diff --git a/ambil.php b/ambil.php index cb31dce..049c103 100644 --- a/ambil.php +++ b/ambil.php @@ -2,14 +2,30 @@ error_reporting(0); ini_set('display_errors', 0); header('Content-Type: application/json; charset=UTF-8'); + +include 'auth.php'; // Middleware auth include 'koneksi.php'; + if (!$conn) { echo json_encode(array("status" => "error", "message" => "Gagal konek DB")); exit; } + +$isAdmin = isAdminPemerintah(); +$userIbadahId = getUserIbadahId(); + if ($_SERVER['REQUEST_METHOD'] === 'GET') { $res = array("ibadah" => array(), "penduduk" => array()); - $qI = mysqli_query($conn, "SELECT id, nama, latitude, longitude, radius FROM tabel_ibadah"); + + // Filter ibadah: admin pemerintah lihat semua, admin ibadah lihat miliknya saja + $sqlIbadah = "SELECT id, nama, latitude, longitude, radius FROM tabel_ibadah"; + if (!$isAdmin && $userIbadahId > 0) { + $sqlIbadah .= " WHERE id = $userIbadahId"; + } else if (!$isAdmin) { + $sqlIbadah .= " WHERE id = 0"; // Jika tidak ada id_rumah_ibadah, jangan tampilkan apa-apa + } + + $qI = mysqli_query($conn, $sqlIbadah); if($qI){ while($r = mysqli_fetch_assoc($qI)) { $res["ibadah"][] = array( @@ -21,7 +37,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ); } } - $qP = mysqli_query($conn, "SELECT id, nama, latitude, longitude, status_warna FROM tabel_penduduk"); + + // Ambil data penduduk (termasuk status_bantuan) + $qP = mysqli_query($conn, "SELECT id, nama, latitude, longitude, status_warna, status_bantuan FROM tabel_penduduk"); if($qP){ while($r = mysqli_fetch_assoc($qP)) { $res["penduduk"][] = array( @@ -29,32 +47,56 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { "nama_penduduk" => $r['nama'], "latitude" => (float)$r['latitude'], "longitude" => (float)$r['longitude'], - "status_warna" => $r['status_warna'] + "status_warna" => $r['status_warna'], + "status_bantuan" => $r['status_bantuan'] ?? 'Belum' ); } } + echo json_encode($res); exit; } + if ($_SERVER['REQUEST_METHOD'] === 'POST') { + // Tambah Ibadah (Hanya Admin Rumah Ibadah) if (isset($_POST['type']) && $_POST['type'] === 'ibadah') { + if ($isAdmin) { + echo json_encode(array("status" => "error", "message" => "Hanya Admin Rumah Ibadah yang dapat menambah data ini")); exit; + } + + // Opsional: cegah jika admin ibadah sudah punya rumah ibadah + if (isset($_SESSION['id_rumah_ibadah']) && $_SESSION['id_rumah_ibadah'] > 0) { + echo json_encode(array("status" => "error", "message" => "Anda sudah mengelola satu rumah ibadah. Hapus yang lama terlebih dahulu jika ingin mengganti.")); exit; + } + $nama = mysqli_real_escape_string($conn, $_POST['nama_ibadah']); $lat = (float)$_POST['latitude']; $lng = (float)$_POST['longitude']; $rad = (int)$_POST['radius']; + $sql = "INSERT INTO tabel_ibadah (nama, latitude, longitude, radius) VALUES ('$nama', $lat, $lng, $rad)"; if (mysqli_query($conn, $sql)) { - echo json_encode(array("status" => "success", "message" => "Berhasil Simpan")); + $new_id = mysqli_insert_id($conn); + $user_id = $_SESSION['user_id']; + mysqli_query($conn, "UPDATE users SET id_rumah_ibadah = $new_id WHERE id = $user_id"); + $_SESSION['id_rumah_ibadah'] = $new_id; + + echo json_encode(array("status" => "success", "message" => "Berhasil Simpan Rumah Ibadah")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } + + // Tambah Penduduk (Hanya Admin Pemerintah) if (isset($_POST['type']) && $_POST['type'] === 'penduduk') { + if (!$isAdmin) { + echo json_encode(array("status" => "error", "message" => "Tidak ada akses")); exit; + } $nama = mysqli_real_escape_string($conn, $_POST['nama_penduduk']); $lat = (float)$_POST['latitude']; $lng = (float)$_POST['longitude']; - $sql = "INSERT INTO tabel_penduduk (nama, latitude, longitude, status_warna) VALUES ('$nama', $lat, $lng, 'Merah')"; + $sql = "INSERT INTO tabel_penduduk (nama, latitude, longitude, status_warna, status_bantuan) VALUES ('$nama', $lat, $lng, 'Merah', 'Belum')"; if (mysqli_query($conn, $sql)) { echo json_encode(array("status" => "success", "message" => "Berhasil Simpan")); } else { @@ -62,6 +104,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { } exit; } + + // Update Warna (Boleh siapa saja, otomatis oleh sistem radius.php) if (isset($_POST['action']) && $_POST['action'] === 'update_warna') { $id = (int)$_POST['id']; $warna = mysqli_real_escape_string($conn, $_POST['status_warna']); @@ -73,19 +117,82 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { } exit; } - - // Hapus Data - if (isset($_POST['action']) && $_POST['action'] === 'hapus') { + + // Update Radius Ibadah + if (isset($_POST['action']) && $_POST['action'] === 'update_radius') { $id = (int)$_POST['id']; - $type = $_POST['type_hapus']; - $table = ($type === 'ibadah') ? 'tabel_ibadah' : 'tabel_penduduk'; + $rad = (int)$_POST['radius']; - $sql = "DELETE FROM $table WHERE id = $id"; + // Hanya Admin Ibadah untuk miliknya + if ($isAdmin) { + echo json_encode(array("status" => "error", "message" => "Admin Pemerintah tidak bisa mengubah radius")); exit; + } + if ($id !== $userIbadahId) { + echo json_encode(array("status" => "error", "message" => "Akses ditolak")); exit; + } + + $sql = "UPDATE tabel_ibadah SET radius = $rad WHERE id = $id"; if (mysqli_query($conn, $sql)) { - echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus")); + echo json_encode(array("status" => "success", "message" => "Radius berhasil diubah")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } + + // Konfirmasi Penyaluran Bantuan + if (isset($_POST['action']) && $_POST['action'] === 'konfirmasi_bantuan') { + $id = (int)$_POST['id']; + // Hanya admin ibadah yg biasa mengonfirmasi (atau pemerintah juga boleh) + $sql = "UPDATE tabel_penduduk SET status_bantuan = 'Sudah' WHERE id = $id"; + if (mysqli_query($conn, $sql)) { + echo json_encode(array("status" => "success", "message" => "Bantuan berhasil dikonfirmasi")); + } else { + echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); + } + exit; + } + + // Hapus Data + if (isset($_POST['action']) && $_POST['action'] === 'hapus') { + $id = (int)$_POST['id']; + $type = $_POST['type_hapus']; + + if ($type === 'ibadah') { + // Hanya Admin Ibadah yang bisa menghapus rumah ibadah miliknya + if ($isAdmin) { + echo json_encode(array("status" => "error", "message" => "Admin Pemerintah tidak diizinkan menghapus data rumah ibadah")); exit; + } + if ($id !== (int)$_SESSION['id_rumah_ibadah']) { + echo json_encode(array("status" => "error", "message" => "Tidak ada akses untuk menghapus rumah ibadah ini")); exit; + } + $table = 'tabel_ibadah'; + + $sql = "DELETE FROM $table WHERE id = $id"; + if (mysqli_query($conn, $sql)) { + // Jika yang hapus adalah admin ibadah (pemilik), hapus keterkaitannya + if (!$isAdmin) { + $user_id = $_SESSION['user_id']; + mysqli_query($conn, "UPDATE users SET id_rumah_ibadah = NULL WHERE id = $user_id"); + $_SESSION['id_rumah_ibadah'] = null; + } + echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus")); + } else { + echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); + } + } else { + // Hapus penduduk hanya untuk admin pemerintah + if (!$isAdmin) { + echo json_encode(array("status" => "error", "message" => "Tidak ada akses menghapus data penduduk")); exit; + } + $table = 'tabel_penduduk'; + $sql = "DELETE FROM $table WHERE id = $id"; + if (mysqli_query($conn, $sql)) { + echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus")); + } else { + echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); + } + } + exit; + } } diff --git a/auth.php b/auth.php new file mode 100644 index 0000000..868df5e --- /dev/null +++ b/auth.php @@ -0,0 +1,58 @@ + diff --git a/dashboard.php b/dashboard.php new file mode 100644 index 0000000..9e2050e --- /dev/null +++ b/dashboard.php @@ -0,0 +1,141 @@ + 0) { + $idIb = getUserIbadahId(); + $qIb = mysqli_query($conn, "SELECT nama FROM tabel_ibadah WHERE id=$idIb"); + if ($qIb && mysqli_num_rows($qIb) > 0) { + $namaIbadah = mysqli_fetch_assoc($qIb)['nama']; + } +} + +$roleLabel = $isAdmin ? 'Admin Pemerintah' : 'Admin Rumah Ibadah'; +?> + + +
+ + +Anda login sebagai = $roleLabel ?>. Pilih menu di bawah untuk mulai mengelola data.
+Rumah ibadah yang Anda kelola
+Sistem Informasi Geografis Pemetaan Kemiskinan
+Legenda
@@ -205,6 +222,11 @@ diff --git a/simpan_jalan.php b/simpan_jalan.php index c27e25a..5b378fd 100644 --- a/simpan_jalan.php +++ b/simpan_jalan.php @@ -1,4 +1,6 @@ diff --git a/update_posisi.php b/update_posisi.php index 58f7cf6..85239d8 100644 --- a/update_posisi.php +++ b/update_posisi.php @@ -1,4 +1,6 @@