Require rejection reason and move approve/reject buttons inside manager detail view
This commit is contained in:
@@ -1,21 +1,60 @@
|
||||
<?php
|
||||
include __DIR__ . '/../../config/koneksi.php';
|
||||
include __DIR__ . '/../../config/auth.php';
|
||||
include_once __DIR__ . '/../auth/mail_helper.php';
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
require_role('admin');
|
||||
|
||||
// Ensure column exists
|
||||
try {
|
||||
$conn->query("ALTER TABLE users ADD COLUMN IF NOT EXISTS rejection_reason TEXT NULL");
|
||||
} catch(Exception $e){}
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
$id = isset($data['id']) ? intval($data['id']) : 0;
|
||||
if(!$id){ http_response_code(400); echo json_encode(['success'=>false,'error'=>'missing_id']); exit; }
|
||||
|
||||
$st = $conn->prepare('UPDATE users SET status = "rejected", approved_by = ?, approved_at = NOW() WHERE id = ?');
|
||||
$reason = isset($data['reason']) ? trim($data['reason']) : '';
|
||||
|
||||
// 1. Fetch user email and name first
|
||||
$email = null;
|
||||
$name = null;
|
||||
$uStmt = $conn->prepare("SELECT email, name FROM users WHERE id = ?");
|
||||
if($uStmt){
|
||||
$uStmt->bind_param('i', $id);
|
||||
$uStmt->execute();
|
||||
$uRes = $uStmt->get_result();
|
||||
$uRow = $uRes ? $uRes->fetch_assoc() : null;
|
||||
if($uRow){
|
||||
$email = $uRow['email'];
|
||||
$name = $uRow['name'];
|
||||
}
|
||||
$uStmt->close();
|
||||
}
|
||||
|
||||
// 2. Perform the update
|
||||
$st = $conn->prepare('UPDATE users SET status = "rejected", rejection_reason = ?, approved_by = ?, approved_at = NOW() WHERE id = ?');
|
||||
if(!$st){ http_response_code(500); echo json_encode(['success'=>false,'error'=>$conn->error]); exit; }
|
||||
$adminId = intval(get_current_user_info()['id']);
|
||||
$st->bind_param('ii', $adminId, $id);
|
||||
$st->bind_param('sii', $reason, $adminId, $id);
|
||||
$res = $st->execute();
|
||||
$st->close();
|
||||
if(!$res){ http_response_code(500); echo json_encode(['success'=>false,'error'=>$conn->error]); exit; }
|
||||
|
||||
// 3. Send email notification if user has email
|
||||
if($email){
|
||||
try {
|
||||
$subject = 'Pendaftaran Pengelola Ditolak - WebGIS';
|
||||
$message = "Halo " . ($name ? $name : 'Pengelola') . ",\n\n" .
|
||||
"Pendaftaran akun pengelola Anda pada sistem WebGIS Poverty Mapping tidak disetujui oleh administrator.\n\n" .
|
||||
"Alasan penolakan:\n" . ($reason ? $reason : '-') . "\n\n" .
|
||||
"Terima kasih.";
|
||||
send_mail_notify($email, $subject, $message, false);
|
||||
} catch (Exception $e) {
|
||||
error_log("Failed to send rejection email: " . $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode(['success'=>true]);
|
||||
?>
|
||||
|
||||
@@ -1,15 +1,37 @@
|
||||
<?php
|
||||
include __DIR__ . '/../../config/koneksi.php';
|
||||
include __DIR__ . '/../../config/auth.php';
|
||||
include_once __DIR__ . '/mail_helper.php';
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
$admin = require_bearer_login();
|
||||
if(!isset($admin['role']) || $admin['role'] !== 'admin'){ http_response_code(403); echo json_encode(['success'=>false,'error'=>'forbidden']); exit; }
|
||||
|
||||
// Ensure column exists
|
||||
try {
|
||||
$conn->query("ALTER TABLE users ADD COLUMN IF NOT EXISTS rejection_reason TEXT NULL");
|
||||
} catch(Exception $e){}
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
if(!$data || !isset($data['id'])){ http_response_code(400); echo json_encode(['success'=>false,'error'=>'missing_id']); exit; }
|
||||
$id = intval($data['id']);
|
||||
$reason = isset($data['reason']) ? $data['reason'] : null;
|
||||
$reason = isset($data['reason']) ? trim($data['reason']) : '';
|
||||
|
||||
// 1. Fetch user email and name first
|
||||
$email = null;
|
||||
$name = null;
|
||||
$uStmt = $conn->prepare("SELECT email, name FROM users WHERE id = ?");
|
||||
if($uStmt){
|
||||
$uStmt->bind_param('i', $id);
|
||||
$uStmt->execute();
|
||||
$uRes = $uStmt->get_result();
|
||||
$uRow = $uRes ? $uRes->fetch_assoc() : null;
|
||||
if($uRow){
|
||||
$email = $uRow['email'];
|
||||
$name = $uRow['name'];
|
||||
}
|
||||
$uStmt->close();
|
||||
}
|
||||
|
||||
$st = $conn->prepare('UPDATE users SET status = ?, rejection_reason = ?, approved_by = ?, approved_at = NOW() WHERE id = ? AND role = "manager"');
|
||||
if(!$st){ http_response_code(500); echo json_encode(['success'=>false,'error'=>$conn->error]); exit; }
|
||||
@@ -17,5 +39,18 @@ $status = 'rejected'; $adminId = intval($admin['id']); $st->bind_param('ssii', $
|
||||
$res = $st->execute(); $st->close();
|
||||
if(!$res){ http_response_code(500); echo json_encode(['success'=>false,'error'=>$conn->error]); exit; }
|
||||
|
||||
if($email){
|
||||
try {
|
||||
$subject = 'Pendaftaran Pengelola Ditolak - WebGIS';
|
||||
$message = "Halo " . ($name ? $name : 'Pengelola') . ",\n\n" .
|
||||
"Pendaftaran akun pengelola Anda pada sistem WebGIS Poverty Mapping tidak disetujui oleh administrator.\n\n" .
|
||||
"Alasan penolakan:\n" . ($reason ? $reason : '-') . "\n\n" .
|
||||
"Terima kasih.";
|
||||
send_mail_notify($email, $subject, $message, false);
|
||||
} catch (Exception $e) {
|
||||
error_log("Failed to send rejection email: " . $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode(['success'=>true]);
|
||||
?>
|
||||
Reference in New Issue
Block a user