Files
D1041231073-WebGISPovertyMap/project_final/api/users.php
T
2026-06-10 22:07:47 +07:00

32 lines
1.8 KiB
PHP

<?php require_once __DIR__ . '/../config/db.php'; require_once __DIR__ . '/helpers.php';
$pdo = Database::getConnection(); $method = $_SERVER['REQUEST_METHOD'];
requireApiRole('admin');
switch ($method) {
case 'GET':
$stmt = $pdo->query("SELECT id,username,role,nama_lengkap,created_at FROM users ORDER BY id ASC");
sendSuccess($stmt->fetchAll(), 'Data Users'); break;
case 'POST':
$d=getInput();
if(empty($d['username'])||empty($d['password'])||empty($d['role'])) sendError('Data tidak lengkap');
$hash = password_hash($d['password'], PASSWORD_BCRYPT);
try {
$pdo->prepare("INSERT INTO users(username,password,role,nama_lengkap) VALUES(?,?,?,?)")->execute([$d['username'],$hash,$d['role'],$d['nama_lengkap']??'']);
sendSuccess(['id'=>$pdo->lastInsertId()],'User disimpan',201);
} catch(Exception $e) { sendError('Username sudah digunakan'); }
break;
case 'PUT':
$d=getInput(); $id=$_GET['id']??null; if(!$id) sendError('ID wajib');
if(!empty($d['password'])) {
$hash=password_hash($d['password'],PASSWORD_BCRYPT);
$pdo->prepare("UPDATE users SET username=?,password=?,role=?,nama_lengkap=? WHERE id=?")->execute([$d['username'],$hash,$d['role'],$d['nama_lengkap']??'',$id]);
} else {
$pdo->prepare("UPDATE users SET username=?,role=?,nama_lengkap=? WHERE id=?")->execute([$d['username'],$d['role'],$d['nama_lengkap']??'',$id]);
}
sendSuccess(null,'User diperbarui'); break;
case 'DELETE':
$id=$_GET['id']??null; if(!$id) sendError('ID wajib');
if($id==1) sendError('Admin utama tidak dapat dihapus');
$pdo->prepare("DELETE FROM users WHERE id=?")->execute([$id]); sendSuccess(null,'User dihapus'); break;
default: sendError('Method not allowed',405);
}