if (!empty($cekquery[0]->password) || !empty($cekquery[0]->email)) {
$password = $cekquery[0]->password;
if (password_verify($pass, $password)) {
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['ID'] = $cekquery[0]->id;
$_SESSION['NAMA'] = $cekquery[0]->nama;
$_SESSION['HAK'] = $cekquery[0]->hak;
if ($_SESSION['HAK'] >= 22) {
header("Location: index.php");
} elseif ($_SESSION['HAK'] == 11) {
header("Location: userdashboard.php");
}
} else {
$helpers->setAlert('alert-danger', ' Password Salah !! ');
//echo 'Invalid password.';
}
} else {
$helpers->setAlert('alert-danger', ' Email Tidak terdaftar !! ');
//echo 'Email Tidak terdaftar.';
}
}
}
/*
* If we have set the printAlert method then assign to the template variable message
*/
if (isset($_SESSION['alertMessage'])) {
$smarty->assign('message', $helpers->printAlert());
$helpers->unsetAlert();
}
//rubah hak user
$tdbases = " hak = '" . $_POST['hak'] . "'";
$ndbases = " user ";
$wheress = " id = " . $_POST['uid'] . " ";
$hasil = $i->updateDB($tdbases, $ndbases, $wheress);
}
#hapus user
if (isset($_GET['l']) && isset($_GET['delid'])) {
if ($_GET['l'] === 'profile' && !empty($_GET['delid'])) {
$delndbase = ' user ';
$delid = "id = " . $_GET['delid'] . " ";
#cek apakah pernah posting
$cquery = " WHERE user = "******"User Sudah di Hapus");
if (!empty($cekpost)) {
foreach ($cekpost as $key => $value) {
$upquery = " id='" . $value->id . "'";
$i->updateDB(" user = 1 ", " berita ", $upquery);
}
$helpers->setAlert('alert-success', "berita sudah di pindah");
}
$i->delete($delndbase, $delid);
}
if ($_SESSION['HAK'] >= 22) {
if (!empty($cekpost)) {
//$helpers->printArray($cekpost);
foreach ($cekpost as $key => $value) {
$upquery = " id='" . $value->id . "'";
$i->updateDB(" user = 1 ", " berita ", $upquery);
$i = new laksanakan();
//cek jika data yang di $_POST tidak kosong
if (!empty($_POST['nama']) || !empty($_POST['email']) || !empty($_POST['notelp']) || !empty($_POST['tgllahir']) || !empty($_POST['alamat']) || !empty($_POST['kodepos']) || !empty($_POST['jeniskelamin']) || !empty($_POST['password'])) {
//rubah passwoar menjadi hash
$nama = addslashes($_POST['nama']);
$email = addslashes($_POST['email']);
$pass = addslashes($_POST['password']);
$password = password_hash($pass, PASSWORD_DEFAULT);
//form input masukan dalam satu array
$inputdata = array('nama' => $nama, 'email' => $email, 'notelp' => $_POST['notelp'], 'tgllahir' => $_POST['tgllahir'], 'alamat' => $_POST['alamat'], 'kodepos' => $_POST['kodepos'], 'jeniskelamin' => $_POST['jeniskelamin'], 'password' => $password, 'tgldaftar' => date("Y-m-d"), 'hak' => '99', 'status' => '0');
//set update=false
$_POST['update'] = 'false';
//simpan data user ke db
$i->simpan($inputdata, 'user');
//tampilkan pesan bila pendaftaran berhasil
$helpers->setAlert('alert-success', 'Pendaftaran Berhasil');
}
}
/*
* Post back when delete is selected
*/
/*
if(isset($_GET['action']) == 'delete') {
$i->deleteInvoice($_GET['invoiceId']);
$helpers->setAlert('alert-success', 'Invoice Deleted!');
$helpers->redirect_to('http://' . SITE_URL);
}
*/
/*
* Get any invoices we have and assign it to the invoices variable in the template
* Tampilkan invoice hari ini,
//cek jiga reset mempunyai nilai
if (isset($_GET['reset'])) {
$inputdata = " `id`,`email`,`resetpasswd` ";
$wheres = " `resetpasswd` = '" . $_GET['reset'] . "' limit 1 ";
$cekquery = $i->ambilDetail($inputdata, 'user', $wheres);
if (!empty($cekquery[0]->id)) {
$smarty->assign('resetpass', $cekquery[0]->id);
//jika pass di simpan
if (isset($_POST['savepass']) && $_POST['savepass'] == 'ok' && !empty($_POST['password'])) {
$ndbase = " user ";
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$tdbase = " password = '******' , resetpasswd = '' ";
$wheres = " id = " . $cekquery[0]->id . " ";
$hasil = $i->updateDB($tdbase, $ndbase, $wheres);
if ($hasil) {
$helpers->setAlert('alert-success', 'Reset Password Berhasil, silakan logout dan login kembali');
} else {
$helpers->setAlert('alert-danger', 'Ganti Password Gagal');
}
}
}
}
// cek password
if (isset($_POST['lupapassword'])) {
if (!empty($_POST['email'])) {
$emailpost = addslashes($_POST['email']);
$inputdata = " `nama`,`email` ";
$wheres = " `email` = '" . $emailpost . "' limit 1 ";
$cekquery = $i->ambilDetail($inputdata, 'user', $wheres);
if (!empty($cekquery[0]->email)) {
$email = $cekquery[0]->email;
$email = addslashes($_POST['email']);
$pass = addslashes($_POST['password']);
//cek email apakah sudah di pakai..
$inputdata = " `email` ";
$wheres = " `email` = '" . $email . "' limit 1 ";
$cekquery = $i->ambilDetail($inputdata, 'user', $wheres);
if (empty($cekquery[0]->email)) {
$password = password_hash($pass, PASSWORD_DEFAULT);
//form input masukan dalam satu array
$inputdata = array('nama' => $nama, 'email' => $email, 'notelp' => $_POST['notelp'], 'tgllahir' => $_POST['datepicker'], 'alamat' => $_POST['alamat'], 'kodepos' => $_POST['kodepos'], 'jeniskelamin' => $_POST['jeniskelamin'], 'password' => $password, 'tgldaftar' => date("Y-m-d"), 'hak' => '99', 'statuss' => '0');
//set update=false
$_POST['update'] = 'false';
//simpan data user ke db
$i->simpan($inputdata, 'user');
//tampilkan pesan bila pendaftaran berhasil
$helpers->setAlert('alert-success', 'Pendaftaran Berhasil');
} else {
$helpers->setAlert('alert-danger', 'Email Sudah Digunakan. Bila Lupa password gunakan menu reset password pada halaman login ');
}
} else {
$helpers->setAlert('alert-danger', 'Pendaftaran Gagal atau data belum di isikan');
}
}
/*
* If we have set the printAlert method then assign to the template variable message
*/
if (isset($_SESSION['alertMessage'])) {
$smarty->assign('message', $helpers->printAlert());
$helpers->unsetAlert();
}
// Finally, display the actual page
$config['date'] = ' %A, %d %B %Y jam %H:%M:%S';
//$config['time'] = '';
$smarty->assign('config', $config);
$smarty->assign('basename', BASENAME);
$smarty->assign('link', LINK_URL);
$G = new laksanakan();
#jumbotron/slideshow
$slide = $G->ambil("id, judul, konten, linkphoto ", " vslideshow ", " GROUP BY token ORDER BY id ");
$smarty->assign('slide', $slide);
#simpan komentar
if (isset($_POST['postkomen']) && isset($_SESSION['ID']) && !empty($_POST['komentar'])) {
$komentar = htmlspecialchars(addslashes(nl2br($_POST['komentar'])));
$inputdata = array('idberita' => $_POST['idkomen'], 'tglkomen' => date("Y-m-d H:i:s"), 'user' => $_POST['user'], 'komentar' => $komentar);
$_POST['update'] = 'false';
$G->simpan($inputdata, 'komentar');
$helpers->setAlert('alert-success', "Komentar berhasil");
}
//tampilakan isi berita
$tdbase = " * ";
$ndbase = " vberitaapprove ";
#paging
$limitdb = 15;
if (isset($_GET['kat'])) {
$detailpaging = " WHERE namakategori ='" . $_GET['kat'] . "'";
} else {
$detailpaging = " ";
}
$rowuser = $G->ambil(' count(id) AS jmlid ', $ndbase, $detailpaging);
$jml = $rowuser[0]->jmlid;
if (isset($_GET["page"])) {
$page = $_GET["page"];
