34 lines
1.1 KiB
PHP
34 lines
1.1 KiB
PHP
<?php
|
|
// api/update_office.php
|
|
header('Content-Type: application/json');
|
|
require_once '../db/config.php';
|
|
session_start();
|
|
|
|
// Authentication and Authorization check
|
|
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'super_admin') {
|
|
echo json_encode(['success' => false, 'message' => 'Unauthorized']);
|
|
exit;
|
|
}
|
|
|
|
// Basic validation
|
|
if (empty($_POST['id']) || empty($_POST['nama_kantor']) || empty($_POST['tipe_kantor'])) {
|
|
echo json_encode(['success' => false, 'message' => 'Incomplete data for update.']);
|
|
exit;
|
|
}
|
|
|
|
$id = filter_input(INPUT_POST, 'id', FILTER_SANITIZE_NUMBER_INT);
|
|
$nama_kantor = $_POST['nama_kantor'];
|
|
$alamat = $_POST['alamat'] ?? null;
|
|
$tipe_kantor = $_POST['tipe_kantor'];
|
|
|
|
try {
|
|
$sql = "UPDATE kantor SET nama_kantor = ?, alamat = ?, tipe_kantor = ? WHERE id = ?";
|
|
$stmt = db()->prepare($sql);
|
|
$stmt->execute([$nama_kantor, $alamat, $tipe_kantor, $id]);
|
|
|
|
echo json_encode(['success' => true, 'message' => 'Office updated successfully.']);
|
|
|
|
} catch (PDOException $e) {
|
|
echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]);
|
|
}
|
|
?>
|