Home Explore Help
Register Sign In
benjamin.harris
/
soil-report-ai
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8ed4058123
Branches Tags
soil-report-ai
/
dashboard
/
crop-analysis
/
updatecomment.php

updatecomment.php 2.1 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * dashboard/crop-analysis/updatecomment.php
    4. 

  4.  *
    5. 

  5.  * AJAX endpoint: auto-saves soil report comments to the reports table.
    6. 

  6.  * Called by the auto-save JS in soil-report-pdf.php via POST.
    7. 

  7.  *
    8. 

  8.  * POST params: overview, foliar_Details, microbe_Program, header1
    9. 

  9.  * GET params:  rid (soil_records.id), rand (soil_records.rand)
    10. 

  10.  */
    11. 

  11. 

  12. if (session_status() === PHP_SESSION_NONE) {
    13. 

  13.     session_start();
    14. 

  14. }
    15. 

  15. 

  16. require_once __DIR__ . '/../../config/database.php';
    17. 

  17. require_once __DIR__ . '/../../lib/auth.php';
    18. 

  18. 

  19. if (!isLoggedIn()) {
    20. 

  20.     http_response_code(403);
    21. 

  21.     echo json_encode(['success' => false, 'message' => 'Unauthorised']);
    22. 

  22.     exit;
    23. 

  23. }
    24. 

  24. 

  25. header('Content-Type: application/json');
    26. 

  26. 

  27. $pdo    = getDBConnection();
    28. 

  28. $userId = getCurrentUserId();
    29. 

  29. 

  30. $recordId = (int)   ($_GET['rid']  ?? 0);
    31. 

  31. $randId   = (float) ($_GET['rand'] ?? 0);
    32. 

  32. 

  33. if ($recordId <= 0) {
    34. 

  34.     http_response_code(400);
    35. 

  35.     echo json_encode(['success' => false, 'message' => 'Missing record ID']);
    36. 

  36.     exit;
    37. 

  37. }
    38. 

  38. 

  39. // Verify the soil record belongs to this user (ownership check)
    40. 

  40. $check = $pdo->prepare(
    41. 

  41.     'SELECT id FROM soil_records WHERE id = ? AND rand = ? AND modx_user_id = ? LIMIT 1'
    42. 

  42. );
    43. 

  43. $check->execute([$recordId, $randId, $userId]);
    44. 

  44. if (!$check->fetch()) {
    45. 

  45.     http_response_code(403);
    46. 

  46.     echo json_encode(['success' => false, 'message' => 'Record not found or access denied']);
    47. 

  47.     exit;
    48. 

  48. }
    49. 

  49. 

  50. // Collect and sanitise comment fields
    51. 

  51. $data = [
    52. 

  52.     'overview'        => trim($_POST['overview']        ?? ''),
    53. 

  53.     'foliar_details'  => trim($_POST['foliar_Details']  ?? ''),
    54. 

  54.     'microbe_program' => trim($_POST['microbe_Program'] ?? ''),
    55. 

  55.     'header1'         => trim($_POST['header1']         ?? 'Foliar Program'),
    56. 

  56. ];
    57. 

  57. 

  58. $comment = json_encode($data, JSON_UNESCAPED_UNICODE);
    59. 

  59. 

  60. // Upsert: update if record exists for this soil record + user, else insert
    61. 

  61. $stmt = $pdo->prepare('
    62. 

  62.     INSERT INTO reports (modx_user_id, record_id, rand, comment, dateTime)
    63. 

  63.     VALUES (?, ?, ?, ?, CURDATE())
    64. 

  64.     ON DUPLICATE KEY UPDATE comment = VALUES(comment), dateTime = CURDATE()
    65. 

  65. ');
    66. 

  66. $stmt->execute([$userId, $recordId, (int) $randId, $comment]);
    67. 

  67. 

  68. echo json_encode(['success' => true, 'saved' => date('H:i:s')]);
    69.