izu/spota-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a1abe25ac94492604c7ccfc7e5b534ef29ce160c
spota-dev/steven/API/login.php
Power BI Dev a1abe25ac9 Add missing Steven API runtime files
2026-05-07 23:26:57 +07:00

245 lines
8.1 KiB
PHP
Raw Blame History

<?php
session_start();
include '../conf/koneksiPDO.php';
include '../conf/function.php';
header('Content-Type: application/json');
$conn = new createCon();
$dbh = $conn->connect();
checkKey('POST', 'username');
checkKey('POST', 'password');
$username = trim(strtoupper($_POST['username']));
$password = $_POST['password'];
$passwordRaw = $password;
$password = md5($password);
$loginSuccess = false;
$pesanError = 'Username dan password tidak cocok!!!';
if(!(isset($_GET['dosen']) || isset($_GET['admin']))){
$usernameSiakad = rawurlencode($username);
$passwordSiakad = rawurlencode($passwordRaw);
/**
$url = "https://bkd.untan.ac.id/API/forward-login-siakad-mhs.php?nim=$usernameSiakad&pass=$passwordSiakad";
//$url = "http://203.24.50.140/API/forward-login-siakad-mhs.php?nim=$usernameSiakad&pass=$passwordSiakad";
$context = stream_context_create(['http' => ['ignore_errors' => true]]);
$result = @file_get_contents($url, false, $context);
if ($http_response_header[0] == 'HTTP/1.1 200 OK') {
$decodedResult = json_decode($result, true);
//echo $result;
if (isset($decodedResult['result'][0]['idmhs'])) {
if (!($decodedResult['result'][0]['idmhs'] == '0')) {
$sql = "UPDATE tbmhs SET password = :password WHERE nim = :nim";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':nim', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
}
} else {
$dom = new DOMDocument();
@$dom->loadHTML($result);
$x = new DOMXPath($dom);
$pesanSiakad = null;
foreach ($x->query("//div[contains(@class, 'kotak')]") as $node) {
$pesanSiakad = $node->nodeValue;
}
if ($pesanSiakad != null) {
$sql = "UPDATE tbmhs SET password = :password WHERE nim = :nim";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':nim', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
}
}
}
**/
//$url = "http://203.24.50.140/API/login-siakad-mhs.php?username=$username&password=$passwordRaw";
$url = (string) (getenv('SPOTA_SIAKAD_LOGIN_URL') ?: '');
$payload = [
'nim' => $username,
'password' => $passwordRaw,
];
$postData = json_encode($payload);
$opts = ['http' =>
[
'method' => 'POST',
'ignore_errors' => true,
'header' => 'Content-Type: application/json',
'content' => $postData,
],
"ssl"=>[
"verify_peer"=>false,
"verify_peer_name"=>false,
],
];
$context = stream_context_create($opts);
if ($url !== '') {
$response = @file_get_contents($url, false, $context);
$decoded = json_decode((string) $response, 1);
$responseCode = isset($decoded['CODE']) ? (string) $decoded['CODE'] : null;
if ($responseCode === '200') {
$sql = "UPDATE tbmhs SET password = :password WHERE nim = :nim";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':nim', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
}
}
}
$sql = 'SELECT * FROM tbmhs WHERE nim = :nim AND password = :password';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':nim', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$loginSuccess = true;
$level = 'mahasiswa';
$idMhs = $row['idmhs'];
$nim = $row['nim'];
$namaMhs = $row['nmLengkap'];
$email = $row['email'];
$foto = $row['foto'];
$urlFoto = "//spota.untan.ac.id/img/$foto";
$data = [
'id' => $idMhs,
'nim' => $nim,
'nama' => $namaMhs,
'email' => $email,
'foto' => $foto,
'urlFoto' => $urlFoto,
];
}
if (isset($_GET['dosen'])) {
$loginSuccess = false;
$data = [];
}
if (!$loginSuccess) {
$sql = 'SELECT * FROM tbdosen WHERE nip = :nip AND password = :password';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':nip', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
// if($username == "123456"){
// $x = '198908192019032012';
// $sql = 'SELECT * FROM tbdosen WHERE nip = :nip';
// $stmt = $dbh->prepare($sql);
// $stmt->bindParam(':nip', $x);
// $stmt->execute();
// }
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$loginSuccess = true;
$level = 'dosen';
$idDosen = $row['iddosen'];
$nip = $row['nip'];
$nama = $row['nmLengkap'];
$email = $row['email'];
$hp = $row['nohp'];
$foto = $row['foto'];
$jenisDosen = $row['jenis'];
$kajur = false;
if ($jenisDosen == 'K') {
$kajur = true;
}
$urlFoto = "//spota.untan.ac.id/img/$foto";
$data = [
'id' => $idDosen,
'nip' => $nip,
'nama' => $nama,
'email' => $email,
'hp' => $hp,
'foto' => $foto,
'kajur' => $kajur,
'urlFoto' => $urlFoto,
];
}
}
if (isset($_GET['admin'])) {
$loginSuccess = false;
$data = [];
}
if (!$loginSuccess) {
$sql = 'SELECT * FROM tbadmin WHERE username = :username AND password = :password';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$loginSuccess = true;
$level = 'admin';
$idAdmin = $row['idAdmin'];
$nip = $row['nip'];
$nama = $row['nmLengkap'];
$email = $row['email'];
$hp = $row['notelp'];
$data = [
'id' => $idAdmin,
'nip' => $nip,
'nama' => $nama,
'email' => $email,
'hp' => $hp,
];
}
}
if ($loginSuccess) {
$_SESSION = [];
if ($level === 'mahasiswa') {
$_SESSION['login-mhs'] = [
'id' => $data['id'],
'nim' => $data['nim'],
'nama' => $data['nama'],
'email' => $data['email'],
];
} elseif ($level === 'dosen') {
$_SESSION['login-dosen'] = [
'id' => $data['id'],
'nip' => $data['nip'],
'nama' => $data['nama'],
'email' => $data['email'],
'hp' => $data['hp'],
'kajur' => $data['kajur'],
];
} elseif ($level === 'admin') {
$_SESSION['login-admin'] = [
'id' => $data['id'],
'nip' => $data['nip'],
'nama' => $data['nama'],
'email' => $data['email'],
'hp' => $data['hp'],
];
}
echo json_encode(['status' => 1, 'msg' => 'Login sukses!!!', 'data' => $data, 'level' => $level]);
} else {
echo json_encode(['status' => 0, 'msg' => $pesanError]);
}
Reference in New Issue View Git Blame Copy Permalink