228 lines
8.4 KiB
PHP
228 lines
8.4 KiB
PHP
<?php
|
|
error_reporting(E_ALL);
|
|
ini_set('display_errors', 1);
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
|
|
include 'auth.php';
|
|
include 'koneksi.php';
|
|
|
|
if (!$conn) {
|
|
echo json_encode([
|
|
"status" => "error",
|
|
"message" => "Gagal konek DB"
|
|
]);
|
|
exit;
|
|
}
|
|
|
|
$isAdmin = isAdminPemerintah();
|
|
$userIbadahId = getUserIbadahId();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
|
|
|
|
$res = [
|
|
"ibadah" => [],
|
|
"penduduk" => []
|
|
];
|
|
|
|
// ==========================
|
|
// DATA RUMAH IBADAH
|
|
// ==========================
|
|
$sqlIbadah = "SELECT id, nama, latitude, longitude, radius FROM tabel_ibadah";
|
|
|
|
if (!$isAdmin && $userIbadahId > 0) {
|
|
$sqlIbadah .= " WHERE id = $userIbadahId";
|
|
} elseif (!$isAdmin) {
|
|
$sqlIbadah .= " WHERE id = 0";
|
|
}
|
|
|
|
$qI = mysqli_query($conn, $sqlIbadah);
|
|
|
|
if ($qI) {
|
|
while ($r = mysqli_fetch_assoc($qI)) {
|
|
|
|
$res["ibadah"][] = [
|
|
"id" => (int)$r['id'],
|
|
"nama_ibadah" => $r['nama'],
|
|
"latitude" => (float)$r['latitude'],
|
|
"longitude" => (float)$r['longitude'],
|
|
"radius" => (int)$r['radius']
|
|
];
|
|
}
|
|
}
|
|
|
|
// ==========================
|
|
// DATA PENDUDUK
|
|
// ==========================
|
|
$sqlPenduduk = "
|
|
SELECT
|
|
id,
|
|
nama,
|
|
latitude,
|
|
longitude,
|
|
status_warna,
|
|
status_bantuan
|
|
FROM tabel_penduduk
|
|
";
|
|
|
|
$qP = mysqli_query($conn, $sqlPenduduk);
|
|
|
|
if ($qP) {
|
|
while ($r = mysqli_fetch_assoc($qP)) {
|
|
|
|
$res["penduduk"][] = [
|
|
"id" => (int)$r['id'],
|
|
"nama_penduduk" => $r['nama'],
|
|
"latitude" => (float)$r['latitude'],
|
|
"longitude" => (float)$r['longitude'],
|
|
"status_warna" => $r['status_warna'],
|
|
"status_bantuan" => $r['status_bantuan']
|
|
];
|
|
}
|
|
}
|
|
|
|
echo json_encode($res);
|
|
exit;
|
|
}
|
|
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
// Tambah Ibadah (Hanya Admin Rumah Ibadah)
|
|
if (isset($_POST['type']) && $_POST['type'] === 'ibadah') {
|
|
if ($isAdmin) {
|
|
echo json_encode(array("status" => "error", "message" => "Hanya Admin Rumah Ibadah yang dapat menambah data ini")); exit;
|
|
}
|
|
|
|
// Opsional: cegah jika admin ibadah sudah punya rumah ibadah
|
|
if (isset($_SESSION['id_rumah_ibadah']) && $_SESSION['id_rumah_ibadah'] > 0) {
|
|
echo json_encode(array("status" => "error", "message" => "Anda sudah mengelola satu rumah ibadah. Hapus yang lama terlebih dahulu jika ingin mengganti.")); exit;
|
|
}
|
|
|
|
$nama = mysqli_real_escape_string($conn, $_POST['nama_ibadah']);
|
|
$lat = (float)$_POST['latitude'];
|
|
$lng = (float)$_POST['longitude'];
|
|
$rad = (int)$_POST['radius'];
|
|
|
|
$sql = "INSERT INTO tabel_ibadah (nama_ibadah, latitude, longitude, radius) VALUES ('$nama', $lat, $lng, $rad)";
|
|
if (mysqli_query($conn, $sql)) {
|
|
$new_id = mysqli_insert_id($conn);
|
|
$user_id = $_SESSION['user_id'];
|
|
mysqli_query($conn, "UPDATE users SET id_rumah_ibadah = $new_id WHERE id = $user_id");
|
|
$_SESSION['id_rumah_ibadah'] = $new_id;
|
|
|
|
echo json_encode(array("status" => "success", "message" => "Berhasil Simpan Rumah Ibadah"));
|
|
} else {
|
|
echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
}
|
|
exit;
|
|
}
|
|
|
|
// Tambah Penduduk (Hanya Admin Pemerintah)
|
|
if (isset($_POST['type']) && $_POST['type'] === 'penduduk') {
|
|
if (!$isAdmin) {
|
|
echo json_encode(array("status" => "error", "message" => "Tidak ada akses")); exit;
|
|
}
|
|
$nama = mysqli_real_escape_string($conn, $_POST['nama_penduduk']);
|
|
$lat = (float)$_POST['latitude'];
|
|
$lng = (float)$_POST['longitude'];
|
|
$sql = "INSERT INTO tabel_penduduk (nama, latitude, longitude, status_warna) VALUES ('$nama', $lat, $lng, 'Merah', 'Belum')";
|
|
if (mysqli_query($conn, $sql)) {
|
|
echo json_encode(array("status" => "success", "message" => "Berhasil Simpan"));
|
|
} else {
|
|
echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
}
|
|
exit;
|
|
}
|
|
|
|
// Update Warna (Boleh siapa saja, otomatis oleh sistem radius.php)
|
|
if (isset($_POST['action']) && $_POST['action'] === 'update_warna') {
|
|
$id = (int)$_POST['id'];
|
|
$warna = mysqli_real_escape_string($conn, $_POST['status_warna']);
|
|
$sql = "UPDATE tabel_penduduk SET status_warna = '$warna' WHERE id = $id";
|
|
if (mysqli_query($conn, $sql)) {
|
|
echo json_encode(array("status" => "success", "message" => "Update OK"));
|
|
} else {
|
|
echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
}
|
|
exit;
|
|
}
|
|
|
|
// Update Radius Ibadah
|
|
if (isset($_POST['action']) && $_POST['action'] === 'update_radius') {
|
|
$id = (int)$_POST['id'];
|
|
$rad = (int)$_POST['radius'];
|
|
|
|
// Hanya Admin Ibadah untuk miliknya
|
|
if ($isAdmin) {
|
|
echo json_encode(array("status" => "error", "message" => "Admin Pemerintah tidak bisa mengubah radius")); exit;
|
|
}
|
|
if ($id !== $userIbadahId) {
|
|
echo json_encode(array("status" => "error", "message" => "Akses ditolak")); exit;
|
|
}
|
|
|
|
$sql = "UPDATE tabel_ibadah SET radius = $rad WHERE id = $id";
|
|
if (mysqli_query($conn, $sql)) {
|
|
echo json_encode(array("status" => "success", "message" => "Radius berhasil diubah"));
|
|
} else {
|
|
echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
}
|
|
exit;
|
|
}
|
|
|
|
// Konfirmasi Penyaluran Bantuan
|
|
// if (isset($_POST['action']) && $_POST['action'] === 'konfirmasi_bantuan') {
|
|
// $id = (int)$_POST['id'];
|
|
// // Hanya admin ibadah yg biasa mengonfirmasi (atau pemerintah juga boleh)
|
|
// $sql = "UPDATE tabel_penduduk SET status_bantuan = 'Sudah' WHERE id = $id";
|
|
// if (mysqli_query($conn, $sql)) {
|
|
// echo json_encode(array("status" => "success", "message" => "Bantuan berhasil dikonfirmasi"));
|
|
// } else {
|
|
// echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
// }
|
|
// exit;
|
|
// }
|
|
|
|
// Hapus Data
|
|
if (isset($_POST['action']) && $_POST['action'] === 'hapus') {
|
|
$id = (int)$_POST['id'];
|
|
$type = $_POST['type_hapus'];
|
|
|
|
if ($type === 'ibadah') {
|
|
// Hanya Admin Ibadah yang bisa menghapus rumah ibadah miliknya
|
|
if ($isAdmin) {
|
|
echo json_encode(array("status" => "error", "message" => "Admin Pemerintah tidak diizinkan menghapus data rumah ibadah")); exit;
|
|
}
|
|
if ($id !== (int)$_SESSION['id_rumah_ibadah']) {
|
|
echo json_encode(array("status" => "error", "message" => "Tidak ada akses untuk menghapus rumah ibadah ini")); exit;
|
|
}
|
|
$table = 'tabel_ibadah';
|
|
|
|
$sql = "DELETE FROM $table WHERE id = $id";
|
|
if (mysqli_query($conn, $sql)) {
|
|
// Jika yang hapus adalah admin ibadah (pemilik), hapus keterkaitannya
|
|
if (!$isAdmin) {
|
|
$user_id = $_SESSION['user_id'];
|
|
mysqli_query($conn, "UPDATE users SET id_rumah_ibadah = NULL WHERE id = $user_id");
|
|
$_SESSION['id_rumah_ibadah'] = null;
|
|
}
|
|
echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus"));
|
|
} else {
|
|
echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
}
|
|
} else {
|
|
// Hapus penduduk hanya untuk admin pemerintah
|
|
if (!$isAdmin) {
|
|
echo json_encode(array("status" => "error", "message" => "Tidak ada akses menghapus data penduduk")); exit;
|
|
}
|
|
$table = 'tabel_penduduk';
|
|
$sql = "DELETE FROM $table WHERE id = $id";
|
|
if (mysqli_query($conn, $sql)) {
|
|
echo json_encode(array("status" => "success", "message" => "Data berhasil dihapus"));
|
|
} else {
|
|
echo json_encode(array("status" => "error", "message" => mysqli_error($conn)));
|
|
}
|
|
}
|
|
exit;
|
|
}
|
|
}
|