41 lines
1.3 KiB
PHP
41 lines
1.3 KiB
PHP
<?php
|
|
require_once 'db/config.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_POST['listing_id']) || !isset($_POST['status'])) {
|
|
header('Location: volunteer_dashboard.php');
|
|
exit();
|
|
}
|
|
|
|
$listing_id = filter_input(INPUT_POST, 'listing_id', FILTER_VALIDATE_INT);
|
|
$status = $_POST['status'];
|
|
|
|
// Basic validation
|
|
$allowed_statuses = ['collected', 'en-route', 'delivered'];
|
|
if ($listing_id === false || !in_array($status, $allowed_statuses)) {
|
|
header('Location: volunteer_dashboard.php?status=error');
|
|
exit();
|
|
}
|
|
|
|
// For this MVP, we are not checking if the volunteer is the one assigned.
|
|
// In a real app, you would verify the logged-in volunteer's ID against the assignment.
|
|
|
|
try {
|
|
$pdo = db();
|
|
$sql = "UPDATE food_listings SET status = :status WHERE id = :listing_id";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->bindParam(':status', $status, PDO::PARAM_STR);
|
|
$stmt->bindParam(':listing_id', $listing_id, PDO::PARAM_INT);
|
|
|
|
if ($stmt->execute()) {
|
|
header('Location: volunteer_dashboard.php?update=success');
|
|
} else {
|
|
header('Location: volunteer_dashboard.php?update=error');
|
|
}
|
|
|
|
} catch (PDOException $e) {
|
|
// error_log($e->getMessage());
|
|
header('Location: volunteer_dashboard.php?update=error');
|
|
}
|
|
|
|
exit();
|