60 lines
1.6 KiB
PHP
60 lines
1.6 KiB
PHP
<?php
|
|
header('Content-Type: application/json');
|
|
|
|
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
|
|
|
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
|
http_response_code(403);
|
|
exit;
|
|
}
|
|
|
|
|
|
$token = isset($_GET['token']) ? $_GET['token'] : '';
|
|
|
|
if ($token !== 'k7uweziEUWZiJhwe7687UWIQZ28SQIH2ug74pINKyxHxPerB6wUZ'){
|
|
echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
|
|
exit;
|
|
}
|
|
|
|
if (!isset($baseDir)) {
|
|
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
|
}
|
|
|
|
$type = 'wkl';
|
|
|
|
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
|
|
|
if ($data['success'] === false){
|
|
echo json_encode(['success' => false, 'message' => $data['message']]);
|
|
exit;
|
|
}
|
|
|
|
require $baseDir . '/../scripts/db/db-tables.php';
|
|
|
|
// ---------- Get and sanitize input ----------
|
|
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
|
$value = isset($_GET['value']) ? round(floatval($_GET['value']), 2) : 0;
|
|
|
|
|
|
if ($id < 0) {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid ID']);
|
|
exit;
|
|
}
|
|
|
|
// ---------- Step 2: Get values from DB ----------
|
|
|
|
|
|
$query = "UPDATE `$tableProgramme` SET preis = '$value' WHERE id = $id";
|
|
$result = $mysqli->query($query);
|
|
|
|
if (!$result) {
|
|
echo json_encode(['success' => false, 'message' => 'Update failed']);
|
|
exit;
|
|
}
|
|
|
|
// ---------- Return JSON ----------
|
|
echo json_encode([
|
|
'success' => true,
|
|
'message' => 'Startgebüren set to '.$value.' Fr.'
|
|
]);
|
|
exit; |