function ubah_user($id, $user, $pass) { $id = $this->clearText(d_code($id)); $user = $this->clearText(e_code($user)); $pass = $this->clearText(e_code($pass)); if ($result = $this->runQuery("UPDATE `pemakai` SET `user` = '{$user}', `kunci` = '{$pass}' WHERE `id` = '{$id}'")) { return TRUE; } else { return FALSE; } }
<!DOCTYPE html> <html> <head> <title></title> </head> <body> <?php include 'inc/blob.php'; if (isset($_POST['nama']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['status'])) { echo "nama : " . e_code($_POST['nama']) . "<br>user : "******"<br>pass : "******"<br>status : " . e_code($_POST['status']); } ?> <hr> <form action="xxx.php" method="post"> <input type="text" name="nama" placeholder="nama" > <input type="text" name="user" placeholder="user"> <input type="text" name="pass" placeholder="pass"> <input type="text" name="status" placeholder="status"> <button type="submit"> HLO ..! </button> </form> </body> </html>
if ($_SESSION['media-status'] == e_code("2") || $_SESSION['media-status'] == e_code("9")) { if ($level1 = $menu->cek_menu_admin("1", "0")) { while ($rs1 = $level1->fetch_assoc()) { if ($level2 = $menu->cek_menu_admin("2", $rs1['id'])) { echo "<li class='dropdown'> <a href='#'> <i class='fa fa-chevron-down'></i> <i class='" . $rs1['icon'] . "'></i> " . $rs1['nama'] . "</a>\n\t\t\t\t\t<ul class='sub-menu-sidr'>"; while ($rs2 = $level2->fetch_assoc()) { echo "<li><a href='#' class='link-menu' data-link='" . e_url($rs2['url']) . "' data-hash='" . $rs2['title'] . "' ><i class='" . $rs2['icon'] . "'></i> " . $rs2['nama'] . "</a></li>"; } echo "</ul></li>"; } else { echo "<li> <a href='#' class='link-menu' data-link='" . e_url($rs1['url']) . "' data-hash='" . $rs1['title'] . "'> <i class='" . $rs1['icon'] . "'></i>" . $rs1['nama'] . "</a> </li>"; } } } //------------ jika admin } elseif ($_SESSION['media-status'] == e_code("1")) { if ($level1 = $menu->cek_menu(d_code($_SESSION['media-data']), '1', '0')) { while ($rs1 = $level1->fetch_assoc()) { if ($level2 = $menu->cek_menu(d_code($_SESSION['media-data']), '2', $rs1['id'])) { echo "<li class='dropdown'> <a href='#'> <i class='fa fa-chevron-down'></i> <i class='" . $rs1['icon'] . "'></i> " . $rs1['nama'] . "</a>\n\t\t\t\t\t<ul class='sub-menu-sidr'>"; while ($rs2 = $level2->fetch_assoc()) { echo "<li><a href='#' class='link-menu' data-link='" . e_url($rs2['url']) . "' data-hash='" . $rs2['title'] . "' ><i class='" . $rs2['icon'] . "'></i> " . $rs2['nama'] . "</a></li>"; } echo "</ul></li>"; } else { echo "<li> <a href='#' class='link-menu' data-link='" . e_url($rs1['url']) . "' data-hash='" . $rs1['title'] . "'> <i class='" . $rs1['icon'] . "'></i>" . $rs1['nama'] . "</a> </li>"; } } } } ?>
function rubah_status($id, $status) { $id = $this->clearText($id); $status = e_code($status); if ($query = $this->runQuery("UPDATE `pemakai` SET `status` = '{$status}' WHERE `id` = '{$id}' ")) { return TRUE; } else { return FALSE; } }
function cek_login($user, $pass) { $koneksi = new koneksi(); $user = e_code($user); $pass = e_code($pass); if ($hmm = $koneksi->runQuery("SELECT `pemakai`.`id`,`pemakai`.`user`,`pemakai`.`kunci`,`pemakai`.`status`, `karyawan`.`nama` , `karyawan`.`id` as `id_kar`, `karyawan`.`level`, `karyawan`.`area`, `area`.`area` AS `nama_area` FROM `pemakai` INNER JOIN `karyawan` ON `karyawan`.`id` = `pemakai`.`id_karyawan` INNER JOIN `area` ON `karyawan`.`area` = `area`.`id` WHERE `pemakai`.`user`='{$user}' && `pemakai`.`kunci`='{$pass}' ")) { if ($hmm->num_rows > 0) { $rs = $hmm->fetch_array(); if ($rs['status'] != e_code('99')) { $log = $koneksi->runQuery("INSERT INTO `log_login`(`id_user`,`time`) VALUES ('" . $rs['id'] . "', '" . date("Y-m-d H:i:s") . "')"); } $_SESSION['media-data'] = e_code($rs['id']); $_SESSION['media-nama'] = $rs['nama']; $_SESSION['media-status'] = $rs['status']; if (is_null($rs['id_kar'])) { $_SESSION['media-id'] = "%"; $_SESSION['media-level'] = "%"; $_SESSION['media-area'] = "%"; $_SESSION['media-namaarea'] = "%"; } else { $_SESSION['media-id'] = $rs['id_kar']; $_SESSION['media-level'] = $rs['level']; $_SESSION['media-area'] = $rs['area']; $_SESSION['media-namaarea'] = $rs['nama_area']; } return TRUE; } else { return FALSE; } } else { return FALSE; } }
} else { $arr['status'] = FALSE; $arr['msg'] = "Gagal menyimpan.."; } } else { $arr['status'] = FALSE; $arr['msg'] = "Lengkapi terlebih dahulu.."; } echo json_encode($arr); break; case "daftar-do": if (isset($_POST['tglAwal']) && isset($_POST['tglAkhir'])) { $collect = array(); $tglAwal = $_POST['tglAwal']; $tglAkhir = $_POST['tglAkhir']; if ($_SESSION['media-status'] == e_code("2") || $_SESSION['media-status'] == e_code("9") || $_SESSION['media-level'] == "2") { $area = "%"; } else { $area = $_SESSION['media-area']; } if ($query = $data->daftar_do($area, $_SESSION['media-id'], $tglAwal, $tglAkhir, "%")) { while ($rs = $query->fetch_array()) { $detail = array(); array_push($detail, $rs["no"]); array_push($detail, $rs["tgl_do"]); array_push($detail, $rs["nama"]); array_push($detail, $rs["nama_area"]); switch ($rs["status"]) { case "1": $status = "Diajukan"; break;
function cek_login($user, $pass) { $koneksi = new koneksi(); $user = e_code($user); $pass = e_code($pass); $qCek = "SELECT `pemakai`.`id`, `pemakai`.`nama`, `pemakai`.`jk` FROM `pemakai` WHERE `pemakai`.`user` = '{$user}' AND `pemakai`.`kunci` = '{$pass}' AND `pemakai`.`hapus` = '0';"; if ($resCek = $koneksi->runQuery($qCek)) { if ($resCek->num_rows > 0) { $rsCek = $resCek->fetch_array(); $_SESSION['en-data'] = e_code($rsCek['id']); $_SESSION['en-nama'] = $rsCek['nama']; $_SESSION['en-jk'] = $rsCek['jk']; $log = $koneksi->runQuery("INSERT INTO `log_login`(`id_user`) VALUES ('" . $rsCek['id'] . "')"); return TRUE; } else { return FALSE; } } else { return FALSE; } }
<?php if (isset($_POST['user']) && isset($_POST['password']) && isset($_POST['password2']) && $_POST['user'] != "" && $_POST['password'] != "" && $_POST['password2'] != "" && strlen($_POST['password']) > 3 && $_POST['password'] == $_POST['password2']) { $data = new koneksi(); $user = e_code($_POST['user']); $kunci = e_code($_POST['password']); $id = d_code($_SESSION['media-data']); if ($edit = $data->runQuery("UPDATE `pemakai` SET `user` = '{$user}' , `kunci` = '{$kunci}' WHERE `id` = '{$id}' ")) { echo "<script> alert('data tersimpan.. silahkan login kembali !'); window.location = './login/'; </script>"; } else { echo "<script> alert('Error..! Gagal menyimpan..'); </script>"; } } else { echo "<script> alert('Silahkan cek kembali..!'); </script>"; }
<div class="col-md-3"> </div> </div> <hr> <form action="#" method="POST" id="form-do" name="form-do" > <div class="row"> <div class="col-xs-12"> <div class="form-group"> <label class="col-sm-9"></label> <div class="col-sm-3"> Search : <select class="form-control" id="cmb-area"> <?php if ($_SESSION['media-status'] == e_code("2") || $_SESSION['media-status'] == e_code("9")) { if ($result = $data->runQuery("SELECT `id`, `area` FROM `area` WHERE `hapus` = '0'")) { while ($rs = $result->fetch_array()) { echo "<option value='" . $rs['id'] . "'>" . $rs['area'] . "</option>"; } } } else { echo "<option value='" . $_SESSION['media-area'] . "'>" . $_SESSION['media-namaarea'] . "</option>"; } ?> </select> </div> </div> <div class="form-group"> <label class="col-sm-9"></label> <div class="col-sm-3"><input type="text" class="form-control" id="cari" name="cari" placeholder="Cari pelanggan" ></div>
function cek_login($user, $pass) { $koneksi = new koneksi(); $user = e_code($user); $pass = e_code($pass); $qCek = "SELECT `pemakai`.`id`, `pemakai`.`id_karyawan`, `karyawan`.`nama`, `karyawan`.`id_level`, `karyawan`.`jk` FROM `pemakai` INNER JOIN `karyawan` \n\t\t\tON (`pemakai`.`id_karyawan` = `karyawan`.`id`) WHERE `pemakai`.`user` = '{$user}' AND `pemakai`.`kunci` = '{$pass}' AND `pemakai`.`hapus` = '0';"; if ($resCek = $koneksi->runQuery($qCek)) { if ($resCek->num_rows > 0) { $rsCek = $resCek->fetch_array(); $_SESSION['en-data'] = e_code($rsCek['id_karyawan']); $_SESSION['en-nama'] = $rsCek['nama']; $_SESSION['en-level'] = $rsCek['id_level']; $_SESSION['en-jk'] = $rsCek['jk']; $qLog = "INSERT INTO `log_login`(`id_user`) VALUES ('" . $rsCek['id'] . "');"; $qLog .= "UPDATE `kuota_penjualan` SET `jml_alokasi` = 0 WHERE `tgl` < '" . date("Y-m-d") . "';"; $log = $koneksi->runMultipleQueries($qLog); return TRUE; } else { return FALSE; } } else { return FALSE; } }
<div class="modal fade " id="mdl-tambah-user" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h4 class="modal-title">Tambah User</h4> </div> <div class="modal-body"> <form id="frm-tambah-user" action="#" method="POST" role="form"> <input type="hidden" class="form-control" id="apa" name="apa" value="tambah-user"> <div class="form-group"> <select class="form-control" id="cmb-karyawan" name="cmb-karyawan"> <?php if ($daftar = $data->get_karyawan_not_user()) { while ($rs = $daftar->fetch_array()) { echo "<option value='" . e_code($rs['id']) . "'>" . $rs['nama'] . "</option>"; } } ?> </select> </div> <div class="form-group"> <input type="text" class="form-control" id="txt-tambah-user" name="txt-tambah-user" placeholder="Masukkan Username"> </div> <div class="form-group"> <input type="password" class="form-control" id="txt-tambah-pass" name="txt-tambah-pass" placeholder="Masukkan Password"> </div> <div class="form-group"> <input type="password" class="form-control" id="txt-tambah-pass2" name="txt-tambah-pass2" placeholder="Masukkan Password Lagi"> </div> </form>
echo e_code($rs['id']); ?> &nama=<?php echo $rs['nama']; ?> " class="btn btn-success btn-sm">Edit</a> <a href="./?no_spa=<?php echo e_url("app/set-menu.php"); ?> &id=<?php echo e_code($rs['id']); ?> &nama=<?php echo $rs['nama']; ?> " data-hash="user-menu" class="btn btn-danger btn-orange btn-sm link-menu">Menu</a> <button class="btn btn-danger btn-sm non-aktif" data-id="<?php echo e_code($rs['id']); ?> " >Hapus</button> </div> </div> </div> </div> <?php } } ?> <!--