Add SPOTA core PHP application

Add the main admin, dosen, mahasiswa, API, and service code needed to run the core legacy application with configurable upload storage.

admin/page/user/act.user.php

@@ -0,0 +1,134 @@
+<?php
+session_start();
+if($_POST){
+	include ("../../../inc/helper.php");
+	include ("../../../inc/konfigurasi.php");
+	include ("../../../inc/db.pdo.class.php");
+
+	$db=new dB($dbsetting);
+
+	switch($_POST['act']){
+		case 'insert':
+		$password=md5($_POST['pwd']);
+		$level="P";
+
+		$insert="INSERT INTO tbadmin SET
+		nmLengkap='".$_POST['nama_lengkap']."',
+		jabatan='".$_POST['jabatan']."',
+		nip='".$_POST['nip']."',
+		email='".$_POST['emailuser']."',
+		username='".$_POST['username']."',
+		idProdi='".$_POST['prodi']."',
+		password='".$password."',
+		notelp='".$_POST['telp']."',
+		jenisAdmin='".$level."'
+		";
+		//echo $insert;
+		if($db->runQuery($insert)){
+			echo json_encode(array("result"=>true,"msg"=>"Admin baru berhasil ditambahkan."));
+		}else{
+			echo json_encode(array("result"=>false,"msg"=>"Aksi Gagal DBERROR."));
+		}
+		break;
+
+		case 'update':
+		$id=$_POST['id'];
+		if(ctype_digit($id)){
+			$level="P";
+
+			if($_POST['reset_pwd']=='yes'){
+				$password="password='".md5($_POST['username']."12345")."',";
+			}else{
+				$password="";
+			}	
+
+			$update="UPDATE tbadmin SET
+			nmLengkap='".$_POST['nama_lengkap']."',
+			jabatan='".$_POST['jabatan']."',
+			nip='".$_POST['nip']."',
+			email='".$_POST['emailuser']."',
+			idProdi='".$_POST['prodi']."',
+			$password
+			notelp='".$_POST['telp']."',
+			jenisAdmin='".$level."'
+			WHERE idAdmin='$id'";	
+			//echo $update;
+			if($db->runQuery($update)){
+				echo json_encode(array("result"=>true,"msg"=>"Data admin telah diupdate."));
+			}else{
+				echo json_encode(array("result"=>false,"msg"=>"Aksi update Gagal DBERROR."));
+			}
+		}
+		break;
+
+		case 'updatemyprofile':
+			$id=$_POST['id'];
+			if($_POST['pwd']!=""){
+				$pwd_lama=md5($_POST['pwd_lama']);
+				$check="SELECT idAdmin FROM tbadmin WHERE idAdmin='$id' AND password='$pwd_lama' LIMIT 1";
+				//echo $check;
+				$db->runQuery($check);
+				if($db->dbRows()>0){
+					$password="password='".md5($_POST['pwd'])."',";
+				}else{
+					echo json_encode(array("result"=>false,"msg"=>"Password lama anda tidak cocok, silakan masukkan password dengan benar untuk mengganti password."));
+					exit;
+				}
+			}else{
+				$password="";
+			}
+			$queryUpdate="UPDATE tbadmin SET
+			nmLengkap='".$_POST['nama_lengkap']."',
+			jabatan='".$_POST['jabatan']."',
+			nip='".$_POST['nip']."',
+			email='".$_POST['emailuser']."',
+			$password
+			notelp='".$_POST['telp']."'
+			WHERE idAdmin='$id'
+			";
+			//echo $queryUpdate;
+			if($db->runQuery($queryUpdate)){
+				echo json_encode(array("result"=>true,"msg"=>"Profil telah diupdate."));
+			}else{
+				echo json_encode(array("result"=>false,"msg"=>"Profil gagal diupdate DBERROR."));
+			}
+		break;
+
+		case 'hapususer':
+		$id=$_POST['id'];
+		if(ctype_digit($id)){
+			$hapus="DELETE FROM tbadmin WHERE idAdmin='$id'";
+			if($db->runQuery($hapus)){
+				echo json_encode(array("result"=>true,"msg"=>"Data Admin telah dihapus."));
+			}else{
+				echo json_encode(array("result"=>false,"msg"=>"Aksi gagal DBERROR."));
+			}
+		}
+		break;
+
+		case 'aktifkanuser':
+		$id=$_POST['id'];
+		if(ctype_digit($id)){
+			$aktifkan="UPDATE tbadmin SET aktif='Y' WHERE idAdmin='$id'";
+			if($db->runQuery($aktifkan)){
+				echo json_encode(array("result"=>true,"msg"=>"Status Admin Aktif."));
+			}else{
+				echo json_encode(array("result"=>false,"msg"=>"Aksi gagal DBERROR."));
+			}
+		}
+		break;
+
+		case 'nonaktifkanuser':
+		$id=$_POST['id'];
+		if(ctype_digit($id)){
+			$nonaktifkan="UPDATE tbadmin SET aktif='N' WHERE idAdmin='$id'";
+			if($db->runQuery($nonaktifkan)){
+				echo json_encode(array("result"=>true,"msg"=>"Status Admin Non Aktif."));
+			}else{
+				echo json_encode(array("result"=>false,"msg"=>"Aksi gagal DBERROR."));
+			}
+		}
+		break;
+	}
+}
+?>

admin/page/user/checkuser.php

@@ -0,0 +1,16 @@
+<?php
+session_start();
+include ("../../../inc/helper.php");
+include ("../../../inc/konfigurasi.php");
+include ("../../../inc/db.pdo.class.php");
+
+$db=new dB($dbsetting);
+if($_POST['username']){
+		$db->runQuery("SELECT idAdmin FROM tbadmin WHERE username='".$_POST['username']."' LIMIT 1");
+		if($db->dbRows()>0){
+			echo "false";
+		}else{
+			echo "true";
+		}
+	}
+?>

admin/page/user/daftar-user.php

@@ -0,0 +1,78 @@
+<?php $db=new dB($dbsetting); ?>
+<div class="row">
+	<div class="col-sm-12">
+		<ol class="breadcrumb">
+			<li>
+				<i class="clip-home-3"></i>
+				<a href="<?php ECHO ADMIN_PAGE;?>">
+					Home
+				</a>
+			</li>
+			<li>
+				<a href="<?php ECHO ADMIN_PAGE;?>dashboard.php?page=user&menu=man-user">
+					User
+				</a>
+			</li>
+			<li class="active">
+				Manajemen Admin
+			</li>
+			
+		</ol>
+		<div class="page-header">
+			<h1>Manajemen Admin SPOTA</h1>
+		</div>
+	</div>
+</div>
+<!-- <button class="btn btn-primary btn-sm" id="btnTambahUser"><i class="clip-user-6"></i> Buat User Baru</button> -->
+<a href="page/user/form-tambahuser.php" class="btn btn-primary btn-sm" data-target="#tambahuser" data-toggle="modal"><i class="clip-user-6"></i> Buat User Baru</a>
+<hr/>
+<div class="row">
+	<div class="col-md-12">
+		<!-- start: DYNAMIC TABLE PANEL -->
+		<table class="table table-striped table-bordered table-hover table-full-width" id="daftar-user">
+			<thead>
+				<tr>
+					<th style="width:30%;text-align:center">Nama & Username</th>
+					<th style="width:20%;text-align:center">Jabatan</th>
+					<th style="width:20%text-align:center">NIP</th>
+					<th style="width:20%text-align:center">Program Studi</th>
+					<th style="width:10%;text-align:center">Aksi</th>
+				</tr>
+			</thead>
+			<tbody>
+				<tr>
+					<td colspan="5" class="dataTables_empty">Loading data from server</td>
+				</tr>
+			</tbody>
+		</table>
+
+		<!-- end: DYNAMIC TABLE PANEL -->
+	</div>
+</div>
+
+<div id="tambahuser" class="modal fade" tabindex="-1" data-backdrop="static" data-width="760" data-keyboard="false" style="display: none;">
+   	<form id="tambahuserbaru" action="" method="post" class="form-horizontal">
+	   	<div class="modal-header">
+	        <h4 class="modal-title" id="myModalLabel">Tambah Admin</h4>
+	    </div>
+	  	<div class="modal-body"></div>
+	  	<div class="modal-footer">
+	    	<button type="button" data-dismiss="modal" class="btn btn-default btn-sm">Batal</button>
+	    	<button type="submit" class="btn btn-primary btn-sm">Tambah</button>
+	  	</div>
+  	</div>
+  </form> 
+</div>
+<div id="edituser" class="modal fade" tabindex="-1" data-backdrop="static" data-width="760" data-keyboard="false" style="display: none;">
+   	<form id="editdatauser" action="" method="post" class="form-horizontal">
+	   	<div class="modal-header">
+	        <h4 class="modal-title" id="myModalLabel">Edit Admin</h4>
+	    </div>
+	  	<div class="modal-body"></div>
+	  	<div class="modal-footer">
+	    	<button type="button" data-dismiss="modal" class="btn btn-default btn-sm">Batal</button>
+	    	<button type="submit" class="btn btn-primary btn-sm">Update</button>
+	  	</div>
+  	</div>
+  </form> 
+</div>

admin/page/user/form-edituser.php

@@ -0,0 +1,88 @@
+<?php
+session_start();
+include ("../../../inc/helper.php");
+include ("../../../inc/konfigurasi.php");
+include ("../../../inc/db.pdo.class.php");
+if($_SESSION['login-admin']['lvl']=='S'){
+	$db=new dB($dbsetting);
+	$id=$_GET['user'];
+	if(ctype_digit($id)){
+		$query="SELECT * FROM tbadmin WHERE idAdmin='$id' LIMIT 1";
+		$db->runQuery($query);
+		if($db->dbRows()>0){
+		$e=$db->dbFetch();
+	?>
+		<input type="hidden" name="act" value="update"/>
+		<input type="hidden" name="id" value="<?php echo $id;?>"/>
+		<div class="form-group">
+			<label class="col-sm-3">Nama Lengkap *</label>
+			<div class="col-sm-8">
+				<input type="text" name="nama_lengkap" value="<?php echo $e['nmLengkap'];?>" class="form-control"/>
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">Jabatan</label>
+			<div class="col-sm-8">
+				<input type="text" name="jabatan" value="<?php echo $e['jabatan'];?>" class="form-control" />
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">Program Studi</label>
+			<div class="col-sm-8">
+				<select name="prodi" class="form-control">
+					<option value="">- Pilih Program Studi -</option>
+					<?php
+					$query="Select tp.*,tj.nmJurusan, tf.nmFakultas From tbprodi tp LEFT JOIN tbjurusan tj ON (tp.idJur=tj.idJur) LEFT JOIN tbfakultas tf ON(tf.idFak=tp.idFak)";
+					$db->runQuery($query);
+					if($db->dbRows()>0){
+						while($r=$db->dbFetch()){
+							if($e['idProdi']==$r['idProdi']){
+								echo "<option value='".$r['idProdi']."' selected>".$r['nmFakultas']." - ".$r['nmProdi']."</option>";
+							}else{
+								echo "<option value='".$r['idProdi']."'>".$r['nmFakultas']." - ".$r['nmProdi']."</option>";
+							}
+						}
+					}
+					?>
+				</select>
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">NIP</label>
+			<div class="col-sm-8">
+				<input type="text" name="nip" value="<?php echo $e['nip'];?>" class="form-control" />
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">Email</label>
+			<div class="col-sm-8">
+				<input type="text" name="emailuser" name="emailuser" value="<?php echo $e['email'];?>" class="form-control"/>
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">No Telepon</label>
+			<div class="col-sm-8">
+				<input type="text" name="telp" value="<?php echo $e['notelp'];?>" class="form-control" />
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">Username</label>
+			<div class="col-sm-8">
+				<input type="text" name="username" readonly id="username" value="<?php echo $e['username'];?>" id="username" class="form-control" />
+			</div>
+		</div>
+		<div class="form-group">
+			<label class="col-sm-3">Password</label>
+			<div class="col-sm-8">
+				<label class="checkbox-inline">
+					<input type="checkbox" name="reset_pwd" value="yes" class="grey">
+					Reset Password (<em>Password : [username]12345</em>)
+				</label>
+			</div>
+		</div>
+
+	<?php
+		}
+	}
+}
+?>

admin/page/user/form-tambahuser.php

@@ -0,0 +1,68 @@
+<?php
+session_start();
+include ("../../../inc/helper.php");
+include ("../../../inc/konfigurasi.php");
+include ("../../../inc/db.pdo.class.php");
+
+$db=new dB($dbsetting);
+?>
+	<input type="hidden" name="act" value="insert"/>
+	<div class="form-group">
+		<label class="col-sm-3">Nama Lengkap *</label>
+		<div class="col-sm-8">
+			<input type="text" name="nama_lengkap" class="form-control"/>
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">Jabatan</label>
+		<div class="col-sm-8">
+			<input type="text" name="jabatan" class="form-control" />
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">Program Studi</label>
+		<div class="col-sm-8">
+			<select name="prodi" class="form-control">
+				<option value="">- Pilih Program Studi -</option>
+				<?php
+				$query="Select tp.*,tj.nmJurusan, tf.nmFakultas From tbprodi tp LEFT JOIN tbjurusan tj ON (tp.idJur=tj.idJur) LEFT JOIN tbfakultas tf ON(tf.idFak=tp.idFak)";
+				$db->runQuery($query);
+				if($db->dbRows()>0){
+					while($r=$db->dbFetch()){
+						echo "<option value='".$r['idProdi']."'>".$r['nmFakultas']." - ".$r['nmProdi']."</option>";
+					}
+				}
+				?>
+			</select>
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">NIP</label>
+		<div class="col-sm-8">
+			<input type="text" name="nip" class="form-control" />
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">Email</label>
+		<div class="col-sm-8">
+			<input type="text" name="emailuser" class="form-control"/>
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">No Telepon</label>
+		<div class="col-sm-8">
+			<input type="text" name="telp" class="form-control" />
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">Username</label>
+		<div class="col-sm-8">
+			<input type="text" name="username" id="username" class="form-control" />
+		</div>
+	</div>
+	<div class="form-group">
+		<label class="col-sm-3">Password</label>
+		<div class="col-sm-5">
+			<input type="password" name="pwd" id="pwd" value="" class="form-control" />
+		</div>
+	</div>

admin/page/user/list.daftar-user.php

@@ -0,0 +1,190 @@
+<?php
+	session_start();
+	$idlogin=$_SESSION['login-admin']['id'];
+	/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+	 * Easy set variables
+	 */
+	
+	/* Array of database columns which should be read and sent back to DataTables. Use a space where
+	 * you want to insert a non-database field (for example a counter or static image)
+	 */
+	$aColumns = array('ta.username','ta.nama_lengkap');
+	
+	/* Indexed column (used for fast and accurate table cardinality) */
+	$sIndexColumn = "ta.idAdmin";
+	
+	/* DB table to use */
+	$sTable = "tbadmin ta ";
+	
+	/* Database connection information */
+	include ("../../../inc/helper.php");
+	include ("../../../inc/konfigurasi.php");
+	include ("../../../inc/db.pdo.class.php");
+
+	$db=new dB($dbsetting);
+	
+	/* 
+	 * Paging
+	 */
+	$sLimit = "";
+	if ( isset( $_GET['iDisplayStart'] ) && $_GET['iDisplayLength'] != '-1' )
+	{
+		$sLimit = "LIMIT ".intval( $_GET['iDisplayStart'] ).", ".
+			intval( $_GET['iDisplayLength'] );
+	}
+	
+	
+	/*
+	 * Ordering
+	 */
+	$sOrder = "";
+	if ( isset( $_GET['iSortCol_0'] ) )
+	{
+		$sOrder = "ORDER BY  ";
+		for ( $i=0 ; $i<intval( $_GET['iSortingCols'] ) ; $i++ )
+		{
+			if ( $_GET[ 'bSortable_'.intval($_GET['iSortCol_'.$i]) ] == "true" )
+			{
+				$sOrder .= "".$aColumns[ intval( $_GET['iSortCol_'.$i] ) ]." ".
+					($_GET['sSortDir_'.$i]==='desc' ? 'asc' : 'desc') .", ";
+			}
+		}
+		
+		$sOrder = substr_replace( $sOrder, "", -2 );
+		if ( $sOrder == "ORDER BY" )
+		{
+			$sOrder = "";
+		}
+	}
+	
+	/* 
+	 * Filtering
+	 * NOTE this does not match the built-in DataTables filtering which does it
+	 * word by word on any field. It's possible to do here, but concerned about efficiency
+	 * on very large tables, and MySQL's regex functionality is very limited
+	 */
+	$sWhere = "";
+	if ( isset($_GET['sSearch']) && $_GET['sSearch'] != "" )
+	{
+		$sWhere = "WHERE (";
+		for ( $i=0 ; $i<count($aColumns) ; $i++ )
+		{
+			if ( isset($_GET['bSearchable_'.$i]) && $_GET['bSearchable_'.$i] == "true" )
+			{
+				$sWhere .= "".$aColumns[$i]." LIKE '%".$_GET['sSearch']."%' OR ";
+			}
+		}
+		$sWhere = substr_replace( $sWhere, "", -3 );
+		$sWhere .= ')';
+	}
+	
+	/* Individual column filtering */
+	for ( $i=0 ; $i<count($aColumns) ; $i++ )
+	{
+		if ( isset($_GET['bSearchable_'.$i]) && $_GET['bSearchable_'.$i] == "true" && $_GET['sSearch_'.$i] != '' )
+		{
+			if ( $sWhere == "" )
+			{
+				$sWhere = "WHERE ";
+			}
+			else
+			{
+				$sWhere .= " AND ";
+			}
+			$sWhere .= "".$aColumns[$i]." LIKE '%".$_GET['sSearch_'.$i]."%' ";
+		}
+	}
+
+
+	
+	$where2="";
+	if($sWhere!=''){
+		$where2="AND ta.idAdmin <> $idlogin";
+	}else{
+		$where2="WHERE ta.idAdmin <> $idlogin";
+	}
+
+	/*
+	 * SQL queries
+	 * Get data to display
+	 */
+	$sQuery0 = "
+	SELECT ta.idAdmin,tp.nmProdi,ta.username,ta.password,ta.jenisAdmin,ta.nmLengkap,ta.jabatan,ta.nip,ta.email,ta.aktif
+	FROM   $sTable LEFT JOIN tbprodi tp ON(tp.idProdi=ta.idProdi)
+		$sWhere
+		$where2
+		$sOrder 
+		";
+
+	$db->runQuery($sQuery0);
+	$iFilteredTotal = $db->dbRows();
+
+	$result=$db->runQuery($sQuery0.$sLimit);
+
+	/* Total data set length */
+	$sQuery2 = "
+		SELECT COUNT(idAdmin) as total FROM tbadmin WHERE idAdmin<> '$idlogin'
+	";
+	$db->runQuery($sQuery2);
+	$aResultTotal = $db->dbFetch();
+	$iTotal = $aResultTotal['total'];
+
+	$output = array(
+		"sEcho" => intval($_GET['sEcho']),
+		"iTotalRecords" => $iTotal,
+		"iTotalDisplayRecords" => $iFilteredTotal,
+		"aaData" => array()
+	);
+	
+	while ( $aRow = $db->dbFetch($result) )
+	{
+		//print_r($aRow);
+		$row = array();
+
+		if($aRow['aktif']=="N"){
+			$badge=' - <span class="label label-warning"> tidak aktif</span>';
+			$tombol='<li role="presentation">
+								<a role="menuitem" tabindex="-1" href="#" onClick="AktifkanUser('.$aRow['idAdmin'].')">
+									<i class="clip-checkmark-circle-2"></i> Aktifkan User
+								</a>
+							</li>';
+		}else{
+			$badge='';
+			$tombol='<li role="presentation">
+								<a role="menuitem" tabindex="-1" href="#" onClick="NonaktifkanUser('.$aRow['idAdmin'].')">
+									<i class="clip-cancel-circle-2"></i> Nonaktifkan
+								</a>
+							</li>';
+		}
+
+		$row[0]=$aRow['nmLengkap'].$badge."<br/><strong>(<em>".$aRow['username']."</em>)</strong>";
+		$row[1]=$aRow['jabatan'];
+		$row[2]=$aRow['nip'];
+		$aksi='<div class="btn-group">
+						<a class="btn btn-primary dropdown-toggle btn-sm" data-toggle="dropdown" href="#">
+							<i class="icon-cog"></i> <span class="caret"></span>
+						</a>
+						<ul role="menu" class="dropdown-menu pull-right">
+							'.$tombol.'
+							<li role="presentation">
+								<a role="menuitem" tabindex="-1" href="#" onClick="EditUser('.$aRow['idAdmin'].')">
+									<i class="icon-edit"></i> Edit
+								</a>
+							</li>							
+							<li role="presentation">
+								<a role="menuitem" tabindex="-1" href="#" onClick="HapusUser('.$aRow['idAdmin'].')">
+									<i class="icon-remove"></i> Hapus
+								</a>
+							</li>
+						</ul>
+					</div>';
+		$row[3]=$aRow['nmProdi'];
+		$row[4]=$aksi;
+
+		$output['aaData'][] = $row;
+		// print_r($row);
+		
+	}
+	
+	echo json_encode( $output );
+?>

admin/page/user/my-profile.php

@@ -0,0 +1,89 @@
+<?php $db=new dB($dbsetting); 
+
+$id=$_SESSION['login-admin']['id'];
+$db->runQuery("SELECT * FROM tbadmin WHERE idAdmin='$id'");
+if($db->dbRows()>0){
+	$u=$db->dbFetch();
+
+}
+?>
+<div class="row">
+	<div class="col-sm-12">
+		<ol class="breadcrumb">
+			<li>
+				<i class="clip-home-3"></i>
+				<a href="<?php ECHO ADMIN_PAGE;?>">
+					Home
+				</a>
+			</li>
+			<li class="active">
+				Profil Saya
+			</li>
+			
+		</ol>
+		<div class="page-header">
+			<h1>Profil Saya <small><strong><?php echo $u['nmLengkap'];?> </strong></small></h1>
+		</div>
+	</div>
+</div>
+<div class="row">
+	<div class="col-sm-12">
+		<form id="myprofile" action="" method="post" class="form-horizontal">
+			<input type="hidden" name="id" value="<?php echo $u['idAdmin'];?>" />
+			<input type="hidden" name="act" value="updatemyprofile"/>
+			<div class="form-group">
+				<label class="col-sm-2">Nama Lengkap *</label>
+				<div class="col-sm-9">
+					<input type="text" name="nama_lengkap" value="<?php echo $u['nmLengkap'];?>" class="form-control required" title="Silakan isi Nama Lengkap Anda"/>
+				</div>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">Jabatan</label>
+				<div class="col-sm-9">
+					<input type="text" name="jabatan" value="<?php echo $u['jabatan'];?>" class="form-control" />
+				</div>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">NIP</label>
+				<div class="col-sm-9">
+					<input type="text" name="nip" value="<?php echo $u['nip'];?>" class="form-control" />
+				</div>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">Email</label>
+				<div class="col-sm-9">
+					<input type="text" name="emailuser" name="emailuser" value="<?php echo $u['email'];?>" class="form-control" title="Silakan masukkan alamat email yang valid"/>
+				</div>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">No Telepon</label>
+				<div class="col-sm-9">
+					<input type="text" name="telp" value="<?php echo $u['notelp'];?>" class="form-control" />
+				</div>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">Username</label>
+				<div class="col-sm-9">
+					<input type="text" name="username" value="<?php echo $u['username'];?>" readonly class="form-control" />
+				</div>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">Password</label>
+				<div class="col-sm-4">
+					<input type="password" name="pwd" id="pwd" value="" class="form-control" />
+				</div>
+				*<em>kosongkan jika tidak mengganti password</em>
+			</div>
+			<div class="form-group">
+				<label class="col-sm-2">Password Lama</label>
+				<div class="col-sm-4">
+					<input type="password" name="pwd_lama" id="pwd_lama" value="" class="form-control" title="Silakan masukkan password lama anda." />
+				</div>
+				*<em>Wajib diisi jika ingin mengganti password</em>
+			</div>
+			<hr/>
+			<button type="submit" class="btn btn-primary btn-sm">Simpan</button> 
+			<span id="loading" style="display:none"><i class="clip-spin-alt icon-spin"></i><em> Menyimpan..</em></span>
+		</form>
+	</div>
+</div>

admin/page/user/user.php

@@ -0,0 +1,19 @@
+<?php
+switch ($_GET['menu']) {
+	case 'man-user':
+		if($_SESSION['login-admin']['lvl']=='S'){
+			include "daftar-user.php";
+		}else{
+			//page not found 404
+		}
+	break;
+		
+	case 'my-profile':
+		include "my-profile.php";
+	break;
+	
+	default:
+		echo "<script>location.href='".ADMIN_PAGE."dashboard.php?page=user&menu=man-user'</script>";
+	break;
+}
+?>