mirror of
https://github.com/myronblair/epic-download
synced 2026-06-30 17:51:00 -05:00
131 lines
3.6 KiB
PHP
131 lines
3.6 KiB
PHP
<?php
|
|
/**
|
|
* Weekly Specials CRUD Endpoints
|
|
*/
|
|
|
|
$db = Database::getInstance()->getConnection();
|
|
|
|
// GET all specials
|
|
if ($method === 'GET' && !$id) {
|
|
$stmt = $db->query("SELECT * FROM specials LIMIT 100");
|
|
$specials = $stmt->fetchAll();
|
|
|
|
// Parse JSON highlights
|
|
foreach ($specials as &$special) {
|
|
$special['highlights'] = json_decode($special['highlights'], true);
|
|
}
|
|
|
|
jsonResponse($specials);
|
|
}
|
|
|
|
// POST create special (admin only)
|
|
if ($method === 'POST') {
|
|
requireAuth();
|
|
|
|
$input = getJsonInput();
|
|
|
|
$errors = validateRequired($input, ['destination_id', 'discount', 'end_date', 'highlights']);
|
|
if (!empty($errors)) {
|
|
jsonResponse(['error' => implode(', ', $errors)], 400);
|
|
}
|
|
|
|
// Check if destination exists
|
|
$stmt = $db->prepare("SELECT id FROM destinations WHERE id = ?");
|
|
$stmt->execute([$input['destination_id']]);
|
|
if (!$stmt->fetch()) {
|
|
jsonResponse(['error' => 'Destination not found'], 404);
|
|
}
|
|
|
|
// Check if special already exists for this destination
|
|
$stmt = $db->prepare("SELECT id FROM specials WHERE destination_id = ?");
|
|
$stmt->execute([$input['destination_id']]);
|
|
if ($stmt->fetch()) {
|
|
jsonResponse(['error' => 'Special already exists for this destination'], 400);
|
|
}
|
|
|
|
$id = generateUuid();
|
|
$highlights = json_encode($input['highlights']);
|
|
|
|
$stmt = $db->prepare("
|
|
INSERT INTO specials (id, destination_id, discount, end_date, highlights, created_at)
|
|
VALUES (?, ?, ?, ?, ?, NOW())
|
|
");
|
|
|
|
$stmt->execute([
|
|
$id,
|
|
$input['destination_id'],
|
|
$input['discount'],
|
|
$input['end_date'],
|
|
$highlights
|
|
]);
|
|
|
|
// Fetch created special
|
|
$stmt = $db->prepare("SELECT * FROM specials WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$special = $stmt->fetch();
|
|
$special['highlights'] = json_decode($special['highlights'], true);
|
|
|
|
jsonResponse($special, 201);
|
|
}
|
|
|
|
// PUT update special (admin only)
|
|
if ($method === 'PUT' && $id) {
|
|
requireAuth();
|
|
|
|
$input = getJsonInput();
|
|
|
|
$updates = [];
|
|
$params = [];
|
|
|
|
if (isset($input['discount'])) {
|
|
$updates[] = "discount = ?";
|
|
$params[] = $input['discount'];
|
|
}
|
|
|
|
if (isset($input['end_date'])) {
|
|
$updates[] = "end_date = ?";
|
|
$params[] = $input['end_date'];
|
|
}
|
|
|
|
if (isset($input['highlights'])) {
|
|
$updates[] = "highlights = ?";
|
|
$params[] = json_encode($input['highlights']);
|
|
}
|
|
|
|
if (empty($updates)) {
|
|
jsonResponse(['error' => 'No fields to update'], 400);
|
|
}
|
|
|
|
$params[] = $id;
|
|
|
|
$sql = "UPDATE specials SET " . implode(', ', $updates) . " WHERE id = ?";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->execute($params);
|
|
|
|
// Fetch updated special
|
|
$stmt = $db->prepare("SELECT * FROM specials WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$special = $stmt->fetch();
|
|
$special['highlights'] = json_decode($special['highlights'], true);
|
|
|
|
jsonResponse($special);
|
|
}
|
|
|
|
// DELETE special by destination_id (admin only)
|
|
if ($method === 'DELETE' && isset($pathParts[1]) && $pathParts[1] === 'destination' && isset($pathParts[2])) {
|
|
requireAuth();
|
|
|
|
$destinationId = $pathParts[2];
|
|
|
|
$stmt = $db->prepare("DELETE FROM specials WHERE destination_id = ?");
|
|
$stmt->execute([$destinationId]);
|
|
|
|
if ($stmt->rowCount() === 0) {
|
|
jsonResponse(['error' => 'Special not found for this destination'], 404);
|
|
}
|
|
|
|
jsonResponse(['message' => 'Special removed successfully']);
|
|
}
|
|
|
|
jsonResponse(['error' => 'Invalid specials endpoint'], 404);
|