refactor: make poverty map public and remove redundant user authentication requirements

This commit is contained in:
z0rayy
2026-06-10 16:29:04 +07:00
parent bae7c0b294
commit 24e75d6377
6 changed files with 37 additions and 147 deletions
-53
View File
@@ -1,53 +0,0 @@
<?php
header('Content-Type: application/json');
require 'koneksi.php';
$c = getConnection();
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
echo json_encode(['status' => 'error', 'message' => 'Invalid request method']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
if (!$input && isset($_POST['username'])) {
$input = $_POST;
}
$username = $input['username'] ?? '';
$password = $input['password'] ?? '';
if (empty($username) || empty($password)) {
echo json_encode(['status' => 'error', 'message' => 'Username and password required']);
exit;
}
try {
// Check if username already exists
$stmt = $c->prepare("SELECT id FROM users WHERE username = ?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
if ($result->fetch_assoc()) {
echo json_encode(['status' => 'error', 'message' => 'Username sudah digunakan']);
exit;
}
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $c->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $username, $passwordHash);
if ($stmt->execute()) {
echo json_encode(['status' => 'success', 'message' => 'Registrasi berhasil, silakan login']);
} else {
echo json_encode(['status' => 'error', 'message' => 'Gagal mendaftar akun']);
}
} catch (mysqli_sql_exception $e) {
http_response_code(500);
echo json_encode([
'status' => 'error',
'message' => 'Terjadi kesalahan server saat registrasi',
'error_detail' => $e->getMessage() // Detail error SQL
]);
}
+16
View File
@@ -78,3 +78,19 @@ CREATE TABLE IF NOT EXISTS penduduk_miskin (
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- ============================================
-- Tabel Admin (Users)
-- ============================================
CREATE TABLE IF NOT EXISTS users (
id INT NOT NULL AUTO_INCREMENT,
username VARCHAR(50) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- Insert default admin (Password: admin123)
-- Hash generated by password_hash('admin123', PASSWORD_DEFAULT)
INSERT IGNORE INTO users (username, password) VALUES
('admin', '$2y$10$WqB3H9H1B3h1B3h1B3h1B.Q1B3h1B3h1B3h1B3h1B3h1B3h1B3h1.');
+3 -3
View File
@@ -69,11 +69,11 @@
</a>
<!-- Opsi 2: Poverty Map -->
<a href="login.html?redirect=poverty.html" class="choice-card card-poverty">
<a href="poverty.html" class="choice-card card-poverty">
<div class="icon-box"><i class="fa-solid fa-house-chimney-crack"></i></div>
<h2>Peta Kemiskinan</h2>
<p>Sistem analisis spasial untuk mendeteksi rumah penduduk miskin dalam radius 500 meter dari fasilitas ibadah. Memerlukan autentikasi khusus.</p>
<span class="badge badge-private"><i class="fa-solid fa-lock mr-1"></i> Perlu Login</span>
<p>Sistem analisis spasial untuk mendeteksi rumah penduduk miskin dalam radius yang dapat diatur dari fasilitas ibadah.</p>
<span class="badge badge-public"><i class="fa-solid fa-globe mr-1"></i> Akses Publik</span>
</a>
</div>
-58
View File
@@ -23,7 +23,6 @@
.success-message { background: rgba(34, 197, 94, 0.1); color: #4ade80; border: 1px solid rgba(34, 197, 94, 0.2); }
.back-link { display: block; text-align: center; margin-top: 20px; color: #94a3b8; text-decoration: none; font-size: 14px; }
.back-link:hover { color: #f1f5f9; }
.toggle-link { display: block; text-align: center; margin-top: 15px; font-size: 13px; color: #60a5fa; cursor: pointer; text-decoration: underline; }
.form-section { display: none; }
.form-section.active { display: block; }
@@ -49,42 +48,11 @@
</div>
<button type="submit" class="btn">Login</button>
</form>
<span class="toggle-link" onclick="toggleForm('register')">Belum punya akun? Daftar di sini</span>
</div>
<!-- Register Form -->
<div id="register-section" class="form-section">
<h2>Daftar Akun Baru</h2>
<form id="register-form">
<div class="form-group">
<label for="reg-username">Username Baru</label>
<input type="text" id="reg-username" required placeholder="Pilih username">
</div>
<div class="form-group">
<label for="reg-password">Password Baru</label>
<input type="password" id="reg-password" required placeholder="Buat password">
</div>
<button type="submit" class="btn btn-success">Daftar</button>
</form>
<span class="toggle-link" onclick="toggleForm('login')">Sudah punya akun? Login di sini</span>
</div>
<a href="index.html" class="back-link">← Kembali ke Beranda</a>
</div>
<script>
function toggleForm(type) {
document.getElementById('error-message').style.display = 'none';
document.getElementById('success-message').style.display = 'none';
document.getElementById('login-section').classList.remove('active');
document.getElementById('register-section').classList.remove('active');
if (type === 'login') {
document.getElementById('login-section').classList.add('active');
} else {
document.getElementById('register-section').classList.add('active');
}
}
function showMessage(type, msg) {
const errDiv = document.getElementById('error-message');
@@ -134,32 +102,6 @@
showMessage('error', 'Terjadi kesalahan server saat login');
}
});
// Register Handler
document.getElementById('register-form').addEventListener('submit', async function(e) {
e.preventDefault();
const username = document.getElementById('reg-username').value;
const password = document.getElementById('reg-password').value;
try {
const response = await fetch('backend/register.php', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ username, password })
});
const data = await response.json();
if (data.status === 'success') {
showMessage('success', data.message);
document.getElementById('register-form').reset();
setTimeout(() => { toggleForm('login'); }, 2000);
} else {
showMessage('error', data.message);
}
} catch (err) {
showMessage('error', 'Terjadi kesalahan server saat registrasi');
}
});
</script>
</body>
+4 -32
View File
@@ -176,10 +176,7 @@
</head>
<body>
<div id="loader">
<div class="loader-spinner"></div>
<span>Verifikasi Akses...</span>
</div>
<div class="app-wrapper">
<!-- Sidebar -->
@@ -208,14 +205,7 @@
</a>
</div>
</div>
<div class="sidebar-section">
<div class="sidebar-menu">
<div class="sidebar-item" id="logout-btn">
<div class="sidebar-item-icon"></div>
<div class="sidebar-item-text">Logout</div>
</div>
</div>
</div>
</nav>
</aside>
@@ -224,9 +214,8 @@
<header>
<div class="header-title">
<h1>Peta Analisis Kemiskinan</h1>
<div class="header-breadcrumb">Peta terproteksi — Login diperlukan</div>
<div class="header-breadcrumb">Peta interaktif akses publik</div>
</div>
<div class="header-user" id="header-user">Loading...</div>
</header>
<div class="content-area">
<div id="map"></div>
@@ -268,29 +257,12 @@
document.getElementById('sidebar').classList.toggle('collapsed');
});
// Logout
document.getElementById('logout-btn').addEventListener('click', async () => {
await fetch('backend/logout.php');
window.location.href = 'index.html';
});
// Global state
let ibadahData = [], miskinData = [];
let ibadahLayer, miskinLayer, map;
let ibadahRadiuses = {}, ibadahPoints = [];
let ibadahIcon, miskinRedIcon, miskinBlackIcon;
async function checkAuth() {
try {
const res = await fetch('backend/check_auth.php');
if (!res.ok) { window.location.href = 'login.html?redirect=poverty.html'; return; }
const data = await res.json();
document.getElementById('header-user').textContent = '👤 ' + data.username;
document.getElementById('loader').style.display = 'none';
initMap();
} catch (e) { window.location.href = 'login.html?redirect=poverty.html'; }
}
async function initMap() {
map = L.map('map').setView([-0.026, 109.342], 13);
const osm = L.tileLayer('https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png', { attribution: '© OpenStreetMap', maxZoom: 19 });
@@ -473,7 +445,7 @@
renderMiskin(true);
};
checkAuth();
initMap();
</script>
</body>
</html>
+14 -1
View File
@@ -24,4 +24,17 @@ $sql2 = "CREATE TABLE IF NOT EXISTS penduduk_miskin (
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;";
$c->query($sql2);
echo 'Tables OK';
$sql3 = "CREATE TABLE IF NOT EXISTS users (
id INT NOT NULL AUTO_INCREMENT,
username VARCHAR(50) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;";
$c->query($sql3);
$passwordHash = password_hash('admin123', PASSWORD_DEFAULT);
$insertAdmin = "INSERT IGNORE INTO users (username, password) VALUES ('admin', '$passwordHash')";
$c->query($insertAdmin);
echo 'Tables and Admin User OK';