WKVS/www/intern/scripts/riegeneinteilung/ajax_update_turnerin.php

<?php

if (!isset($baseDir)) {
	$baseDir = $_SERVER['DOCUMENT_ROOT'];
}

require_once $baseDir . '/../scripts/session_functions.php';

ini_wkvs_session();

check_user_permission('wk_leitung');

verify_csrf();

$type = 'wkl';

$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';

if ($dbconnection['success'] !== true){
    echo 'Critical DB Error.';
    exit;
}

require $baseDir . '/../scripts/db/db-tables.php';

$turnerinId = (int)$_POST['turnerin_id'];
$abteilung  = $_POST['abteilung'];
$geraet     = $_POST['geraet'];

// Default to NULL if frontend sends "null"
$abtId = null;
$geraetId = null;

// Resolve Abteilung ID
if ($abteilung !== 'null') {
    $stmt = $mysqli->prepare("SELECT id FROM $tableAbt WHERE name = ?");
    $stmt->bind_param("s", $abteilung);
    $stmt->execute();
    if ($row = $stmt->get_result()->fetch_assoc()) {
        $abtId = (int)$row['id'];
    }
    $stmt->close();
}

// Resolve Gerät ID
if ($geraet !== 'null') {
    $stmt = $mysqli->prepare("SELECT id FROM $tableGeraete WHERE name = ?");
    $stmt->bind_param("s", $geraet);
    $stmt->execute();
    if ($row = $stmt->get_result()->fetch_assoc()) {
        $geraetId = (int)$row['id'];
    }
    $stmt->close();
}

// Upsert into turnerinnen_abt (turnerin_id is UNIQUE)
$stmt = $mysqli->prepare("
    INSERT INTO $tableTurnerinnenAbt (turnerin_id, abteilung_id, geraet_id)
    VALUES (?, ?, ?)
    ON DUPLICATE KEY UPDATE
      abteilung_id = VALUES(abteilung_id),
      geraet_id = VALUES(geraet_id)
");
$stmt->bind_param("iii", $turnerinId, $abtId, $geraetId);
$stmt->execute();
$stmt->close();

// Return JSON
http_response_code(200);
echo json_encode([
    'success' => true,
    'turnerin_id' => $turnerinId,
    'abteilung_id' => $abtId,
    'geraet_id' => $geraetId
]);