Files
WebGIS-Project/webgis-v3/api/controllers/LaporanController.php
T
2026-06-10 19:48:00 +07:00

92 lines
3.4 KiB
PHP

<?php
// api/controllers/LaporanController.php
class LaporanController {
public function index(): void {
$user = currentUser();
// Masyarakat bisa lihat laporan mereka sendiri; pengurus+ lihat semua
$db = getDB();
$sql = "SELECT l.*, ri.nama AS nama_ri, p.nama_lengkap AS nama_terdampak
FROM laporan l
LEFT JOIN rumah_ibadah ri ON l.id_rumah_ibadah=ri.id
LEFT JOIN penduduk p ON l.nik_terdampak=p.nik
WHERE 1=1";
$params = [];
if (!empty($_GET['status'])) { $sql .= " AND l.status=?"; $params[] = $_GET['status']; }
if (!empty($_GET['urgensi'])) { $sql .= " AND l.urgensi=?"; $params[] = $_GET['urgensi']; }
$sql .= " ORDER BY FIELD(l.urgensi,'darurat','tinggi','sedang','rendah'), l.created_at DESC LIMIT 100";
$stmt = $db->prepare($sql);
$stmt->execute($params);
jsonSuccess($stmt->fetchAll());
}
public function show(string $id): void {
$db = getDB();
$stmt = $db->prepare(
"SELECT l.*, ri.nama AS nama_ri, p.nama_lengkap AS nama_terdampak
FROM laporan l
LEFT JOIN rumah_ibadah ri ON l.id_rumah_ibadah=ri.id
LEFT JOIN penduduk p ON l.nik_terdampak=p.nik
WHERE l.id=?"
);
$stmt->execute([$id]);
$row = $stmt->fetch();
if (!$row) jsonError('Laporan tidak ditemukan', 404);
jsonSuccess($row);
}
/** POST /api/laporan — siapa saja bisa lapor */
public function store(): void {
$body = getBody();
$errs = required($body, ['deskripsi']);
if ($errs) jsonError(implode('; ', $errs));
$db = getDB();
$db->prepare(
"INSERT INTO laporan
(nama_pelapor, no_hp_pelapor, nik_terdampak, id_rumah_ibadah,
deskripsi, lat, lng, alamat_laporan, urgensi)
VALUES (?,?,?,?,?,?,?,?,?)"
)->execute([
sanitize($body['nama_pelapor'] ?? ''),
sanitize($body['no_hp_pelapor'] ?? ''),
$body['nik_terdampak'] ?? null,
$body['id_rumah_ibadah'] ?? null,
sanitize($body['deskripsi']),
$body['lat'] ?? null,
$body['lng'] ?? null,
sanitize($body['alamat_laporan'] ?? ''),
$body['urgensi'] ?? 'sedang',
]);
$newId = $db->lastInsertId();
jsonSuccess(['id' => $newId], 'Laporan berhasil dikirim. Terima kasih!', 201);
}
/** PUT /api/laporan/:id — verifikasi / update status */
public function update(string $id): void {
requireAuth([ROLE_ADMIN, ROLE_PENGURUS]);
$user = currentUser();
$body = getBody();
$db = getDB();
$db->prepare(
"UPDATE laporan SET status=?, catatan_verifikasi=?,
id_verifikator=?, tgl_verifikasi=NOW()
WHERE id=?"
)->execute([
$body['status'] ?? 'diverifikasi',
sanitize($body['catatan_verifikasi'] ?? ''),
$user['id'],
$id,
]);
logActivity('update_laporan', 'laporan', $id, [], $body);
jsonSuccess([], 'Status laporan diperbarui');
}
public function destroy(string $id): void {
requireAuth([ROLE_ADMIN]);
getDB()->prepare("DELETE FROM laporan WHERE id=?")->execute([$id]);
jsonSuccess([], 'Laporan dihapus');
}
}