fix: undefined variables and wrong column name in add_pend.php, scanner improvements

2026-01-21 22:36:25 +08:00
parent 334d24b6b8
commit ed732162e0
5 changed files with 104 additions and 44 deletions
--- a/admin/pend/add_pend.php
+++ b/admin/pend/add_pend.php
@@ -334,13 +334,46 @@ window.addEventListener('load', function() {
        $nik = $_POST['nik'];
        $cek_nik = mysqli_query($koneksi, "SELECT * FROM tb_pdd WHERE nik='$nik'");
        if(mysqli_num_rows($cek_nik) > 0){
-             echo "<script>
-              Swal.fire({title: 'Gagal',text: 'NIK sudah terdaftar dalam sistem!',icon: 'error',confirmButtonText: 'OK'
-              }).then((result) => {if (result.value){
-                  window.location = 'index.php?page=add-pend';
-                  }
-              })</script>";
-              return;
+             // AUTO-LINKING: Instead of blocking, we UPDATE the existing record with Scan Data
+             // Sanitize input first before UPDATE
+             $nama = mysqli_real_escape_string($koneksi, $_POST['nama']);
+             $tempat_lh = mysqli_real_escape_string($koneksi, $_POST['tempat_lh']);
+             $tgl_lh = mysqli_real_escape_string($koneksi, $_POST['tgl_lh']);
+             $jekel = mysqli_real_escape_string($koneksi, $_POST['jekel']);
+             $desa = mysqli_real_escape_string($koneksi, $_POST['desa']);
+             $rt = mysqli_real_escape_string($koneksi, $_POST['rt']);
+             $rw = mysqli_real_escape_string($koneksi, $_POST['rw']);
+             $agama = mysqli_real_escape_string($koneksi, $_POST['agama']);
+             $kawin = mysqli_real_escape_string($koneksi, $_POST['kawin']);
+             $pekerjaan = mysqli_real_escape_string($koneksi, $_POST['pekerjaan']);
+             $kewarganegaraan = mysqli_real_escape_string($koneksi, $_POST['kewarganegaraan']);
+
+              $sql_update = "UPDATE tb_pdd SET 
+                nama='$nama', 
+                tempat_lh='$tempat_lh', 
+                tgl_lh='$tgl_lh', 
+                jekel='$jekel', 
+                desa='$desa', 
+                rt='$rt', 
+                rw='$rw', 
+                agama='$agama', 
+                kawin='$kawin', 
+                pekerjaan='$pekerjaan', 
+                kewarganegaraan='$kewarganegaraan',
+                foto_ktp='$nama_file'
+                WHERE nik='$nik'";
+            
+            $query_update = mysqli_query($koneksi, $sql_update);
+            
+            if ($query_update) {
+                echo "<script>
+                Swal.fire({title: 'Data Diperbarui',text: 'NIK sudah ada, data penduduk telah diperbarui dengan hasil scan KTP.',icon: 'success',confirmButtonText: 'OK'
+                }).then((result) => {if (result.value){
+                    window.location = 'index.php?page=data-pend';
+                    }
+                })</script>";
+                return;
+            }
        }

        // Sanitize Input to prevent SQL Injection & Syntax Errors