85 lines
2.7 KiB
PHP
85 lines
2.7 KiB
PHP
<?php
|
|
header('Content-Type: application/json');
|
|
|
|
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
|
|
|
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
|
http_response_code(403);
|
|
exit;
|
|
}
|
|
|
|
if (!isset($baseDir)) {
|
|
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
|
}
|
|
|
|
require $baseDir . '/../scripts/db/db-functions.php';
|
|
require $baseDir . '/../scripts/db/db-tables.php';
|
|
require $baseDir . '/../scripts/csrf_functions.php';
|
|
|
|
$type = 'wkl';
|
|
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
|
|
|
if ($dbconnection['success'] !== true){
|
|
echo json_encode(['success' => false, 'message' => 'Critical DB Error.']);
|
|
exit;
|
|
}
|
|
|
|
$action = $_POST['action'] ?? '';
|
|
|
|
if ($action === 'add') {
|
|
$name = trim($_POST['name'] ?? '');
|
|
$start_index = intval($_POST['start_index'] ?? 0);
|
|
$color = trim($_POST['color'] ?? '#424242');
|
|
|
|
if (!$name) {
|
|
echo json_encode(['success' => false, 'message' => 'Name ist erforderlich.']);
|
|
exit;
|
|
}
|
|
|
|
$stmt = $mysqli->prepare("INSERT INTO $tableGeraete (name, start_index, color_kampfrichter) VALUES (?, ?, ?)");
|
|
$stmt->bind_param("sis", $name, $start_index, $color);
|
|
$success = $stmt->execute();
|
|
$new_id = $mysqli->insert_id;
|
|
$stmt->close();
|
|
|
|
if ($success) {
|
|
echo json_encode(['success' => true, 'id' => $new_id]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Fehler beim Hinzufügen.']);
|
|
}
|
|
|
|
} elseif ($action === 'update') {
|
|
$id = intval($_POST['id'] ?? 0);
|
|
$field = $_POST['field'] ?? '';
|
|
$value = $_POST['value'] ?? '';
|
|
|
|
$allowedFields = ['name', 'start_index', 'color_kampfrichter'];
|
|
if ($id > 0 && in_array($field, $allowedFields)) {
|
|
if ($field === 'start_index') {
|
|
$value = intval($value);
|
|
}
|
|
|
|
$updated = db_update($mysqli, $tableGeraete, [$field => $value], ['id' => $id]);
|
|
if ($updated !== false) {
|
|
echo json_encode(['success' => true]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'DB Update failed.']);
|
|
}
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid parameters.']);
|
|
}
|
|
|
|
} elseif ($action === 'delete') {
|
|
$id = intval($_POST['id'] ?? 0);
|
|
|
|
if ($id > 0) {
|
|
db_delete($mysqli, $tableGeraete, ['id' => $id]);
|
|
echo json_encode(['success' => true]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid ID.']);
|
|
}
|
|
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Action not found.']);
|
|
}
|