From 1e63adf9d5ee4b20f54a1c8c1360e99abe797245 Mon Sep 17 00:00:00 2001
From: James Pattinson <james@pattinson.org>
Date: Wed, 12 Mar 2025 11:43:06 +0000
Subject: [PATCH] Added basic field editing

---
 action.php      | 73 +++++++++++++++++++++++++++++++++++++++++++++++--
 input.html      | 16 ++++++++++-
 newppr.php      | 15 ++++++++--
 tower.php       |  8 ++++--
 update_data.php | 52 +++++++++++++++++++++++++++++++++++
 5 files changed, 155 insertions(+), 9 deletions(-)
 create mode 100644 update_data.php

diff --git a/action.php b/action.php
index 9596856..7ba7014 100644
--- a/action.php
+++ b/action.php
@@ -71,9 +71,76 @@
         button:hover {
             background-color: #0056b3;
         }
+        .editable {
+            cursor: pointer;
+            padding: 5px;
+            border-radius: 3px;
+            transition: background 0.3s;
+        }
+        .editable:hover {
+            background:rgb(226, 43, 43);
+        }
     </style>
 </head>
 <body>
+<script>
+
+
+
+
+
+
+document.addEventListener("DOMContentLoaded", function () {
+    let id = "<?php echo $_GET['id'];?>";
+
+    // Select all editable elements
+    document.querySelectorAll(".editable").forEach((element) => {
+        let oldValue = element.textContent.trim(); // Store initial value
+
+        element.addEventListener("focus", function () {
+            oldValue = this.textContent.trim(); // Store old value when focused
+        });
+
+        element.addEventListener("blur", function () {
+            let newValue = this.textContent.trim();
+            let column = this.getAttribute("data-column");
+
+            if (newValue !== oldValue) {
+                sendUpdate(id, column, oldValue, newValue, element);
+            }
+        });
+    });
+});
+
+/**
+ * Sends the updated data to the server
+ */
+function sendUpdate(flightId, column, oldValue, newValue, element) {
+    fetch("update_data.php", {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: `id=${flightId}&column=${encodeURIComponent(column)}&old_value=${encodeURIComponent(oldValue)}&new_value=${encodeURIComponent(newValue)}`
+    })
+    .then(response => response.json())
+    .then(data => {
+        if (data.success) {
+            console.log(`Updated: ${data.column} changed from '${data.old_value}' to '${data.new_value}'`);
+            oldValue = newValue; // ✅ Update oldValue to prevent reverting
+        } else {
+            alert("Error updating data");
+            element.textContent = oldValue; // ❌ Revert ONLY if update fails
+        }
+    })
+    .catch(error => {
+        console.error("Fetch error:", error);
+        element.textContent = oldValue; // ❌ Revert only on network failure
+    });
+}
+
+
+
+
+    </script>
 
 <?php
 include("functions.php");
@@ -156,9 +223,9 @@ function opDetail() {
 
         echo "<p><strong>Fuel Required:</strong> " . $row['fuel'] . "</p>";
 
-        echo "<p><strong>POB OUT:</strong> " . $row['pob_out'] . "</p>";
-        echo "<p><strong>Outbound To:</strong> " . $row['out_to'] . "</p>";
-        echo "<p><strong>ETD:</strong> " . $row['etd'] . "</p>";
+        echo "<p><strong>POB OUT:</strong><span class=\"editable\" data-column=\"pob_out\" contenteditable=\"true\">" . $row['pob_out'] . "</p>";
+        echo "<p><strong>Outbound To:</strong><span class=\"editable\" data-column=\"out_to\" contenteditable=\"true\">" . $row['out_to'] . "</p>";
+        echo "<p><strong>ETD:</strong><span class=\"editable\" data-column=\"etd\" contenteditable=\"true\">" . $row['etd'] . "</p>";
 
 
         echo "<p><strong>Email Address:</strong> " . $row['email'] . "</p>";
diff --git a/input.html b/input.html
index b9e6a44..00595ab 100644
--- a/input.html
+++ b/input.html
@@ -8,6 +8,7 @@
         let now = new Date();
         let localDatetime = now.toISOString().slice(0, 16); // Format for datetime-local input
         document.getElementById("eta").value = localDatetime;
+        document.getElementById("etd").value = localDatetime;
     });
 
     function fetchResults() {
@@ -156,13 +157,26 @@
                 <input type="text" id="in_from" name="in_from" required>
             </div>
             <div class="form-group">
-                <label for="pob_in">POB</label>
+                <label for="pob_in">POB Inbound</label>
                 <input type="number" id="pob_in" name="pob_in" required>
             </div>
             <div class="form-group"></div>
             <label for="eta">ETA</label>
             <input type="datetime-local" id="eta" name="eta">
             </div>
+            <div class="form-group">
+                <label for="out_to">Out to</label>
+                <input type="text" id="out_to" name="out_to">
+            </div>
+            <div class="form-group">
+                <label for="pob_out">POB Outbound</label>
+                <input type="number" id="pob_out" name="pob_out" >
+            </div>
+            <div class="form-group"></div>
+            <label for="eta">Departing At</label>
+            <input type="datetime-local" id="etd" name="etd">
+            </div>
+
             <div class="form-group">
                 <label for="fuel">Fuel Needed</label>
                 <select id="fuel" name="fuel" single>
diff --git a/newppr.php b/newppr.php
index 4212e18..25cb110 100644
--- a/newppr.php
+++ b/newppr.php
@@ -18,8 +18,19 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
     echo "<h2>Received POST Data:</h2>";
     echo "<ul>";
     foreach ($_POST as $key => $value) {
-        $columns[] = "`" . $conn->real_escape_string($key) . "`";
-        $values[] = "'" . $conn->real_escape_string($value) . "'";
+        $escaped_key = "`" . $conn->real_escape_string($key) . "`";
+    
+        if ($value === '' || $value === null) {
+            $escaped_value = "NULL"; // Use NULL for empty values
+        } elseif (is_numeric($value)) {
+            $escaped_value = $value; // No quotes for numbers
+        } else {
+            $escaped_value = "'" . $conn->real_escape_string($value) . "'"; // Escape and quote strings
+        }
+    
+        $columns[] = $escaped_key;
+        $values[] = $escaped_value;
+    
         echo "<li><strong>" . htmlspecialchars($key) . ":</strong> " . htmlspecialchars($value) . "</li>";
     }
     if (!empty($columns)) {
diff --git a/tower.php b/tower.php
index 765cf0f..c734919 100644
--- a/tower.php
+++ b/tower.php
@@ -260,11 +260,13 @@ function markDeparted(id) {
     </script>
     <center><h2>Tower Ops <?php echo date('l d M Y'); ?></h2></center>
 
-    <div class="checkbox-container">
+    <!--
+   <div class="checkbox-container">
         <label>
             <input type="checkbox" id="toggle-canceled" onchange="toggleRows('state-CANCELED', this.checked)"> Show CANCELED
         </label>
 </div>
+    -->
 
 <div class="heading">Inbound PPR</div>
 
@@ -417,8 +419,8 @@ $conn->close();
             });
         });
 
-    document.getElementById("arrivals").addEventListener("click", clickRow); 
-    document.getElementById("landed").addEventListener("click", clickRow); 
+    document.getElementById("arrivals")?.addEventListener("click", clickRow);
+    document.getElementById("landed")?.addEventListener("click", clickRow);
 
     function clickRow (event) {
         let td = event.target.closest("td"); 
diff --git a/update_data.php b/update_data.php
new file mode 100644
index 0000000..75a2f42
--- /dev/null
+++ b/update_data.php
@@ -0,0 +1,52 @@
+<?php
+include("functions.php");
+require_db_auth();
+
+$conn = connectDb();
+
+// Ensure required parameters are received
+if (!isset($_POST['id'], $_POST['column'], $_POST['new_value'], $_POST['old_value'])) {
+    die(json_encode(['error' => 'Invalid request']));
+}
+
+$id = intval($_POST['id']); // Sanitize ID
+$column = $_POST['column'];
+$old_value = $_POST['old_value'];
+$new_value = $_POST['new_value'];
+
+// Allowed columns for security (prevent SQL injection)
+$allowed_columns = [
+    'ac_reg', 'ac_type', 'ac_call', 'captain',
+    'in_from', 'pob_in', 'eta', 'fuel',
+    'pob_out', 'out_to', 'etd', 'email', 'phone', 'notes'
+];
+
+if (!in_array($column, $allowed_columns)) {
+    die(json_encode(['error' => 'Invalid column']));
+}
+
+$stmt = $conn->prepare("UPDATE submitted SET `$column` = ? WHERE id = ?");
+if (!$stmt) {
+    die(json_encode(['error' => 'Prepare statement failed']));
+}
+
+$stmt->bind_param("si", $new_value, $id);
+$success = $stmt->execute();
+$stmt->close();
+
+// If update successful, log the change
+if ($success) {
+    $message = $column . " changed from " . $old_value . " to " . $new_value;
+    logJournal($conn, $id, $message);
+}
+
+$conn->close();
+
+// Return JSON response
+echo json_encode([
+    'success' => $success,
+    'column' => $column,
+    'old_value' => $old_value,
+    'new_value' => $new_value
+]);
+?>