Persiapan hosting: config DB, perbaikan role, fix redirect
This commit is contained in:
+3
-3
@@ -9,7 +9,7 @@ $action = $_POST['action'] ?? $_GET['action'] ?? 'list';
|
||||
// ── LIST ────────────────────────────────────────────────────────
|
||||
if ($action === 'list') {
|
||||
$rows = mysqli_fetch_all(
|
||||
mysqli_query($conn, "SELECT id, username, nama, created_at FROM users ORDER BY nama"),
|
||||
mysqli_query($conn, "SELECT id, username, nama, role, created_at FROM users ORDER BY nama"),
|
||||
MYSQLI_ASSOC
|
||||
);
|
||||
echo json_encode(['status' => 'success', 'data' => $rows]);
|
||||
@@ -27,7 +27,7 @@ if ($action === 'add') {
|
||||
exit;
|
||||
}
|
||||
|
||||
$role = in_array($_POST['role'] ?? '', ['admin','superadmin']) ? $_POST['role'] : 'admin';
|
||||
$role = in_array($_POST['role'] ?? '', ['admin','operator']) ? $_POST['role'] : 'operator';
|
||||
$hash = password_hash($password, PASSWORD_DEFAULT);
|
||||
$st = mysqli_prepare($conn, "INSERT INTO users (username, password, nama, role) VALUES (?,?,?,?)");
|
||||
mysqli_stmt_bind_param($st, 'ssss', $username, $hash, $nama, $role);
|
||||
@@ -46,7 +46,7 @@ if ($action === 'update') {
|
||||
$id = (int)($_POST['id'] ?? 0);
|
||||
$nama = trim($_POST['nama'] ?? '');
|
||||
$pass = $_POST['password'] ?? '';
|
||||
$role = in_array($_POST['role'] ?? '', ['admin','superadmin']) ? $_POST['role'] : 'admin';
|
||||
$role = in_array($_POST['role'] ?? '', ['admin','operator']) ? $_POST['role'] : 'operator';
|
||||
|
||||
if ($id <= 0 || !$nama) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Data tidak valid']);
|
||||
|
||||
+4
-4
@@ -8,22 +8,22 @@ function requireLogin() {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Sesi habis, silakan login kembali.']);
|
||||
exit;
|
||||
}
|
||||
header('Location: /uas/login.php');
|
||||
header('Location: login.php');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function requireSuperAdmin() {
|
||||
requireLogin();
|
||||
if ($_SESSION['user']['role'] !== 'superadmin') {
|
||||
if ($_SESSION['user']['role'] !== 'admin') {
|
||||
http_response_code(403);
|
||||
echo json_encode(['status' => 'error', 'message' => 'Akses ditolak. Hanya superadmin.']);
|
||||
echo json_encode(['status' => 'error', 'message' => 'Akses ditolak. Hanya admin.']);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function isSuperAdmin() {
|
||||
return ($_SESSION['user']['role'] ?? '') === 'superadmin';
|
||||
return ($_SESSION['user']['role'] ?? '') === 'admin';
|
||||
}
|
||||
|
||||
function currentUser() {
|
||||
|
||||
+13
-7
@@ -1,10 +1,14 @@
|
||||
<?php
|
||||
if (isset($conn)) return;
|
||||
$host = getenv('DB_HOST') ?: '127.0.0.1';
|
||||
$user = getenv('DB_USER') ?: 'root';
|
||||
$pass = getenv('DB_PASS') ?: '';
|
||||
$name = getenv('DB_NAME') ?: 'db_webgis';
|
||||
$port = (int)(getenv('DB_PORT') ?: 3306);
|
||||
if (!defined('DB_HOST')) {
|
||||
$cfg = dirname(__DIR__) . '/config.php';
|
||||
if (file_exists($cfg)) require_once $cfg;
|
||||
}
|
||||
$host = defined('DB_HOST') ? DB_HOST : (getenv('DB_HOST') ?: '127.0.0.1');
|
||||
$user = defined('DB_USER') ? DB_USER : (getenv('DB_USER') ?: 'root');
|
||||
$pass = defined('DB_PASS') ? DB_PASS : (getenv('DB_PASS') ?: '');
|
||||
$name = defined('DB_NAME') ? DB_NAME : (getenv('DB_NAME') ?: 'db_webgis');
|
||||
$port = defined('DB_PORT') ? (int)DB_PORT : (int)(getenv('DB_PORT') ?: 3306);
|
||||
$conn = mysqli_init();
|
||||
mysqli_options($conn, MYSQLI_OPT_CONNECT_TIMEOUT, 5);
|
||||
$ok = @mysqli_real_connect($conn, $host, $user, $pass, $name, $port);
|
||||
@@ -23,7 +27,7 @@ if (!isset($GLOBALS[$setup_flag])) {
|
||||
username VARCHAR(50) UNIQUE NOT NULL,
|
||||
password VARCHAR(255) NOT NULL,
|
||||
nama VARCHAR(100),
|
||||
role ENUM('superadmin','admin','operator') DEFAULT 'operator',
|
||||
role ENUM('admin','operator') DEFAULT 'operator',
|
||||
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||
)");
|
||||
$conn->query("CREATE TABLE IF NOT EXISTS rumah_ibadah (
|
||||
@@ -55,10 +59,12 @@ if (!isset($GLOBALS[$setup_flag])) {
|
||||
hubungan VARCHAR(50), umur INT, pekerjaan VARCHAR(100), keterangan TEXT,
|
||||
FOREIGN KEY (penduduk_id) REFERENCES penduduk_miskin(id) ON DELETE CASCADE
|
||||
)");
|
||||
$conn->query("UPDATE users SET role='admin' WHERE role='superadmin'");
|
||||
$conn->query("ALTER TABLE users MODIFY COLUMN role ENUM('admin','operator') DEFAULT 'operator'");
|
||||
$count = $conn->query("SELECT COUNT(*) FROM users")->fetch_row()[0];
|
||||
if ($count == 0) {
|
||||
$hash = '$2y$10$Ep64LS7KEQc2jKMu.AsH.O2wKF9ku4C8Cz0z4RHahgmYbz0vMr0/.';
|
||||
$conn->query("INSERT INTO users (username,password,nama,role) VALUES ('admin','$hash','Administrator','superadmin')");
|
||||
$conn->query("INSERT INTO users (username,password,nama,role) VALUES ('admin','$hash','Administrator','admin')");
|
||||
$conn->query("INSERT INTO users (username,password,nama,role) VALUES ('operator','$hash','Operator Lapangan','operator')");
|
||||
}
|
||||
$conn->query("INSERT IGNORE INTO rumah_ibadah (id,nama,jenis,kontak,alamat,lat,lng,radius) VALUES
|
||||
|
||||
+1
-1
@@ -127,7 +127,7 @@ input::placeholder{color:#94a3b8}
|
||||
|
||||
<p class="hint">Default: <span>admin</span> / <span>admin123</span></p>
|
||||
<div style="text-align:center;margin-top:20px;padding-top:20px;border-top:1px solid #1e293b">
|
||||
<a href="/index.php" style="color:#475569;font-size:12px;text-decoration:none;display:inline-flex;align-items:center;gap:6px;transition:.15s" onmouseover="this.style.color='#94a3b8'" onmouseout="this.style.color='#475569'">
|
||||
<a href="../index.php" style="color:#475569;font-size:12px;text-decoration:none;display:inline-flex;align-items:center;gap:6px;transition:.15s" onmouseover="this.style.color='#94a3b8'" onmouseout="this.style.color='#475569'">
|
||||
<svg width="14" height="14" viewBox="0 0 24 24" fill="currentColor"><path d="M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.41L7.83 13H20v-2z"/></svg>
|
||||
Kembali ke Portal
|
||||
</a>
|
||||
|
||||
+6
-6
@@ -41,8 +41,8 @@ tbody tr:hover td{background:rgba(255,255,255,.02)}
|
||||
.u-name{font-weight:600;font-size:13px}
|
||||
.u-un{font-size:11px;color:var(--muted);margin-top:2px;font-family:monospace}
|
||||
.badge{display:inline-flex;align-items:center;gap:4px;padding:3px 10px;border-radius:20px;font-size:11px;font-weight:600}
|
||||
.badge-superadmin{background:rgba(99,102,241,.2);color:#a5b4fc}
|
||||
.badge-admin{background:rgba(100,116,139,.2);color:#94a3b8}
|
||||
.badge-admin{background:rgba(99,102,241,.2);color:#a5b4fc}
|
||||
.badge-operator{background:rgba(100,116,139,.2);color:#94a3b8}
|
||||
.me-tag{display:inline-flex;align-items:center;gap:4px;font-size:10px;background:rgba(245,158,11,.15);color:#fbbf24;padding:2px 8px;border-radius:8px;margin-left:8px;font-weight:600}
|
||||
.btn-sm{display:inline-flex;align-items:center;gap:5px;padding:6px 12px;border-radius:8px;font-size:12px;font-weight:500;cursor:pointer;font-family:inherit;transition:var(--trans);border:none}
|
||||
.btn-edit{background:rgba(59,130,246,.1);color:var(--blue);border:1px solid rgba(59,130,246,.2)}
|
||||
@@ -100,7 +100,7 @@ tbody tr:hover td{background:rgba(255,255,255,.02)}
|
||||
</div>
|
||||
|
||||
<?php if (!$isSuperAdmin): ?>
|
||||
<div class="no-access"><i class="fas fa-lock" style="margin-right:8px"></i>Hanya superadmin yang dapat mengelola pengguna. Role kamu: <strong><?= $user['role'] ?></strong></div>
|
||||
<div class="no-access"><i class="fas fa-lock" style="margin-right:8px"></i>Hanya admin yang dapat mengelola pengguna. Role kamu: <strong><?= $user['role'] ?></strong></div>
|
||||
<?php endif; ?>
|
||||
|
||||
<div class="card">
|
||||
@@ -146,7 +146,7 @@ tbody tr:hover td{background:rgba(255,255,255,.02)}
|
||||
<label>Role <span class="req">*</span></label>
|
||||
<select id="f-role">
|
||||
<option value="admin">Admin</option>
|
||||
<option value="superadmin">Superadmin</option>
|
||||
<option value="operator">Operator</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
@@ -229,8 +229,8 @@ function renderUsers(rows) {
|
||||
const isMe = parseInt(u.id) === MY_ID;
|
||||
const color = avatarColor(u.nama || u.username);
|
||||
const init = (u.nama || u.username || '?')[0].toUpperCase();
|
||||
const roleC = u.role === 'superadmin' ? 'badge-superadmin' : 'badge-admin';
|
||||
const roleI = u.role === 'superadmin' ? 'shield-alt' : 'user';
|
||||
const roleC = u.role === 'admin' ? 'badge-admin' : 'badge-operator';
|
||||
const roleI = u.role === 'admin' ? 'shield-alt' : 'user';
|
||||
const acols = IS_SUPER ? `
|
||||
<td style="text-align:right;white-space:nowrap">
|
||||
<button class="btn-sm btn-edit" onclick='openEdit(${JSON.stringify(u)})'>
|
||||
|
||||
Reference in New Issue
Block a user