benjamin.harris
/
soil-report-ai


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
							<?php
/**
 * water-report-save.php
 *
 * AJAX endpoint: auto-saves water report consultant notes to the reports table.
 * Called by the auto-save JS in water-report.php via POST.
 *
 * GET params: rid (water_records.id), rand (water_records.rand)
 * POST params: general_details, ai_interpretation, recommended_details, foliar_details
 */

if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

require_once __DIR__ . '/../../../config/database.php';
require_once __DIR__ . '/../../../lib/auth.php';

if (!isLoggedIn()) {
    http_response_code(403);
    echo json_encode(['success' => false, 'message' => 'Unauthorised']);
    exit;
}

header('Content-Type: application/json');

$pdo    = getDBConnection();
$userId = getCurrentUserId();

$recordId = (int)  ($_GET['rid']  ?? 0);
$randId   = trim(  $_GET['rand']  ?? '');

if ($recordId <= 0) {
    http_response_code(400);
    echo json_encode(['success' => false, 'message' => 'Missing record ID']);
    exit;
}

$check = $pdo->prepare(
    'SELECT id FROM water_records WHERE id = ? AND rand = ? AND modx_user_id = ? LIMIT 1'
);
$check->execute([$recordId, $randId, $userId]);
if (!$check->fetch()) {
    http_response_code(403);
    echo json_encode(['success' => false, 'message' => 'Record not found or access denied']);
    exit;
}

$data = [
    'general_details'     => trim($_POST['general_details']     ?? ''),
    'ai_interpretation'   => trim($_POST['ai_interpretation']   ?? ''),
    'recommended_details' => trim($_POST['recommended_details'] ?? ''),
    'foliar_details'      => trim($_POST['foliar_details']      ?? ''),
];

$comment = json_encode($data, JSON_UNESCAPED_UNICODE);

$stmt = $pdo->prepare('
    INSERT INTO reports (modx_user_id, record_id, rand, comment, dateTime)
    VALUES (?, ?, ?, ?, CURDATE())
    ON DUPLICATE KEY UPDATE comment = VALUES(comment), dateTime = CURDATE()
');
$stmt->execute([$userId, $recordId, $randId, $comment]);

echo json_encode(['success' => true, 'saved' => date('H:i:s')]);