42 lines
1.2 KiB
PHP
42 lines
1.2 KiB
PHP
<?php
|
|
/**
|
|
* verify_user.php — Approve atau Reject user yang pending
|
|
* POST: user_id, action (approve/reject)
|
|
* Hanya admin yang boleh akses
|
|
*/
|
|
session_start();
|
|
require_once 'koneksi.php';
|
|
header('Content-Type: application/json');
|
|
|
|
if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
|
|
echo json_encode(['success' => false, 'message' => 'Akses ditolak. Hanya Admin.']);
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
echo json_encode(['success' => false, 'message' => 'Hanya POST']);
|
|
exit;
|
|
}
|
|
|
|
$user_id = (int)($_POST['user_id'] ?? 0);
|
|
$action = $_POST['action'] ?? '';
|
|
|
|
if ($user_id <= 0 || !in_array($action, ['approve', 'reject'])) {
|
|
echo json_encode(['success' => false, 'message' => 'Parameter tidak valid']);
|
|
exit;
|
|
}
|
|
|
|
$newStatus = ($action === 'approve') ? 'approved' : 'rejected';
|
|
|
|
$stmt = $conn->prepare("UPDATE users SET status = ? WHERE id = ?");
|
|
$stmt->bind_param("si", $newStatus, $user_id);
|
|
|
|
if ($stmt->execute()) {
|
|
echo json_encode(['success' => true, 'message' => "Akun berhasil di-" . $newStatus]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Gagal memperbarui status: ' . $conn->error]);
|
|
}
|
|
|
|
$stmt->close();
|
|
$conn->close();
|