| Server IP : 3.111.61.48 / Your IP : 216.73.216.67 Web Server : Apache System : Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64 User : ubuntu ( 1000) PHP Version : 8.2.31 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/www/vhost/itms.arukustech.com/public/api/ |
Upload File : |
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once __DIR__ . '/../../app/db.php';
require_once __DIR__ . '/../../app/helpers/auth.php';
check_login();
header("Content-Type: application/json");
// SECURITY: Verify user is SuperAdmin before allowing any changes
if ($_SESSION['role'] !== 'superadmin') {
echo json_encode(["status" => "error", "message" => "Access denied. Only SuperAdmins can update category settings."]);
exit;
}
$id = $_POST['id'] ?? null;
$name = trim($_POST['name'] ?? "");
$prefix = strtoupper(trim($_POST['asset_prefix'] ?? ""));
$next_number = intval($_POST['next_number'] ?? 0);
if (!$id || $name == "" || $prefix == "" || $next_number <= 0) {
echo json_encode(["status" => "error", "message" => "Missing or invalid fields"]);
exit;
}
try {
$pdo = db();
// Updated SQL to include next_number
$stmt = $pdo->prepare("
UPDATE inv_categories
SET name = ?, asset_prefix = ?, next_number = ?
WHERE id = ?
");
$stmt->execute([$name, $prefix, $next_number, $id]);
echo json_encode(["status" => "success"]);
}
catch (PDOException $e) {
echo json_encode(["status" => "error", "message" => $e->getMessage()]);
}
?>