feat: implement full authentication system and CRUD APIs for users, rumah ibadah, and penduduk miskin with database updates.
This commit is contained in:
@@ -0,0 +1,47 @@
|
||||
<?php
|
||||
header('Content-Type: application/json; charset=UTF-8');
|
||||
require_once '../auth_helper.php';
|
||||
requireAdmin();
|
||||
require_once '../db_connect.php';
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
$username = trim($data['username'] ?? '');
|
||||
$password = trim($data['password'] ?? '');
|
||||
$role = trim($data['role'] ?? 'pengelola');
|
||||
$ibadah_id = !empty($data['ibadah_id']) ? intval($data['ibadah_id']) : null;
|
||||
|
||||
if (empty($username) || empty($password)) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Username dan password wajib diisi']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($role !== 'admin' && $role !== 'pengelola') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Role tidak valid']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Cek apakah username sudah ada
|
||||
$stmt = $conn->prepare("SELECT id FROM users WHERE username = ?");
|
||||
$stmt->bind_param('s', $username);
|
||||
$stmt->execute();
|
||||
if ($stmt->get_result()->num_rows > 0) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Username sudah digunakan']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Hash password
|
||||
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
|
||||
|
||||
// Insert user baru
|
||||
$stmt = $conn->prepare("INSERT INTO users (username, password, role, ibadah_id) VALUES (?, ?, ?, ?)");
|
||||
$stmt->bind_param('sssi', $username, $hashed_password, $role, $ibadah_id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo json_encode(['status' => 'success', 'message' => 'User berhasil ditambahkan', 'id' => $stmt->insert_id]);
|
||||
} else {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Gagal menambahkan user: ' . $conn->error]);
|
||||
}
|
||||
|
||||
$conn->close();
|
||||
?>
|
||||
@@ -0,0 +1,30 @@
|
||||
<?php
|
||||
header('Content-Type: application/json; charset=UTF-8');
|
||||
require_once '../auth_helper.php';
|
||||
requireAdmin();
|
||||
require_once '../db_connect.php';
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
$id = intval($data['id'] ?? 0);
|
||||
|
||||
if (!$id) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'ID tidak valid']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($id === intval($_SESSION['user_id'])) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Anda tidak bisa menghapus akun Anda sendiri']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$stmt = $conn->prepare("DELETE FROM users WHERE id = ?");
|
||||
$stmt->bind_param('i', $id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo json_encode(['status' => 'success', 'message' => 'User berhasil dihapus']);
|
||||
} else {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Gagal menghapus user: ' . $conn->error]);
|
||||
}
|
||||
|
||||
$conn->close();
|
||||
?>
|
||||
@@ -0,0 +1,31 @@
|
||||
<?php
|
||||
header('Content-Type: application/json; charset=UTF-8');
|
||||
require_once '../auth_helper.php';
|
||||
requireAdmin();
|
||||
require_once '../db_connect.php';
|
||||
|
||||
$sql = "SELECT u.id, u.username, u.role, u.ibadah_id, ri.nama as nama_ibadah
|
||||
FROM users u
|
||||
LEFT JOIN rumah_ibadah ri ON u.ibadah_id = ri.id
|
||||
ORDER BY u.id DESC";
|
||||
|
||||
$result = $conn->query($sql);
|
||||
$arr = array();
|
||||
|
||||
if ($result && $result->num_rows > 0) {
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$item = array(
|
||||
"id" => intval($row['id']),
|
||||
"username" => $row['username'],
|
||||
"role" => $row['role'],
|
||||
"ibadah_id" => $row['ibadah_id'] ? intval($row['ibadah_id']) : null,
|
||||
"nama_ibadah" => $row['nama_ibadah'] ?? '-'
|
||||
);
|
||||
array_push($arr, $item);
|
||||
}
|
||||
echo json_encode(["status" => "success", "data" => $arr]);
|
||||
} else {
|
||||
echo json_encode(["status" => "success", "data" => []]);
|
||||
}
|
||||
$conn->close();
|
||||
?>
|
||||
@@ -0,0 +1,52 @@
|
||||
<?php
|
||||
header('Content-Type: application/json; charset=UTF-8');
|
||||
require_once '../auth_helper.php';
|
||||
requireAdmin();
|
||||
require_once '../db_connect.php';
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
$id = intval($data['id'] ?? 0);
|
||||
$username = trim($data['username'] ?? '');
|
||||
$password = trim($data['password'] ?? '');
|
||||
$role = trim($data['role'] ?? 'pengelola');
|
||||
$ibadah_id = !empty($data['ibadah_id']) ? intval($data['ibadah_id']) : null;
|
||||
|
||||
if (!$id || empty($username)) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Data tidak lengkap']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($role !== 'admin' && $role !== 'pengelola') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Role tidak valid']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Cek apakah username sudah ada di user lain
|
||||
$stmt = $conn->prepare("SELECT id FROM users WHERE username = ? AND id != ?");
|
||||
$stmt->bind_param('si', $username, $id);
|
||||
$stmt->execute();
|
||||
if ($stmt->get_result()->num_rows > 0) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Username sudah digunakan oleh user lain']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!empty($password)) {
|
||||
// Hash new password
|
||||
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
|
||||
$stmt = $conn->prepare("UPDATE users SET username = ?, password = ?, role = ?, ibadah_id = ? WHERE id = ?");
|
||||
$stmt->bind_param('ssssi', $username, $hashed_password, $role, $ibadah_id, $id);
|
||||
} else {
|
||||
// Keep existing password
|
||||
$stmt = $conn->prepare("UPDATE users SET username = ?, role = ?, ibadah_id = ? WHERE id = ?");
|
||||
$stmt->bind_param('sssi', $username, $role, $ibadah_id, $id);
|
||||
}
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo json_encode(['status' => 'success', 'message' => 'User berhasil diperbarui']);
|
||||
} else {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Gagal memperbarui user: ' . $conn->error]);
|
||||
}
|
||||
|
||||
$conn->close();
|
||||
?>
|
||||
Reference in New Issue
Block a user