query("SELECT * FROM bantuan ORDER BY kategori, nama_bantuan")->fetchAll(); jsonSuccess($rows); } public function show(string $id): void { requireAuth([ROLE_ADMIN, ROLE_PENGURUS, ROLE_PIMPINAN]); $db = getDB(); $stmt = $db->prepare("SELECT * FROM bantuan WHERE id = ?"); $stmt->execute([$id]); $row = $stmt->fetch(); if (!$row) jsonError('Jenis bantuan tidak ditemukan', 404); jsonSuccess($row); } public function store(): void { requireAuth([ROLE_ADMIN, ROLE_PENGURUS]); $body = getBody(); $errs = required($body, ['nama_bantuan', 'kategori']); if ($errs) jsonError(implode('; ', $errs)); $db = getDB(); $db->prepare( "INSERT INTO bantuan (nama_bantuan, kategori, sumber, deskripsi, satuan) VALUES (?,?,?,?,?)" )->execute([ sanitize($body['nama_bantuan']), $body['kategori'], sanitize($body['sumber'] ?? ''), sanitize($body['deskripsi'] ?? ''), sanitize($body['satuan'] ?? ''), ]); jsonSuccess(['id' => getDB()->lastInsertId()], 'Jenis bantuan ditambahkan', 201); } public function update(string $id): void { requireAuth([ROLE_ADMIN, ROLE_PENGURUS]); $body = getBody(); $db = getDB(); $db->prepare( "UPDATE bantuan SET nama_bantuan=?, kategori=?, sumber=?, deskripsi=?, satuan=?, aktif=? WHERE id=?" )->execute([ sanitize($body['nama_bantuan'] ?? ''), $body['kategori'] ?? 'lainnya', sanitize($body['sumber'] ?? ''), sanitize($body['deskripsi'] ?? ''), sanitize($body['satuan'] ?? ''), (int)($body['aktif'] ?? 1), $id, ]); jsonSuccess([], 'Jenis bantuan diperbarui'); } public function destroy(string $id): void { requireAuth([ROLE_ADMIN]); $db = getDB(); $db->prepare("DELETE FROM bantuan WHERE id = ?")->execute([$id]); jsonSuccess([], 'Jenis bantuan dihapus'); } }