Add location create endpoint

2025-07-07 13:47:17 +01:00 · 2025-07-07 13:47:17 +01:00 · 7c558ff842
parent a011dc4dea
commit 7c558ff842
2 changed files with 118 additions and 0 deletions
--- a/api/v1/locations/create.php
+++ b/api/v1/locations/create.php
@ -0,0 +1,35 @@
+<?php
+
+require_once '../validate_api_key.php';
+
+require_once '../require_post_method.php';
+
+// Parse Info
+require_once 'location_model.php';
+
+// Default
+$insert_id = false;
+
+if (!empty($name) && !empty($client_id)) {
+
+    // Reset primary location
+    if ($primary == '1') {
+        mysqli_query($mysqli, "UPDATE locations SET location_primary = '0' WHERE location_client_id = '$client_id'");
+    }
+
+    // Insert location
+    $insert_sql = mysqli_query($mysqli, "INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_hours = '$hours', location_notes = '$notes', location_primary = '$primary', location_client_id = $client_id");
+
+    // Check insert & get insert ID
+    if ($insert_sql) {
+        $insert_id = mysqli_insert_id($mysqli);
+
+        // Logging
+        logAction("Location", "Create", "$name via API ($api_key_name)", $client_id, $insert_id);
+        logAction("API", "Success", "Created location $name via API ($api_key_name)", $client_id);
+    }
+
+}
+
+// Output
+require_once '../create_output.php';
--- a/api/v1/locations/location_model.php
+++ b/api/v1/locations/location_model.php
@ -0,0 +1,83 @@
+<?php
+
+// Variable assignment from POST (or: blank/from DB is updating)
+
+if (isset($_POST['location_name'])) {
+    $name = sanitizeInput($_POST['location_name']);
+} elseif ($location_row) {
+    $name = $location_row['location_name'];
+} else {
+    $name = '';
+}
+
+if (isset($_POST['location_description'])) {
+    $description = sanitizeInput($_POST['location_description']);
+} elseif ($location_row) {
+    $description = $location_row['location_description'];
+} else {
+    $description = '';
+}
+
+if (isset($_POST['location_country'])) {
+    $country = sanitizeInput($_POST['location_country']);
+} elseif ($location_row) {
+    $country = $location_row['location_country'];
+} else {
+    $country = '';
+}
+
+if (isset($_POST['location_address'])) {
+    $address = sanitizeInput($_POST['location_address']);
+} elseif ($location_row) {
+    $address = $location_row['location_address'];
+} else {
+    $address = '';
+}
+
+if (isset($_POST['location_city'])) {
+    $city = sanitizeInput($_POST['location_city']);
+} elseif ($location_row) {
+    $city = $location_row['location_city'];
+} else {
+    $city = '';
+}
+
+if (isset($_POST['location_state'])) {
+    $state = sanitizeInput($_POST['location_state']);
+} elseif ($location_row) {
+    $state = $location_row['location_state'];
+} else {
+    $state = '';
+}
+
+if (isset($_POST['location_zip'])) {
+    $zip = sanitizeInput($_POST['location_zip']);
+} elseif ($location_row) {
+    $zip = $location_row['location_zip'];
+} else {
+    $zip = '';
+}
+
+if (isset($_POST['location_hours'])) {
+    $hours = sanitizeInput($_POST['location_hours']);
+} elseif ($location_row) {
+    $hours = $location_row['location_hours'];
+} else {
+    $hours = '';
+}
+
+if (isset($_POST['location_notes'])) {
+    $notes = sanitizeInput($_POST['location_notes']);
+} elseif ($location_row) {
+    $notes = $location_row['location_notes'];
+} else {
+    $notes = '';
+}
+
+if (isset($_POST['location_primary'])) {
+    $primary = intval($_POST['location_primary']);
+} elseif ($location_row) {
+    $primary = $location_row['location_primary'];
+} else {
+    $primary = '0';
+}