Gestionnaire de fichiers - Editer - /home/pack/api-secure/update_item_status.php
Arrière
<?php /** * PACK BEACON – SECURE API * Update Item Status * Path: /api-secure/update_item_status.php * * ใช้สำหรับ: * - อัปเดตสถานะของ item ของวันนี้ว่าผู้ใช้กดทำแล้วหรือยัง * * Input: * - user_id * - item_id * - status: pending | done * * Secure: * - Token + Timestamp + Signature */ require_once __DIR__ . "/config-secure.php"; require_once __DIR__ . "/auth-secure.php"; require_method("POST"); // Load secure JSON payload list($raw, $input) = require_secure_json(); /* ============================================================ Validate Input ============================================================ */ $user_id = intval($input["user_id"] ?? 0); $item_id = intval($input["item_id"] ?? 0); $status = $input["status"] ?? ""; if ($user_id <= 0 || $item_id <= 0) { api_json([ "status" => "error", "message" => "user_id and item_id are required" ]); } if (!in_array($status, ["pending", "done"])) { api_json([ "status" => "error", "message" => "invalid status" ]); } /* ============================================================ Validate Ownership – user ต้องเป็นเจ้าของ item ============================================================ */ $chk = $conn->query(" SELECT * FROM items WHERE id = $item_id AND user_id = $user_id "); if ($chk->num_rows == 0) { api_json([ "status" => "error", "message" => "Item does not belong to this user" ]); } /* ============================================================ Today's Date ============================================================ */ $today = date("Y-m-d"); /* ============================================================ Check Existing Status ============================================================ */ $exist = $conn->query(" SELECT id FROM item_status WHERE user_id = $user_id AND item_id = $item_id AND date = '$today' "); if ($exist->num_rows == 0) { // create new status $stmt = $conn->prepare(" INSERT INTO item_status (user_id, item_id, date, status) VALUES (?, ?, ?, ?) "); $stmt->bind_param("iiss", $user_id, $item_id, $today, $status); $stmt->execute(); } else { // update existing $row = $exist->fetch_assoc(); $sid = $row["id"]; $stmt = $conn->prepare(" UPDATE item_status SET status=? WHERE id=? "); $stmt->bind_param("si", $status, $sid); $stmt->execute(); } /* ============================================================ Log ============================================================ */ $msg = "User $user_id update item #$item_id to status [$status]"; $stmt = $conn->prepare(" INSERT INTO logs (user_id, message) VALUES (?, ?) "); $stmt->bind_param("is", $user_id, $msg); $stmt->execute(); /* ============================================================ Return JSON ============================================================ */ api_json([ "status" => "success", "message" => "status updated", "user_id" => $user_id, "item_id" => $item_id, "date" => $today, "new_status" => $status ]);
| ver. 1.4 |
Github
|
.
| PHP 7.4.33 | Génération de la page: 0.09 |
proxy
|
phpinfo
|
Réglages