Files
D1041231091-WebGIS-All/05/hapus_user.php
T

72 lines
3.2 KiB
PHP

<?php
/**
* hapus_user.php
* Menghapus akun jika belum punya relasi data. Jika sudah punya relasi, akun dinonaktifkan agar data audit tidak rusak.
*/
require_once __DIR__ . '/auth.php';
require_login(true);
require_role(['super_admin', 'admin_rumah_ibadah'], true);
require_post();
$actor = current_user();
$actorRole = $actor['role'];
$id = (int) post('id');
if ($id <= 0) json_response('err', 'ID akun tidak valid.', [], 422);
if ($id === (int)$actor['id']) json_response('err', 'Akun yang sedang dipakai tidak boleh dihapus dari sini.', [], 403);
$stmt = $koneksi->prepare("SELECT id, role FROM users WHERE id=? LIMIT 1");
$stmt->bind_param('i', $id);
$stmt->execute();
$target = $stmt->get_result()->fetch_assoc();
if (!$target) json_response('err', 'Akun tidak ditemukan.', [], 404);
if ($actorRole === 'super_admin') {
if (!in_array($target['role'], ['admin_rumah_ibadah', 'penerima'], true)) {
json_response('err', 'Super admin hanya menghapus/menonaktifkan akun admin rumah ibadah dan penerima dari halaman ini.', [], 403);
}
} else {
if ($target['role'] !== 'penerima') json_response('err', 'Admin rumah ibadah hanya boleh menghapus/menonaktifkan akun penerima.', [], 403);
$ids = get_admin_rumah_ibadah_ids((int)$actor['id'], true);
$types = 'i';
$params = [$id];
if (!empty($ids)) {
$notIn = build_in_condition('rumah_ibadah_id', $ids, $types, $params);
$stmt = $koneksi->prepare("SELECT COUNT(*) AS jml FROM penerima_bantuan WHERE user_id=? AND COALESCE(status_hapus,'normal')<>'disetujui' AND rumah_ibadah_id IS NOT NULL AND NOT ($notIn)");
} else {
$stmt = $koneksi->prepare("SELECT COUNT(*) AS jml FROM penerima_bantuan WHERE user_id=? AND COALESCE(status_hapus,'normal')<>'disetujui' AND rumah_ibadah_id IS NOT NULL");
}
stmt_bind($stmt, $types, $params);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
if ((int)$row['jml'] > 0) json_response('err', 'Akun penerima ini terhubung dengan rumah ibadah lain.', [], 403);
}
// Cek relasi agar tidak merusak foreign key dan riwayat audit.
$related = 0;
$checks = [
["SELECT COUNT(*) AS jml FROM rumah_ibadah WHERE user_id=?", 'i'],
["SELECT COUNT(*) AS jml FROM penerima_bantuan WHERE user_id=?", 'i'],
["SELECT COUNT(*) AS jml FROM penyaluran_bantuan WHERE admin_id=?", 'i'],
["SELECT COUNT(*) AS jml FROM riwayat_status WHERE user_id=?", 'i']
];
foreach ($checks as $c) {
$stmt = $koneksi->prepare($c[0]);
$stmt->bind_param('i', $id);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
$related += (int)$row['jml'];
}
if ($related > 0) {
$stmt = $koneksi->prepare("UPDATE users SET status_akun='nonaktif' WHERE id=?");
$stmt->bind_param('i', $id);
if (!$stmt->execute()) json_response('err', 'Gagal menonaktifkan akun: ' . $stmt->error, [], 500);
json_response('ok', 'Akun memiliki relasi data, jadi tidak dihapus permanen. Akun sudah dinonaktifkan.', ['mode' => 'nonaktif']);
}
$stmt = $koneksi->prepare("DELETE FROM users WHERE id=?");
$stmt->bind_param('i', $id);
if (!$stmt->execute()) json_response('err', 'Gagal menghapus akun: ' . $stmt->error, [], 500);
json_response('ok', 'Akun berhasil dihapus permanen.', ['mode' => 'delete']);
?>