function ubah_user($id, $user, $pass)
{
$id = $this->clearText(d_code($id));
$user = $this->clearText(e_code($user));
$pass = $this->clearText(e_code($pass));
if ($result = $this->runQuery("UPDATE `pemakai` SET `user` = '{$user}', `kunci` = '{$pass}' WHERE `id` = '{$id}'")) {
return TRUE;
} else {
return FALSE;
}
}
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php
include 'inc/blob.php';
if (isset($_POST['nama']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['status'])) {
echo "nama : " . e_code($_POST['nama']) . "<br>user : "******"<br>pass : "******"<br>status : " . e_code($_POST['status']);
}
?>
<hr>
<form action="xxx.php" method="post">
<input type="text" name="nama" placeholder="nama" >
<input type="text" name="user" placeholder="user">
<input type="text" name="pass" placeholder="pass">
<input type="text" name="status" placeholder="status">
<button type="submit"> HLO ..! </button>
</form>
</body>
</html>
if ($_SESSION['media-status'] == e_code("2") || $_SESSION['media-status'] == e_code("9")) {
if ($level1 = $menu->cek_menu_admin("1", "0")) {
while ($rs1 = $level1->fetch_assoc()) {
if ($level2 = $menu->cek_menu_admin("2", $rs1['id'])) {
echo "<li class='dropdown'> <a href='#'> <i class='fa fa-chevron-down'></i> <i class='" . $rs1['icon'] . "'></i> " . $rs1['nama'] . "</a>\n\t\t\t\t\t<ul class='sub-menu-sidr'>";
while ($rs2 = $level2->fetch_assoc()) {
echo "<li><a href='#' class='link-menu' data-link='" . e_url($rs2['url']) . "' data-hash='" . $rs2['title'] . "' ><i class='" . $rs2['icon'] . "'></i> " . $rs2['nama'] . "</a></li>";
}
echo "</ul></li>";
} else {
echo "<li> <a href='#' class='link-menu' data-link='" . e_url($rs1['url']) . "' data-hash='" . $rs1['title'] . "'> <i class='" . $rs1['icon'] . "'></i>" . $rs1['nama'] . "</a> </li>";
}
}
}
//------------ jika admin
} elseif ($_SESSION['media-status'] == e_code("1")) {
if ($level1 = $menu->cek_menu(d_code($_SESSION['media-data']), '1', '0')) {
while ($rs1 = $level1->fetch_assoc()) {
if ($level2 = $menu->cek_menu(d_code($_SESSION['media-data']), '2', $rs1['id'])) {
echo "<li class='dropdown'> <a href='#'> <i class='fa fa-chevron-down'></i> <i class='" . $rs1['icon'] . "'></i> " . $rs1['nama'] . "</a>\n\t\t\t\t\t<ul class='sub-menu-sidr'>";
while ($rs2 = $level2->fetch_assoc()) {
echo "<li><a href='#' class='link-menu' data-link='" . e_url($rs2['url']) . "' data-hash='" . $rs2['title'] . "' ><i class='" . $rs2['icon'] . "'></i> " . $rs2['nama'] . "</a></li>";
}
echo "</ul></li>";
} else {
echo "<li> <a href='#' class='link-menu' data-link='" . e_url($rs1['url']) . "' data-hash='" . $rs1['title'] . "'> <i class='" . $rs1['icon'] . "'></i>" . $rs1['nama'] . "</a> </li>";
}
}
}
}
?>
function rubah_status($id, $status)
{
$id = $this->clearText($id);
$status = e_code($status);
if ($query = $this->runQuery("UPDATE `pemakai` SET `status` = '{$status}' WHERE `id` = '{$id}' ")) {
return TRUE;
} else {
return FALSE;
}
}
function cek_login($user, $pass)
{
$koneksi = new koneksi();
$user = e_code($user);
$pass = e_code($pass);
if ($hmm = $koneksi->runQuery("SELECT `pemakai`.`id`,`pemakai`.`user`,`pemakai`.`kunci`,`pemakai`.`status`, `karyawan`.`nama` , `karyawan`.`id` as `id_kar`, `karyawan`.`level`, `karyawan`.`area`, `area`.`area` AS `nama_area` FROM `pemakai` INNER JOIN `karyawan` ON `karyawan`.`id` = `pemakai`.`id_karyawan` INNER JOIN `area` ON `karyawan`.`area` = `area`.`id` WHERE `pemakai`.`user`='{$user}' && `pemakai`.`kunci`='{$pass}' ")) {
if ($hmm->num_rows > 0) {
$rs = $hmm->fetch_array();
if ($rs['status'] != e_code('99')) {
$log = $koneksi->runQuery("INSERT INTO `log_login`(`id_user`,`time`) VALUES ('" . $rs['id'] . "', '" . date("Y-m-d H:i:s") . "')");
}
$_SESSION['media-data'] = e_code($rs['id']);
$_SESSION['media-nama'] = $rs['nama'];
$_SESSION['media-status'] = $rs['status'];
if (is_null($rs['id_kar'])) {
$_SESSION['media-id'] = "%";
$_SESSION['media-level'] = "%";
$_SESSION['media-area'] = "%";
$_SESSION['media-namaarea'] = "%";
} else {
$_SESSION['media-id'] = $rs['id_kar'];
$_SESSION['media-level'] = $rs['level'];
$_SESSION['media-area'] = $rs['area'];
$_SESSION['media-namaarea'] = $rs['nama_area'];
}
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
} else {
$arr['status'] = FALSE;
$arr['msg'] = "Gagal menyimpan..";
}
} else {
$arr['status'] = FALSE;
$arr['msg'] = "Lengkapi terlebih dahulu..";
}
echo json_encode($arr);
break;
case "daftar-do":
if (isset($_POST['tglAwal']) && isset($_POST['tglAkhir'])) {
$collect = array();
$tglAwal = $_POST['tglAwal'];
$tglAkhir = $_POST['tglAkhir'];
if ($_SESSION['media-status'] == e_code("2") || $_SESSION['media-status'] == e_code("9") || $_SESSION['media-level'] == "2") {
$area = "%";
} else {
$area = $_SESSION['media-area'];
}
if ($query = $data->daftar_do($area, $_SESSION['media-id'], $tglAwal, $tglAkhir, "%")) {
while ($rs = $query->fetch_array()) {
$detail = array();
array_push($detail, $rs["no"]);
array_push($detail, $rs["tgl_do"]);
array_push($detail, $rs["nama"]);
array_push($detail, $rs["nama_area"]);
switch ($rs["status"]) {
case "1":
$status = "Diajukan";
break;
function cek_login($user, $pass)
{
$koneksi = new koneksi();
$user = e_code($user);
$pass = e_code($pass);
$qCek = "SELECT `pemakai`.`id`, `pemakai`.`nama`, `pemakai`.`jk` FROM `pemakai` WHERE `pemakai`.`user` = '{$user}' AND `pemakai`.`kunci` = '{$pass}' AND `pemakai`.`hapus` = '0';";
if ($resCek = $koneksi->runQuery($qCek)) {
if ($resCek->num_rows > 0) {
$rsCek = $resCek->fetch_array();
$_SESSION['en-data'] = e_code($rsCek['id']);
$_SESSION['en-nama'] = $rsCek['nama'];
$_SESSION['en-jk'] = $rsCek['jk'];
$log = $koneksi->runQuery("INSERT INTO `log_login`(`id_user`) VALUES ('" . $rsCek['id'] . "')");
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
<?php
if (isset($_POST['user']) && isset($_POST['password']) && isset($_POST['password2']) && $_POST['user'] != "" && $_POST['password'] != "" && $_POST['password2'] != "" && strlen($_POST['password']) > 3 && $_POST['password'] == $_POST['password2']) {
$data = new koneksi();
$user = e_code($_POST['user']);
$kunci = e_code($_POST['password']);
$id = d_code($_SESSION['media-data']);
if ($edit = $data->runQuery("UPDATE `pemakai` SET `user` = '{$user}' , `kunci` = '{$kunci}' WHERE `id` = '{$id}' ")) {
echo "<script> alert('data tersimpan.. silahkan login kembali !'); window.location = './login/'; </script>";
} else {
echo "<script> alert('Error..! Gagal menyimpan..'); </script>";
}
} else {
echo "<script> alert('Silahkan cek kembali..!'); </script>";
}
<div class="col-md-3">
</div>
</div>
<hr>
<form action="#" method="POST" id="form-do" name="form-do" >
<div class="row">
<div class="col-xs-12">
<div class="form-group">
<label class="col-sm-9"></label>
<div class="col-sm-3">
Search :
<select class="form-control" id="cmb-area">
<?php
if ($_SESSION['media-status'] == e_code("2") || $_SESSION['media-status'] == e_code("9")) {
if ($result = $data->runQuery("SELECT `id`, `area` FROM `area` WHERE `hapus` = '0'")) {
while ($rs = $result->fetch_array()) {
echo "<option value='" . $rs['id'] . "'>" . $rs['area'] . "</option>";
}
}
} else {
echo "<option value='" . $_SESSION['media-area'] . "'>" . $_SESSION['media-namaarea'] . "</option>";
}
?>
</select>
</div>
</div>
<div class="form-group">
<label class="col-sm-9"></label>
<div class="col-sm-3"><input type="text" class="form-control" id="cari" name="cari" placeholder="Cari pelanggan" ></div>
function cek_login($user, $pass)
{
$koneksi = new koneksi();
$user = e_code($user);
$pass = e_code($pass);
$qCek = "SELECT `pemakai`.`id`, `pemakai`.`id_karyawan`, `karyawan`.`nama`, `karyawan`.`id_level`, `karyawan`.`jk` FROM `pemakai` INNER JOIN `karyawan` \n\t\t\tON (`pemakai`.`id_karyawan` = `karyawan`.`id`) WHERE `pemakai`.`user` = '{$user}' AND `pemakai`.`kunci` = '{$pass}' AND `pemakai`.`hapus` = '0';";
if ($resCek = $koneksi->runQuery($qCek)) {
if ($resCek->num_rows > 0) {
$rsCek = $resCek->fetch_array();
$_SESSION['en-data'] = e_code($rsCek['id_karyawan']);
$_SESSION['en-nama'] = $rsCek['nama'];
$_SESSION['en-level'] = $rsCek['id_level'];
$_SESSION['en-jk'] = $rsCek['jk'];
$qLog = "INSERT INTO `log_login`(`id_user`) VALUES ('" . $rsCek['id'] . "');";
$qLog .= "UPDATE `kuota_penjualan` SET `jml_alokasi` = 0 WHERE `tgl` < '" . date("Y-m-d") . "';";
$log = $koneksi->runMultipleQueries($qLog);
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
<div class="modal fade " id="mdl-tambah-user" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4 class="modal-title">Tambah User</h4>
</div>
<div class="modal-body">
<form id="frm-tambah-user" action="#" method="POST" role="form">
<input type="hidden" class="form-control" id="apa" name="apa" value="tambah-user">
<div class="form-group">
<select class="form-control" id="cmb-karyawan" name="cmb-karyawan">
<?php
if ($daftar = $data->get_karyawan_not_user()) {
while ($rs = $daftar->fetch_array()) {
echo "<option value='" . e_code($rs['id']) . "'>" . $rs['nama'] . "</option>";
}
}
?>
</select>
</div>
<div class="form-group">
<input type="text" class="form-control" id="txt-tambah-user" name="txt-tambah-user" placeholder="Masukkan Username">
</div>
<div class="form-group">
<input type="password" class="form-control" id="txt-tambah-pass" name="txt-tambah-pass" placeholder="Masukkan Password">
</div>
<div class="form-group">
<input type="password" class="form-control" id="txt-tambah-pass2" name="txt-tambah-pass2" placeholder="Masukkan Password Lagi">
</div>
</form>
echo e_code($rs['id']);
?>
&nama=<?php
echo $rs['nama'];
?>
" class="btn btn-success btn-sm">Edit</a> <a href="./?no_spa=<?php
echo e_url("app/set-menu.php");
?>
&id=<?php
echo e_code($rs['id']);
?>
&nama=<?php
echo $rs['nama'];
?>
" data-hash="user-menu" class="btn btn-danger btn-orange btn-sm link-menu">Menu</a> <button class="btn btn-danger btn-sm non-aktif" data-id="<?php
echo e_code($rs['id']);
?>
" >Hapus</button>
</div>
</div>
</div>
</div>
<?php
}
}
?>
<!--
