From 23b4bbc0a30c1069b1c2d353bcf4e1425d72daf4 Mon Sep 17 00:00:00 2001
From: Hidayatullah Wildan Ghaly Buchary <16521502@std.stei.itb.ac.id>
Date: Sat, 7 Oct 2023 16:42:48 +0700
Subject: [PATCH] feat: add error 403 FORBIDDEN

---
 .htaccess                              |  3 ++-
 app/views/admin-achievement/index.php  | 10 +++++++++
 error/403.php                          | 30 ++++++++++++++++++++++++++
 error/404.php                          |  2 +-
 public/css/{error404.css => error.css} |  0
 5 files changed, 43 insertions(+), 2 deletions(-)
 create mode 100644 error/403.php
 rename public/css/{error404.css => error.css} (100%)

diff --git a/.htaccess b/.htaccess
index 00323d2..21f197b 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1 +1,2 @@
-ErrorDocument 404 "/error/404.php"
\ No newline at end of file
+ErrorDocument 404 "/error/404.php"
+ErrorDocument 403 /error/403.php
\ No newline at end of file
diff --git a/app/views/admin-achievement/index.php b/app/views/admin-achievement/index.php
index d10a8bf..1a623c2 100644
--- a/app/views/admin-achievement/index.php
+++ b/app/views/admin-achievement/index.php
@@ -4,6 +4,16 @@ if (!isset($_SESSION['username'])) {
     header('Location: ../login');
     return;
 }
+if (!isset($_SESSION['isAdmin'])) {
+    header('Location: ../my-achievement');
+    return;
+}
+if ($_SESSION['isAdmin'] == 0) {
+    // Masuk ke FORBIDDEN
+    http_response_code(403);
+    header('Location: /error/403.php');
+    exit();
+}
 ?>
 
 <!DOCTYPE html>
diff --git a/error/403.php b/error/403.php
new file mode 100644
index 0000000..d89953a
--- /dev/null
+++ b/error/403.php
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Error 403</title>
+  <link rel="stylesheet" type="text/css" href="/public/css/error.css">
+</head>
+<body>
+    <section>
+    <?php for ($i = 0; $i < 260; $i++) { ?>
+        <span></span>
+    <?php } ?>
+
+    <div class="random404">
+        <h1>403</h1>
+    </div>
+    <div class="mahasiswa">
+        <h1>Mahasiswa</h1>
+        <h1>Leveling</h1>
+    </div>
+    <div class="error404">
+        <div class="error404-content">
+        
+        <h2>Access Denied</h2>
+        <p>You do not have permission to access this resource.</p>
+        <button id="btn" class="btn" onclick="window.location.href='/app/views/landing/'">Back to Home</button>
+        </div>
+    </div>
+    </section>
+</body>
+</html>
\ No newline at end of file
diff --git a/error/404.php b/error/404.php
index d1cd28c..f6b3e78 100644
--- a/error/404.php
+++ b/error/404.php
@@ -2,7 +2,7 @@
 <html lang="en">
 <head>
   <title>Error 404</title>
-  <link rel="stylesheet" type="text/css" href="/public/css/error404.css">
+  <link rel="stylesheet" type="text/css" href="/public/css/error.css">
 </head>
 <body>
     <section>
diff --git a/public/css/error404.css b/public/css/error.css
similarity index 100%
rename from public/css/error404.css
rename to public/css/error.css
-- 
GitLab