} else { if ($fcommand == 'update') { // Update User Level $query = "UPDATE tuser SET \n\t\t\t\t\t\t\t\t\t\t\t\tuser_name='{$fname}',\n\t\t\t\t\t\t\t\t\t\t\t\tuser_completename='{$fcompletename}',\n\t\t\t\t\t\t\t\t\t\t\t\tlevel_id='{$flevel}'\n\t\t\t\t\t\t\t\t\t\t\tWHERE user_id='{$fid}'"; if ($result = $mysqli->query($query)) { $alert[] = array('type' => 'success', 'message' => 'Data User berhasil diubah.'); // Insert Activity Log addLog($mysqli, $flogin['user_id'], $fcurrpage['category'] . ' ' . $fcurrpage['name'], $fid, 'Ubah'); } else { $alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error); $isSuccess = false; } } } //Add Access Rights Session setAccessSession($mysqli, $flevel); } else { $isSuccess = false; } } if ($fcommand == 'delete') { $query = "UPDATE tuser SET user_deletedate='{$fdate}' WHERE user_id='{$fid}'"; if ($result = $mysqli->query($query)) { $alert[] = array('type' => 'success', 'message' => 'Data User telah berhasil dihapus.'); // Insert Activity Log addLog($mysqli, $flogin['user_id'], $fcurrpage['category'] . ' ' . $fcurrpage['name'], $fid, 'Hapus'); } else { $alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error); $isSuccess = false; } }
include 'config.php'; include 'function.php'; if (isset($_POST["bsignin"])) { $username = $mysqli->real_escape_string(strtoupper($_POST["fusername"])); $temppassword = $mysqli->real_escape_string($_POST["fpassword"]); $password = sha1(md5($temppassword)); $level = ""; $query = "SELECT u.user_id, u.user_name, u.user_completename, u.level_id, l.level_name\n\t\t\t\t\t\t\t\tFROM tuser u\n\t\t\t\t\t\t\t\tLEFT JOIN tuser_level l ON u.level_id = l.level_id\n\t\t\t\t\t\t\t\tWHERE user_name='{$username}' AND user_password='******' AND user_deletedate IS NULL"; if ($result = $mysqli->query($query)) { if ($result->num_rows > 0) { $duser = array(); while ($row = $result->fetch_assoc()) { $duser = $row; } $result->free(); //Add Login Session $_SESSION["login"] = $duser; //Add Access Rights Session setAccessSession($mysqli, $duser['level_id']); //INSERT ACTIVITY LOG addLog($mysqli, $duser["user_id"], '', '', 'Login'); header("Location: index.php"); } else { header("Location: login.php?err=2"); } } else { printf("Errormessage: %s\n", $mysqli->error); } } else { header("Location: login.php?err=1"); }
} } // Insert Level Access foreach ($fmodule as $value) { $mAC = isset($_POST['input'][$value]['c']) ? 1 : 0; $mAR = isset($_POST['input'][$value]['r']) ? 1 : 0; $mAU = isset($_POST['input'][$value]['u']) ? 1 : 0; $mAD = isset($_POST['input'][$value]['d']) ? 1 : 0; $mQuery = "INSERT INTO tlevel_access VALUES ('{$fid}','{$value}',{$mAC},{$mAR},{$mAU},{$mAD});"; if (!($mResult = $mysqli->query($mQuery))) { $alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error); $isSuccess = false; } } //Add Access Rights Session setAccessSession($mysqli, $fid); } else { $isSuccess = false; } } if ($fcommand == 'delete') { $query = "UPDATE tuser_level SET level_deletedate='{$fdate}' WHERE level_id='{$fid}'"; if ($result = $mysqli->query($query)) { $alert[] = array('type' => 'success', 'message' => 'Data Level User telah berhasil dihapus.'); // Insert Activity Log addLog($mysqli, $flogin['user_id'], $fcurrpage['category'] . ' ' . $fcurrpage['name'], $fid, 'Hapus'); } else { $alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error); $isSuccess = false; } }