"error", "message" => "Gagal konek DB")); exit; } $isAdmin = isAdminPemerintah(); $userIbadahId = getUserIbadahId(); if ($_SERVER['REQUEST_METHOD'] === 'GET') { $res = array("ibadah" => array(), "penduduk" => array()); // Filter ibadah: admin pemerintah lihat semua, admin ibadah lihat miliknya saja $sqlIbadah = "SELECT id, nama, latitude, longitude, radius FROM tabel_ibadah"; if (!$isAdmin && $userIbadahId > 0) { $sqlIbadah .= " WHERE id = $userIbadahId"; } else if (!$isAdmin) { $sqlIbadah .= " WHERE id = 0"; // Jika tidak ada id_rumah_ibadah, jangan tampilkan apa-apa } $qI = mysqli_query($conn, $sqlIbadah); if($qI){ while($r = mysqli_fetch_assoc($qI)) { $res["ibadah"][] = array( "id" => (int)$r['id'], "nama_ibadah" => $r['nama'], "latitude" => (float)$r['latitude'], "longitude" => (float)$r['longitude'], "radius" => (int)$r['radius'] ); } } // Ambil data penduduk (termasuk status_bantuan) $qP = mysqli_query($conn, "SELECT id, nama, latitude, longitude, status_warna, status_bantuan FROM tabel_penduduk"); if($qP){ while($r = mysqli_fetch_assoc($qP)) { $res["penduduk"][] = array( "id" => (int)$r['id'], "nama_penduduk" => $r['nama'], "latitude" => (float)$r['latitude'], "longitude" => (float)$r['longitude'], "status_warna" => $r['status_warna'], "status_bantuan" => $r['status_bantuan'] ?? 'Belum' ); } } echo json_encode($res); exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Tambah Ibadah (Hanya Admin Rumah Ibadah) if (isset($_POST['type']) && $_POST['type'] === 'ibadah') { if ($isAdmin) { echo json_encode(array("status" => "error", "message" => "Hanya Admin Rumah Ibadah yang dapat menambah data ini")); exit; } // Opsional: cegah jika admin ibadah sudah punya rumah ibadah if (isset($_SESSION['id_rumah_ibadah']) && $_SESSION['id_rumah_ibadah'] > 0) { echo json_encode(array("status" => "error", "message" => "Anda sudah mengelola satu rumah ibadah. Hapus yang lama terlebih dahulu jika ingin mengganti.")); exit; } $nama = mysqli_real_escape_string($conn, $_POST['nama_ibadah']); $lat = (float)$_POST['latitude']; $lng = (float)$_POST['longitude']; $rad = (int)$_POST['radius']; $sql = "INSERT INTO tabel_ibadah (nama, latitude, longitude, radius) VALUES ('$nama', $lat, $lng, $rad)"; if (mysqli_query($conn, $sql)) { $new_id = mysqli_insert_id($conn); $user_id = $_SESSION['user_id']; mysqli_query($conn, "UPDATE users SET id_rumah_ibadah = $new_id WHERE id = $user_id"); $_SESSION['id_rumah_ibadah'] = $new_id; echo json_encode(array("status" => "success", "message" => "Berhasil Simpan Rumah Ibadah")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } // Tambah Penduduk (Hanya Admin Pemerintah) if (isset($_POST['type']) && $_POST['type'] === 'penduduk') { if (!$isAdmin) { echo json_encode(array("status" => "error", "message" => "Tidak ada akses")); exit; } $nama = mysqli_real_escape_string($conn, $_POST['nama_penduduk']); $lat = (float)$_POST['latitude']; $lng = (float)$_POST['longitude']; $sql = "INSERT INTO tabel_penduduk (nama, latitude, longitude, status_warna, status_bantuan) VALUES ('$nama', $lat, $lng, 'Merah', 'Belum')"; if (mysqli_query($conn, $sql)) { echo json_encode(array("status" => "success", "message" => "Berhasil Simpan")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } // Update Warna (Boleh siapa saja, otomatis oleh sistem radius.php) if (isset($_POST['action']) && $_POST['action'] === 'update_warna') { $id = (int)$_POST['id']; $warna = mysqli_real_escape_string($conn, $_POST['status_warna']); $sql = "UPDATE tabel_penduduk SET status_warna = '$warna' WHERE id = $id"; if (mysqli_query($conn, $sql)) { echo json_encode(array("status" => "success", "message" => "Update OK")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } // Update Radius Ibadah if (isset($_POST['action']) && $_POST['action'] === 'update_radius') { $id = (int)$_POST['id']; $rad = (int)$_POST['radius']; // Hanya Admin Ibadah untuk miliknya if ($isAdmin) { echo json_encode(array("status" => "error", "message" => "Admin Pemerintah tidak bisa mengubah radius")); exit; } if ($id !== $userIbadahId) { echo json_encode(array("status" => "error", "message" => "Akses ditolak")); exit; } $sql = "UPDATE tabel_ibadah SET radius = $rad WHERE id = $id"; if (mysqli_query($conn, $sql)) { echo json_encode(array("status" => "success", "message" => "Radius berhasil diubah")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } // Konfirmasi Penyaluran Bantuan if (isset($_POST['action']) && $_POST['action'] === 'konfirmasi_bantuan') { $id = (int)$_POST['id']; // Hanya admin ibadah yg biasa mengonfirmasi (atau pemerintah juga boleh) $sql = "UPDATE tabel_penduduk SET status_bantuan = 'Sudah' WHERE id = $id"; if (mysqli_query($conn, $sql)) { echo json_encode(array("status" => "success", "message" => "Bantuan berhasil dikonfirmasi")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } exit; } // Hapus Data if (isset($_POST['action']) && $_POST['action'] === 'hapus') { $id = (int)$_POST['id']; $type = $_POST['type_hapus']; if ($type === 'ibadah') { // Hanya Admin Ibadah yang bisa menghapus rumah ibadah miliknya if ($isAdmin) { echo json_encode(array("status" => "error", "message" => "Admin Pemerintah tidak diizinkan menghapus data rumah ibadah")); exit; } if ($id !== (int)$_SESSION['id_rumah_ibadah']) { echo json_encode(array("status" => "error", "message" => "Tidak ada akses untuk menghapus rumah ibadah ini")); exit; } $table = 'tabel_ibadah'; $sql = "DELETE FROM $table WHERE id = $id"; if (mysqli_query($conn, $sql)) { // Jika yang hapus adalah admin ibadah (pemilik), hapus keterkaitannya if (!$isAdmin) { $user_id = $_SESSION['user_id']; mysqli_query($conn, "UPDATE users SET id_rumah_ibadah = NULL WHERE id = $user_id"); $_SESSION['id_rumah_ibadah'] = null; } echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } } else { // Hapus penduduk hanya untuk admin pemerintah if (!$isAdmin) { echo json_encode(array("status" => "error", "message" => "Tidak ada akses menghapus data penduduk")); exit; } $table = 'tabel_penduduk'; $sql = "DELETE FROM $table WHERE id = $id"; if (mysqli_query($conn, $sql)) { echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus")); } else { echo json_encode(array("status" => "error", "message" => mysqli_error($conn))); } } exit; } }