<?php
header('Content-Type: application/json');

if (!isset($baseDir)) {
	$baseDir = $_SERVER['DOCUMENT_ROOT'];
}

require_once $baseDir . '/../scripts/session_functions.php';

ini_wkvs_session();

check_user_permission('wk_leitung');

verify_csrf();

$type = 'wkl';

$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';

if ($data['success'] === false){
	echo json_encode(['success' => false, 'message' => $data['message']]);
    exit; 
}

require $baseDir . '/../scripts/db/db-tables.php';

// ---------- Get and sanitize input ----------
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
$value = isset($_POST['value']) ? round(floatval($_POST['value']), 2) : 0;


if ($id < 0) {
    echo json_encode(['success' => false, 'message' => 'Invalid ID']);
    exit;
}

// ---------- Step 2: Get values from DB ----------


$query = "UPDATE `$tableProgramme` SET preis = '$value' WHERE id = $id";
$result = $mysqli->query($query);

if (!$result) {
    echo json_encode(['success' => false, 'message' => 'Update failed']);
    exit;
}

// ---------- Return JSON ----------
echo json_encode([
    'success' => true,
    'message' => 'Startgebüren set to '.$value.' Fr.'
]);
exit;