feat: implement full authentication system and CRUD APIs for users, rumah ibadah, and penduduk miskin with database updates.

This commit is contained in:
Syariffullah
2026-06-11 08:10:42 +07:00
parent 5585c34c5c
commit b77d4f6869
48 changed files with 1439 additions and 1442 deletions
+47
View File
@@ -0,0 +1,47 @@
<?php
header('Content-Type: application/json; charset=UTF-8');
require_once '../auth_helper.php';
requireAdmin();
require_once '../db_connect.php';
$data = json_decode(file_get_contents('php://input'), true);
$username = trim($data['username'] ?? '');
$password = trim($data['password'] ?? '');
$role = trim($data['role'] ?? 'pengelola');
$ibadah_id = !empty($data['ibadah_id']) ? intval($data['ibadah_id']) : null;
if (empty($username) || empty($password)) {
echo json_encode(['status' => 'error', 'message' => 'Username dan password wajib diisi']);
exit;
}
if ($role !== 'admin' && $role !== 'pengelola') {
echo json_encode(['status' => 'error', 'message' => 'Role tidak valid']);
exit;
}
// Cek apakah username sudah ada
$stmt = $conn->prepare("SELECT id FROM users WHERE username = ?");
$stmt->bind_param('s', $username);
$stmt->execute();
if ($stmt->get_result()->num_rows > 0) {
echo json_encode(['status' => 'error', 'message' => 'Username sudah digunakan']);
exit;
}
// Hash password
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
// Insert user baru
$stmt = $conn->prepare("INSERT INTO users (username, password, role, ibadah_id) VALUES (?, ?, ?, ?)");
$stmt->bind_param('sssi', $username, $hashed_password, $role, $ibadah_id);
if ($stmt->execute()) {
echo json_encode(['status' => 'success', 'message' => 'User berhasil ditambahkan', 'id' => $stmt->insert_id]);
} else {
echo json_encode(['status' => 'error', 'message' => 'Gagal menambahkan user: ' . $conn->error]);
}
$conn->close();
?>
+30
View File
@@ -0,0 +1,30 @@
<?php
header('Content-Type: application/json; charset=UTF-8');
require_once '../auth_helper.php';
requireAdmin();
require_once '../db_connect.php';
$data = json_decode(file_get_contents('php://input'), true);
$id = intval($data['id'] ?? 0);
if (!$id) {
echo json_encode(['status' => 'error', 'message' => 'ID tidak valid']);
exit;
}
if ($id === intval($_SESSION['user_id'])) {
echo json_encode(['status' => 'error', 'message' => 'Anda tidak bisa menghapus akun Anda sendiri']);
exit;
}
$stmt = $conn->prepare("DELETE FROM users WHERE id = ?");
$stmt->bind_param('i', $id);
if ($stmt->execute()) {
echo json_encode(['status' => 'success', 'message' => 'User berhasil dihapus']);
} else {
echo json_encode(['status' => 'error', 'message' => 'Gagal menghapus user: ' . $conn->error]);
}
$conn->close();
?>
+31
View File
@@ -0,0 +1,31 @@
<?php
header('Content-Type: application/json; charset=UTF-8');
require_once '../auth_helper.php';
requireAdmin();
require_once '../db_connect.php';
$sql = "SELECT u.id, u.username, u.role, u.ibadah_id, ri.nama as nama_ibadah
FROM users u
LEFT JOIN rumah_ibadah ri ON u.ibadah_id = ri.id
ORDER BY u.id DESC";
$result = $conn->query($sql);
$arr = array();
if ($result && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$item = array(
"id" => intval($row['id']),
"username" => $row['username'],
"role" => $row['role'],
"ibadah_id" => $row['ibadah_id'] ? intval($row['ibadah_id']) : null,
"nama_ibadah" => $row['nama_ibadah'] ?? '-'
);
array_push($arr, $item);
}
echo json_encode(["status" => "success", "data" => $arr]);
} else {
echo json_encode(["status" => "success", "data" => []]);
}
$conn->close();
?>
+52
View File
@@ -0,0 +1,52 @@
<?php
header('Content-Type: application/json; charset=UTF-8');
require_once '../auth_helper.php';
requireAdmin();
require_once '../db_connect.php';
$data = json_decode(file_get_contents('php://input'), true);
$id = intval($data['id'] ?? 0);
$username = trim($data['username'] ?? '');
$password = trim($data['password'] ?? '');
$role = trim($data['role'] ?? 'pengelola');
$ibadah_id = !empty($data['ibadah_id']) ? intval($data['ibadah_id']) : null;
if (!$id || empty($username)) {
echo json_encode(['status' => 'error', 'message' => 'Data tidak lengkap']);
exit;
}
if ($role !== 'admin' && $role !== 'pengelola') {
echo json_encode(['status' => 'error', 'message' => 'Role tidak valid']);
exit;
}
// Cek apakah username sudah ada di user lain
$stmt = $conn->prepare("SELECT id FROM users WHERE username = ? AND id != ?");
$stmt->bind_param('si', $username, $id);
$stmt->execute();
if ($stmt->get_result()->num_rows > 0) {
echo json_encode(['status' => 'error', 'message' => 'Username sudah digunakan oleh user lain']);
exit;
}
if (!empty($password)) {
// Hash new password
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
$stmt = $conn->prepare("UPDATE users SET username = ?, password = ?, role = ?, ibadah_id = ? WHERE id = ?");
$stmt->bind_param('ssssi', $username, $hashed_password, $role, $ibadah_id, $id);
} else {
// Keep existing password
$stmt = $conn->prepare("UPDATE users SET username = ?, role = ?, ibadah_id = ? WHERE id = ?");
$stmt->bind_param('sssi', $username, $role, $ibadah_id, $id);
}
if ($stmt->execute()) {
echo json_encode(['status' => 'success', 'message' => 'User berhasil diperbarui']);
} else {
echo json_encode(['status' => 'error', 'message' => 'Gagal memperbarui user: ' . $conn->error]);
}
$conn->close();
?>