diff --git a/ambil.php b/ambil.php index 944727c..6a446d1 100644 --- a/ambil.php +++ b/ambil.php @@ -180,6 +180,99 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { // exit; // } + // ===================================== +// UPDATE RUMAH IBADAH (OPERATOR) +// ===================================== +if (isset($_POST['action']) && $_POST['action'] === 'update_ibadah') { + + if ($isAdmin) { + echo json_encode([ + "status" => "error", + "message" => "Tidak ada akses" + ]); + exit; + } + + $id = (int)$_POST['id']; + + if ($id !== (int)$userIbadahId) { + echo json_encode([ + "status" => "error", + "message" => "Rumah ibadah bukan milik anda" + ]); + exit; + } + + $nama = mysqli_real_escape_string( + $conn, + $_POST['nama_ibadah'] + ); + + $radius = (int)$_POST['radius']; + + $sql = " + UPDATE tabel_ibadah + SET + nama_ibadah='$nama', + radius=$radius + WHERE id=$id + "; + + if (mysqli_query($conn, $sql)) { + echo json_encode([ + "status" => "success", + "message" => "Rumah ibadah berhasil diperbarui" + ]); + } else { + echo json_encode([ + "status" => "error", + "message" => mysqli_error($conn) + ]); + } + + exit; +} + +// ===================================== +// UPDATE PENDUDUK (ADMIN PEMERINTAH) +// ===================================== +if (isset($_POST['action']) && $_POST['action'] === 'update_penduduk') { + + if (!$isAdmin) { + echo json_encode([ + "status" => "error", + "message" => "Tidak ada akses" + ]); + exit; + } + + $id = (int)$_POST['id']; + + $nama = mysqli_real_escape_string( + $conn, + $_POST['nama_penduduk'] + ); + + $sql = " + UPDATE tabel_penduduk + SET nama_penduduk='$nama' + WHERE id=$id + "; + + if (mysqli_query($conn, $sql)) { + echo json_encode([ + "status" => "success", + "message" => "Penduduk berhasil diperbarui" + ]); + } else { + echo json_encode([ + "status" => "error", + "message" => mysqli_error($conn) + ]); + } + + exit; +} // Hapus Data if (isset($_POST['action']) && $_POST['action'] === 'hapus') { $id = (int)$_POST['id'];