61 lines
1.6 KiB
PHP
61 lines
1.6 KiB
PHP
<?php
|
|
include("functions.php");
|
|
require_db_auth();
|
|
|
|
$conn = connectDb();
|
|
|
|
// Ensure required parameters are received
|
|
if (!isset($_POST['id'], $_POST['column'], $_POST['new_value'], $_POST['old_value'])) {
|
|
die(json_encode(['error' => 'Invalid request']));
|
|
}
|
|
|
|
$id = intval($_POST['id']); // Sanitize ID
|
|
$column = $_POST['column'];
|
|
$old_value = $_POST['old_value'];
|
|
$new_value = $_POST['new_value'];
|
|
|
|
// Allowed columns for security (prevent SQL injection)
|
|
$allowed_columns = [
|
|
'ac_reg', 'ac_type', 'ac_call', 'captain',
|
|
'in_from', 'pob_in', 'eta', 'fuel',
|
|
'pob_out', 'out_to', 'etd', 'email', 'phone', 'notes'
|
|
];
|
|
|
|
if (!in_array($column, $allowed_columns)) {
|
|
die(json_encode(['error' => 'Invalid column']));
|
|
}
|
|
|
|
// Convert eta or etd to UTC if supplied
|
|
// 1st June 2025 JP - NO - when editing just use Zulu time
|
|
//if (in_array($column, ['eta', 'etd'])) {
|
|
// $date = new DateTime($new_value, new DateTimeZone('Europe/London'));
|
|
// $date->setTimezone(new DateTimeZone('UTC'));
|
|
// $new_value = $date->format('Y-m-d H:i:s');
|
|
//}
|
|
|
|
$stmt = $conn->prepare("UPDATE submitted SET `$column` = ? WHERE id = ?");
|
|
if (!$stmt) {
|
|
die(json_encode(['error' => 'Prepare statement failed']));
|
|
}
|
|
|
|
$stmt->bind_param("si", $new_value, $id);
|
|
$success = $stmt->execute();
|
|
$stmt->close();
|
|
|
|
// If update successful, log the change
|
|
if ($success) {
|
|
$message = $column . " changed from " . $old_value . " to " . $new_value;
|
|
logJournal($conn, $id, $message);
|
|
}
|
|
|
|
$conn->close();
|
|
|
|
// Return JSON response
|
|
echo json_encode([
|
|
'success' => $success,
|
|
'column' => $column,
|
|
'old_value' => $old_value,
|
|
'new_value' => $new_value
|
|
]);
|
|
?>
|