87 lines
2.7 KiB
PHP
87 lines
2.7 KiB
PHP
<?php
|
|
session_start();
|
|
header('Content-Type: application/json');
|
|
|
|
if (!isset($_SESSION['user_id'])) {
|
|
http_response_code(401);
|
|
echo json_encode(['error' => 'User not authenticated']);
|
|
exit;
|
|
}
|
|
|
|
require_once 'db/config.php';
|
|
|
|
// The scene ID must be passed as a URL parameter
|
|
$scene_id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);
|
|
if (!$scene_id) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Scene ID is required.']);
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
http_response_code(405); // Method Not Allowed
|
|
echo json_encode(['error' => 'POST method required.']);
|
|
exit;
|
|
}
|
|
|
|
$request_body = file_get_contents('php://input');
|
|
$data = json_decode($request_body, true);
|
|
if (json_last_error() !== JSON_ERROR_NONE) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Invalid JSON input.']);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Fetch scene and project status to verify ownership and draft status
|
|
$stmt = $pdo->prepare("
|
|
SELECT s.project_id, p.status as project_status
|
|
FROM scenes s
|
|
JOIN projects p ON s.project_id = p.id
|
|
WHERE s.id = ? AND s.user_id = ?
|
|
");
|
|
$stmt->execute([$scene_id, $_SESSION['user_id']]);
|
|
$scene_check = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$scene_check) {
|
|
http_response_code(404);
|
|
echo json_encode(['error' => 'Scene not found or permission denied.']);
|
|
exit;
|
|
}
|
|
|
|
if ($scene_check['project_status'] !== 'draft') {
|
|
http_response_code(403);
|
|
echo json_encode(['error' => 'Project is not in draft status; scene cannot be edited.']);
|
|
exit;
|
|
}
|
|
|
|
// Get new data from request body
|
|
$description = trim($data['description'] ?? '');
|
|
$duration = filter_var($data['duration'] ?? null, FILTER_VALIDATE_INT);
|
|
$shot_type = trim($data['shot_type'] ?? '');
|
|
|
|
// Basic validation
|
|
if (empty($description) || !$duration || empty($shot_type)) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Invalid input. All fields are required: description, duration, shot_type']);
|
|
exit;
|
|
}
|
|
|
|
// Update the scene
|
|
$stmt = $pdo->prepare("UPDATE scenes SET description = ?, duration = ?, shot_type = ? WHERE id = ?");
|
|
$stmt->execute([$description, $duration, $shot_type, $scene_id]);
|
|
|
|
// Fetch and return the updated scene
|
|
$stmt = $pdo->prepare("SELECT * FROM scenes WHERE id = ?");
|
|
$stmt->execute([$scene_id]);
|
|
$updated_scene = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
echo json_encode($updated_scene);
|
|
|
|
} catch (PDOException $e) {
|
|
http_response_code(500);
|
|
// error_log("Database error: " . $e->getMessage());
|
|
echo json_encode(['error' => 'Database error.']);
|
|
} |