7aebb762d3
- Updated API calls in equipment.php, equipment_manage.php, and equipments_mass_update.php to use v2 endpoints. - Changed payload decoding from decode_payload to json_decode for consistency. - Enhanced invoice generation in factuur.php and webhook files to use a new email template and PDF structure. - Added new email and PDF templates for invoices to improve formatting and readability. - Improved marketing folder handling in marketing.php with better payload management. - Updated CSS for marketing to enhance UI interactions. - Added JavaScript checks for browser compatibility in softwaretool.php. - Adjusted user permissions in settingsprofiles.php to reflect new features.
94 lines
3.4 KiB
PHP
94 lines
3.4 KiB
PHP
<?php
|
|
defined($security_key) or exit;
|
|
|
|
//------------------------------------------
|
|
// Marketing Update
|
|
//------------------------------------------
|
|
//Connect to DB
|
|
$pdo = dbConnect($dbname);
|
|
|
|
//SoldTo is empty
|
|
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
|
|
|
|
//default whereclause
|
|
list($whereclause,$condition) = getWhereclauselvl2("",$permission,$partner,'');
|
|
|
|
//QUERY AND VERIFY ALLOWED
|
|
if (isAllowed('marketing',$profile,$permission,'U') === 1){
|
|
// Get JSON input
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
|
|
$file_id = $input['file_id'] ?? '';
|
|
|
|
if (empty($file_id)) {
|
|
echo json_encode(['success' => false, 'error' => 'File ID is required']);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
// First verify the file exists and user has access
|
|
$check_sql = 'SELECT id FROM `marketing_files` WHERE `id` = ?';
|
|
$check_stmt = $pdo->prepare($check_sql);
|
|
$check_stmt->execute([$file_id]);
|
|
|
|
if ($check_stmt->rowCount() === 0) {
|
|
echo json_encode(['success' => false, 'error' => 'File not found or access denied']);
|
|
exit;
|
|
}
|
|
|
|
// Build dynamic UPDATE query for only changed fields
|
|
$update_fields = [];
|
|
$update_params = [];
|
|
|
|
if (isset($input['title'])) {
|
|
$update_fields[] = '`title` = ?';
|
|
$update_params[] = $input['title'];
|
|
}
|
|
|
|
if (isset($input['folder_id'])) {
|
|
$update_fields[] = '`folder_id` = ?';
|
|
$update_params[] = $input['folder_id'] ?: null;
|
|
}
|
|
|
|
// Always update updatedby if there are changes
|
|
if (!empty($update_fields)) {
|
|
$update_fields[] = '`updatedby` = ?';
|
|
$update_params[] = $username;
|
|
$update_params[] = $file_id;
|
|
|
|
$update_sql = 'UPDATE `marketing_files` SET ' . implode(', ', $update_fields) . ' WHERE `id` = ?';
|
|
$stmt = $pdo->prepare($update_sql);
|
|
$stmt->execute($update_params);
|
|
}
|
|
|
|
// Update tags only if provided
|
|
if (isset($input['tags'])) {
|
|
// Remove existing tags
|
|
$pdo->prepare('DELETE FROM `marketing_file_tags` WHERE `file_id` = ?')->execute([$file_id]);
|
|
|
|
// Parse and insert new tags
|
|
$tags_string = $input['tags'];
|
|
$tags_array = array_filter(array_map('trim', explode(',', $tags_string)));
|
|
|
|
if (!empty($tags_array)) {
|
|
$tag_sql = 'INSERT IGNORE INTO `marketing_tags` (`tag_name`) VALUES (?)';
|
|
$tag_stmt = $pdo->prepare($tag_sql);
|
|
|
|
$file_tag_sql = 'INSERT INTO `marketing_file_tags` (`file_id`, `tag_id`) SELECT ?, id FROM marketing_tags WHERE tag_name = ?';
|
|
$file_tag_stmt = $pdo->prepare($file_tag_sql);
|
|
|
|
foreach ($tags_array as $tag) {
|
|
$tag_stmt->execute([$tag]);
|
|
$file_tag_stmt->execute([$file_id, $tag]);
|
|
}
|
|
}
|
|
}
|
|
|
|
echo json_encode(['success' => true, 'message' => 'File updated successfully']);
|
|
} catch (Exception $e) {
|
|
echo json_encode(['success' => false, 'error' => 'Update failed: ' . $e->getMessage()]);
|
|
}
|
|
} else {
|
|
echo json_encode(['success' => false, 'error' => 'Insufficient permissions']);
|
|
}
|
|
?>
|