private function saveProcess()
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
View::setMessageFlash("danger", "Form tidak valid");
return FALSE;
}
// form validation
if (!filter_input(INPUT_POST, "form_token") || Form::isFormTokenValid(filter_input(INPUT_POST, "form_token"))) {
View::setMessageFlash("danger", "Form tidak valid");
return FALSE;
}
// required fields
$filter = array("name" => FILTER_SANITIZE_STRING, "phone" => FILTER_SANITIZE_STRING, "address" => FILTER_SANITIZE_STRING);
$input = filter_input_array(INPUT_POST, $filter);
if (in_array('', $input) || in_array(NULL, $input)) {
View::setMessageFlash("danger", "Kolom tidak boleh kosong");
return FALSE;
}
// set member object
$staff = Authentication::getUser();
$staff->setData('name', $input['name']);
$staff->setData('phone', $input['phone']);
$staff->setData('address', $input['address']);
if (!($update = $staff->update())) {
View::setMessageFlash("danger", "Penyimpanan Gagal");
return;
}
View::setMessageFlash("success", "Penyimpanan Berhasil");
}
/**
* login process
*/
public static function login()
{
// form validation
if (!filter_input(INPUT_POST, "form_token") || Form::isFormTokenValid(filter_input(INPUT_POST, "form_token"))) {
View::setMessageFlash("danger", "Form tidak valid");
return FALSE;
}
if (!filter_input(INPUT_POST, "username") || !filter_input(INPUT_POST, "password")) {
View::setMessageFlash("danger", "Masukkan Username dan Password");
return FALSE;
}
$username = filter_input(INPUT_POST, "username", FILTER_SANITIZE_STRING);
$password = md5(filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING));
$mysqli = App::getConnection(true);
$sql = "SELECT user_id FROM users WHERE username='******' AND password='******'";
if (!($query = $mysqli->query($sql))) {
View::setMessageFlash("danger", $mysqli->error);
return FALSE;
}
if ($query->num_rows == 0) {
View::setMessageFlash("danger", "Username dan Password Salah");
return FALSE;
}
$row = $query->fetch_row();
$_SESSION['user_id'] = $row[0];
return TRUE;
}
