Files
2026-06-10 21:06:57 +07:00

56 lines
1.6 KiB
PHP

<?php
require_once '../../auth.php';
requireRole('admin');
header('Content-Type: application/json');
require_once '../../../config.php';
$conn = getDB();
$data = json_decode(file_get_contents("php://input"), true);
if (!$data || !isset($data['id'])) {
echo json_encode(["status" => "error", "message" => "Data tidak lengkap"]);
exit;
}
$id = (int) $data['id'];
$nama = trim($data['nama']);
$username = trim($data['username']);
$role = $data['role'];
if (!$nama || !$username || !in_array($role, ['admin', 'operator'])) {
echo json_encode(["status" => "error", "message" => "Data tidak valid"]);
exit;
}
// Cek username sudah dipakai user lain
$cek = $conn->prepare("SELECT id FROM users WHERE username = ? AND id != ?");
$cek->bind_param("si", $username, $id);
$cek->execute();
$cek->store_result();
if ($cek->num_rows > 0) {
echo json_encode(["status" => "error", "message" => "Username sudah digunakan user lain"]);
$cek->close();
$conn->close();
exit;
}
$cek->close();
// Update dengan atau tanpa password baru
if (!empty($data['password'])) {
$hash = password_hash($data['password'], PASSWORD_DEFAULT);
$stmt = $conn->prepare("UPDATE users SET nama=?, username=?, password=?, role=? WHERE id=?");
$stmt->bind_param("ssssi", $nama, $username, $hash, $role, $id);
} else {
$stmt = $conn->prepare("UPDATE users SET nama=?, username=?, role=? WHERE id=?");
$stmt->bind_param("sssi", $nama, $username, $role, $id);
}
if ($stmt->execute()) {
echo json_encode(["status" => "success"]);
} else {
echo json_encode(["status" => "error", "message" => $stmt->error]);
}
$stmt->close();
$conn->close();
?>