PATH:
home
/
u865795251
/
domains
/
whatisnewis.com
/
public_html
/
vfa
/
Editing: save-settings.php
<?php // Update Active Pricing Settings (Authenticated Admins Only) session_start(); header('Content-Type: application/json'); // Session gate to prevent unauthorized mutations if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) { http_response_code(401); echo json_encode(['error' => 'Unauthorized access. Please log in first.']); exit; } require_once __DIR__ . '/db.php'; // Decode JSON input body $input = json_decode(file_get_contents('php://input'), true); $webinarPrice = isset($input['webinar_price']) ? floatval($input['webinar_price']) : null; $reminderPrice = isset($input['reminder_price']) ? floatval($input['reminder_price']) : null; if ($webinarPrice === null || $reminderPrice === null || $webinarPrice < 0 || $reminderPrice < 0) { http_response_code(400); echo json_encode(['error' => 'Invalid price values. Prices must be non-negative numbers.']); exit; } try { // Perform transactional update using UPSERT or standard UPDATE $db->beginTransaction(); $stmt = $db->prepare("INSERT OR REPLACE INTO settings (key, value) VALUES ('webinar_price', :webinar_price)"); $stmt->execute([':webinar_price' => number_format($webinarPrice, 2, '.', '')]); $stmt = $db->prepare("INSERT OR REPLACE INTO settings (key, value) VALUES ('reminder_price', :reminder_price)"); $stmt->execute([':reminder_price' => number_format($reminderPrice, 2, '.', '')]); $db->commit(); echo json_encode(['success' => true]); } catch (Exception $e) { if ($db->inTransaction()) { $db->rollBack(); } http_response_code(500); echo json_encode(['error' => 'Database update failed: ' . $e->getMessage()]); }
SAVE
CANCEL