Fix login issues: disable captcha temporarily, remove BINARY username, add error debugging. Fix level mapping for user management.

2026-01-22 07:55:28 +08:00
parent 05dd3f2a67
commit b337288d01
3 changed files with 76 additions and 46 deletions
--- a/admin/pengguna/add_pengguna.php
+++ b/admin/pengguna/add_pengguna.php
@@ -30,11 +30,11 @@
 			<div class="form-group row">
 				<label class="col-sm-2 col-form-label">Level</label>
 				<div class="col-sm-4">
-					<select name="level" id="level" class="form-control">
-						<option>- Pilih -</option>
-						<option>Administrator</option>
-						<option>Kaur Pemerintah</option>
-					</select>
+					<select name="level" id="level" class="form-control">
+						<option value="">- Pilih -</option>
+						<option value="Administrator">Administrator</option>
+						<option value="Kaur Pemerintah">Kaur Pemerintah</option>
+					</select>
 				</div>
 			</div>

@@ -48,14 +48,21 @@

 <?php

-    if (isset ($_POST['Simpan'])){
-    //mulai proses simpan data
-        $sql_simpan = "INSERT INTO tb_pengguna (nama_pengguna,username,password,level) VALUES (
-        '".$_POST['nama_pengguna']."',
-        '".$_POST['username']."',
-        '".$_POST['password']."',
-        '".$_POST['level']."')";
-        $query_simpan = mysqli_query($koneksi, $sql_simpan);
+    if (isset ($_POST['Simpan'])){
+    // Map level untuk database (enum: 'admin', 'kaur')
+    $level_map = [
+        'Administrator' => 'admin',
+        'Kaur Pemerintah' => 'kaur'
+    ];
+    $level_db = isset($level_map[$_POST['level']]) ? $level_map[$_POST['level']] : $_POST['level'];
+    
+    //mulai proses simpan data
+        $sql_simpan = "INSERT INTO tb_pengguna (nama_pengguna,username,password,level) VALUES (
+        '".$_POST['nama_pengguna']."',
+        '".$_POST['username']."',
+        '".$_POST['password']."',
+        '".$level_db."')";
+        $query_simpan = mysqli_query($koneksi, $sql_simpan);
        mysqli_close($koneksi);

    if ($query_simpan) {
--- a/admin/pengguna/edit_pengguna.php
+++ b/admin/pengguna/edit_pengguna.php
@@ -46,17 +46,29 @@
 			<div class="form-group row">
 				<label class="col-sm-2 col-form-label">Level</label>
 				<div class="col-sm-4">
-					<select name="level" id="level" class="form-control">
-						<option value="">-- Pilih Level --</option>
-						<?php
-                //menhecek data yg dipilih sebelumnya
-                if ($data_cek['level'] == "Administrator") echo "<option value='Administrator' selected>Administrator</option>";
-                else echo "<option value='Administrator'>Administrator</option>";
-
-                if ($data_cek['level'] == "Kaur Pemerintah") echo "<option value='Kaur Pemerintah' selected>Kaur Pemerintah</option>";
-                else echo "<option value='Kaur Pemerintah'>Kaur Pemerintah</option>";
-            ?>
-					</select>
+					<select name="level" id="level" class="form-control">
+						<option value="">-- Pilih Level --</option>
+						<?php
+                // Mapping level dari database ke tampilan
+                $level_display_map = [
+                    'admin' => 'Administrator',
+                    'kaur' => 'Kaur Pemerintah',
+                    'Administrator' => 'Administrator', // backward compatibility
+                    'Kaur Pemerintah' => 'Kaur Pemerintah'
+                ];
+                $current_level = $data_cek['level'];
+                $current_display = isset($level_display_map[$current_level]) ? $level_display_map[$current_level] : $current_level;
+                
+                // Opsi Administrator
+                if ($current_display == "Administrator") {
+                    echo "<option value='Administrator' selected>Administrator</option>";
+                    echo "<option value='Kaur Pemerintah'>Kaur Pemerintah</option>";
+                } else {
+                    echo "<option value='Administrator'>Administrator</option>";
+                    echo "<option value='Kaur Pemerintah' selected>Kaur Pemerintah</option>";
+                }
+            ?>
+					</select>
 				</div>
 			</div>

@@ -72,14 +84,21 @@

 <?php

-    if (isset ($_POST['Ubah'])){
-    $sql_ubah = "UPDATE tb_pengguna SET
-        nama_pengguna='".$_POST['nama_pengguna']."',
-        username='".$_POST['username']."',
-        password='".$_POST['password']."',
-        level='".$_POST['level']."'
-        WHERE id_pengguna='".$_POST['id_pengguna']."'";
-    $query_ubah = mysqli_query($koneksi, $sql_ubah);
+    if (isset ($_POST['Ubah'])){
+    // Map level untuk database (enum: 'admin', 'kaur')
+    $level_map = [
+        'Administrator' => 'admin',
+        'Kaur Pemerintah' => 'kaur'
+    ];
+    $level_db = isset($level_map[$_POST['level']]) ? $level_map[$_POST['level']] : $_POST['level'];
+    
+    $sql_ubah = "UPDATE tb_pengguna SET
+        nama_pengguna='".$_POST['nama_pengguna']."',
+        username='".$_POST['username']."',
+        password='".$_POST['password']."',
+        level='".$level_db."'
+        WHERE id_pengguna='".$_POST['id_pengguna']."'";
+    $query_ubah = mysqli_query($koneksi, $sql_ubah);
    mysqli_close($koneksi);

    if ($query_ubah) {
--- a/login.php
+++ b/login.php
@@ -1,4 +1,6 @@
 <?php
+  error_reporting(E_ALL);
+  ini_set('display_errors', 1);
  include "inc/koneksi.php";
  session_start();
 ?>
@@ -64,7 +66,7 @@
 						</div>
 					</div>
 					<div class="input-group mb-3">
-						<input type="text" class="form-control" name="captcha_input" placeholder="Captcha (di-bypass)">
+						<input type="text" class="form-control" name="captcha_input" placeholder="Masukkan kode captcha" required>
 						<div class="input-group-append">
 							<div class="input-group-text">
 								<img src="inc/captcha.php" alt="CAPTCHA">
@@ -108,20 +110,18 @@ if (isset($_POST['btnLogin'])) {
 	$username=mysqli_real_escape_string($koneksi,$_POST['username']);
 	$password=mysqli_real_escape_string($koneksi,$_POST['password']);
 	
-	//validasi captcha
-	/* Bypassed for development
-	if ($_POST["captcha_input"] != $_SESSION["captcha_code"]) {
-		echo "<script>
-			Swal.fire({title: 'Login Gagal',text: 'Kode Captcha Salah',icon: 'error',confirmButtonText: 'OK'
-			}).then((result) => {if (result.value)
-				{window.location = 'login.php';}
-			})</script>";
-			exit;
-	}
-	*/
+	//validasi captcha - DISABLED SEMENTARA UNTUK DEBUG
+	// if ($_POST["captcha_input"] != $_SESSION["captcha_code"]) {
+	// 	echo "<script>
+	// 		Swal.fire({title: 'Login Gagal',text: 'Kode Captcha Salah',icon: 'error',confirmButtonText: 'OK'
+	// 		}).then((result) => {if (result.value)
+	// 			{window.location = 'login.php';}
+	// 		})</script>";
+	// 		exit;
+	// }

 	//query login
-	$sql_login = "SELECT * FROM tb_pengguna WHERE BINARY username='$username' AND password=MD5('$password')";
+	$sql_login = "SELECT * FROM tb_pengguna WHERE username='$username' AND password=MD5('$password')";
 	$query_login = mysqli_query($koneksi, $sql_login);
 	$data_login = mysqli_fetch_array($query_login,MYSQLI_BOTH);
 	$jumlah_login = mysqli_num_rows($query_login);
@@ -141,8 +141,12 @@ if (isset($_POST['btnLogin'])) {
 				{window.location = 'index.php';}
 			})</script>";
 		}else{
+		$error_msg = "Username atau password salah";
+		if (!$query_login) {
+			$error_msg = "Database error: " . mysqli_error($koneksi);
+		}
 		echo "<script>
-			Swal.fire({title: 'Login Gagal',text: '',icon: 'error',confirmButtonText: 'OK'
+			Swal.fire({title: 'Login Gagal',text: '$error_msg',icon: 'error',confirmButtonText: 'OK'
 			}).then((result) => {if (result.value)
 				{window.location = 'login.php';}
 			})</script>";