47 lines
1.5 KiB
PHP
47 lines
1.5 KiB
PHP
<?php
|
|
/**
|
|
* admin_reset_password.php — Admin mereset password user
|
|
* POST: request_id, user_id, new_password
|
|
*/
|
|
session_start();
|
|
require_once 'koneksi.php';
|
|
header('Content-Type: application/json');
|
|
|
|
if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
|
|
echo json_encode(['success' => false, 'message' => 'Akses ditolak']);
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
echo json_encode(['success' => false, 'message' => 'Hanya POST']);
|
|
exit;
|
|
}
|
|
|
|
$request_id = (int)($_POST['request_id'] ?? 0);
|
|
$user_id = (int)($_POST['user_id'] ?? 0);
|
|
$new_password = $_POST['new_password'] ?? '';
|
|
|
|
if ($request_id <= 0 || $user_id <= 0 || strlen($new_password) < 6) {
|
|
echo json_encode(['success' => false, 'message' => 'Password minimal 6 karakter']);
|
|
exit;
|
|
}
|
|
|
|
// Update password user
|
|
$hashed = password_hash($new_password, PASSWORD_DEFAULT);
|
|
$stmt = $conn->prepare("UPDATE users SET password = ? WHERE id = ?");
|
|
$stmt->bind_param("si", $hashed, $user_id);
|
|
if (!$stmt->execute()) {
|
|
echo json_encode(['success' => false, 'message' => 'Gagal update password']);
|
|
$stmt->close(); $conn->close(); exit;
|
|
}
|
|
$stmt->close();
|
|
|
|
// Tandai request sebagai done
|
|
$stmt2 = $conn->prepare("UPDATE password_resets SET status = 'done' WHERE id = ?");
|
|
$stmt2->bind_param("i", $request_id);
|
|
$stmt2->execute();
|
|
$stmt2->close();
|
|
|
|
echo json_encode(['success' => true, 'message' => 'Password berhasil direset. User bisa login dengan password baru.']);
|
|
$conn->close();
|