Files
D1041231077-webgis/03/request_reset.php
T
2026-06-10 22:26:03 +07:00

63 lines
1.9 KiB
PHP

<?php
/**
* request_reset.php — Kirim permintaan reset password ke Admin
* POST: email
*/
session_start();
require_once 'koneksi.php';
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
echo json_encode(['success' => false, 'message' => 'Hanya POST']);
exit;
}
$email = trim($_POST['email'] ?? '');
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo json_encode(['success' => false, 'message' => 'Email tidak valid']);
exit;
}
// Cek apakah email terdaftar
$stmt = $conn->prepare("SELECT id, nama FROM users WHERE email = ? AND status = 'approved'");
$stmt->bind_param("s", $email);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 0) {
// Jangan reveal apakah email terdaftar atau tidak (keamanan)
echo json_encode(['success' => true, 'message' => 'Permintaan reset password Anda telah dikirim ke Admin.']);
$stmt->close();
$conn->close();
exit;
}
$user = $result->fetch_assoc();
$stmt->close();
// Cek apakah sudah ada request pending
$stmt2 = $conn->prepare("SELECT id FROM password_resets WHERE user_id = ? AND status = 'pending'");
$stmt2->bind_param("i", $user['id']);
$stmt2->execute();
if ($stmt2->get_result()->num_rows > 0) {
echo json_encode(['success' => true, 'message' => 'Permintaan reset sudah dikirim sebelumnya. Harap tunggu Admin memproses.']);
$stmt2->close();
$conn->close();
exit;
}
$stmt2->close();
// Simpan request reset
$stmt3 = $conn->prepare("INSERT INTO password_resets (user_id, email) VALUES (?, ?)");
$stmt3->bind_param("is", $user['id'], $email);
if ($stmt3->execute()) {
echo json_encode(['success' => true, 'message' => 'Permintaan reset password telah dikirim ke Admin. Harap tunggu konfirmasi.']);
} else {
echo json_encode(['success' => false, 'message' => 'Gagal mengirim permintaan: ' . $conn->error]);
}
$stmt3->close();
$conn->close();