48 lines
1.5 KiB
PHP
48 lines
1.5 KiB
PHP
<?php
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
require_once '../auth_helper.php';
|
|
requireAdmin();
|
|
require_once '../db_connect.php';
|
|
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
|
|
$username = trim($data['username'] ?? '');
|
|
$password = trim($data['password'] ?? '');
|
|
$role = trim($data['role'] ?? 'pengelola');
|
|
$ibadah_id = !empty($data['ibadah_id']) ? intval($data['ibadah_id']) : null;
|
|
|
|
if (empty($username) || empty($password)) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Username dan password wajib diisi']);
|
|
exit;
|
|
}
|
|
|
|
if ($role !== 'admin' && $role !== 'pengelola') {
|
|
echo json_encode(['status' => 'error', 'message' => 'Role tidak valid']);
|
|
exit;
|
|
}
|
|
|
|
// Cek apakah username sudah ada
|
|
$stmt = $conn->prepare("SELECT id FROM users WHERE username = ?");
|
|
$stmt->bind_param('s', $username);
|
|
$stmt->execute();
|
|
if ($stmt->get_result()->num_rows > 0) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Username sudah digunakan']);
|
|
exit;
|
|
}
|
|
|
|
// Hash password
|
|
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
|
|
|
|
// Insert user baru
|
|
$stmt = $conn->prepare("INSERT INTO users (username, password, role, ibadah_id) VALUES (?, ?, ?, ?)");
|
|
$stmt->bind_param('sssi', $username, $hashed_password, $role, $ibadah_id);
|
|
|
|
if ($stmt->execute()) {
|
|
echo json_encode(['status' => 'success', 'message' => 'User berhasil ditambahkan', 'id' => $stmt->insert_id]);
|
|
} else {
|
|
echo json_encode(['status' => 'error', 'message' => 'Gagal menambahkan user: ' . $conn->error]);
|
|
}
|
|
|
|
$conn->close();
|
|
?>
|