This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //configs.php | |
| date_default_timezone_set("Asia/Jakarta"); | |
| ini_set('memory_limit', '-1'); | |
| ini_set('max_execution_time', '3600'); | |
| $protocol = "http"; | |
| $host = "localhost"; | |
| $directory = "mystok5"; | |
| $url_lengkap = $protocol . "://" . $host . "/" . $directory; | |
| $hostname = "localhost"; //KALO PORT BUKAN 3306, maka set DISINI dengan separator tanda "titik dua" (:) | |
| $database = "mystok5"; | |
| $username = "root"; | |
| $password = ""; | |
| $db = new PDO("mysql:host=" . $hostname . ";dbname=" . $database . ";charset=utf8mb4", $username, $password); | |
| $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
| $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, true); | |
| function cek_token_akses_menu($token_pengguna, $nama_tabel, $action, $db) { | |
| $stmt = $db->prepare("SELECT * FROM token_pengguna a, pengguna b, grup_pengguna c, akses_menu d, menu e WHERE a.id_pengguna=b.id_pengguna AND b.id_grup_pengguna=c.id_grup_pengguna AND c.id_grup_pengguna=d.id_grup_pengguna AND d.id_menu=e.id_menu AND e.alias_menu=:2 AND d." . $action . "_akses_menu='1' AND a.nama_token_pengguna=:1 AND a.waktu_habis_token_pengguna>NOW() AND a.status_token_pengguna='1' AND b.status_pengguna='1' AND c.status_grup_pengguna='1' AND d.status_akses_menu='1' AND e.status_menu='1' LIMIT 1"); | |
| $stmt->execute(array(":1" => $token_pengguna, ":2" => $nama_tabel)); | |
| $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); | |
| $total_rows = count($rows); | |
| if ($total_rows > 0) { | |
| $id_grup_pengguna_PATOKAN = (int) $rows[0]['id_grup_pengguna']; | |
| $id_pengguna_PATOKAN = (int) $rows[0]['id_pengguna']; | |
| $nama_pengguna_PATOKAN = $rows[0]['nama_pengguna']; | |
| $telepon1_pengguna_PATOKAN = $rows[0]['telepon1_pengguna']; | |
| $email_pengguna_PATOKAN = $rows[0]['email_pengguna']; | |
| $username_pengguna_PATOKAN = $rows[0]['username']; | |
| $data = array( | |
| "id_grup_pengguna_PATOKAN" => $id_grup_pengguna_PATOKAN, | |
| "id_pengguna_PATOKAN" => $id_pengguna_PATOKAN, | |
| "nama_pengguna_PATOKAN" => $nama_pengguna_PATOKAN, | |
| "telepon1_pengguna_PATOKAN" => $telepon1_pengguna_PATOKAN, | |
| "email_pengguna_PATOKAN" => $email_pengguna_PATOKAN, | |
| "username_pengguna_PATOKAN" => $username_pengguna_PATOKAN, | |
| ); | |
| $json_data = json_encode($data); | |
| return $json_data; | |
| } else { | |
| return false; | |
| } | |
| } | |
| ?> | |
| <?php | |
| header("Access-Control-Allow-Origin: *"); | |
| header("Content-Type: application/json; charset=UTF-8"); | |
| include "../configurations/configs.php"; | |
| if (isset($_POST["username"]) && $_POST["password"]) { | |
| $username = $_POST["username"]; | |
| $password = $_POST["password"]; | |
| try { | |
| $hak_akses = cek_token_akses_menu($token_pengguna, "pelanggan", "tambah", $db); | |
| if ($hak_akses === false) { | |
| throw new PDOException("ANDA TIDAK MEMPUNYAI HAK AKSES TAMBAH"); | |
| } | |
| $json_data = json_decode($hak_akses, true); | |
| $id_pengguna = $json_data["id_pengguna_PATOKAN"]; | |
| $db->beginTransaction(); //DIMULAI DARI SINI, JIKA DARI ATAS MAKA AKAN MENUNGGU COMMIT UNTUK HASIL OUTPUTNYA | |
| $stmt = $db->prepare("SELECT * FROM pengguna WHERE username=:1 AND password=:2 AND status_pengguna='1'"); | |
| $stmt->execute(array(":1" => $username, ":2" => $password)); | |
| $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); | |
| $total_rows = count($rows); | |
| for ($i = 0; $i < $total_rows; $i++) { | |
| $nama_pengguna = $rows[$i]["nama_pengguna"]; | |
| $alamat_pengguna = $rows[$i]["alamat_pengguna"]; | |
| $telepon_pengguna = $rows[$i]["telepon_pengguna"]; | |
| $stmt2 = $db->prepare("INSERT INTO token_pengguna (id_token_pengguna, nama_token_pengguna) VALUES (NULL, :1)"); | |
| $stmt2->execute(array(":1" => $nama_pengguna)); | |
| $total_rows2 = $stmt2->rowCount(); | |
| if ($total_rows2 > 0) { | |
| $id_token_pengguna = $db->lastInsertId(); | |
| } else { | |
| throw new PDOException("Gagal membuat token"); | |
| } | |
| } | |
| if ($total_rows == 0) { | |
| throw new PDOException("Username atau Password salah"); | |
| } | |
| $db->commit(); | |
| echo json_encode(array(array("hasil" => $total_rows, "pesan_hasil" => "Sukses Masuk"))); | |
| } catch (PDOException $ex) { | |
| $db->rollBack(); | |
| echo json_encode(array(array("hasil" => 0, "pesan_hasil" => $ex->getMessage()))); | |
| } | |
| } else { | |
| echo json_encode(array(array("hasil" => 0, "pesan_hasil" => "TIDAK ADA PARAMETER POST DATA"))); | |
| } | |
| ?> |
Tidak ada komentar:
Posting Komentar