-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfunctions.php
220 lines (171 loc) · 5.74 KB
/
functions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
<?php
//koneksi ke database
$conn = mysqli_connect("localhost", "root", "root", "projectpemweb"
);
function query($query){
global $conn;
$result = mysqli_query($conn, $query);
$rows = [];
while($row = mysqli_fetch_assoc($result)){
$rows[] = $row;
}
return $rows;
}
function upload(){
$namaFile = $_FILES['gambar']['name'];
$ukuranFile = $_FILES['gambar']['size'];
$error = $_FILES['gambar']['error'];
$tmpName = $_FILES['gambar']['tmp_name'];
//cek apakah tidak ada gambar yg diupload
if($error === 4){
echo "<script>
alert('Choose a file to upload your picture!');
</script>";
return false;
}
//cek apakah yg diupload adalah gambar
$ekstensiGambarValid = ['jpg', 'jpeg', 'png'];
$ekstensiGambar = explode('.', $namaFile);
$ekstensiGambar = strtolower(end($ekstensiGambar));
if(in_array(!$ekstensiGambar, $ekstensiGambarValid)){
echo "<script>
alert('Your uploaded file is not an image!');
</script>";
return false;
}
//cek jika ukurannya terlalu besar
if($ukuranFile > 1000000){
echo "<script>
alert('Your image's size is too large!');
</script>";
return false;
}
//generate nama gambar baru
$namaFileBaru = uniqid();
$namaFileBaru .= '.';
$namaFileBaru .= $ekstensiGambar;
//lolos pengecekan, gambar siap diupload
move_uploaded_file($tmpName, 'img/' . $namaFileBaru);
return $namaFileBaru;
}
function hapus($id){
global $conn;
mysqli_query($conn, "DELETE FROM user WHERE id = $id");
return mysqli_affected_rows($conn);
}
function ubah($data){
global $conn;
//ambil data dari tiap elemen dalam form
$id = $data["id"];
$fullname = $data["fullname"];
$username = htmlspecialchars($data["username"]);
$email = htmlspecialchars($data["email"]);
$password = htmlspecialchars($data["password"]);
//query update data
$query = "UPDATE user SET
fullname = '$fullname',
username = '$username',
email = '$email',
password = '$password'
WHERE id = $id
";
mysqli_query($conn, $query);
return mysqli_affected_rows($conn);
}
function cari($keyword){
$query = "SELECT * FROM user
WHERE
username LIKE '%$keyword%' OR
email LIKE '%$keyword%'
";
return query($query);
}
function registrasi($data){
global $conn;
$fullname = strtolower(stripslashes($data["fullname"]));
$username = strtolower(stripslashes($data["username"]));
$email = strtolower(stripslashes($data["email"]));
$password = mysqli_real_escape_string($conn, $data["password"]);
$password2 = mysqli_real_escape_string($conn, $data["password2"]);
//cek username sudah ada atau belum
$result = mysqli_query($conn, "SELECT username FROM user
WHERE username = '$username'");
if(mysqli_fetch_assoc($result)){
echo "<script>
alert('Username sudah terdaftar!');
</script>";
return false;
}
//cek email
/*var email = document.getElementById( "email" );
if( email.value == "" || email.value.indexOf( "@" ) == -1 ){
echo "<script>
alert("You Have To Input Valid Email Address");
</script>";
return false;
}*/
//cek konfirmasi password
if($password !== $password2){
echo "<script>
alert('Konfirmasi password tidak sesuai!');
</script>";
return false;
}
//enkripsi password
$password = password_hash($password, PASSWORD_DEFAULT);
//insert ke database
$query = "INSERT INTO user
VALUES
('','$fullname', '$username','$email', '$password')
";
mysqli_query($conn, $query);
return mysqli_affected_rows($conn);
}
function setComments($data){
global $conn;
$username = ($data["username"]);
$tanggal = ($data["date"]);
$komentar = ($data["message"]);
/*$username = $_POST['username'];
$tanggal = $_POST['tanggal'];
$komentar = $_POST['komentar'];*/
$sql = "INSERT INTO komentar (id, username, komentar, tanggal)
VALUES ('', '$username', '$komentar', '$tanggal')";
//$result = mysqli_query($conn, $sql);
mysqli_query($conn, $sql);
return mysqli_affected_rows($conn);
}
function getComments(){
global $conn;
$sql = "SELECT * FROM komentar";
$result = mysqli_query($conn, $sql);
while ($row = mysqli_fetch_assoc($result)){
echo "<div clas='comment-box'>";
echo $row['username']." ";
echo $row['tanggal']. "<br>";
echo nl2br($row['komentar']);
echo "<form method='POST' action=''>
<input type='hidden' name='id' value='".$row['id']."'>
<input type='submit' name='deleteComment' value='Hapus'>
</form>
</div>";
}
}
/*function editComments($conn){
if(isset($_POST['submitComment'])){
$id = $_POST['id'];
$username = $_POST['username'];
$tanggal = $_POST['tanggal'];
$komentar = $_POST['komentar'];
$sql = "UPDATE komentar SET komentar='$komentar' WHERE id='$id'";
$result = mysqli_query($conn, $sql);
header("Location: kids.php");
}
}*/
function deleteComments($id){
global $conn;
$sql = "DELETE FROM komentar WHERE id='$id'";
mysqli_query($conn, $sql);
return mysqli_affected_rows($conn);
}
?>