)($_GET['id']??0);
if ($conn->query("DELETE FROM bantuan WHERE id=$id")) {
logAktivitas($conn,'hapus_bantuan','bantuan',$id,'');
jsonResponse(['success'=>true,'message'=>'Data dihapus']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
?>
+162
View File
@@ -0,0 +1,162 @@
<?php
// api/chat.php — Chat antara masyarakat dan rumah ibadah
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
startSession();
requireLogin(['masyarakat','pengurus_ibadah','admin']);
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'conversations';
$role = $_SESSION['role'] ?? '';
$uid = (int)$_SESSION['user_id'];
$myIbadah = (int)($_SESSION['id_rumah_ibadah'] ?? 0);
// ── GET: daftar percakapan ──────────────────────────────────
if ($method === 'GET' && $action === 'conversations') {
if ($role === 'masyarakat') {
// Percakapan masyarakat (grouped by rumah ibadah)
$res = $conn->query("
SELECT c.id_rumah_ibadah,
ri.nama AS nama_ibadah, ri.jenis AS jenis_ibadah,
MAX(c.created_at) AS last_time,
COUNT(*) AS total_pesan,
SUM(c.is_read=0 AND c.pengirim_role='pengurus_ibadah') AS unread
FROM chat_masyarakat c
JOIN rumah_ibadah ri ON c.id_rumah_ibadah=ri.id
WHERE c.id_user_masyarakat=$uid
GROUP BY c.id_rumah_ibadah
ORDER BY last_time DESC
");
} else {
// Percakapan pengurus (grouped by masyarakat user)
$res = $conn->query("
SELECT c.id_user_masyarakat,
u.nama_lengkap AS nama_masyarakat,
MAX(c.created_at) AS last_time,
COUNT(*) AS total_pesan,
SUM(c.is_read=0 AND c.pengirim_role='masyarakat') AS unread
FROM chat_masyarakat c
JOIN users u ON c.id_user_masyarakat=u.id
WHERE c.id_rumah_ibadah=$myIbadah
GROUP BY c.id_user_masyarakat
ORDER BY last_time DESC
");
}
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── GET: pesan dalam percakapan ────────────────────────────
if ($method === 'GET' && $action === 'messages') {
if ($role === 'masyarakat') {
$id_ibadah = (int)($_GET['id_rumah_ibadah'] ?? 0);
if (!$id_ibadah) jsonResponse(['error'=>'id_rumah_ibadah diperlukan'], 400);
// Tandai pesan dari pengurus sebagai dibaca
$conn->query("UPDATE chat_masyarakat SET is_read=1
WHERE id_user_masyarakat=$uid AND id_rumah_ibadah=$id_ibadah
AND pengirim_role='pengurus_ibadah' AND is_read=0");
$res = $conn->query("
SELECT c.*, ri.nama AS nama_ibadah, u.nama_lengkap AS nama_pengirim
FROM chat_masyarakat c
JOIN rumah_ibadah ri ON c.id_rumah_ibadah=ri.id
JOIN users u ON c.id_pengirim=u.id
WHERE c.id_user_masyarakat=$uid AND c.id_rumah_ibadah=$id_ibadah
ORDER BY c.created_at ASC LIMIT 200
");
} else {
// Pengurus: lihat chat dengan masyarakat tertentu
$id_user = (int)($_GET['id_user_masyarakat'] ?? 0);
if (!$id_user) jsonResponse(['error'=>'id_user_masyarakat diperlukan'], 400);
// Tandai pesan dari masyarakat sebagai dibaca
$conn->query("UPDATE chat_masyarakat SET is_read=1
WHERE id_user_masyarakat=$id_user AND id_rumah_ibadah=$myIbadah
AND pengirim_role='masyarakat' AND is_read=0");
$res = $conn->query("
SELECT c.*, ri.nama AS nama_ibadah, u.nama_lengkap AS nama_pengirim
FROM chat_masyarakat c
JOIN rumah_ibadah ri ON c.id_rumah_ibadah=ri.id
JOIN users u ON c.id_pengirim=u.id
WHERE c.id_user_masyarakat=$id_user AND c.id_rumah_ibadah=$myIbadah
ORDER BY c.created_at ASC LIMIT 200
");
}
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── GET: daftar rumah ibadah (untuk masyarakat memilih tujuan) ──
if ($method === 'GET' && $action === 'ibadah_list') {
$res = $conn->query("SELECT id, nama, jenis, kecamatan FROM rumah_ibadah ORDER BY nama");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── GET: hitung unread ──────────────────────────────────────
if ($method === 'GET' && $action === 'unread') {
if ($role === 'masyarakat') {
$r = $conn->query("SELECT COUNT(*) AS n FROM chat_masyarakat
WHERE id_user_masyarakat=$uid AND pengirim_role='pengurus_ibadah' AND is_read=0")
->fetch_assoc();
} else {
$r = $conn->query("SELECT COUNT(*) AS n FROM chat_masyarakat
WHERE id_rumah_ibadah=$myIbadah AND pengirim_role='masyarakat' AND is_read=0")
->fetch_assoc();
}
jsonResponse(['unread' => (int)($r['n'] ?? 0)]);
}
// ── POST: kirim pesan ──────────────────────────────────────
if ($method === 'POST') {
$d = json_decode(file_get_contents('php://input'), true);
$isi = trim(esc($conn, $d['isi'] ?? ''));
if (!$isi) jsonResponse(['success'=>false,'error'=>'Pesan tidak boleh kosong'], 400);
if ($role === 'masyarakat') {
$id_ibadah = (int)($d['id_rumah_ibadah'] ?? 0);
if (!$id_ibadah) jsonResponse(['success'=>false,'error'=>'Rumah ibadah tidak dipilih'], 400);
$sql = "INSERT INTO chat_masyarakat
(id_user_masyarakat, id_rumah_ibadah, id_pengirim, pengirim_role, isi_pesan)
VALUES ($uid, $id_ibadah, $uid, 'masyarakat', '$isi')";
if ($conn->query($sql)) {
$cid = $conn->insert_id;
// Notif ke pengurus rumah ibadah
$peng = $conn->query("SELECT id FROM users WHERE id_rumah_ibadah=$id_ibadah AND role='pengurus_ibadah'");
while ($p = $peng->fetch_assoc()) {
kirimNotifikasi($conn, (int)$p['id'], 'Pesan Chat Baru', 'Ada pesan baru dari masyarakat.', 'chat_baru', $cid);
}
jsonResponse(['success'=>true, 'id'=>$cid]);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error], 500);
}
} else {
// Pengurus membalas ke masyarakat
$id_user_mas = (int)($d['id_user_masyarakat'] ?? 0);
if (!$id_user_mas || !$myIbadah) jsonResponse(['success'=>false,'error'=>'Data tidak lengkap'], 400);
$sql = "INSERT INTO chat_masyarakat
(id_user_masyarakat, id_rumah_ibadah, id_pengirim, pengirim_role, isi_pesan)
VALUES ($id_user_mas, $myIbadah, $uid, 'pengurus_ibadah', '$isi')";
if ($conn->query($sql)) {
$cid = $conn->insert_id;
// Notif ke masyarakat
kirimNotifikasi($conn, $id_user_mas, 'Pesan dari Rumah Ibadah', 'Rumah ibadah mengirim pesan baru.', 'chat_baru', $cid);
jsonResponse(['success'=>true, 'id'=>$cid]);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error], 500);
}
}
}
?>
+146
View File
@@ -0,0 +1,146 @@
<?php
// api/laporan.php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
startSession();
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'list';
// ── GET ───────────────────────────────────────────────────
if ($method === 'GET') {
if ($action === 'list') {
$where = "WHERE 1=1";
// Filter wilayah untuk pengurus ibadah
if (!empty($_SESSION['role']) && $_SESSION['role'] === 'pengurus_ibadah') {
$iid = (int)$_SESSION['id_rumah_ibadah'];
$where .= " AND ls.id_rumah_ibadah=$iid";
}
if (isset($_GET['status']) && $_GET['status'])
$where .= " AND ls.status_verifikasi='".esc($conn,$_GET['status'])."'";
if (isset($_GET['jenis']) && $_GET['jenis'])
$where .= " AND ls.jenis_laporan='".esc($conn,$_GET['jenis'])."'";
$res = $conn->query("SELECT ls.*,
p.nama_kepala_keluarga, p.alamat AS alamat_kk, p.kelurahan, p.kecamatan,
u.nama_lengkap AS nama_pelapor, u.no_hp AS hp_pelapor,
ri.nama AS nama_ibadah,
up.nama_lengkap AS nama_pengurus
FROM laporan_status ls
LEFT JOIN penduduk p ON ls.id_penduduk=p.id
LEFT JOIN users u ON ls.id_pelapor_user=u.id
LEFT JOIN rumah_ibadah ri ON ls.id_rumah_ibadah=ri.id
LEFT JOIN users up ON ls.id_pengurus_verif=up.id
$where ORDER BY ls.created_at DESC LIMIT 200");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
} elseif ($action === 'get' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$row = $conn->query("SELECT ls.*,
p.nama_kepala_keluarga,p.alamat AS alamat_kk,
u.nama_lengkap AS nama_pelapor,
ri.nama AS nama_ibadah
FROM laporan_status ls
LEFT JOIN penduduk p ON ls.id_penduduk=p.id
LEFT JOIN users u ON ls.id_pelapor_user=u.id
LEFT JOIN rumah_ibadah ri ON ls.id_rumah_ibadah=ri.id
WHERE ls.id=$id")->fetch_assoc();
jsonResponse($row ?: ['error'=>'Tidak ditemukan']);
}
}
// ── POST: buat laporan baru (dari masyarakat) ─────────────
if ($method === 'POST' && $action === 'kirim') {
startSession();
$d = json_decode(file_get_contents('php://input'), true) ?: $_POST;
$id_penduduk = (int)($d['id_penduduk']??0) ?: 'NULL';
$id_anggota = (int)($d['id_anggota']??0) ?: 'NULL';
$jenis = esc($conn,$d['jenis_laporan']??'lainnya');
$deskripsi = esc($conn,$d['deskripsi']??'');
$nama = esc($conn,$d['nama_terkait']??'');
$tgl = esc($conn,$d['tanggal_kejadian']??date('Y-m-d'));
$uid = isset($_SESSION['user_id'])?(int)$_SESSION['user_id']:'NULL';
if (!$deskripsi) jsonResponse(['success'=>false,'error'=>'Deskripsi wajib diisi'],400);
// Auto-assign rumah ibadah berdasarkan lokasi KK
$id_ibadah = 'NULL';
if ($id_penduduk !== 'NULL') {
$kk = $conn->query("SELECT latitude,longitude FROM penduduk WHERE id=$id_penduduk")->fetch_assoc();
if ($kk) {
$matches = findIbadahInRadius($conn,(float)$kk['latitude'],(float)$kk['longitude']);
if ($matches && $matches[0]) $id_ibadah = (int)$matches[0]['id'];
}
}
$foto = uploadFile('lampiran','laporan');
$foto_e = $foto ? esc($conn,$foto) : '';
$sql = "INSERT INTO laporan_status
(id_penduduk,id_anggota,id_pelapor_user,jenis_laporan,deskripsi,nama_terkait,
tanggal_kejadian,lampiran_foto,id_rumah_ibadah)
VALUES ($id_penduduk,$id_anggota,$uid,'$jenis','$deskripsi','$nama','$tgl','$foto_e',$id_ibadah)";
if ($conn->query($sql)) {
$lid = $conn->insert_id;
// Notifikasi ke pengurus rumah ibadah
if ($id_ibadah !== 'NULL') {
$pengurus = $conn->query("SELECT id FROM users WHERE id_rumah_ibadah=$id_ibadah AND role='pengurus_ibadah'");
while ($p = $pengurus->fetch_assoc()) {
kirimNotifikasi($conn,(int)$p['id'],
"Laporan Baru: ".ucfirst(str_replace('_',' ',$d['jenis_laporan'])),
"Ada laporan baru masuk mengenai: $deskripsi",
'laporan_masuk',$lid);
}
}
logAktivitas($conn,'kirim_laporan','laporan_status',$lid,"Jenis: $jenis");
jsonResponse(['success'=>true,'id'=>$lid,'message'=>'Laporan berhasil dikirim. Terima kasih!']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── PUT: verifikasi laporan (oleh pengurus) ───────────────
if ($method === 'PUT' && $action === 'verifikasi') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)$d['id'];
$status = esc($conn,$d['status_verifikasi']??'diproses');
$catatan= esc($conn,$d['catatan_pengurus']??'');
$uid = (int)$_SESSION['user_id'];
$sql = "UPDATE laporan_status SET status_verifikasi='$status',
catatan_pengurus='$catatan',id_pengurus_verif=$uid,diverifikasi_at=NOW()
WHERE id=$id";
if ($conn->query($sql)) {
// Jika disetujui → update status anggota keluarga
if ($status === 'disetujui') {
$lap = $conn->query("SELECT * FROM laporan_status WHERE id=$id")->fetch_assoc();
if ($lap['id_anggota'] && in_array($lap['jenis_laporan'],['kematian','pindah_keluar'])) {
$new_status = $lap['jenis_laporan']==='kematian'?'meninggal':'pindah';
$aid = (int)$lap['id_anggota'];
$conn->query("UPDATE anggota_keluarga SET status_hidup='$new_status' WHERE id=$aid");
}
// Notif ke pelapor
if ($lap['id_pelapor_user']) {
kirimNotifikasi($conn,(int)$lap['id_pelapor_user'],
'Laporan Disetujui','Laporan Anda telah diverifikasi dan disetujui oleh pengurus.','verifikasi',$id);
}
}
logAktivitas($conn,'verifikasi_laporan','laporan_status',$id,"Status: $status");
jsonResponse(['success'=>true,'message'=>'Status laporan diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
?>
+33
View File
@@ -0,0 +1,33 @@
<?php
// api/notifikasi.php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, PUT, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
requireLogin();
startSession();
$uid = (int)$_SESSION['user_id'];
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$only_unread = isset($_GET['unread']) ? "AND is_read=0" : "";
$res = $conn->query("SELECT * FROM notifikasi WHERE id_user=$uid $only_unread ORDER BY created_at DESC LIMIT 50");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
$unread = $conn->query("SELECT COUNT(*) c FROM notifikasi WHERE id_user=$uid AND is_read=0")->fetch_assoc()['c'];
jsonResponse(['notifikasi'=>$data,'unread'=>(int)$unread]);
}
if ($_SERVER['REQUEST_METHOD'] === 'PUT') {
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)($d['id']??0);
if ($id) {
$conn->query("UPDATE notifikasi SET is_read=1 WHERE id=$id AND id_user=$uid");
} else {
$conn->query("UPDATE notifikasi SET is_read=1 WHERE id_user=$uid");
}
jsonResponse(['success'=>true]);
}
?>
+222
View File
@@ -0,0 +1,222 @@
<?php
// api/penduduk.php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'geojson';
function buildFeature($row, $conn) {
$pid = (int)$row['id'];
// Anggota keluarga + umur otomatis
$ak = $conn->query("SELECT *,
TIMESTAMPDIFF(YEAR,tanggal_lahir,CURDATE()) AS umur
FROM anggota_keluarga WHERE id_penduduk=$pid ORDER BY id");
$anggota = [];
while ($a = $ak->fetch_assoc()) {
// Pendidikan terakhir
$pend = $conn->query("SELECT jenjang,nama_institusi,tahun_lulus,status_pendidikan
FROM riwayat_pendidikan WHERE id_anggota={$a['id']}
ORDER BY tahun_masuk DESC LIMIT 1")->fetch_assoc();
$a['pendidikan_terakhir'] = $pend;
$anggota[] = $a;
}
$row['anggota'] = $anggota;
// Histori bantuan
$bq = $conn->query("SELECT b.*,kb.nama AS jenis_bantuan,ri.nama AS nama_ibadah,rim.nama AS nama_mitra
FROM bantuan b
JOIN kategori_bantuan kb ON b.id_kategori_bantuan=kb.id
LEFT JOIN rumah_ibadah ri ON b.id_rumah_ibadah=ri.id
LEFT JOIN rumah_ibadah rim ON b.id_rumah_ibadah_mitra=rim.id
WHERE b.id_penduduk=$pid ORDER BY b.tanggal_bantuan DESC");
$bantuan = [];
while ($b = $bq->fetch_assoc()) $bantuan[] = $b;
$row['histori_bantuan'] = $bantuan;
$row['jumlah_bantuan'] = count($bantuan);
return [
'type' => 'Feature',
'geometry' => ['type'=>'Point','coordinates'=>[(float)$row['longitude'],(float)$row['latitude']]],
'properties' => $row
];
}
// ── GET ───────────────────────────────────────────────────
if ($method === 'GET') {
if ($action === 'geojson') {
$where = "WHERE 1=1";
if (isset($_GET['status_ekonomi']) && $_GET['status_ekonomi'] !== 'all')
$where .= " AND p.status_ekonomi='".esc($conn,$_GET['status_ekonomi'])."'";
if (isset($_GET['id_ibadah']) && $_GET['id_ibadah'])
$where .= " AND p.id_rumah_ibadah=".(int)$_GET['id_ibadah'];
if (isset($_GET['kecamatan']) && $_GET['kecamatan'])
$where .= " AND p.kecamatan='".esc($conn,$_GET['kecamatan'])."'";
$res = $conn->query("SELECT p.*,ri.nama AS nama_ibadah,ri.jenis AS jenis_ibadah
FROM penduduk p
LEFT JOIN rumah_ibadah ri ON p.id_rumah_ibadah=ri.id
$where ORDER BY p.id DESC");
$features = [];
while ($row = $res->fetch_assoc()) $features[] = buildFeature($row, $conn);
jsonResponse(['type'=>'FeatureCollection','features'=>$features]);
} elseif ($action === 'get' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$row = $conn->query("SELECT p.*,ri.nama AS nama_ibadah
FROM penduduk p LEFT JOIN rumah_ibadah ri ON p.id_rumah_ibadah=ri.id
WHERE p.id=$id")->fetch_assoc();
jsonResponse($row ? buildFeature($row,$conn) : ['error'=>'Tidak ditemukan']);
} elseif ($action === 'dashboard') {
$where = 'WHERE 1=1';
$ibadahFilter = '';
$laporanFilter = '';
if (!empty($_SESSION['role']) && $_SESSION['role'] === 'pengurus_ibadah') {
$iid = (int)($_SESSION['id_rumah_ibadah'] ?? 0);
$where .= " AND p.id_rumah_ibadah=$iid";
$ibadahFilter = " WHERE id=$iid";
$laporanFilter = " WHERE id_rumah_ibadah=$iid";
}
$total = $conn->query("SELECT COUNT(*) c FROM penduduk $where")->fetch_assoc()['c'];
$jiwa = $conn->query("SELECT COALESCE(SUM(jumlah_anggota),0) c FROM penduduk $where")->fetch_assoc()['c'];
$ibadah = $conn->query("SELECT COUNT(*) c FROM rumah_ibadah$ibadahFilter")->fetch_assoc()['c'];
$bantuan = $conn->query("SELECT COUNT(*) c FROM bantuan" . ($laporanFilter ? " WHERE id_rumah_ibadah=$iid" : ''))->fetch_assoc()['c'];
$pending = $conn->query("SELECT COUNT(*) c FROM laporan_status" . ($laporanFilter ? " WHERE status_verifikasi='pending' AND id_rumah_ibadah=$iid" : " WHERE status_verifikasi='pending'") )->fetch_assoc()['c'];
$sm = $conn->query("SELECT COUNT(*) c FROM penduduk $where AND status_ekonomi='sangat_miskin'")->fetch_assoc()['c'];
$miskin = $conn->query("SELECT COUNT(*) c FROM penduduk $where AND status_ekonomi='miskin'")->fetch_assoc()['c'];
$rentan = $conn->query("SELECT COUNT(*) c FROM penduduk $where AND status_ekonomi='rentan'")->fetch_assoc()['c'];
// Per kecamatan
$kecRes = $conn->query("SELECT kecamatan,COUNT(*) AS jumlah_kk,SUM(jumlah_anggota) AS jiwa
FROM penduduk $where GROUP BY kecamatan ORDER BY jumlah_kk DESC");
$perkec = [];
while ($r = $kecRes->fetch_assoc()) $perkec[] = $r;
jsonResponse([
'total_kk' => (int)$total,
'total_jiwa' => (int)$jiwa,
'total_ibadah' => (int)$ibadah,
'total_bantuan' => (int)$bantuan,
'pending_laporan'=> (int)$pending,
'sangat_miskin' => (int)$sm,
'miskin' => (int)$miskin,
'rentan' => (int)$rentan,
'per_kecamatan' => $perkec,
]);
}
}
// ── POST: tambah penduduk ─────────────────────────────────
if ($method === 'POST') {
requireLogin(['admin','pengurus_ibadah','masyarakat']);
$nama = esc($conn,$_POST['nama_kepala_keluarga']??'');
$no_kk = esc($conn,$_POST['no_kk']??'');
$nik = esc($conn,$_POST['nik_kepala']??'');
$lat = (float)($_POST['latitude']??0);
$lon = (float)($_POST['longitude']??0);
$alamat = esc($conn,$_POST['alamat']??'');
$rt = esc($conn,$_POST['rt']??'');
$rw = esc($conn,$_POST['rw']??'');
$kel = esc($conn,$_POST['kelurahan']??'');
$kec = esc($conn,$_POST['kecamatan']??'');
$jml = (int)($_POST['jumlah_anggota']??1);
$sekon = esc($conn,$_POST['status_ekonomi']??'miskin');
$shun = esc($conn,$_POST['status_hunian']??'milik_sendiri');
$nearest = findNearestIbadah($conn,$lat,$lon);
$id_ibadah = $nearest?$nearest['id']:'NULL';
$jarak = $nearest?$nearest['jarak']:0;
$sql = "INSERT INTO penduduk (no_kk,nama_kepala_keluarga,nik_kepala,latitude,longitude,
alamat,rt,rw,kelurahan,kecamatan,jumlah_anggota,id_rumah_ibadah,jarak_ke_ibadah,
status_ekonomi,status_hunian)
VALUES ('$no_kk','$nama','$nik',$lat,$lon,'$alamat','$rt','$rw','$kel','$kec',
$jml,$id_ibadah,$jarak,'$sekon','$shun')";
if ($conn->query($sql)) {
$pid = $conn->insert_id;
// Simpan anggota keluarga
$anggota = json_decode($_POST['anggota']??'[]', true);
foreach ($anggota as $a) {
$anm = esc($conn,$a['nama']??'');
$hub = esc($conn,$a['hubungan']??'Anak');
$jk = esc($conn,$a['jenis_kelamin']??'L');
$tgl = esc($conn,$a['tanggal_lahir']??'2000-01-01');
$tmp = esc($conn,$a['tempat_lahir']??'');
$agm = esc($conn,$a['agama']??'Islam');
$pkj = esc($conn,$a['pekerjaan']??'');
$nik2 = esc($conn,$a['nik']??'');
$conn->query("INSERT INTO anggota_keluarga
(id_penduduk,nik,nama,hubungan,jenis_kelamin,tanggal_lahir,tempat_lahir,agama,pekerjaan)
VALUES ($pid,'$nik2','$anm','$hub','$jk','$tgl','$tmp','$agm','$pkj')");
$aid = $conn->insert_id;
// Riwayat pendidikan per anggota
$pendList = json_decode($a['pendidikan']??'[]', true);
foreach ($pendList as $pd) {
$jj = esc($conn,$pd['jenjang']??'');
$ni = esc($conn,$pd['nama_institusi']??'');
$tm = (int)($pd['tahun_masuk']??0)?:'NULL';
$tl = (int)($pd['tahun_lulus']??0)?:'NULL';
$sp = esc($conn,$pd['status_pendidikan']??'lulus');
$conn->query("INSERT INTO riwayat_pendidikan (id_anggota,jenjang,nama_institusi,tahun_masuk,tahun_lulus,status_pendidikan)
VALUES ($aid,'$jj','$ni',$tm,$tl,'$sp')");
}
}
// Upload foto/dokumen
$foto = uploadFile('foto','penduduk');
logAktivitas($conn,'tambah_penduduk','penduduk',$pid,"Tambah KK: $nama");
jsonResponse(['success'=>true,'id'=>$pid,'message'=>'Data berhasil disimpan','nearest_ibadah'=>$nearest]);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── PUT: update penduduk ──────────────────────────────────
if ($method === 'PUT') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)$d['id'];
$nama = esc($conn,$d['nama_kepala_keluarga']??'');
$lat = (float)($d['latitude']??0);
$lon = (float)($d['longitude']??0);
$alam = esc($conn,$d['alamat']??'');
$jml = (int)($d['jumlah_anggota']??1);
$se = esc($conn,$d['status_ekonomi']??'miskin');
$nearest = findNearestIbadah($conn,$lat,$lon);
$id_ibadah = $nearest?$nearest['id']:'NULL';
$jarak = $nearest?$nearest['jarak']:0;
$sql = "UPDATE penduduk SET nama_kepala_keluarga='$nama',latitude=$lat,longitude=$lon,
alamat='$alam',jumlah_anggota=$jml,status_ekonomi='$se',
id_rumah_ibadah=$id_ibadah,jarak_ke_ibadah=$jarak WHERE id=$id";
if ($conn->query($sql)) {
logAktivitas($conn,'edit_penduduk','penduduk',$id,"Edit KK: $nama");
jsonResponse(['success'=>true,'message'=>'Data diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── DELETE ────────────────────────────────────────────────
if ($method === 'DELETE') {
requireLogin(['admin']);
$id = (int)($_GET['id']??0);
if ($conn->query("DELETE FROM penduduk WHERE id=$id")) {
logAktivitas($conn,'hapus_penduduk','penduduk',$id,'');
jsonResponse(['success'=>true,'message'=>'Data dihapus']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
?>
+108
View File
@@ -0,0 +1,108 @@
<?php
// api/pesan.php — komunikasi antar rumah ibadah
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
requireLogin(['admin','pengurus_ibadah']);
startSession();
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'inbox';
$myIbadah = (int)($_SESSION['id_rumah_ibadah']??0);
$uid = (int)$_SESSION['user_id'];
// ── GET: inbox ─────────────────────────────────────────────
if ($method === 'GET' && $action === 'inbox') {
$res = $conn->query("SELECT pai.*,
ri_k.nama AS dari_ibadah, ri_k.jenis AS jenis_dari,
ri_t.nama AS kepada_ibadah,
p.nama_kepala_keluarga, p.alamat AS alamat_kk,
u.nama_lengkap AS nama_pengirim
FROM pesan_antar_ibadah pai
JOIN rumah_ibadah ri_k ON pai.id_pengirim_ibadah=ri_k.id
JOIN rumah_ibadah ri_t ON pai.id_penerima_ibadah=ri_t.id
LEFT JOIN penduduk p ON pai.id_penduduk=p.id
LEFT JOIN users u ON pai.id_pengirim_user=u.id
WHERE pai.id_penerima_ibadah=$myIbadah
ORDER BY pai.created_at DESC LIMIT 100");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── GET: outbox ────────────────────────────────────────────
if ($method === 'GET' && $action === 'outbox') {
$res = $conn->query("SELECT pai.*,
ri_t.nama AS kepada_ibadah,
p.nama_kepala_keluarga,
u.nama_lengkap AS nama_pengirim
FROM pesan_antar_ibadah pai
JOIN rumah_ibadah ri_t ON pai.id_penerima_ibadah=ri_t.id
LEFT JOIN penduduk p ON pai.id_penduduk=p.id
LEFT JOIN users u ON pai.id_pengirim_user=u.id
WHERE pai.id_pengirim_ibadah=$myIbadah
ORDER BY pai.created_at DESC LIMIT 100");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
// ── POST: kirim pesan ──────────────────────────────────────
if ($method === 'POST') {
$d = json_decode(file_get_contents('php://input'), true);
$to_ibadah = (int)($d['id_penerima_ibadah']??0);
$id_penduduk = (int)($d['id_penduduk']??0) ?: 'NULL';
$perihal = esc($conn,$d['perihal']??'');
$isi = esc($conn,$d['isi_pesan']??'');
if (!$to_ibadah||!$perihal||!$isi)
jsonResponse(['success'=>false,'error'=>'Data tidak lengkap'],400);
$sql = "INSERT INTO pesan_antar_ibadah
(id_pengirim_ibadah,id_penerima_ibadah,id_penduduk,id_pengirim_user,perihal,isi_pesan)
VALUES ($myIbadah,$to_ibadah,$id_penduduk,$uid,'$perihal','$isi')";
if ($conn->query($sql)) {
$pid2 = $conn->insert_id;
// Notif ke pengurus penerima
$peng = $conn->query("SELECT id FROM users WHERE id_rumah_ibadah=$to_ibadah AND role='pengurus_ibadah'");
while ($p = $peng->fetch_assoc()) {
kirimNotifikasi($conn,(int)$p['id'],"Pesan Baru dari Rumah Ibadah","$perihal",'pesan_baru',$pid2);
}
logAktivitas($conn,'kirim_pesan','pesan_antar_ibadah',$pid2,"Ke ibadah ID:$to_ibadah");
jsonResponse(['success'=>true,'id'=>$pid2,'message'=>'Pesan berhasil dikirim']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── PUT: balas / update status ─────────────────────────────
if ($method === 'PUT') {
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)$d['id'];
$status = esc($conn,$d['status_pesan']??'dibaca');
$balas = esc($conn,$d['pesan_balasan']??'');
$sql = "UPDATE pesan_antar_ibadah SET status_pesan='$status',
pesan_balasan='$balas',id_penerima_user=$uid,dibalas_at=NOW()
WHERE id=$id AND id_penerima_ibadah=$myIbadah";
if ($conn->query($sql)) {
// Notif ke pengirim asal
$pesan = $conn->query("SELECT id_pengirim_user FROM pesan_antar_ibadah WHERE id=$id")->fetch_assoc();
if ($pesan && $pesan['id_pengirim_user']) {
kirimNotifikasi($conn,(int)$pesan['id_pengirim_user'],
'Pesan Dibalas','Permintaan bantuan Anda telah direspons.','pesan_baru',$id);
}
jsonResponse(['success'=>true,'message'=>'Pesan diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
?>
<?php
// Tambahkan file api/notifikasi.php inline
?>
+132
View File
@@ -0,0 +1,132 @@
<?php
// api/rumah_ibadah.php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
require_once '../includes/config.php';
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? 'geojson';
// ── GET ───────────────────────────────────────────────────
if ($method === 'GET') {
if ($action === 'geojson') {
$where = "WHERE 1=1";
if (!empty($_SESSION['role']) && $_SESSION['role'] === 'pengurus_ibadah') {
$iid = (int)($_SESSION['id_rumah_ibadah'] ?? 0);
$where .= " AND ri.id=$iid";
}
if (isset($_GET['id_ibadah']) && $_GET['id_ibadah']) {
$where .= " AND ri.id=".(int)$_GET['id_ibadah'];
}
$res = $conn->query("SELECT ri.*,
(SELECT COUNT(*) FROM penduduk p WHERE p.id_rumah_ibadah=ri.id) AS jumlah_kk,
(SELECT COUNT(*) FROM bantuan b WHERE b.id_rumah_ibadah=ri.id) AS jumlah_bantuan,
(SELECT COUNT(*) FROM laporan_status ls WHERE ls.id_rumah_ibadah=ri.id AND ls.status_verifikasi='pending') AS laporan_pending
FROM rumah_ibadah ri $where ORDER BY ri.id");
$features = [];
while ($row = $res->fetch_assoc()) {
$features[] = [
'type' => 'Feature',
'geometry' => ['type'=>'Point','coordinates'=>[(float)$row['longitude'],(float)$row['latitude']]],
'properties' => $row
];
}
jsonResponse(['type'=>'FeatureCollection','features'=>$features]);
} elseif ($action === 'list') {
$res = $conn->query("SELECT id, nama, jenis, kelurahan, kecamatan FROM rumah_ibadah ORDER BY nama");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
} elseif ($action === 'get' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$r = $conn->query("SELECT * FROM rumah_ibadah WHERE id=$id")->fetch_assoc();
jsonResponse($r ?: ['error'=>'Tidak ditemukan']);
} elseif ($action === 'pengurus' && isset($_GET['id'])) {
// Daftar pengurus rumah ibadah tertentu
$id = (int)$_GET['id'];
$res = $conn->query("SELECT id,nama_lengkap,email,no_hp FROM users WHERE id_rumah_ibadah=$id AND role='pengurus_ibadah'");
$data = [];
while ($r = $res->fetch_assoc()) $data[] = $r;
jsonResponse($data);
}
}
// ── POST ──────────────────────────────────────────────────
if ($method === 'POST') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true) ?: $_POST;
$nama = esc($conn,$d['nama']??'');
$jenis = esc($conn,$d['jenis']??'Masjid');
$kontak = esc($conn,$d['kontak']??'');
$email = esc($conn,$d['email']??'');
$lat = (float)($d['latitude']??0);
$lon = (float)($d['longitude']??0);
$alamat = esc($conn,$d['alamat']??'');
$kel = esc($conn,$d['kelurahan']??'');
$kec = esc($conn,$d['kecamatan']??'');
$radius = (int)($d['radius']??300);
$sql = "INSERT INTO rumah_ibadah (nama,jenis,kontak,email,latitude,longitude,alamat,kelurahan,kecamatan,radius)
VALUES ('$nama','$jenis','$kontak','$email',$lat,$lon,'$alamat','$kel','$kec',$radius)";
if ($conn->query($sql)) {
$id = $conn->insert_id;
logAktivitas($conn,'tambah_rumah_ibadah','rumah_ibadah',$id,"Tambah: $nama");
jsonResponse(['success'=>true,'id'=>$id,'message'=>'Rumah ibadah berhasil ditambahkan']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── PUT ───────────────────────────────────────────────────
if ($method === 'PUT') {
requireLogin(['admin','pengurus_ibadah']);
$d = json_decode(file_get_contents('php://input'), true);
$id = (int)$d['id'];
$nama = esc($conn,$d['nama']??'');
$jenis = esc($conn,$d['jenis']??'');
$kontak = esc($conn,$d['kontak']??'');
$email = esc($conn,$d['email']??'');
$lat = (float)($d['latitude']??0);
$lon = (float)($d['longitude']??0);
$alamat = esc($conn,$d['alamat']??'');
$kel = esc($conn,$d['kelurahan']??'');
$kec = esc($conn,$d['kecamatan']??'');
$radius = (int)($d['radius']??300);
// Jika pengurus_ibadah, pastikan hanya boleh mengubah rumah ibadah miliknya
if (!empty($_SESSION['role']) && $_SESSION['role'] === 'pengurus_ibadah') {
$myIbadah = (int)($_SESSION['id_rumah_ibadah'] ?? 0);
if ($myIbadah !== $id) {
jsonResponse(['success'=>false,'error'=>'Tidak diizinkan mengubah rumah ibadah lain.'], 403);
}
}
$sql = "UPDATE rumah_ibadah SET nama='$nama',jenis='$jenis',kontak='$kontak',email='$email',
latitude=$lat,longitude=$lon,alamat='$alamat',kelurahan='$kel',kecamatan='$kec',radius=$radius
WHERE id=$id";
if ($conn->query($sql)) {
logAktivitas($conn,'edit_rumah_ibadah','rumah_ibadah',$id,"Edit: $nama");
jsonResponse(['success'=>true,'message'=>'Data diperbarui']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
// ── DELETE ────────────────────────────────────────────────
if ($method === 'DELETE') {
requireLogin(['admin']);
$id = (int)($_GET['id']??0);
if ($conn->query("DELETE FROM rumah_ibadah WHERE id=$id")) {
logAktivitas($conn,'hapus_rumah_ibadah','rumah_ibadah',$id,'');
jsonResponse(['success'=>true,'message'=>'Data dihapus']);
} else {
jsonResponse(['success'=>false,'error'=>$conn->error],500);
}
}
?>