First version, for githup; UNSTABLE, DO NOT USE!

www/intern/scripts/logindata/ajax-update_programm_aktiv.php

@@ -0,0 +1,60 @@
+<?php
+header('Content-Type: application/json');
+
+if (session_status() !== PHP_SESSION_ACTIVE) session_start();
+
+if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
+    http_response_code(403);
+    exit;
+}
+
+
+$token = isset($_GET['token']) ? $_GET['token'] : '';
+
+if ($token !== '0UgBVHutbxTRTYsB04ujFKMjMRA8GgdqRJjVh3DKU1LRJfwtcDfrpDc7jpMxcrg9rYurAEwYPy5gu15R77MsgKsDMkFZEykx0A67'){
+	echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
+    exit;
+}
+
+if (!isset($baseDir)) {
+	$baseDir = $_SERVER['DOCUMENT_ROOT'];
+}
+
+$type = 'wkl';
+
+$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
+
+if ($data['success'] === false){
+	echo json_encode(['success' => false, 'message' => $data['message']]);
+    exit; 
+}
+
+require $baseDir . '/../scripts/db/db-tables.php';
+
+// ---------- Get and sanitize input ----------
+$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
+$value = isset($_GET['value']) ? floatval($_GET['value']) : 0;
+
+
+if ($id < 0) {
+    echo json_encode(['success' => false, 'message' => 'Invalid ID']);
+    exit;
+}
+
+// ---------- Step 2: Get values from DB ----------
+
+
+$query = "UPDATE `$tableProgramme` SET aktiv = '$value' WHERE id = $id";
+$result = $mysqli->query($query);
+
+if (!$result) {
+    echo json_encode(['success' => false, 'message' => 'Update failed']);
+    exit;
+}
+
+// ---------- Return JSON ----------
+echo json_encode([
+    'success' => true,
+    'message' => 'Aktualisiert'
+]);
+exit;