Initial commit - Fresh Clean Code

This commit is contained in:
2026-06-07 13:43:16 +07:00
commit d29bfc195a
7 changed files with 1772 additions and 0 deletions
+1
View File
@@ -0,0 +1 @@
https://sigwebsite.free.je/Pengentasan_Kemiskinan/
+316
View File
@@ -0,0 +1,316 @@
<?php
// api_masjid.php - Integrasi Hak Akses & Session Ruleplay
require_once 'config.php';
// Proteksi global: Semua request ke API ini wajib dalam keadaan login
checkLogin();
$method = $_SERVER['REQUEST_METHOD'];
$type = isset($_GET['type']) ? $_GET['type'] : '';
$action = isset($_GET['action']) ? $_GET['action'] : '';
// Mengambil data identitas dari session user yang sedang login
$userRole = $_SESSION['role'];
$userMasjidId = $_SESSION['masjid_id'];
$userDhuafaId = $_SESSION['dhuafa_id'];
$userId = $_SESSION['user_id'];
// ============================================================================
// 1. MODUL MASJID
// ============================================================================
if ($type === 'masjid') {
// ACTION: AMBIL DATA MASJID
if ($method === 'GET' && $action === 'getAll') {
// Aturan: Semua role bisa melihat data masjid untuk kebutuhan visualisasi Peta (Map)
$search = isset($_GET['search']) ? $conn->real_escape_string($_GET['search']) : '';
$query = "SELECT * FROM masjid";
if (!empty($search)) {
$query .= " WHERE nama LIKE '%$search%' OR alamat LIKE '%$search%'";
}
$query .= " ORDER BY created_at DESC";
$result = $conn->query($query);
$data = [];
while ($row = $result->fetch_assoc()) {
$data[] = $row;
}
sendResponse(true, 'Data Masjid berhasil diambil', $data);
}
// ACTION: TAMBAH MASJID (HANYA ADMIN)
elseif ($method === 'POST' && $action === 'create') {
if ($userRole !== 'admin') {
sendResponse(false, 'Akses ditolak! Hanya Admin yang dapat menambah marker masjid baru.');
}
$input = json_decode(file_get_contents('php://input'), true);
$stmt = $conn->prepare("INSERT INTO masjid (nama, alamat, latitude, longitude, radius, nama_pimpinan, no_hp) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssddiss", $input['nama'], $input['alamat'], $input['latitude'], $input['longitude'], $input['radius'], $input['nama_pimpinan'], $input['no_hp']);
if ($stmt->execute()) {
sendResponse(true, 'Masjid berhasil ditambahkan', ['id' => $conn->insert_id]);
} else {
sendResponse(false, 'Gagal menambahkan masjid: ' . $stmt->error);
}
$stmt->close();
}
// ACTION: UPDATE MASJID (ADMIN FULL, PENGURUS HANYA RADIUS)
elseif (($method === 'PUT' || $method === 'POST') && $action === 'update') {
$id = intval($_GET['id']);
$input = json_decode(file_get_contents('php://input'), true);
if ($userRole === 'admin') {
// Admin bebas mengubah data apapun
$stmt = $conn->prepare("UPDATE masjid SET nama=?, alamat=?, latitude=?, longitude=?, radius=?, nama_pimpinan=?, no_hp=? WHERE id=?");
$stmt->bind_param("ssddissi", $input['nama'], $input['alamat'], $input['latitude'], $input['longitude'], $input['radius'], $input['nama_pimpinan'], $input['no_hp'], $id);
}
elseif ($userRole === 'pengurus_masjid') {
// Pengurus masjid hanya diizinkan mengubah radius masjid miliknya sendiri saja
if ($id !== intval($userMasjidId)) {
sendResponse(false, 'Akses ditolak! Anda tidak diizinkan mengubah data masjid lain.');
}
$stmt = $conn->prepare("UPDATE masjid SET radius=? WHERE id=?");
$stmt->bind_param("ii", $input['radius'], $id);
}
else {
sendResponse(false, 'Akses ditolak! Anda tidak memiliki otoritas mengubah data masjid.');
}
if ($stmt->execute()) {
// Otomatis hitung ulang jangkauan dhuafa setelah radius masjid berubah
autoReassignSystem($conn);
sendResponse(true, 'Data masjid berhasil diperbarui');
} else {
sendResponse(false, 'Gagal memperbarui data: ' . $stmt->error);
}
$stmt->close();
}
// ACTION: HAPUS MASJID (HANYA ADMIN)
elseif ($method === 'DELETE' && $action === 'delete') {
if ($userRole !== 'admin') {
sendResponse(false, 'Akses ditolak! Hanya Admin yang dapat menghapus data masjid.');
}
$id = intval($_GET['id']);
$stmt = $conn->prepare("DELETE FROM masjid WHERE id=?");
$stmt->bind_param("i", $id);
if ($stmt->execute()) {
// Putuskan hubungan pengampu di tabel dhuafa jika masjid dihapus
$conn->query("UPDATE orang_berkebutuhan SET status='merah', masjid_pengampu_id=NULL, jarak_ke_masjid=NULL WHERE masjid_pengampu_id=$id");
sendResponse(true, 'Masjid berhasil dihapus');
} else {
sendResponse(false, 'Gagal menghapus masjid: ' . $stmt->error);
}
$stmt->close();
}
}
// ============================================================================
// 2. MODUL ORANG BERKEBUTUHAN (DHUAFA)
// ============================================================================
elseif ($type === 'orang') {
// ACTION: AMBIL DATA DHUAFA (SESUAI HAK AKSES)
// ACTION: AMBIL DATA DHUAFA / ORANG BERKEBUTUHAN
if ($method === 'GET' && $action === 'getAll') {
$search = isset($_GET['search']) ? $conn->real_escape_string($_GET['search']) : '';
// JIKA yang login adalah role dhuafa, paksa query hanya mengambil data dirinya sendiri
if ($userRole === 'dhuafa') {
if (empty($userDhuafaId)) {
sendResponse(false, 'Akun user Anda belum ditautkan ke data dhuafa di database.');
}
$query = "SELECT o.*, m.nama AS nama_masjid
FROM orang_berkebutuhan o
LEFT JOIN masjid m ON o.masjid_pengampu_id = m.id
WHERE o.id = $userDhuafaId";
} else {
// Jika admin atau pengurus masjid, panggil semua/sesuai search
$query = "SELECT o.*, m.nama AS nama_masjid
FROM orang_berkebutuhan o
LEFT JOIN masjid m ON o.masjid_pengampu_id = m.id";
if (!empty($search)) {
$query .= " WHERE o.nama LIKE '%$search%' OR o.no_kk LIKE '%$search%'";
}
$query .= " ORDER BY o.created_at DESC";
}
$result = $conn->query($query);
$data = [];
while ($row = $result->fetch_assoc()) {
$data[] = $row;
}
sendResponse(true, 'Data berhasil dimuat.', $data);
}
// ACTION: TAMBAH DATA DHUAFA (ADMIN ATAU MANDIRI MAKSIMAL 1 MARKER)
elseif ($method === 'POST' && $action === 'create') {
$input = json_decode(file_get_contents('php://input'), true);
$targetUserId = null;
if ($userRole === 'dhuafa') {
// Cek apakah akun dhuafa ini sudah pernah membuat marker sebelumnya
$check = $conn->query("SELECT id FROM orang_berkebutuhan WHERE user_id = $userId");
if ($check->num_rows >= 1) {
sendResponse(false, 'Akses ditolak! Batas maksimal pembuatan marker adalah 1 lokasi.');
}
$targetUserId = $userId;
} elseif ($userRole !== 'admin') {
sendResponse(false, 'Akses ditolak! Anda tidak memiliki otoritas menambah data warga.');
}
$stmt = $conn->prepare("INSERT INTO orang_berkebutuhan (nama, no_kk, alamat, latitude, longitude, tgl_lahir, no_hp, user_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssissssi", $input['nama'], $input['no_kk'], $input['alamat'], $input['latitude'], $input['longitude'], $input['tgl_lahir'], $input['no_hp'], $targetUserId);
if ($stmt->execute()) {
$newDhuafaId = $conn->insert_id;
// Jika dia dhuafa, langsung tautkan dhuafa_id ke tabel users agar sinkron
if ($userRole === 'dhuafa') {
$conn->query("UPDATE users SET dhuafa_id = $newDhuafaId WHERE id = $userId");
$_SESSION['dhuafa_id'] = $newDhuafaId;
}
autoReassignSystem($conn);
sendResponse(true, 'Data dhuafa berhasil ditambahkan', ['id' => $newDhuafaId]);
} else {
sendResponse(false, 'Gagal menambahkan: ' . $stmt->error);
}
$stmt->close();
}
// ACTION: UPDATE DATA DHUAFA (ADMIN ATAU MILIK DIRINYA SENDIRI)
elseif (($method === 'PUT' || $method === 'POST') && $action === 'update') {
$id = intval($_GET['id']);
$input = json_decode(file_get_contents('php://input'), true);
if ($userRole === 'dhuafa') {
// Dhuafa hanya bisa mengedit data miliknya sendiri
if ($id !== intval($userDhuafaId)) {
sendResponse(false, 'Akses ditolak! Anda tidak berhak mengubah data milik orang lain.');
}
} elseif ($userRole !== 'admin') {
sendResponse(false, 'Akses ditolak! Hak akses Anda tidak mengizinkan pengubahan data dhuafa.');
}
$stmt = $conn->prepare("UPDATE orang_berkebutuhan SET nama=?, no_kk=?, alamat=?, latitude=?, longitude=?, tgl_lahir=?, no_hp=? WHERE id=?");
$stmt->bind_param("ssissssi", $input['nama'], $input['no_kk'], $input['alamat'], $input['latitude'], $input['longitude'], $input['tgl_lahir'], $input['no_hp'], $id);
if ($stmt->execute()) {
autoReassignSystem($conn);
sendResponse(true, 'Data dhuafa berhasil diupdate');
} else {
sendResponse(false, 'Gagal mengupdate: ' . $stmt->error);
}
$stmt->close();
}
// ACTION: HAPUS DATA DHUAFA (ADMIN ATAU MILIK DIRINYA SENDIRI)
elseif ($method === 'DELETE' && $action === 'delete') {
$id = intval($_GET['id']);
if ($userRole === 'dhuafa') {
if ($id !== intval($userDhuafaId)) {
sendResponse(false, 'Akses ditolak!');
}
} elseif ($userRole !== 'admin') {
sendResponse(false, 'Akses ditolak! Anda tidak memiliki otoritas menghapus data ini.');
}
$stmt = $conn->prepare("DELETE FROM orang_berkebutuhan WHERE id=?");
$stmt->bind_param("i", $id);
if ($stmt->execute()) {
if ($userRole === 'dhuafa') {
$conn->query("UPDATE users SET dhuafa_id = NULL WHERE id = $userId");
$_SESSION['dhuafa_id'] = null;
}
sendResponse(true, 'Data berhasil dihapus');
} else {
sendResponse(false, 'Gagal menghapus: ' . $stmt->error);
}
$stmt->close();
}
}
// ============================================================================
// 3. ADMIN SUMMARY (FITUR RINGKASAN DIAGRAM & KPI UNTUK ADMIN)
// ============================================================================
elseif ($type === 'summary' && $userRole === 'admin') {
if ($method === 'GET') {
// Ambil hitungan KPI
$totMasjid = $conn->query("SELECT COUNT(*) as total FROM masjid")->fetch_assoc()['total'];
$totDhuafa = $conn->query("SELECT COUNT(*) as total FROM orang_berkebutuhan")->fetch_assoc()['total'];
$totTerampu = $conn->query("SELECT COUNT(*) as total FROM orang_berkebutuhan WHERE status='hijau'")->fetch_assoc()['total'];
$totBelum = $conn->query("SELECT COUNT(*) as total FROM orang_berkebutuhan WHERE status='merah'")->fetch_assoc()['total'];
sendResponse(true, 'Data ringkasan admin berhasil dimuat', [
'total_masjid' => intval($totMasjid),
'total_dhuafa' => intval($totDhuafa),
'terampu' => intval($totTerampu),
'belum_terampu' => intval($totBelum)
]);
}
}
// ============================================================================
// SISTEM FILTER RADIUS JANGKAUAN OTOMATIS (FUNGSI INTERNAL)
// ============================================================================
function autoReassignSystem($conn) {
// 1. Ambil data masjid
$resMasjid = $conn->query("SELECT id, latitude, longitude, radius FROM masjid");
$masjidList = [];
while($m = $resMasjid->fetch_assoc()) { $masjidList[] = $m; }
// 2. Ambil data dhuafa
$resOrang = $conn->query("SELECT id, latitude, longitude FROM orang_berkebutuhan");
$wargaList = [];
while($o = $resOrang->fetch_assoc()) { $wargaList[] = $o; }
// 3. Reset hitungan jumlah diampu di semua masjid
$conn->query("UPDATE masjid SET jumlah_diampu = 0");
// 4. Hitung ulang jarak geospatial secara otomatis
foreach($wargaList as $w) {
$latWarga = floatval($w['latitude']);
$lngWarga = floatval($w['longitude']);
$minJarak = 99999999;
$assignedMasjidId = null;
foreach($masjidList as $m) {
$jarak = hitungJarakInPHP($latWarga, $lngWarga, floatval($m['latitude']), floatval($m['longitude']));
if($jarak <= floatval($m['radius'])) {
if($jarak < $minJarak) {
$minJarak = $jarak;
$assignedMasjidId = $m['id'];
}
}
}
if($assignedMasjidId) {
// PERBAIKAN: Tipe data bind_param disesuaikan (i = integer, d = double/float)
$up = $conn->prepare("UPDATE orang_berkebutuhan SET status='hijau', masjid_pengampu_id=?, jarak_ke_masjid=? WHERE id=?");
$up->bind_param("idi", $assignedMasjidId, $minJarak, $w['id']);
$up->execute();
$up->close();
// Tambahkan hitungan ke masjid pengampu
$conn->query("UPDATE masjid SET jumlah_diampu = jumlah_diampu + 1 WHERE id = $assignedMasjidId");
} else {
// Jika di luar radius semua masjid, set status menjadi merah
$conn->query("UPDATE orang_berkebutuhan SET status='merah', masjid_pengampu_id=NULL, jarak_ke_masjid=NULL WHERE id=" . $w['id']);
}
}
}
function hitungJarakInPHP($lat1, $lng1, $lat2, $lng2) {
$R = 6371000;
$dLat = deg2rad($lat2 - $lat1);
$dLon = deg2rad($lng2 - $lng1);
$a = sin($dLat/2) * sin($dLat/2) + cos(deg2rad($lat1)) * cos(deg2rad($lat2)) * sin($dLon/2) * sin($dLon/2);
$c = 2 * atan2(sqrt($a), sqrt(1-$a));
return $R * $c;
}
?>
+73
View File
@@ -0,0 +1,73 @@
<?php
// auth.php
require_once 'config.php';
$method = $_SERVER['REQUEST_METHOD'];
$action = isset($_GET['action']) ? $_GET['action'] : '';
if ($method === 'POST' && $action === 'login') {
// Membaca input JSON dari frontend
$input = json_decode(file_get_contents('php://input'), true);
$username = trim($input['username'] ?? '');
$password = trim($input['password'] ?? '');
if (empty($username) || empty($password)) {
sendResponse(false, 'Username dan password wajib diisi.');
}
// Mencari user di database
$stmt = $conn->prepare("SELECT id, username, password, role, masjid_id, dhuafa_id FROM users WHERE username = ?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 1) {
$user = $result->fetch_assoc();
// Memverifikasi kecocokan password yang di-hash
if (password_verify($password, $user['password'])) {
// Menyimpan data user ke dalam session server
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
$_SESSION['masjid_id'] = $user['masjid_id'];
$_SESSION['dhuafa_id'] = $user['dhuafa_id'];
// Kirim data user yang berhasil login tanpa password-nya
unset($user['password']);
sendResponse(true, 'Login berhasil.', $user);
} else {
sendResponse(false, 'Password salah.');
}
} else {
sendResponse(false, 'Username tidak ditemukan.');
}
$stmt->close();
}
elseif ($method === 'GET' && $action === 'check') {
// Aksi untuk memeriksa apakah session user masih aktif saat halaman di-refresh
if (isset($_SESSION['user_id'])) {
sendResponse(true, 'Sesi aktif.', [
'id' => $_SESSION['user_id'],
'username' => $_SESSION['username'],
'role' => $_SESSION['role'],
'masjid_id' => $_SESSION['masjid_id'],
'dhuafa_id' => $_SESSION['dhuafa_id']
]);
} else {
sendResponse(false, 'Belum login.');
}
}
elseif ($method === 'POST' && $action === 'logout') {
// Menghapus seluruh session aktif
session_unset();
session_destroy();
sendResponse(true, 'Logout berhasil.');
}
else {
sendResponse(false, 'Aksi autentikasi tidak valid.');
}
?>
+55
View File
@@ -0,0 +1,55 @@
<?php
// config.php
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
// Mengizinkan semua origin lokal saat masa development agar cookie session tidak diblokir
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: ' . ($_SERVER['HTTP_ORIGIN'] ?? '*'));
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit();
}
$host = 'localhost';
$username = 'root';
$password = '';
$database = 'gis_management';
$port = 3307; // Sesuai port database XAMPP Anda
$conn = new mysqli($host, $username, $password, $database, $port);
if ($conn->connect_error) {
die(json_encode([
'success' => false,
'message' => 'Koneksi database gagal: ' . $conn->connect_error
]));
}
$conn->set_charset("utf8");
// Fungsi standar untuk mengirim respon JSON
function sendResponse($success, $message, $data = null) {
$response = [
'success' => $success,
'message' => $message
];
if ($data !== null) {
$response['data'] = $data;
}
echo json_encode($response);
exit;
}
// Fungsi bantu untuk mengecek apakah user sudah login
function checkLogin() {
if (!isset($_SESSION['user_id'])) {
sendResponse(false, 'Status tidak terautentikasi. Silakan login terlebih dahulu.');
}
}
?>
+1252
View File
File diff suppressed because it is too large Load Diff
+54
View File
@@ -0,0 +1,54 @@
<?php
// register.php
require_once 'config.php';
// Membaca input JSON dari client/frontend
$input = json_decode(file_get_contents('php://input'), true);
$username = trim($input['username'] ?? '');
$password = trim($input['password'] ?? '');
$role = trim($input['role'] ?? ''); // 'pengurus_masjid' atau 'dhuafa'
$masjid_id = !empty($input['masjid_id']) ? intval($input['masjid_id']) : null;
$dhuafa_id = !empty($input['dhuafa_id']) ? intval($input['dhuafa_id']) : null; // Tambahan Fitur
if (empty($username) || empty($password) || empty($role)) {
sendResponse(false, 'Username, password, dan role wajib diisi.');
}
if (!in_array($role, ['pengurus_masjid', 'dhuafa'])) {
sendResponse(false, 'Role tidak valid. Hanya bisa mendaftarkan pengurus_masjid atau dhuafa.');
}
// Proteksi Khusus Pengurus Masjid
if ($role === 'pengurus_masjid' && empty($masjid_id)) {
sendResponse(false, 'Pendaftaran pengurus masjid wajib menyertakan ID Masjid yang diampu.');
}
// Proteksi Khusus Kaum Dhuafa
if ($role === 'dhuafa' && empty($dhuafa_id)) {
sendResponse(false, 'Pendaftaran akun dhuafa wajib ditautkan ke data warga dhuafa yang valid.');
}
// Cek apakah username sudah terpakai
$check = $conn->prepare("SELECT id FROM users WHERE username = ?");
$check->bind_param("s", $username);
$check->execute();
if ($check->get_result()->num_rows > 0) {
sendResponse(false, 'Username sudah terdaftar, gunakan nama lain.');
}
$check->close();
// Enkripsi password dengan standar PHP Bcrypt
$password_hash = password_hash($password, PASSWORD_DEFAULT);
// Daftarkan user ke database dengan menyertakan nilai masjid_id atau dhuafa_id yang sesuai
$stmt = $conn->prepare("INSERT INTO users (username, password, role, masjid_id, dhuafa_id) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param("sssii", $username, $password_hash, $role, $masjid_id, $dhuafa_id);
if ($stmt->execute()) {
sendResponse(true, 'Registrasi akun baru berhasil disimpan.');
} else {
sendResponse(false, 'Gagal mendaftarkan akun baru: ' . $conn->error);
}
$stmt->close();
?>
+21
View File
@@ -0,0 +1,21 @@
<?php
// reset_password.php
require_once 'config.php';
$username = 'admin';
$password_baru = 'yaraaqmal';
// Mengubah teks polos menjadi hash Bcrypt yang sah di mata PHP
$password_hash = password_hash($password_baru, PASSWORD_DEFAULT);
$stmt = $conn->prepare("UPDATE users SET password = ? WHERE username = ?");
$stmt->bind_param("ss", $password_hash, $username);
if ($stmt->execute()) {
echo "<h3>✅ Password admin berhasil di-hash & diperbarui menjadi: <b>$password_baru</b></h3>";
echo "<p>Silakan hapus file <b>reset_password.php</b> ini demi keamanan, lalu coba login kembali di halaman utama.</p>";
} else {
echo "❌ Gagal mereset password: " . $conn->error;
}
$stmt->close();
?>