admin_area.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_session.php";
?>
<h2>Admin Area<h2>
<h3>Selamat datang <?php echo $_SESSION['tiketku'];?>, kamu login sebagai <?php echo $_SESSION['aksesnya']?></h3>
<p>
<?php
switch ($_SESSION['aksesnya']) {
case 'student':
echo "
<a href='student.php'>Mahasiswa</a> |
<a href='#'>Nilai</a> |
";
break;
case 'lecturer':
echo "
<a href='lecturer'>Lecturer</a> |
<a href='#'>Nilai</a> |
<a href='#'>Jadwal</a> |
";
break;
case 'chairman':
echo "
<a href='#'>Mahasiswa</a> |
<a href='#'>Dosen</a> |
<a href='#'>Jadwal</a> |
<a href='#'>Matakuliah</a> |
";
break;
default:
echo "Username kamu ngga punya akses mas bro!!!";
break;
}
?>
<a href='logout.php'>Logout</a>
</p>
</div>
login.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<h2>Login Area</h2>
<?php
$inisapiku = (empty($_GET['sapi']))?'':$_GET['sapi'];
// jika parameter sapi bernilai kosong
switch ($inisapiku) {
case '':
echo "<h3>Mari masuk gan...!!!</h3>";
break;
case 'failed':
echo "<h3>Coba lagi gan..!!!</h3>";
break;
default:
echo "<h3>Gan, harus login dulu..!!!</h3>";
break;
}
?>
<form action="login_check.php" method="post">
<p>
Username<br/>
<input type="text" name="username" value=""><br/>
</p>
<p>
Password<br/>
<input type="password" name="password" value=""><br/>
</p>
<input type="submit" value="Login" name="login">
</form>
</div>
bable_sort.php
<h3>
BUBBLE SHORT (ASC)
</h3>
<form action="" method="POST">
<p>
Input your number:
<input type="text" name="angka" value=""> <button type="submit" name="button" value="kirim">Urutkan</button>
</p>
</form>
<?php
function bubbleSort(array $arr) {
$sorted = false;
while (false === $sorted) {
$sorted = true;
for ($i = 0; $i < count($arr)-1; ++$i) {
$current = $arr[$i];
$next = $arr[$i+1];
if ($next < $current) {
$arr[$i] = $next;
$arr[$i+1] = $current;
$sorted = false;
}
}
}
return $arr;
}
if(!empty($_POST['button'])){
$arr = explode(',', $_POST['angka']);
$sortedArr = bubbleSort($arr);
echo '<p>Input result : '. $_POST['angka'].'</p>';
echo '<p>Output result : '.implode(',',$sortedArr).'</p>';
}
?>
database.sql
/*
SQLyog Ultimate v11.21 (32 bit)
MySQL - 5.1.33 : Database - jijo_praktikum_uty
*********************************************************************
*/
/*!40101 SET NAMES utf8 */;
/*!40101 SET SQL_MODE=''*/;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
/*Table structure for table `tb_admin` */
DROP TABLE IF EXISTS `tb_admin`;
CREATE TABLE `tb_admin` (
`admin_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`admin_name` varchar(50) DEFAULT NULL,
`admin_username` char(6) DEFAULT NULL,
`admin_password` char(32) DEFAULT NULL,
`admin_level` varchar(10) DEFAULT NULL,
PRIMARY KEY (`admin_id`)
) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=latin1;
/*Data for the table `tb_admin` */
insert into `tb_admin`(`admin_id`,`admin_name`,`admin_username`,`admin_password`,`admin_level`) values (1,'ANAM','mhs','0357a7592c4734a8b1e12bc48e29e9e9','student'),(2,'DOSEN','dosen','ce28eed1511f631af6b2a7bb0a85d636','lecturer');
/*Table structure for table `tb_student` */
DROP TABLE IF EXISTS `tb_student`;
CREATE TABLE `tb_student` (
`student_id` int(11) NOT NULL AUTO_INCREMENT,
`student_nim` char(10) NOT NULL,
`student_name` varchar(50) DEFAULT NULL,
`student_address` text,
`student_phone` varchar(15) DEFAULT NULL,
PRIMARY KEY (`student_id`)
) ENGINE=MyISAM AUTO_INCREMENT=15 DEFAULT CHARSET=latin1;
/*Data for the table `tb_student` */
insert into `tb_student`(`student_id`,`student_nim`,`student_name`,`student_address`,`student_phone`) values (4,'1000000003','Test 4','Test 4','897987987987'),(5,'1000000004','Test 5','Test 5','897987987987'),(6,'1000000005','Test 6','Test 6','897987987987'),(7,'1000000006','Test 7','Test 7','897987987987'),(8,'1000000007','Test 8','Test 8','897987987987'),(9,'1000000008','Test 9','Test 9','897987987987'),(11,'9883748576','asdfasdf','<strong style=\"color:pink\">TEST</strong>','asdfasdf'),(12,'7263849587','lala','<a href="logout.php">vulnerability</a>','09876723836'),(13,'0987878372','asdfasdfasd','<img src="05.jpg" style="width:100%">','asdfasdf'),(14,'7263849584','asdfasdf','<script>alert(document.cookie);</script>','asdfasdfasdf');
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
grafik.php
<?php
$arrData = array(
array('tahun'=>1980, 'jumlah' => '5000'),
array('tahun'=>1981, 'jumlah' => '4000'),
array('tahun'=>1982, 'jumlah' => '700'),
array('tahun'=>1983, 'jumlah' => '2000'),
array('tahun'=>1984, 'jumlah' => '3500'),
array('tahun'=>1985, 'jumlah' => '1250')
);
?>
<div style="width:80%;margin-left:auto;margin-right:auto;">
<h2>Data Penduduk</h2>
<h3>Data Tabel</h3>
<table border="1px" cellpadding="0px" cellspacing="0px">
<tr>
<th style="width:50px">No<th>
<th style="width:100px">Tahun<th>
<th style="width:100px">Jumlah<th>
<th>Panjang Grafik (n*15/100) (px)<th>
</tr>
<?php
if(empty($arrData)){
?>
<tr>
<td colsplan="4"><em> -- Data Tidak Ditemukan -- </em><td>
</tr>
<?php
} else {
// tampilkan dalam bentuk table
$no = 0;
foreach ($arrData as $key => $value) {
$no++;
?>
<tr>
<td><?php echo $no;?><td>
<td><?php echo $value['tahun'];?><td>
<td><?php echo $value['jumlah']?><td>
<td><?php echo $value['jumlah']*15/100?><td>
</tr>
<?php
}
}
?>
</table>
<p>
<a href="print_excell.php" target="_blank">
<button>Cetak Xlsx</button>
</a>
</p>
<h3>Data Grafik</h3>
<?php
if(!empty($arrData)){
foreach ($arrData as $key => $value) {
$panjang = $value['jumlah']*13/100;
$jumlah[] = $value['jumlah'];
echo "<div style='float:left;margin-right:10px;'>".$value['tahun']."</div>";
echo "<div style='float:left;height:15px;width:".$panjang.";background-color:green;'></div> ".$value['jumlah']."<br/><br/>";
}
echo "<hr/>";
echo "<div style='float:left;margin-right:10px;'> </div>";
$maxnilai = max($jumlah)*13/100;
$panjang = $maxnilai/4;
for ($i=0; $i <= 4 ; $i++) {
$p = (1250*$i);
echo "<div style='float:left;width:".$panjang.";'>|".$p."</div>";
}
}
?>
</div>
inc-db.php
<?php
$server = "127.0.0.1";
$user = "root";
$pass = "";
$db = "db_anam";
$connect = mysql_connect($server,$user,$pass);
$selectDb = mysql_select_db($db,$connect);
if($selectDb){
//echo "Connection is true";
} else {
echo "No database Found";
}
?>
inc-level-lecture.php
<?php
if($_SESSION['aksesnya'] != 'lecturer'){
echo "<h3>You can't access this page!!!</h3>";
echo "<a href='admin_area.php'>Back</a>";
exit;
}
?>
inc_level_student.php
<?php
if($_SESSION['aksesnya'] != 'student'){
echo "<h3>You can't access this page!!!</h3>";
echo "<a href='admin_area.php'>Back</a>";
exit;
}
?>
inc_level_session.php
<?php
session_start();
if(empty($_SESSION['idnya'])){
header("location:login.php?sapi=hack");
}
?>
lecture.php
<?php
include "inc_session.php";
include "inc_level_lecturer.php";
?>
<h3>Lecturer Page</h3>
login_check.php
<?php
// Aambil file koneksi dengan perintah include
include "inc_db.php";
//ambil nilai yang dikirimkan dari login.php
$var_username = mysql_escape_string($_POST['username']);
//enkripsi password dengan md5
$var_password = md5($_POST['password']);
//query untuk mengambil data user dari table tb_admin
$sql = "
SELECT
admin_id,
admin_name,
admin_username,
admin_password,
admin_level
FROM
tb_admin
WHERE
admin_username = '{$var_username}'
AND admin_password = '{$var_password}'
";
//eksekusi query
$result = mysql_query($sql);
//tampilkan total data dari hasil eksekusi query
$total_row = mysql_num_rows($result);// or die('Query ada yang error');
//jika tidak ada data dari query lempar ke halaman login
if($total_row == 0){
header("location:login.php?sapi=failed");
} else {
session_start();
//tampilkan data dari hasil query
$data = mysql_fetch_array($result);
//ambil data dari field admin_id, admin_name, admin_level
//kemudian simpan kedalam variable session
$_SESSION['idnya'] = $data['admin_id'];
$_SESSION['tiketku'] = $data['admin_name'];
$_SESSION['aksesnya'] = $data['admin_level'];
header("location:admin_area.php");
}
?>
logout.php
<?php
session_start();
session_destroy();
header("location:login.php");
?>
print_excel.php
<?php
require_once "Classes/PHPExcel.php";
$arrData = array(array('tahun' => 1980, 'jumlah' => '5000'), array('tahun' => 1981, 'jumlah' => '4000'), array('tahun' => 1982, 'jumlah' => '700'), array('tahun' => 1983, 'jumlah' => '2000'), array('tahun' => 1984, 'jumlah' => '3500'), array('tahun' => 1985, 'jumlah' => '1250'));
$objExcel = new PHPExcel();
$objExcel->setActiveSheetIndex(0);
$sheet = $objExcel->getActiveSheet();
// set default font setting for document
$sheet->getDefaultStyle()->getFont()->setName('Arial')->setSize('10');
// setting paging
$sheet->getPageSetup()->setOrientation(PHPExcel_Worksheet_PageSetup::ORIENTATION_LANDSCAPE);
$sheet->getPageSetup()->setFitToWidth(1);
$sheet->getPageSetup()->setFitToHeight(0);
$sheet->getPageSetup()->setHorizontalCentered(true);
$sheet->getPageSetup()->setVerticalCentered(false);
// set worksheet name
$sheet->setTitle('Penduduk');
$sheet->setShowGridlines(true);
// generate value
if (empty($arrData)) {
$sheet->setCellValue('A1', '-- Data Tidak Ditemukan --');
} else {
// set coloum
$sheet->getColumnDimension('A')->setWidth('7');
$sheet->getColumnDimension('B')->setWidth('15');
$sheet->getColumnDimension('C')->setWidth('15');
$sheet->SetCellValue('A1', 'NO');
$sheet->SetCellValue('B1', 'TAHUN');
$sheet->SetCellValue('C1', 'JUMLAH');
$setFirstColumn = '1';
$number = 0;
foreach ($arrData as $key => $value) {
$number++;
$value['number'] = $number;
$sheet->setCellValueByColumnAndRow(0, $setFirstColumn + $number, $value['number']);
$sheet->setCellValueByColumnAndRow(1, $setFirstColumn + $number, $value['tahun']);
$sheet->setCellValueByColumnAndRow(2, $setFirstColumn + $number, $value['jumlah']);
}
}
// Redirect output to a client’s web browser (Excel2007)
header('Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
header('Content-Disposition: attachment;filename="Penduduk_' . date('ymdHis') . '.xlsx"');
header('Cache-Control: max-age=0');
// Save Excel 2007 file
$objWriter = PHPExcel_IOFactory::createWriter($objExcel, 'Excel2007');
$objWriter->save('php://output');
$objExcel->disconnectWorksheets();
unset($objExcel);
?>
student.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
$keyword = (empty($_POST['keyword'])) ? '' : $_POST['keyword'];
$address = (empty($_POST['address'])) ? '' : $_POST['address'];
// tentukan default atau batas data yang akan dimunculkan
$limit = 4;
// cek apakah halaman kosong atau tidak
$page= (empty($_GET['page'])) ? 0 : $_GET['page'];
if(empty($page)){
$start = 0;
$page = 1;
} else {
// jika halaman tidak kosong maka tentukan nilai posisi page
// contoh : jika di page 2, maka (2-1) * 4
$start = ($page-1) * $limit;
}
// tampilkan data dengan start dan limit halaman
$sql = "
SELECT
SQL_CALC_FOUND_ROWS
student_id,
student_nim,
student_name,
student_address,
student_phone
FROM tb_student
WHERE
(student_name LIKE '%{$keyword}%' OR student_nim = '{$keyword}') AND
student_address LIKE '%{$address}%'
LIMIT {$start}, {$limit}
";
$result = mysql_query($sql);
$total_row = mysql_num_rows($result); /*mencari total data*/
// tampilkan total keseluruhan jumlah data
$sql_count = "
SELECT FOUND_ROWS() AS total
";
$result_count = mysql_query($sql_count);
$data_page = mysql_fetch_array($result_count);
$total_page = $data_page['total'];
// cari jumlah halaman
$page_count = ceil($total_page/$limit);
?>
<h2>STUDENT PAGE</h2>
<h3>SEARCH</h3>
<form action="student.php" method="POST">
<p>
NIM / NAME : <br/>
<input type="text" name="keyword" value="<?php echo $keyword?>">
</p>
<p>
ALAMAT : <br/>
<input type="text" name="address" value="<?php echo $address?>">
</p>
<p>
<button type="submit" name="btnsearch" value="search">Search</button>
<a href="student.php"><button type="button">Reset</button></a>
</p>
</form>
<!-- baris ini untuk panel back dan add -->
<div style="text-align:right">
<a href="admin_area.php"><button>BACK</button></a> <a href="student_add.php"><button>ADD</button></a>
</div>
<table border="1px" width="100%">
<tr>
<th width="">NOMOR</th>
<th>ACTION</th>
<th width="20%">NIM</th>
<th width="20%">NAME</th>
<th width="20%">ADDRESS</th>
<th width="17%">PHONE</th>
</tr>
<?php
if($total_row == 0){ /*check jika total data kosong*/
?>
<tr>
<th colspan="6" style="text-align:center">-- Data Tidak Ditemukan --</th>
</tr>
<?php
} else {
/*jika data tidak kosong, tampilkan data
dalam perulangan while*/
$no = $start + 1;
while ($data = mysql_fetch_array($result)){
?>
<tr>
<td style="text-align:center"><?php echo $no ?></td>
<td>
<a href="student_edit.php?nim=<?php echo $data['student_nim']?>"><button>EDIT</button></a>
<a href="student_delete.php?nim=<?php echo $data['student_nim']?>"><button>DELETE</button></a>
</td>
<td><?php echo $data['student_nim']?></td>
<td><?php echo $data['student_name']?></td>
<td><?php echo $data['student_address']?></td>
<td><?php echo $data['student_phone']?></td>
</tr>
<?php
$no++;
} /* end of while*/
} /* end of if*/
?>
</table>
<br/>
<h4>VERSI 1</h4>
Page :
<?php
for($i=1;$i<=$page_count;$i++){
if($i != $page){
echo "<a href='?page={$i}'>{$i}</a> | ";
} else {
echo "<b>{$i}</b> | ";
}
}
echo "<br/>Total Record : <b>{$total_page}</b>";
?>
<h4>VERSI 2</h4>
Data :
<?php
if($page > 1){
echo "<a href='?page=".($page-1)."'>Prev</a> | ";
} else {
echo "Prev | ";
}
$begin = ($total_page != 0) ? $start + 1 : $start;
$end = (($start + $limit) < $total_page) ? $start + $limit : $total_page;
echo "<b>".($begin)." - ".($end)."</b> dari <b>{$total_page}</b> data";
if($page < $page_count){
echo " | <a href='?page=".($page+1)." '>Next</a> ";
} else {
echo " | Next";
}
?>
</div>
student_add.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_db.php";
include "inc_session.php";
?>
<h2>STUDENT PAGE | ADD</h2>
<?php
// $get_message = empty($_GET['sapi'])?'':$_GET['sapi'];
// if($get_message == 'nimEmpty') {
// echo "<h3>NIM and NAME can't be empty</h3>";
// } elseif($get_message == 'nimExist') {
// echo "<h3>NIM already exist</h3>";
// }
?>
<div style="text-align:right">
<a href="student.php">BACK</a>
</div>
<form action="student_add_save.php" method="post">
<p>
NIM :<br/>
<input type="text" name="nim" value=""><br/>
</p>
<p>
NAME : <br/>
<input type="text" name="name" value=""><br/>
</p>
<p>
PHONE : <br/>
<input type="text" name="phone" value=""><br/>
</p>
<p>
ADDRESS : <br/>
<textarea name="address" cols="40px" rows="10px"></textarea>
<br/>
</p>
<button type="submit" name="add" value="add">Add</button>
</form>
</div>
student_add_save.php
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
if(!empty($_POST['add'])){
/*simpan data post ke dalam variable*/
$v_nim = $_POST['nim'];
$v_name = $_POST['name'];
$v_phone = $_POST['phone'];
$v_address = $_POST['address'];
$error = 0;
/*nim tidak boleh kosong*/
if(empty($v_nim)){
$error = 1;
}
/*nim harus 10 karakter*/
if(strlen($v_nim) != 10){
$error = 4;
}
/*nama tidak boleh kosong*/
if(empty($v_name)){
$error = 2;
}
/*check nim tidak boleh ada yang sama*/
$sql_check_nim = "
SELECT student_nim FROM tb_student WHERE student_nim = '{$v_nim}'
";
$result_check_nim = mysql_query($sql_check_nim);
$total_check_nim = mysql_num_rows($result_check_nim);
if($total_check_nim != 0){
$error = 3;
}
if($error != 0){
switch ($error) {
case 1:
$error_msg = "NIM cant't be empty";
break;
case 2:
$error_msg = "NAME cant't be empty";
break;
case 3:
$error_msg = "NIM already exist";
break;
case 4:
$error_msg = "NIM must be 10 characters (".$v_nim." = ".strlen($v_nim)." character)";
break;
}
echo "<h3>$error_msg</h3>";
echo "<a href='student_add.php'>BACK</a>";
exit;
}
/*query insert ke table tb_student*/
$sql = "
INSERT INTO tb_student
(student_nim, student_name, student_phone, student_address)
VALUES
('{$v_nim}', '{$v_name}', '{$v_phone}', '{$v_address}')
";
/*eksekusi query*/
$result = mysql_query($sql);
/*check hasil query dan berikan keterangan*/
if($result == true){
echo "<h3>Data has been saved</h3>";
echo "<a href='student.php'>Back To Student Page</a> | <a href='student_add.php'>Add More</a>";
} else {
echo "<h3>Failed to save data</h3>";
echo "<a href='student.php'>Back To Student Page</a> | <a href='student_add.php'>Add More</a>";
}
}
?>
student_delete.php
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
/*simpan data post ke dalam variable*/
$v_get_nim = (empty($_GET['nim']))?'':$_GET['nim'];
/*query delete data table tb_student*/
$sql = "
DELETE FROM tb_student WHERE student_nim = '{$v_get_nim}'
";
/*eksekusi query*/
$result = mysql_query($sql);
/*check hasil query dan berikan keterangan*/
if($result == true){
echo "<h3>Data has been deleted</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
} else {
echo "<h3>Failed to delete data</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
}
?>
student_edit.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_db.php"; /* koneksi ke database */
include "inc_session.php";
// request query string dari halaman student.php
$v_get_nim = (empty($_GET['nim']))?'':$_GET['nim'];
//query untuk menampilkan data yang akan di edit dengan syarat $v_get_nim
$sql_edit = "
SELECT
student_nim,
student_name,
student_address,
student_phone
FROM tb_student
WHERE student_nim = '{$v_get_nim}'
";
// eksekusi query
$result_edit = mysql_query($sql_edit);
// simpan hasil query pada $data_edit untuk di tampilkan
$data_edit = mysql_fetch_array($result_edit);
?>
<h2>STUDENT PAGE | EDIT</h2>
<div style="text-align:right">
<a href="student.php">BACK</a>
</div>
<form action="student_edit_save.php" method="post">
<p>
NIM :<br/>
<input type="text" name="nim" value="<?php echo $data_edit['student_nim']?>">
</p>
<p>
NAME : <br/>
<input type="text" name="name" value="<?php echo $data_edit['student_name']?>"><br/>
</p>
<p>
PHONE : <br/>
<input type="text" name="phone" value="<?php echo $data_edit['student_phone']?>"><br/>
</p>
<p>
ADDRESS : <br/>
<textarea name="address" cols="40px" rows="10px"><?php echo $data_edit['student_address']?></textarea>
<br/>
</p>
<input type="hidden" name="hidden_nim" value="<?php echo $data_edit['student_nim']?>">
<button type="submit" name="edit" value="edit">Edit</button>
</form>
</div>
student_edit_save.php
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
if(!empty($_POST['edit'])){
/*simpan data post ke dalam variable*/
$v_hidden_nim = $_POST['hidden_nim']; /*variable untuk syarat update*/
$v_new_nim = $_POST['nim']; /*variable untuk disimpan sebagai nim baru*/
$v_name = $_POST['name'];
$v_phone = $_POST['phone'];
$v_address = htmlentities($_POST['address'], ENT_QUOTES);
$error = 0;
/*nim tidak boleh kosong*/
if(empty($v_new_nim)){
$error = 1;
}
/*nim harus 10 karakter*/
if(strlen($v_new_nim) != 10){
$error = 4;
}
/*nama tidak boleh kosong*/
if(empty($v_name)){
$error = 2;
}
/*jika nim baru tidak sama dengan nim lama, maka lakukan pengecekan nim baru*/
if($v_new_nim != $v_hidden_nim){
/*check nim tidak boleh ada yang sama*/
$sql_check_nim = "
SELECT student_nim FROM tb_student WHERE student_nim = '{$v_new_nim}'
";
$result_check_nim = mysql_query($sql_check_nim);
$total_check_nim = mysql_num_rows($result_check_nim);
if($total_check_nim != 0){
$error = 3;
}
}
if($error != 0){
switch ($error) {
case 1:
$error_msg = "NIM cant't be empty";
break;
case 2:
$error_msg = "NAME cant't be empty";
break;
case 3:
$error_msg = "NIM already exist";
break;
case 4:
$error_msg = "NIM must be 10 characters (".$v_new_nim." = ".strlen($v_new_nim)." character)";
break;
}
echo "<h3>$error_msg</h3>";
echo "<a href='student_edit.php?nim=$v_hidden_nim'>BACK</a>";
exit;
}
/*query update ke table tb_student*/
$sql = "
UPDATE tb_student SET
student_nim = '{$v_new_nim}',
student_name = '{$v_name}',
student_phone = '{$v_phone}',
student_address = '{$v_address}'
WHERE
student_nim = '{$v_hidden_nim}'
";
/*eksekusi query*/
$result = mysql_query($sql);
/*check hasil query dan berikan keterangan*/
if($result == true){
echo "<h3>Data has been updated</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
} else {
echo "<h3>Failed to update data</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
}
}
?>
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_session.php";
?>
<h2>Admin Area<h2>
<h3>Selamat datang <?php echo $_SESSION['tiketku'];?>, kamu login sebagai <?php echo $_SESSION['aksesnya']?></h3>
<p>
<?php
switch ($_SESSION['aksesnya']) {
case 'student':
echo "
<a href='student.php'>Mahasiswa</a> |
<a href='#'>Nilai</a> |
";
break;
case 'lecturer':
echo "
<a href='lecturer'>Lecturer</a> |
<a href='#'>Nilai</a> |
<a href='#'>Jadwal</a> |
";
break;
case 'chairman':
echo "
<a href='#'>Mahasiswa</a> |
<a href='#'>Dosen</a> |
<a href='#'>Jadwal</a> |
<a href='#'>Matakuliah</a> |
";
break;
default:
echo "Username kamu ngga punya akses mas bro!!!";
break;
}
?>
<a href='logout.php'>Logout</a>
</p>
</div>
login.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<h2>Login Area</h2>
<?php
$inisapiku = (empty($_GET['sapi']))?'':$_GET['sapi'];
// jika parameter sapi bernilai kosong
switch ($inisapiku) {
case '':
echo "<h3>Mari masuk gan...!!!</h3>";
break;
case 'failed':
echo "<h3>Coba lagi gan..!!!</h3>";
break;
default:
echo "<h3>Gan, harus login dulu..!!!</h3>";
break;
}
?>
<form action="login_check.php" method="post">
<p>
Username<br/>
<input type="text" name="username" value=""><br/>
</p>
<p>
Password<br/>
<input type="password" name="password" value=""><br/>
</p>
<input type="submit" value="Login" name="login">
</form>
</div>
bable_sort.php
<h3>
BUBBLE SHORT (ASC)
</h3>
<form action="" method="POST">
<p>
Input your number:
<input type="text" name="angka" value=""> <button type="submit" name="button" value="kirim">Urutkan</button>
</p>
</form>
<?php
function bubbleSort(array $arr) {
$sorted = false;
while (false === $sorted) {
$sorted = true;
for ($i = 0; $i < count($arr)-1; ++$i) {
$current = $arr[$i];
$next = $arr[$i+1];
if ($next < $current) {
$arr[$i] = $next;
$arr[$i+1] = $current;
$sorted = false;
}
}
}
return $arr;
}
if(!empty($_POST['button'])){
$arr = explode(',', $_POST['angka']);
$sortedArr = bubbleSort($arr);
echo '<p>Input result : '. $_POST['angka'].'</p>';
echo '<p>Output result : '.implode(',',$sortedArr).'</p>';
}
?>
database.sql
/*
SQLyog Ultimate v11.21 (32 bit)
MySQL - 5.1.33 : Database - jijo_praktikum_uty
*********************************************************************
*/
/*!40101 SET NAMES utf8 */;
/*!40101 SET SQL_MODE=''*/;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
/*Table structure for table `tb_admin` */
DROP TABLE IF EXISTS `tb_admin`;
CREATE TABLE `tb_admin` (
`admin_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`admin_name` varchar(50) DEFAULT NULL,
`admin_username` char(6) DEFAULT NULL,
`admin_password` char(32) DEFAULT NULL,
`admin_level` varchar(10) DEFAULT NULL,
PRIMARY KEY (`admin_id`)
) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=latin1;
/*Data for the table `tb_admin` */
insert into `tb_admin`(`admin_id`,`admin_name`,`admin_username`,`admin_password`,`admin_level`) values (1,'ANAM','mhs','0357a7592c4734a8b1e12bc48e29e9e9','student'),(2,'DOSEN','dosen','ce28eed1511f631af6b2a7bb0a85d636','lecturer');
/*Table structure for table `tb_student` */
DROP TABLE IF EXISTS `tb_student`;
CREATE TABLE `tb_student` (
`student_id` int(11) NOT NULL AUTO_INCREMENT,
`student_nim` char(10) NOT NULL,
`student_name` varchar(50) DEFAULT NULL,
`student_address` text,
`student_phone` varchar(15) DEFAULT NULL,
PRIMARY KEY (`student_id`)
) ENGINE=MyISAM AUTO_INCREMENT=15 DEFAULT CHARSET=latin1;
/*Data for the table `tb_student` */
insert into `tb_student`(`student_id`,`student_nim`,`student_name`,`student_address`,`student_phone`) values (4,'1000000003','Test 4','Test 4','897987987987'),(5,'1000000004','Test 5','Test 5','897987987987'),(6,'1000000005','Test 6','Test 6','897987987987'),(7,'1000000006','Test 7','Test 7','897987987987'),(8,'1000000007','Test 8','Test 8','897987987987'),(9,'1000000008','Test 9','Test 9','897987987987'),(11,'9883748576','asdfasdf','<strong style=\"color:pink\">TEST</strong>','asdfasdf'),(12,'7263849587','lala','<a href="logout.php">vulnerability</a>','09876723836'),(13,'0987878372','asdfasdfasd','<img src="05.jpg" style="width:100%">','asdfasdf'),(14,'7263849584','asdfasdf','<script>alert(document.cookie);</script>','asdfasdfasdf');
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
grafik.php
<?php
$arrData = array(
array('tahun'=>1980, 'jumlah' => '5000'),
array('tahun'=>1981, 'jumlah' => '4000'),
array('tahun'=>1982, 'jumlah' => '700'),
array('tahun'=>1983, 'jumlah' => '2000'),
array('tahun'=>1984, 'jumlah' => '3500'),
array('tahun'=>1985, 'jumlah' => '1250')
);
?>
<div style="width:80%;margin-left:auto;margin-right:auto;">
<h2>Data Penduduk</h2>
<h3>Data Tabel</h3>
<table border="1px" cellpadding="0px" cellspacing="0px">
<tr>
<th style="width:50px">No<th>
<th style="width:100px">Tahun<th>
<th style="width:100px">Jumlah<th>
<th>Panjang Grafik (n*15/100) (px)<th>
</tr>
<?php
if(empty($arrData)){
?>
<tr>
<td colsplan="4"><em> -- Data Tidak Ditemukan -- </em><td>
</tr>
<?php
} else {
// tampilkan dalam bentuk table
$no = 0;
foreach ($arrData as $key => $value) {
$no++;
?>
<tr>
<td><?php echo $no;?><td>
<td><?php echo $value['tahun'];?><td>
<td><?php echo $value['jumlah']?><td>
<td><?php echo $value['jumlah']*15/100?><td>
</tr>
<?php
}
}
?>
</table>
<p>
<a href="print_excell.php" target="_blank">
<button>Cetak Xlsx</button>
</a>
</p>
<h3>Data Grafik</h3>
<?php
if(!empty($arrData)){
foreach ($arrData as $key => $value) {
$panjang = $value['jumlah']*13/100;
$jumlah[] = $value['jumlah'];
echo "<div style='float:left;margin-right:10px;'>".$value['tahun']."</div>";
echo "<div style='float:left;height:15px;width:".$panjang.";background-color:green;'></div> ".$value['jumlah']."<br/><br/>";
}
echo "<hr/>";
echo "<div style='float:left;margin-right:10px;'> </div>";
$maxnilai = max($jumlah)*13/100;
$panjang = $maxnilai/4;
for ($i=0; $i <= 4 ; $i++) {
$p = (1250*$i);
echo "<div style='float:left;width:".$panjang.";'>|".$p."</div>";
}
}
?>
</div>
inc-db.php
<?php
$server = "127.0.0.1";
$user = "root";
$pass = "";
$db = "db_anam";
$connect = mysql_connect($server,$user,$pass);
$selectDb = mysql_select_db($db,$connect);
if($selectDb){
//echo "Connection is true";
} else {
echo "No database Found";
}
?>
inc-level-lecture.php
<?php
if($_SESSION['aksesnya'] != 'lecturer'){
echo "<h3>You can't access this page!!!</h3>";
echo "<a href='admin_area.php'>Back</a>";
exit;
}
?>
inc_level_student.php
<?php
if($_SESSION['aksesnya'] != 'student'){
echo "<h3>You can't access this page!!!</h3>";
echo "<a href='admin_area.php'>Back</a>";
exit;
}
?>
inc_level_session.php
<?php
session_start();
if(empty($_SESSION['idnya'])){
header("location:login.php?sapi=hack");
}
?>
lecture.php
<?php
include "inc_session.php";
include "inc_level_lecturer.php";
?>
<h3>Lecturer Page</h3>
login_check.php
<?php
// Aambil file koneksi dengan perintah include
include "inc_db.php";
//ambil nilai yang dikirimkan dari login.php
$var_username = mysql_escape_string($_POST['username']);
//enkripsi password dengan md5
$var_password = md5($_POST['password']);
//query untuk mengambil data user dari table tb_admin
$sql = "
SELECT
admin_id,
admin_name,
admin_username,
admin_password,
admin_level
FROM
tb_admin
WHERE
admin_username = '{$var_username}'
AND admin_password = '{$var_password}'
";
//eksekusi query
$result = mysql_query($sql);
//tampilkan total data dari hasil eksekusi query
$total_row = mysql_num_rows($result);// or die('Query ada yang error');
//jika tidak ada data dari query lempar ke halaman login
if($total_row == 0){
header("location:login.php?sapi=failed");
} else {
session_start();
//tampilkan data dari hasil query
$data = mysql_fetch_array($result);
//ambil data dari field admin_id, admin_name, admin_level
//kemudian simpan kedalam variable session
$_SESSION['idnya'] = $data['admin_id'];
$_SESSION['tiketku'] = $data['admin_name'];
$_SESSION['aksesnya'] = $data['admin_level'];
header("location:admin_area.php");
}
?>
logout.php
<?php
session_start();
session_destroy();
header("location:login.php");
?>
print_excel.php
<?php
require_once "Classes/PHPExcel.php";
$arrData = array(array('tahun' => 1980, 'jumlah' => '5000'), array('tahun' => 1981, 'jumlah' => '4000'), array('tahun' => 1982, 'jumlah' => '700'), array('tahun' => 1983, 'jumlah' => '2000'), array('tahun' => 1984, 'jumlah' => '3500'), array('tahun' => 1985, 'jumlah' => '1250'));
$objExcel = new PHPExcel();
$objExcel->setActiveSheetIndex(0);
$sheet = $objExcel->getActiveSheet();
// set default font setting for document
$sheet->getDefaultStyle()->getFont()->setName('Arial')->setSize('10');
// setting paging
$sheet->getPageSetup()->setOrientation(PHPExcel_Worksheet_PageSetup::ORIENTATION_LANDSCAPE);
$sheet->getPageSetup()->setFitToWidth(1);
$sheet->getPageSetup()->setFitToHeight(0);
$sheet->getPageSetup()->setHorizontalCentered(true);
$sheet->getPageSetup()->setVerticalCentered(false);
// set worksheet name
$sheet->setTitle('Penduduk');
$sheet->setShowGridlines(true);
// generate value
if (empty($arrData)) {
$sheet->setCellValue('A1', '-- Data Tidak Ditemukan --');
} else {
// set coloum
$sheet->getColumnDimension('A')->setWidth('7');
$sheet->getColumnDimension('B')->setWidth('15');
$sheet->getColumnDimension('C')->setWidth('15');
$sheet->SetCellValue('A1', 'NO');
$sheet->SetCellValue('B1', 'TAHUN');
$sheet->SetCellValue('C1', 'JUMLAH');
$setFirstColumn = '1';
$number = 0;
foreach ($arrData as $key => $value) {
$number++;
$value['number'] = $number;
$sheet->setCellValueByColumnAndRow(0, $setFirstColumn + $number, $value['number']);
$sheet->setCellValueByColumnAndRow(1, $setFirstColumn + $number, $value['tahun']);
$sheet->setCellValueByColumnAndRow(2, $setFirstColumn + $number, $value['jumlah']);
}
}
// Redirect output to a client’s web browser (Excel2007)
header('Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
header('Content-Disposition: attachment;filename="Penduduk_' . date('ymdHis') . '.xlsx"');
header('Cache-Control: max-age=0');
// Save Excel 2007 file
$objWriter = PHPExcel_IOFactory::createWriter($objExcel, 'Excel2007');
$objWriter->save('php://output');
$objExcel->disconnectWorksheets();
unset($objExcel);
?>
student.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
$keyword = (empty($_POST['keyword'])) ? '' : $_POST['keyword'];
$address = (empty($_POST['address'])) ? '' : $_POST['address'];
// tentukan default atau batas data yang akan dimunculkan
$limit = 4;
// cek apakah halaman kosong atau tidak
$page= (empty($_GET['page'])) ? 0 : $_GET['page'];
if(empty($page)){
$start = 0;
$page = 1;
} else {
// jika halaman tidak kosong maka tentukan nilai posisi page
// contoh : jika di page 2, maka (2-1) * 4
$start = ($page-1) * $limit;
}
// tampilkan data dengan start dan limit halaman
$sql = "
SELECT
SQL_CALC_FOUND_ROWS
student_id,
student_nim,
student_name,
student_address,
student_phone
FROM tb_student
WHERE
(student_name LIKE '%{$keyword}%' OR student_nim = '{$keyword}') AND
student_address LIKE '%{$address}%'
LIMIT {$start}, {$limit}
";
$result = mysql_query($sql);
$total_row = mysql_num_rows($result); /*mencari total data*/
// tampilkan total keseluruhan jumlah data
$sql_count = "
SELECT FOUND_ROWS() AS total
";
$result_count = mysql_query($sql_count);
$data_page = mysql_fetch_array($result_count);
$total_page = $data_page['total'];
// cari jumlah halaman
$page_count = ceil($total_page/$limit);
?>
<h2>STUDENT PAGE</h2>
<h3>SEARCH</h3>
<form action="student.php" method="POST">
<p>
NIM / NAME : <br/>
<input type="text" name="keyword" value="<?php echo $keyword?>">
</p>
<p>
ALAMAT : <br/>
<input type="text" name="address" value="<?php echo $address?>">
</p>
<p>
<button type="submit" name="btnsearch" value="search">Search</button>
<a href="student.php"><button type="button">Reset</button></a>
</p>
</form>
<!-- baris ini untuk panel back dan add -->
<div style="text-align:right">
<a href="admin_area.php"><button>BACK</button></a> <a href="student_add.php"><button>ADD</button></a>
</div>
<table border="1px" width="100%">
<tr>
<th width="">NOMOR</th>
<th>ACTION</th>
<th width="20%">NIM</th>
<th width="20%">NAME</th>
<th width="20%">ADDRESS</th>
<th width="17%">PHONE</th>
</tr>
<?php
if($total_row == 0){ /*check jika total data kosong*/
?>
<tr>
<th colspan="6" style="text-align:center">-- Data Tidak Ditemukan --</th>
</tr>
<?php
} else {
/*jika data tidak kosong, tampilkan data
dalam perulangan while*/
$no = $start + 1;
while ($data = mysql_fetch_array($result)){
?>
<tr>
<td style="text-align:center"><?php echo $no ?></td>
<td>
<a href="student_edit.php?nim=<?php echo $data['student_nim']?>"><button>EDIT</button></a>
<a href="student_delete.php?nim=<?php echo $data['student_nim']?>"><button>DELETE</button></a>
</td>
<td><?php echo $data['student_nim']?></td>
<td><?php echo $data['student_name']?></td>
<td><?php echo $data['student_address']?></td>
<td><?php echo $data['student_phone']?></td>
</tr>
<?php
$no++;
} /* end of while*/
} /* end of if*/
?>
</table>
<br/>
<h4>VERSI 1</h4>
Page :
<?php
for($i=1;$i<=$page_count;$i++){
if($i != $page){
echo "<a href='?page={$i}'>{$i}</a> | ";
} else {
echo "<b>{$i}</b> | ";
}
}
echo "<br/>Total Record : <b>{$total_page}</b>";
?>
<h4>VERSI 2</h4>
Data :
<?php
if($page > 1){
echo "<a href='?page=".($page-1)."'>Prev</a> | ";
} else {
echo "Prev | ";
}
$begin = ($total_page != 0) ? $start + 1 : $start;
$end = (($start + $limit) < $total_page) ? $start + $limit : $total_page;
echo "<b>".($begin)." - ".($end)."</b> dari <b>{$total_page}</b> data";
if($page < $page_count){
echo " | <a href='?page=".($page+1)." '>Next</a> ";
} else {
echo " | Next";
}
?>
</div>
student_add.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_db.php";
include "inc_session.php";
?>
<h2>STUDENT PAGE | ADD</h2>
<?php
// $get_message = empty($_GET['sapi'])?'':$_GET['sapi'];
// if($get_message == 'nimEmpty') {
// echo "<h3>NIM and NAME can't be empty</h3>";
// } elseif($get_message == 'nimExist') {
// echo "<h3>NIM already exist</h3>";
// }
?>
<div style="text-align:right">
<a href="student.php">BACK</a>
</div>
<form action="student_add_save.php" method="post">
<p>
NIM :<br/>
<input type="text" name="nim" value=""><br/>
</p>
<p>
NAME : <br/>
<input type="text" name="name" value=""><br/>
</p>
<p>
PHONE : <br/>
<input type="text" name="phone" value=""><br/>
</p>
<p>
ADDRESS : <br/>
<textarea name="address" cols="40px" rows="10px"></textarea>
<br/>
</p>
<button type="submit" name="add" value="add">Add</button>
</form>
</div>
student_add_save.php
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
if(!empty($_POST['add'])){
/*simpan data post ke dalam variable*/
$v_nim = $_POST['nim'];
$v_name = $_POST['name'];
$v_phone = $_POST['phone'];
$v_address = $_POST['address'];
$error = 0;
/*nim tidak boleh kosong*/
if(empty($v_nim)){
$error = 1;
}
/*nim harus 10 karakter*/
if(strlen($v_nim) != 10){
$error = 4;
}
/*nama tidak boleh kosong*/
if(empty($v_name)){
$error = 2;
}
/*check nim tidak boleh ada yang sama*/
$sql_check_nim = "
SELECT student_nim FROM tb_student WHERE student_nim = '{$v_nim}'
";
$result_check_nim = mysql_query($sql_check_nim);
$total_check_nim = mysql_num_rows($result_check_nim);
if($total_check_nim != 0){
$error = 3;
}
if($error != 0){
switch ($error) {
case 1:
$error_msg = "NIM cant't be empty";
break;
case 2:
$error_msg = "NAME cant't be empty";
break;
case 3:
$error_msg = "NIM already exist";
break;
case 4:
$error_msg = "NIM must be 10 characters (".$v_nim." = ".strlen($v_nim)." character)";
break;
}
echo "<h3>$error_msg</h3>";
echo "<a href='student_add.php'>BACK</a>";
exit;
}
/*query insert ke table tb_student*/
$sql = "
INSERT INTO tb_student
(student_nim, student_name, student_phone, student_address)
VALUES
('{$v_nim}', '{$v_name}', '{$v_phone}', '{$v_address}')
";
/*eksekusi query*/
$result = mysql_query($sql);
/*check hasil query dan berikan keterangan*/
if($result == true){
echo "<h3>Data has been saved</h3>";
echo "<a href='student.php'>Back To Student Page</a> | <a href='student_add.php'>Add More</a>";
} else {
echo "<h3>Failed to save data</h3>";
echo "<a href='student.php'>Back To Student Page</a> | <a href='student_add.php'>Add More</a>";
}
}
?>
student_delete.php
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
/*simpan data post ke dalam variable*/
$v_get_nim = (empty($_GET['nim']))?'':$_GET['nim'];
/*query delete data table tb_student*/
$sql = "
DELETE FROM tb_student WHERE student_nim = '{$v_get_nim}'
";
/*eksekusi query*/
$result = mysql_query($sql);
/*check hasil query dan berikan keterangan*/
if($result == true){
echo "<h3>Data has been deleted</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
} else {
echo "<h3>Failed to delete data</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
}
?>
student_edit.php
<div style="width:80%;margin-left:auto;margin-right:auto;">
<?php
include "inc_db.php"; /* koneksi ke database */
include "inc_session.php";
// request query string dari halaman student.php
$v_get_nim = (empty($_GET['nim']))?'':$_GET['nim'];
//query untuk menampilkan data yang akan di edit dengan syarat $v_get_nim
$sql_edit = "
SELECT
student_nim,
student_name,
student_address,
student_phone
FROM tb_student
WHERE student_nim = '{$v_get_nim}'
";
// eksekusi query
$result_edit = mysql_query($sql_edit);
// simpan hasil query pada $data_edit untuk di tampilkan
$data_edit = mysql_fetch_array($result_edit);
?>
<h2>STUDENT PAGE | EDIT</h2>
<div style="text-align:right">
<a href="student.php">BACK</a>
</div>
<form action="student_edit_save.php" method="post">
<p>
NIM :<br/>
<input type="text" name="nim" value="<?php echo $data_edit['student_nim']?>">
</p>
<p>
NAME : <br/>
<input type="text" name="name" value="<?php echo $data_edit['student_name']?>"><br/>
</p>
<p>
PHONE : <br/>
<input type="text" name="phone" value="<?php echo $data_edit['student_phone']?>"><br/>
</p>
<p>
ADDRESS : <br/>
<textarea name="address" cols="40px" rows="10px"><?php echo $data_edit['student_address']?></textarea>
<br/>
</p>
<input type="hidden" name="hidden_nim" value="<?php echo $data_edit['student_nim']?>">
<button type="submit" name="edit" value="edit">Edit</button>
</form>
</div>
student_edit_save.php
<?php
include "inc_db.php"; /*buka koneksi database*/
include "inc_session.php"; /*validasi halaman*/
include "inc_level_student.php"; /*validasi halaman*/
if(!empty($_POST['edit'])){
/*simpan data post ke dalam variable*/
$v_hidden_nim = $_POST['hidden_nim']; /*variable untuk syarat update*/
$v_new_nim = $_POST['nim']; /*variable untuk disimpan sebagai nim baru*/
$v_name = $_POST['name'];
$v_phone = $_POST['phone'];
$v_address = htmlentities($_POST['address'], ENT_QUOTES);
$error = 0;
/*nim tidak boleh kosong*/
if(empty($v_new_nim)){
$error = 1;
}
/*nim harus 10 karakter*/
if(strlen($v_new_nim) != 10){
$error = 4;
}
/*nama tidak boleh kosong*/
if(empty($v_name)){
$error = 2;
}
/*jika nim baru tidak sama dengan nim lama, maka lakukan pengecekan nim baru*/
if($v_new_nim != $v_hidden_nim){
/*check nim tidak boleh ada yang sama*/
$sql_check_nim = "
SELECT student_nim FROM tb_student WHERE student_nim = '{$v_new_nim}'
";
$result_check_nim = mysql_query($sql_check_nim);
$total_check_nim = mysql_num_rows($result_check_nim);
if($total_check_nim != 0){
$error = 3;
}
}
if($error != 0){
switch ($error) {
case 1:
$error_msg = "NIM cant't be empty";
break;
case 2:
$error_msg = "NAME cant't be empty";
break;
case 3:
$error_msg = "NIM already exist";
break;
case 4:
$error_msg = "NIM must be 10 characters (".$v_new_nim." = ".strlen($v_new_nim)." character)";
break;
}
echo "<h3>$error_msg</h3>";
echo "<a href='student_edit.php?nim=$v_hidden_nim'>BACK</a>";
exit;
}
/*query update ke table tb_student*/
$sql = "
UPDATE tb_student SET
student_nim = '{$v_new_nim}',
student_name = '{$v_name}',
student_phone = '{$v_phone}',
student_address = '{$v_address}'
WHERE
student_nim = '{$v_hidden_nim}'
";
/*eksekusi query*/
$result = mysql_query($sql);
/*check hasil query dan berikan keterangan*/
if($result == true){
echo "<h3>Data has been updated</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
} else {
echo "<h3>Failed to update data</h3>";
echo "<a href='student.php'>Back To Student Page</a>";
}
}
?>
Tidak ada komentar:
Posting Komentar