} else {
if ($fcommand == 'update') {
// Update User Level
$query = "UPDATE tuser SET \n\t\t\t\t\t\t\t\t\t\t\t\tuser_name='{$fname}',\n\t\t\t\t\t\t\t\t\t\t\t\tuser_completename='{$fcompletename}',\n\t\t\t\t\t\t\t\t\t\t\t\tlevel_id='{$flevel}'\n\t\t\t\t\t\t\t\t\t\t\tWHERE user_id='{$fid}'";
if ($result = $mysqli->query($query)) {
$alert[] = array('type' => 'success', 'message' => 'Data User berhasil diubah.');
// Insert Activity Log
addLog($mysqli, $flogin['user_id'], $fcurrpage['category'] . ' ' . $fcurrpage['name'], $fid, 'Ubah');
} else {
$alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error);
$isSuccess = false;
}
}
}
//Add Access Rights Session
setAccessSession($mysqli, $flevel);
} else {
$isSuccess = false;
}
}
if ($fcommand == 'delete') {
$query = "UPDATE tuser SET user_deletedate='{$fdate}' WHERE user_id='{$fid}'";
if ($result = $mysqli->query($query)) {
$alert[] = array('type' => 'success', 'message' => 'Data User telah berhasil dihapus.');
// Insert Activity Log
addLog($mysqli, $flogin['user_id'], $fcurrpage['category'] . ' ' . $fcurrpage['name'], $fid, 'Hapus');
} else {
$alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error);
$isSuccess = false;
}
}
include 'config.php';
include 'function.php';
if (isset($_POST["bsignin"])) {
$username = $mysqli->real_escape_string(strtoupper($_POST["fusername"]));
$temppassword = $mysqli->real_escape_string($_POST["fpassword"]);
$password = sha1(md5($temppassword));
$level = "";
$query = "SELECT u.user_id, u.user_name, u.user_completename, u.level_id, l.level_name\n\t\t\t\t\t\t\t\tFROM tuser u\n\t\t\t\t\t\t\t\tLEFT JOIN tuser_level l ON u.level_id = l.level_id\n\t\t\t\t\t\t\t\tWHERE user_name='{$username}' AND user_password='******' AND user_deletedate IS NULL";
if ($result = $mysqli->query($query)) {
if ($result->num_rows > 0) {
$duser = array();
while ($row = $result->fetch_assoc()) {
$duser = $row;
}
$result->free();
//Add Login Session
$_SESSION["login"] = $duser;
//Add Access Rights Session
setAccessSession($mysqli, $duser['level_id']);
//INSERT ACTIVITY LOG
addLog($mysqli, $duser["user_id"], '', '', 'Login');
header("Location: index.php");
} else {
header("Location: login.php?err=2");
}
} else {
printf("Errormessage: %s\n", $mysqli->error);
}
} else {
header("Location: login.php?err=1");
}
}
}
// Insert Level Access
foreach ($fmodule as $value) {
$mAC = isset($_POST['input'][$value]['c']) ? 1 : 0;
$mAR = isset($_POST['input'][$value]['r']) ? 1 : 0;
$mAU = isset($_POST['input'][$value]['u']) ? 1 : 0;
$mAD = isset($_POST['input'][$value]['d']) ? 1 : 0;
$mQuery = "INSERT INTO tlevel_access VALUES ('{$fid}','{$value}',{$mAC},{$mAR},{$mAU},{$mAD});";
if (!($mResult = $mysqli->query($mQuery))) {
$alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error);
$isSuccess = false;
}
}
//Add Access Rights Session
setAccessSession($mysqli, $fid);
} else {
$isSuccess = false;
}
}
if ($fcommand == 'delete') {
$query = "UPDATE tuser_level SET level_deletedate='{$fdate}' WHERE level_id='{$fid}'";
if ($result = $mysqli->query($query)) {
$alert[] = array('type' => 'success', 'message' => 'Data Level User telah berhasil dihapus.');
// Insert Activity Log
addLog($mysqli, $flogin['user_id'], $fcurrpage['category'] . ' ' . $fcurrpage['name'], $fid, 'Hapus');
} else {
$alert[] = array('type' => 'danger', 'message' => "Errormessage: " . $mysqli->error);
$isSuccess = false;
}
}
