Add SPOTA core PHP application
Add the main admin, dosen, mahasiswa, API, and service code needed to run the core legacy application with configurable upload storage.
This commit is contained in:
Power BI Dev
323
mahasiswa/act.auth.php
Normal file
323
mahasiswa/act.auth.php
Normal file
@@ -0,0 +1,323 @@
|
||||
<?php
|
||||
error_reporting(E_ALL);
|
||||
ini_set('display_errors', '1');
|
||||
|
||||
session_start();
|
||||
|
||||
include ("../inc/helper.php");
|
||||
include ("../inc/konfigurasi.php");
|
||||
include ("../inc/db.pdo.class.php");
|
||||
|
||||
|
||||
$db=new dB($dbsetting);
|
||||
if($_POST){
|
||||
|
||||
switch ($_POST['act']) {
|
||||
case 'login':
|
||||
|
||||
$username=$_POST['username'];
|
||||
$password=$_POST['password'];
|
||||
|
||||
$check="SELECT tm.nim,tm.idmhs,tm.password,tm.nmLengkap,tm.idProdi,tp.nmProdi,tm.status FROM tbmhs tm LEFT JOIN tbprodi tp ON (tm.idProdi=tp.idProdi) WHERE tm.nim='$username' AND tm.status IN ('A','P') LIMIT 1";
|
||||
$db->runQuery($check);
|
||||
|
||||
if($db->dbRows()>0){
|
||||
$log=$db->dbFetch();
|
||||
if($log['password']==md5($password)){
|
||||
$sesilogin=array(
|
||||
"nim"=>$log['nim'],
|
||||
"prodi"=>$log['idProdi'],
|
||||
"nmprodi"=>$log['nmProdi'],
|
||||
"nama_lengkap"=>$log['nmLengkap'],
|
||||
"id"=>$log['idmhs'],
|
||||
"status"=>$log['status']
|
||||
);
|
||||
|
||||
$_SESSION['login-mhs']=$sesilogin;
|
||||
echo json_encode(
|
||||
array(
|
||||
"result" =>TRUE,
|
||||
"msg" =>"Login Sukses."
|
||||
));
|
||||
}else{
|
||||
//password salah
|
||||
echo json_encode(
|
||||
array(
|
||||
"result" =>FALSE,
|
||||
"msg" =>"Gagal Login, Password anda tidak sesuai/salah."
|
||||
));
|
||||
}
|
||||
}else{
|
||||
//username tidak terdaftar
|
||||
echo json_encode(array(
|
||||
"result" =>FALSE,
|
||||
"msg" =>"Gagal Login, Username Anda tidak terdaftar."
|
||||
));
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
case 'loginnew':
|
||||
|
||||
$username=$_POST['username'];
|
||||
$password=$_POST['password'];
|
||||
|
||||
$usernameSiakad = rawurlencode($username);
|
||||
$passwordSiakad = rawurlencode($password);
|
||||
|
||||
$passwordMD5 = md5($password);
|
||||
|
||||
//$url = "http://servicedosen.siakad.untan.ac.id/Datasnap/Rest/Tservermethods1/loginmhs/$usernameSiakad/x$passwordSiakad";
|
||||
//$url = "http://203.24.50.140/API/forward-login-siakad-mhs.php?nim=$usernameSiakad&pass=$passwordSiakad";
|
||||
|
||||
//$url = "https://informatika.untan.ac.id/API/public/forward-login-siakad-mhs.php?nim=$usernameSiakad&pass=$passwordSiakad";
|
||||
/**
|
||||
$url = "http://203.24.50.140/API/login-siakad-mhs.php?username=$usernameSiakad&password=$passwordSiakad";
|
||||
$context = stream_context_create(['http' => ['ignore_errors' => true]]);
|
||||
$result = @file_get_contents($url, false, $context);
|
||||
|
||||
if ($http_response_header[0] == 'HTTP/1.1 200 OK') {
|
||||
$decodedResult = json_decode($result, true);
|
||||
//echo $result;
|
||||
if (isset($decodedResult['result'][0]['idmhs'])) {
|
||||
if ($decodedResult['result'][0]['idmhs'] == '0') {
|
||||
echo json_encode(array(
|
||||
"result" =>FALSE,
|
||||
"msg" => "Username atau password tidak cocok."
|
||||
));
|
||||
exit();
|
||||
} else {
|
||||
$dataMahasiswa = $decodedResult['result'][0];
|
||||
$namaMahasiswa = $dataMahasiswa['nama'];
|
||||
$idProdiMahasiswa = $dataMahasiswa['idprogdi'];
|
||||
}
|
||||
} else {
|
||||
$dom = new DOMDocument();
|
||||
@$dom->loadHTML($result);
|
||||
$x = new DOMXPath($dom);
|
||||
|
||||
$pesanSiakad = null;
|
||||
foreach ($x->query("//div[contains(@class, 'kotak')]") as $node) {
|
||||
$pesanSiakad = $node->nodeValue;
|
||||
}
|
||||
|
||||
if ($pesanSiakad != null) {
|
||||
$namaMahasiswa = trim(get_string_between($pesanSiakad, 'Sdr/i.', ', Anda Terkena'));
|
||||
$idProdiMahasiswa = "-1";
|
||||
|
||||
} else {
|
||||
echo json_encode(array(
|
||||
"result" =>FALSE,
|
||||
"msg" =>"Tidak dapat terhubung dengan service SIAKAD."
|
||||
));
|
||||
exit();
|
||||
}
|
||||
|
||||
//print_r($data);
|
||||
}
|
||||
} else {
|
||||
echo json_encode(array(
|
||||
"result" =>FALSE,
|
||||
"msg" =>"Tidak dapat terhubung dengan service SIAKAD."
|
||||
));
|
||||
exit();
|
||||
}
|
||||
*/
|
||||
|
||||
/** login presensi */
|
||||
|
||||
$usernamePost = urlencode($username);
|
||||
$passwordPost = urlencode($password);
|
||||
//$url = "http://bkd.untan.ac.id/API/steven/login-siakad-mhs.php?username=$usernamePost&password=$passwordPost";
|
||||
$url = "http://203.24.50.140/API/login-siakad-mhs.php?get&username=$usernamePost&password=$passwordPost";
|
||||
//$result = file_get_contents($url);
|
||||
|
||||
|
||||
//$decodedData = json_decode($result, 1);
|
||||
|
||||
$payload = [
|
||||
'nim' => $username,
|
||||
'password' => $password,
|
||||
];
|
||||
|
||||
$postData = json_encode($payload);
|
||||
$opts = ['http' =>
|
||||
[
|
||||
'method' => 'POST',
|
||||
'ignore_errors' => true,
|
||||
'header' => 'Content-Type: application/json',
|
||||
'content' => $postData,
|
||||
|
||||
],
|
||||
"ssl"=>[
|
||||
"verify_peer"=>false,
|
||||
"verify_peer_name"=>false,
|
||||
],
|
||||
];
|
||||
|
||||
$context = stream_context_create($opts);
|
||||
$response = file_get_contents($url, false, $context);
|
||||
|
||||
/**
|
||||
$decoded = json_decode($response, 1);
|
||||
|
||||
|
||||
if (!isset($decoded['CODE'])) {
|
||||
echo json_encode([
|
||||
'result' => FALSE,
|
||||
'msg' => 'Tidak dapat terhubung dengan Service SIAKAD.',
|
||||
]);
|
||||
exit();
|
||||
}
|
||||
|
||||
$responseCode = $decoded['CODE'];
|
||||
|
||||
if ($responseCode == '502') {
|
||||
echo json_encode([
|
||||
'status' => FALSE,
|
||||
'msg' => 'Tidak dapat terhubung dengan Service SIAKAD.',
|
||||
]);
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($responseCode == '401') {
|
||||
echo json_encode([
|
||||
'status' => FALSE,
|
||||
'msg' => 'NIM atau password tidak cocok.',
|
||||
]);
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($responseCode == '200') {
|
||||
$dataMahasiswa = $decoded['USER'];
|
||||
$namaMahasiswa = $dataMahasiswa['nama'];
|
||||
$namaMahasiswa = str_replace('"', "", $namaMahasiswa);
|
||||
$namaMahasiswa = str_replace("'", "", $namaMahasiswa);
|
||||
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
$decodedData = json_decode($response, 1);
|
||||
|
||||
$decoded = $decodedData['result'];
|
||||
if (!isset($decoded)) {
|
||||
echo json_encode([
|
||||
'status' => FALSE,
|
||||
'msg' => 'Tidak dapat terhubung dengan Service SIAKAD.',
|
||||
]);
|
||||
exit();
|
||||
}
|
||||
|
||||
$dataMahasiswa = $decoded['0'];
|
||||
|
||||
if (!isset($dataMahasiswa['iden'])) {
|
||||
echo json_encode([
|
||||
'status' => FALSE,
|
||||
'msg' => 'NIM atau password tidak cocok.',
|
||||
]);
|
||||
exit();
|
||||
}
|
||||
|
||||
$namaMahasiswa = $dataMahasiswa['nama'];
|
||||
$namaMahasiswa = str_replace('"', "", $namaMahasiswa);
|
||||
$namaMahasiswa = str_replace("'", "", $namaMahasiswa);
|
||||
|
||||
|
||||
/** end login presensi */
|
||||
|
||||
$check="SELECT tm.nim,tm.idmhs,tm.password,tm.nmLengkap,tm.idProdi,tp.nmProdi,tm.status FROM tbmhs tm LEFT JOIN tbprodi tp ON (tm.idProdi=tp.idProdi) WHERE tm.nim='$username' LIMIT 1";
|
||||
$db->runQuery($check);
|
||||
|
||||
if($db->dbRows()>0){
|
||||
$log=$db->dbFetch();
|
||||
$sesilogin=array(
|
||||
"nim"=>$log['nim'],
|
||||
"prodi"=>$log['idProdi'],
|
||||
"nmprodi"=>$log['nmProdi'],
|
||||
"nama_lengkap"=>$log['nmLengkap'],
|
||||
"id"=>$log['idmhs'],
|
||||
"status"=>$log['status']
|
||||
);
|
||||
|
||||
$_SESSION['login-mhs']=$sesilogin;
|
||||
|
||||
$update = "UPDATE tbmhs SET password = '{$passwordMD5}' WHERE idmhs = {$log['idmhs']}";
|
||||
$db->runQuery($update);
|
||||
|
||||
echo json_encode(
|
||||
array(
|
||||
"result" =>TRUE,
|
||||
"msg" =>"Login Sukses."
|
||||
));
|
||||
}else{
|
||||
//username tidak terdaftar
|
||||
$thnMasuk = '20'.substr($username, 5, 2);
|
||||
$insert = "INSERT INTO tbmhs(nim, password, nmLengkap, idProdi, thnmasuk, status, bolehUploadDraft) VALUES ('{$username}', '{$passwordMD5}', '{$namaMahasiswa}', '2', '{$thnMasuk}', 'A', '0')";
|
||||
$db->runQuery($insert);
|
||||
|
||||
$check="SELECT tm.nim,tm.idmhs,tm.password,tm.nmLengkap,tm.idProdi,tp.nmProdi,tm.status FROM tbmhs tm LEFT JOIN tbprodi tp ON (tm.idProdi=tp.idProdi) WHERE tm.nim='$username' LIMIT 1";
|
||||
$db->runQuery($check);
|
||||
|
||||
$log=$db->dbFetch();
|
||||
$sesilogin=array(
|
||||
"nim"=>$log['nim'],
|
||||
"prodi"=>$log['idProdi'],
|
||||
"nmprodi"=>$log['nmProdi'],
|
||||
"nama_lengkap"=>$log['nmLengkap'],
|
||||
"id"=>$log['idmhs'],
|
||||
"status"=>$log['status']
|
||||
);
|
||||
|
||||
$_SESSION['login-mhs']=$sesilogin;
|
||||
echo json_encode(
|
||||
array(
|
||||
"result" =>TRUE,
|
||||
"msg" =>"Login Sukses."
|
||||
));
|
||||
|
||||
}
|
||||
break;
|
||||
|
||||
case 'logout':
|
||||
unset($_SESSION['login-mhs']);
|
||||
echo json_encode(array("result"=>true));
|
||||
break;
|
||||
|
||||
case 'recoverpass' : // coming soon
|
||||
$email=$_POST['email'];
|
||||
$query="SELECT * FROM tbmhs WHERE email='$email' limit 1";
|
||||
$db->runQuery($query);
|
||||
if($db->dbRows()>0){
|
||||
$r=$db->dbFetch();
|
||||
$idmh=$r['idmhs'];
|
||||
$username=$r['nim'];
|
||||
$password=$r['password'];
|
||||
$date=date('Y-m-d H:i:s');
|
||||
$recoverkey=md5($password.$username.$date);
|
||||
$recover="INSERT INTO temp_resetpass SET tglrecover='$date', iduser='$idmh', jenis='M', rkey='$recoverkey'";
|
||||
//echo $recover;
|
||||
$db->runQuery($recover);
|
||||
|
||||
//$linkreset="/~project/spota/request.php?key=$recoverkey";
|
||||
//script kirim email
|
||||
echo json_encode(array(
|
||||
"result" =>TRUE,
|
||||
"msg" =>"Terima Kasih, \nSilakan Cek Email Anda untuk reset password"
|
||||
));
|
||||
}else{
|
||||
echo json_encode(array(
|
||||
"result" =>FALSE,
|
||||
"msg" =>"Email tidak terdaftar."
|
||||
));
|
||||
}
|
||||
break;
|
||||
|
||||
/*default:
|
||||
break;*/
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user