Added basic field editing
This commit is contained in:
52
update_data.php
Normal file
52
update_data.php
Normal file
@@ -0,0 +1,52 @@
|
||||
<?php
|
||||
include("functions.php");
|
||||
require_db_auth();
|
||||
|
||||
$conn = connectDb();
|
||||
|
||||
// Ensure required parameters are received
|
||||
if (!isset($_POST['id'], $_POST['column'], $_POST['new_value'], $_POST['old_value'])) {
|
||||
die(json_encode(['error' => 'Invalid request']));
|
||||
}
|
||||
|
||||
$id = intval($_POST['id']); // Sanitize ID
|
||||
$column = $_POST['column'];
|
||||
$old_value = $_POST['old_value'];
|
||||
$new_value = $_POST['new_value'];
|
||||
|
||||
// Allowed columns for security (prevent SQL injection)
|
||||
$allowed_columns = [
|
||||
'ac_reg', 'ac_type', 'ac_call', 'captain',
|
||||
'in_from', 'pob_in', 'eta', 'fuel',
|
||||
'pob_out', 'out_to', 'etd', 'email', 'phone', 'notes'
|
||||
];
|
||||
|
||||
if (!in_array($column, $allowed_columns)) {
|
||||
die(json_encode(['error' => 'Invalid column']));
|
||||
}
|
||||
|
||||
$stmt = $conn->prepare("UPDATE submitted SET `$column` = ? WHERE id = ?");
|
||||
if (!$stmt) {
|
||||
die(json_encode(['error' => 'Prepare statement failed']));
|
||||
}
|
||||
|
||||
$stmt->bind_param("si", $new_value, $id);
|
||||
$success = $stmt->execute();
|
||||
$stmt->close();
|
||||
|
||||
// If update successful, log the change
|
||||
if ($success) {
|
||||
$message = $column . " changed from " . $old_value . " to " . $new_value;
|
||||
logJournal($conn, $id, $message);
|
||||
}
|
||||
|
||||
$conn->close();
|
||||
|
||||
// Return JSON response
|
||||
echo json_encode([
|
||||
'success' => $success,
|
||||
'column' => $column,
|
||||
'old_value' => $old_value,
|
||||
'new_value' => $new_value
|
||||
]);
|
||||
?>
|
||||
Reference in New Issue
Block a user