diff --git a/app/Config/Routes.php b/app/Config/Routes.php index e44bd79..b648948 100644 --- a/app/Config/Routes.php +++ b/app/Config/Routes.php @@ -68,18 +68,40 @@ $routes->delete('api/specimen/receive/(:any)', 'Specimen::unreceive/$1'); /*- lets go alpine -*/ $routes->group('v2', function($routes) { - $routes->get('', 'V2::index'); - $routes->get('login', 'V2::loginPage'); - $routes->post('login', 'V2::login'); - $routes->group('admin', ['filter' => 'role:1'], function($routes) { - $routes->get('', 'V2\Admin::index'); - $routes->get('users', 'V2\Admin::users'); - - // internal api for this module - $routes->get('api/users', 'V2\Admin::usersList'); - $routes->post('api/users', 'V2\Admin::userCreate'); - $routes->post('api/users/update', 'V2\Admin::userUpdate'); - $routes->post('api/users/delete', 'V2\Admin::userDelete'); - }); -}); - + $routes->get('', 'V2::index'); + $routes->get('login', 'V2::loginPage'); + $routes->post('login', 'V2::login'); + $routes->get('logout', 'V2::logout'); + // Admin + $routes->group('admin', ['filter' => 'role:1'], function($routes) { + $routes->get('', 'V2\Admin::index'); + $routes->get('users', 'V2\Admin::users'); + $routes->post('setPassword', 'V2\Users::setPassword'); + // Users + $routes->get('api/users', 'V2\Users::index'); + $routes->post('api/users', 'V2\Users::create'); + $routes->patch('api/users/(:any)', 'V2\Users::update/$1'); + $routes->delete('api/users/(:any)', 'V2\Users::delete/$1'); + // Request + $routes->get('api/requests', 'V2\Requests::index'); + $routes->post('api/requests/validate/(:any)', 'V2\Requests::validate/$1'); + $routes->delete('api/requests/validate/(:any)', 'V2\Requests::unvalidate/$1'); + // Samples + $routes->post('api/samples/collect/(:any)', 'V2\Samples::collect/$1'); + $routes->delete('api/samples/collect/(:any)', 'V2\Samples::uncollect/$1'); + $routes->delete('api/samples/receive/(:any)', 'V2\Samples::unreceive/$1'); + $routes->get('api/samples/(:any)', 'V2\Samples::show/$1'); + }); + // Analyst and doctor + $routes->group('lab', ['filter' => 'role:2'], function($routes) { + $routes->get('', 'V2\Lab::index'); + $routes->post('setPassword', 'V2\Lab::setPassword'); + // Request + $routes->get('api/requests', 'V2\Requests::index'); + $routes->post('api/requests/validate/(:any)', 'V2\Requests::validate/$1'); + $routes->delete('api/requests/validate/(:any)', 'V2\Requests::unvalidate/$1'); + // Samples + $routes->post('api/samples/collect/(:any)', 'V2\Samples::collect/$1'); + $routes->get('api/samples/(:any)', 'V2\Samples::show/$1'); + }); +}); \ No newline at end of file diff --git a/app/Controllers/Auth.php b/app/Controllers/Auth.php index 40139d9..5aac2bf 100644 --- a/app/Controllers/Auth.php +++ b/app/Controllers/Auth.php @@ -3,59 +3,59 @@ namespace App\Controllers; class Auth extends BaseController { - public function login() { - if ($this->request->getMethod() === 'GET') { - return view('login'); - } else if ($this->request->getMethod() === 'POST') { - helper(['form', 'url']); - $session = session(); - $db = \Config\Database::connect(); + public function login() { + if ($this->request->getMethod() === 'GET') { + return view('login'); + } else if ($this->request->getMethod() === 'POST') { + helper(['form', 'url']); + $session = session(); + $db = \Config\Database::connect(); - $userid = strtoupper(trim($this->request->getPost('userid'))); - $password = $this->request->getPost('password'); + $userid = strtoupper(trim($this->request->getPost('userid'))); + $password = $this->request->getPost('password'); - // Gunakan raw SQL sesuai kolom di tabel kamu - $query = $db->query("SELECT * FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]); - $user = $query->getRowArray(); + // Gunakan raw SQL sesuai kolom di tabel kamu + $query = $db->query("SELECT * FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]); + $user = $query->getRowArray(); - if ($user && !empty($user['PASSWORD']) && password_verify($password, $user['PASSWORD'])) { + if ($user && !empty($user['PASSWORD']) && password_verify($password, $user['PASSWORD'])) { - // Role untuk url - switch ((int)$user['USERLEVEL']) { - case 1: $role = 'admin'; break; - case 2: $role = 'doctor'; break; - case 3: $role = 'analyst'; break; - case 4: $role = 'cs'; break; - default: $role = ''; break; - } + // Role untuk url + switch ((int)$user['USERLEVEL']) { + case 1: $role = 'admin'; break; + case 2: $role = 'doctor'; break; + case 3: $role = 'analyst'; break; + case 4: $role = 'cs'; break; + default: $role = ''; break; + } - // Simpan session - $session->set([ - 'isLoggedIn' => true, - 'userid' => (string) $user['USERID'], - 'userlevel' => (int) $user['USERLEVEL'], - 'userrole' => (string) $role, - ]); + // Simpan session + $session->set([ + 'isLoggedIn' => true, + 'userid' => (string) $user['USERID'], + 'userlevel' => (int) $user['USERLEVEL'], + 'userrole' => (string) $role, + ]); - // Redirect sesuai level dari data didatabase - switch ((int)$user['USERLEVEL']) { - case 1: return redirect()->to('/admin'); - case 2: return redirect()->to('/doctor'); - case 3: return redirect()->to('/analyst'); - case 4: return redirect()->to('/cs'); - default: return redirect()->to('/login'); - } - } else { - $session->setFlashdata('error', 'USERID atau PASSWORD salah.'); - return redirect()->back(); - } + // Redirect sesuai level dari data didatabase + switch ((int)$user['USERLEVEL']) { + case 1: return redirect()->to('/admin'); + case 2: return redirect()->to('/doctor'); + case 3: return redirect()->to('/analyst'); + case 4: return redirect()->to('/cs'); + default: return redirect()->to('/login'); + } + } else { + $session->setFlashdata('error', 'USERID atau PASSWORD salah.'); + return redirect()->back(); + } - } - - } + } + + } - public function logout() { - session()->destroy(); - return redirect()->to('/login'); - } + public function logout() { + session()->destroy(); + return redirect()->to('/login'); + } } diff --git a/app/Controllers/V2.php b/app/Controllers/V2.php index 80ac6cd..9d50952 100644 --- a/app/Controllers/V2.php +++ b/app/Controllers/V2.php @@ -78,7 +78,7 @@ class V2 extends BaseController { case 1: return redirect()->to('v2/admin'); case 2: - return redirect()->to('v2/analyst'); + return redirect()->to('v2/lab'); case 3: return redirect()->to('v2/phlebotomist'); case 4: @@ -91,4 +91,10 @@ class V2 extends BaseController { return redirect()->back(); } } + + public function logout() { + $session = session(); + $session->destroy(); + return redirect()->to('v2/login'); + } } diff --git a/app/Controllers/V2/Admin.php b/app/Controllers/V2/Admin.php index 563c978..ab0138b 100644 --- a/app/Controllers/V2/Admin.php +++ b/app/Controllers/V2/Admin.php @@ -5,137 +5,20 @@ use App\Controllers\BaseController; use CodeIgniter\API\ResponseTrait; class Admin extends BaseController { - use ResponseTrait; + use ResponseTrait; - protected $db; + protected $db; - public function __construct() { - $this->db = \Config\Database::connect(); - helper(['url', 'form', 'text']); - } + public function __construct() { + $this->db = \Config\Database::connect(); + helper(['url', 'form', 'text']); + } - public function index() { - return view('v2/admin/index'); - } + public function index() { + return view('v2/admin/index'); + } - public function users() { - return view('v2/admin/users'); - } - - public function profile() { - return view('v2/admin/profile'); - } - - public function settings() { - return view('v2/admin/settings'); - } - - // API Methods - public function usersList() { - $sql = "select u.USERID, u.USERLEVEL from GDC_CMOD.dbo.USERS u - left join glendb.dbo.USERS u1 on u1.USERID=u.USERID - where u1.LOCKEDACCOUNT is null"; - $query = $this->db->query($sql); - $results = $query->getResultArray(); - return $this->respond(['data' => $results]); - } - - public function userCreate() { - $json = $this->request->getJSON(); - $userid = strtoupper(trim($json->userid ?? '')); - $userlevel = trim($json->userlevel ?? ''); - $password = trim($json->password ?? ''); - $password_2 = trim($json->password_2 ?? ''); - - if (empty($userid) || empty($userlevel) || empty($password)) { - return $this->fail('All fields are required', 400); - } - - if ($password != $password_2) { - return $this->fail('Passwords do not match', 400); - } - if (strlen($password) < 3) { - return $this->fail('Password must be at least 3 characters', 400); - } - - // Check exists - $sql = $this->db->query("SELECT USERID FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]); - if ($sql->getRowArray()) { - return $this->fail('User ID already exists', 400); - } - - $hashedPassword = password_hash($password, PASSWORD_DEFAULT); - - $this->db->transBegin(); - try { - $sqlInsert = "INSERT INTO gdc_cmod.dbo.USERS (USERID, USERLEVEL, PASSWORD) VALUES (?, ?, ?)"; - $this->db->query($sqlInsert, [$userid, $userlevel, $hashedPassword]); - $this->db->transCommit(); - } catch (\Throwable $e) { - $this->db->transRollback(); - return $this->failServerError($e->getMessage()); - } - - return $this->respondCreated(['message' => 'User created']); - } - - public function userUpdate() { - $json = $this->request->getJSON(); - $userid = strtoupper(trim($json->userid ?? '')); - $userlevel = trim($json->userlevel ?? ''); - $password = trim($json->password ?? ''); - $password_2 = trim($json->password_2 ?? ''); - - if (empty($userid)) { - return $this->fail('User ID is required', 400); - } - - $fullUpdate = false; - $hashedPassword = ''; - - if (!empty($password) || !empty($password_2)) { - if ($password != $password_2) { - return $this->fail('Passwords do not match', 400); - } - $hashedPassword = password_hash($password, PASSWORD_DEFAULT); - $fullUpdate = true; - } - - $this->db->transBegin(); - try { - if ($fullUpdate) { - $sql = "UPDATE gdc_cmod.dbo.USERS SET USERLEVEL = ?, PASSWORD = ? WHERE USERID = ?"; - $this->db->query($sql, [$userlevel, $hashedPassword, $userid]); - } else { - $sql = "UPDATE gdc_cmod.dbo.USERS SET USERLEVEL = ? WHERE USERID = ?"; - $this->db->query($sql, [$userlevel, $userid]); - } - $this->db->transCommit(); - } catch (\Throwable $e) { - $this->db->transRollback(); - return $this->failServerError(); - } - - return $this->respond(['message' => 'User updated']); - } - - public function userDelete() { - $json = $this->request->getJSON(); - $userid = strtoupper(trim($json->userid ?? '')); - - if (empty($userid)) { - return $this->fail('User ID is required', 400); - } - - $this->db->transBegin(); - try { - $sqlDelete = "DELETE FROM gdc_cmod.dbo.USERS WHERE USERID = ?"; - $this->db->query($sqlDelete, [$userid]); - $this->db->transCommit(); - } catch (\Throwable $e) { - $this->db->transRollback(); - return $this->failServerError(); - } - return $this->respondDeleted(['message' => 'User deleted']); - } + public function users() { + return view('v2/admin/users'); + } } diff --git a/app/Controllers/V2/Lab.php b/app/Controllers/V2/Lab.php new file mode 100644 index 0000000..f18d7c5 --- /dev/null +++ b/app/Controllers/V2/Lab.php @@ -0,0 +1,16 @@ +request->getGet('date1'); + $date2 = $this->request->getGet('date2'); + + $db = \Config\Database::connect(); + $sql = "SELECT * from GDC_CMOD.dbo.V_DASHBOARD_DEV where + COLLECTIONDATE between '$date1 00:00' and '$date2 23:59' + and ODR_DDATE between '$date1 00:00' and '$date2 23:59'"; + $rows = $db->query($sql)->getResultArray(); + foreach ($rows as &$row) { + $row['COLLECTIONDATE'] = date('Y-m-d H:i', strtotime($row['COLLECTIONDATE'])); + $row['ODR_DDATE'] = date('Y-m-d H:i', strtotime($row['ODR_DDATE'])); + $row['REQDATE'] = date('Y-m-d H:i', strtotime($row['REQDATE'])); + } + $data['data'] = $rows; + return $this->response->setJSON($data); + } + + + public function show($accessnumber) { + $db = db_connect(); + $data['accessnumber'] = $accessnumber; + $sql = "SELECT d.STATS, r.* FROM GDC_CMOD.dbo.V_DASHBOARD_DEV d + left join GDC_CMOD.dbo.CM_REQUESTS r ON r.ACCESSNUMBER=d.SP_ACCESSNUMBER + WHERE d.SP_ACCESSNUMBER='$accessnumber'"; + $result = $db + ->query($sql) + ->getResultArray(); + $data['val1'] = $result[0]['ISVAL1']; + $data['val1user'] = $result[0]['VAL1USER']; + $data['val2'] = $result[0]['ISVAL2']; + $data['val2user'] = $result[0]['VAL2USER']; + return view('admin/modal_request',$data); + } + + public function showUnval($accessnumber) { + $data['accessnumber'] = $accessnumber; + return view('admin/modal_unvalidate',$data); + } + + public function unval($accessnumber) { + $input = $this->request->getJSON(true); + $userid = $input['userid']; + $comment = $input['comment']; + $db = db_connect(); + $sql = "update GDC_CMOD.dbo.CM_REQUESTS set ISVAL1=null, VAL1USER=null, VAL1DATE=null, ISVAL2=null, VAL2USER=null, VAL2DATE=null, + ISPENDING=1, PENDINGTEXT='$comment', PENDINGUSER='$userid', PENDINGDATE=GETDATE() where ACCESSNUMBER='$accessnumber'"; + $db->query($sql); + $data = ['status' => 'success', 'message' => 'Data updated successfully', 'data' => "$accessnumber" ]; + + return $this->response->setJSON($data); + } + + public function val($accessnumber) { + $input = $this->request->getJSON(true); + $userid = $input['userid']; + $db = db_connect(); + //cek val + $sql = "select * from GDC_CMOD.dbo.CM_REQUESTS where ACCESSNUMBER='$accessnumber'"; + $result = $db->query($sql)->getResultArray(); + //$data['data'] = $result; + if(!isset($result[0])) { + $sql = "insert into GDC_CMOD.dbo.CM_REQUESTS(ACCESSNUMBER, ISVAL1, VAL1USER, VAL1DATE) VALUES ('$accessnumber', 1, '$userid', GETDATE())"; + $db->query($sql); + $data['val'] = 1; + $data['userid'] = $userid; + } else { + $row = $result[0]; + $isval1 = $row['ISVAL1']; + $isval2 = $row['ISVAL2']; + $val1user = $row['VAL1USER']; + if( $isval1 == 1 ) { + // val done + if ( $isval2 == 1 ) { return $this->response->setJSON(['message'=> 'validation done, not updating anything']); } + else { + // val2 if user val1 != userid + if($val1user != $userid) { + $sql = "update GDC_CMOD.dbo.CM_REQUESTS set ISVAL2=1, VAL2USER='$userid', VAL2DATE=GETDATE() where ACCESSNUMBER='$accessnumber'"; + $data['val'] = 2; + $data['userid'] = $userid; + } else { + $this->response->setStatusCode(500); + return $this->response->setJSON([ 'message'=> 'user already validate this request' ]); + } + } + } else { + // val1 + $sql = "update GDC_CMOD.dbo.CM_REQUESTS set ISVAL1=1, VAL1USER='$userid', VAL1DATE=GETDATE() where ACCESSNUMBER='$accessnumber'"; + $data['val'] = 1; + $data['userid'] = $userid; + } + $db->query($sql); + } + + return $this->response->setJSON($data); + } +} diff --git a/app/Controllers/V2/Samples.php b/app/Controllers/V2/Samples.php new file mode 100644 index 0000000..87967e8 --- /dev/null +++ b/app/Controllers/V2/Samples.php @@ -0,0 +1,124 @@ +query($sql); + $results = $query->getRowArray(); + $data = [ + 'patnumber' => $results["patnumber"], + 'age' => $results[""], + 'patname' => $results['Name'] ?? '', + 'reqdate' => $results['REQDATE'] ?? '', + 'gender' => $results['Gender'] ?? '', + 'placeofbirth' => $results['DMG_CPLACEOFBIRTH'] ?? '', + 'ktp' => $results['DMG_CKTPNO'] ?? '', + 'comment' => $results['COMMENTTEXT'] ?? '', + 'accessnumber' => $accessnumber, + ]; + + $samples = []; + $sql = "SELECT req.SAMPTYPEID, req.SAMPCODE, req.SHORTTEXT, tu.STATUS, st.TUBESTATUS + from GDC_CMOD.dbo.v_sp_reqtube req + left join GDC_CMOD.dbo.TUBES tu on req.SP_ACCESSNUMBER=tu.ACCESSNUMBER and req.SAMPCODE=tu.TUBENUMBER + left join glendb.dbo.SP_TUBES st on st.SP_ACCESSNUMBER=req.SP_ACCESSNUMBER and req.SAMPCODE=st.SAMPLETYPE + where req.SP_ACCESSNUMBER='$accessnumber'"; + $query = $db->query($sql); + $results = $query->getResultArray(); + foreach ($results as $row) { + $samples[] = [ + 'samptypeid' => $row['SAMPTYPEID'] ?? null, + 'sampcode' => $row['SAMPCODE'] ?? null, + 'name' => $row['SHORTTEXT'] ?? '', + 'colstatus' => $row['STATUS'] ?? '', + 'tubestatus' => $row['TUBESTATUS'] ?? '', + ]; + } + $data['samples'] = $samples; + + $resp = [ 'data' => $data ]; + + return $this->response->setJSON($resp); + } + + public function collect($accessnumber) { + $db = \Config\Database::connect(); + $input = $this->request->getJSON(true); + $samplenumber = $input['samplenumber']; + $userid = $input['userid']; + $sql = "update GDC_CMOD.dbo.TUBES set USERID='$userid',STATUS='1', COLLECTIONDATE=getdate() where ACCESSNUMBER='$accessnumber' and TUBENUMBER='$samplenumber'"; + $db->query($sql); + $sql = "INSERT INTO GDC_CMOD.dbo.AUDIT_TUBES(ACCESSNUMBER, TUBENUMBER, USERID, STATUS, LOGDATE) + VALUES ('$accessnumber', '$samplenumber', '$userid', '1', getdate())"; + $db->query($sql); + return $this->respondCreated([ 'status' => 'success', 'message' => 'Data updated successfully', 'data' => "$accessnumber-$samplenumber" ], 201); + } + + public function uncollect($accessnumber) { + $db = \Config\Database::connect(); + $input = $this->request->getJSON(true); + $samplenumber = $input['samplenumber']; + $userid = $input['userid']; + $sql = "update GDC_CMOD.dbo.TUBES set USERID='$userid',STATUS='0', COLLECTIONDATE=getdate() where ACCESSNUMBER='$accessnumber' and TUBENUMBER='$samplenumber'"; + $db->query($sql); + $sql = "INSERT INTO GDC_CMOD.dbo.AUDIT_TUBES(ACCESSNUMBER, TUBENUMBER, USERID, STATUS, LOGDATE) + VALUES ('$accessnumber', '$samplenumber', '$userid', '0', getdate())"; + $db->query($sql); + return $this->respondCreated([ 'status' => 'success', 'message' => 'Data updated successfully', 'data' => "$accessnumber-$samplenumber" ], 201); + } + + public function unreceive($accessnumber) { + $db = \Config\Database::connect(); + $input = $this->request->getJSON(true); + $samplenumber = $input['samplenumber']; + // update firebird + $sql = "select r.EXTERNALORDERNUMBER, dt.TESTCODE, do.HISCODE from glendb.dbo.TESTS t + left join glendb.dbo.DICT_TESTS dt on dt.TESTID=t.TESTID + left join glendb.dbo.REQUESTS r on r.REQUESTID=t.REQUESTID + left join glendb.dbo.DICT_TEST_SAMPLES dts on dts.TESTID=t.TESTID + left join glendb.dbo.DICT_SAMPLES_TYPES ds on ds.SAMPTYPEID=dts.SAMPTYPEID + left join GDC_CMOD.dbo.DICT_TESTS_ORDER do on do.TESTCODE=dt.TESTCODE + where t.DEPTH=0 + and r.ACCESSNUMBER='$accessnumber' and ds.SAMPCODE='$samplenumber'"; + $rows = $db->query($sql)->getResultArray(); + $his_test = ''; + foreach( $rows as $row ) { + $hon = $row['EXTERNALORDERNUMBER']; + $testcode = $row['TESTCODE']; + $hiscode = $row['HISCODE']; + $his_test .= "'$hiscode',"; + $lis_test .= "'$testcode',"; + } + $his_test = rtrim($his_test,','); + $lis_test = rtrim($lis_test,','); + $conn = odbc_connect('GLENEAGLES','',''); + $sql = "UPDATE TDL_ORDERDT SET ODD_NRECEIVED=NULL , ODD_DTRECEIVE=NULL WHERE ODR_CNOLAB='$hon' and ODD_CPRODUCTCODE IN ($his_test)"; + $rs = odbc_exec($conn,$sql); + if (!$rs) {exit("Error in Update FB");} + + $sql = "update SP_TUBES set TUBESTATUS=0 where SP_ACCESSNUMBER='$accessnumber' and SAMPLETYPE='$samplenumber' "; + $db->query($sql); + $sql = "update SP_TESTS set SP_TESTSTATUS=NULL where SP_ACCESSNUMBER='$accessnumber' and SP_TESTCODE in ($lis_test)"; + $db->query($sql); + return $this->respondCreated([ 'status' => 'success', 'message' => 'Data updated successfully', 'data' => "$accessnumber-$samplenumber" ], 201); + } +} diff --git a/app/Controllers/V2/Users.php b/app/Controllers/V2/Users.php new file mode 100644 index 0000000..17d7eec --- /dev/null +++ b/app/Controllers/V2/Users.php @@ -0,0 +1,133 @@ +db = \Config\Database::connect(); + } + + public function index() { + $sql = "select u.USERID, u.USERLEVEL from GDC_CMOD.dbo.USERS u + left join glendb.dbo.USERS u1 on u1.USERID=u.USERID + where u1.LOCKEDACCOUNT is null"; + $query = $this->db->query($sql); + $results = $query->getResultArray(); + $data['data'] = $results; + + return $this->respond(['data' => $results]); + } + + public function create() { + $input = $this->request->getJSON(true); + // ambil input + $userid = $input['userid']; + $userlevel = $input['userlevel']; + $password = $input['password']; + $password_2 = $input['password_2']; + + // Cek Password Apakah Sama + if ($password != $password_2) { + return $this->response->setJSON(['message'=> 'Password not the same']); + } + if ( strlen($password) < 3 ) { + return $this->response->setJSON(['message'=> 'Password must be more than 2 characters']); + } + + // Cek Apakah USERID Sama + $sql = $this->db->query("SELECT USERID FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]); + $query = $sql->getRowArray(); + if ($query != null) { + return $this->response->setJSON(['message'=> 'Userid already exists']); + } + + // Hash Password + $hashedPassword = password_hash($password, PASSWORD_DEFAULT); + + // Insert + $this->db->transBegin(); + try { + $sqlInsert = " + INSERT INTO gdc_cmod.dbo.USERS (USERID, USERLEVEL, PASSWORD) + VALUES (?, ?, ?) + "; + $this->db->query($sqlInsert, [$userid, $userlevel, $hashedPassword]); + + $this->db->transCommit(); + + } catch (\Throwable $e) { + // Kalau ada error, rollback semua perubahan + $this->db->transRollback(); + + // (Opsional) tampilkan atau log error + return $this->response->setJSON(['message'=> 'Server error']); + } + + return $this->response->setJSON(['message'=> 'User '.$userid.' Berhasil ditambahkan!']); + } + + public function update() { + $input = $this->request->getJSON(true); + $userid = $input['userid']; + $userlevel = $input['userlevel']; + $password = $input['password']; + $password_2 = $input['password_2']; + + // Jika password tidak kosong - Lakukan Full Update + if ( $password != '' || $password_2 != '') { + + // Cek Password Apakah Sama + if ($password != $password_2) { + return $this->response->setJSON(['message'=> 'Password not the same']); + } + + // Hash Password + $hashedPassword = password_hash($password, PASSWORD_DEFAULT); + $sqlUpdate =" + UPDATE gdc_cmod.dbo.USERS + SET USERLEVEL = ?, + PASSWORD = ? + WHERE USERID = ? + "; + $fullUpdate = true; + + // Jika password kosong - Lakukan Partial Update Saja + } else { + $sqlUpdate =" + UPDATE gdc_cmod.dbo.USERS + SET USERLEVEL = ? + WHERE USERID = ? + "; + $fullUpdate = false; + } + + // Insert + $this->db->transBegin(); + try { + + if ($fullUpdate) { + $this->db->query($sqlUpdate, [$userlevel, $hashedPassword, $userid]); + } else { + $this->db->query($sqlUpdate, [$userlevel, $userid]); + } + + $this->db->transCommit(); + + } catch (\Throwable $e) { + // Kalau ada error, rollback semua perubahan + $this->db->transRollback(); + + // (Opsional) tampilkan atau log error + return $this->response->setJSON(['message'=> 'Terjadi kesalahan pada server.']); + } + + return $this->response->setJSON(['message'=> 'User '.$userid.' Berhasil Diupdate!']); + } + +} diff --git a/app/Views/v2/admin/dialog_sample.php b/app/Views/v2/admin/dialog_sample.php index 84a8b0c..2f82f5b 100644 --- a/app/Views/v2/admin/dialog_sample.php +++ b/app/Views/v2/admin/dialog_sample.php @@ -42,8 +42,6 @@ - - @@ -60,18 +58,18 @@ -