first commit

backend/ride/kazan/add.php

@@ -0,0 +1,45 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$kazan = filterRequest("kazan");
+$adminId = filterRequest("adminId");
+$latePrice = filterRequest("latePrice");
+$heavyPrice = filterRequest("heavyPrice");
+$naturePrice = filterRequest("naturePrice");
+$comfortPrice = filterRequest("comfortPrice");
+$speedPrice = filterRequest("speedPrice");
+$deliveryPrice = filterRequest("deliveryPrice");
+$freePrice = filterRequest("freePrice");
+$country = filterRequest("country");
+$fuelPrice = filterRequest("fuelPrice");
+
+// Prepare an SQL statement with placeholders for the values
+$sql = "INSERT INTO `kazan`( `country`,`kazan`, `comfortPrice`, `speedPrice`, `deliveryPrice`, `freePrice`, `latePrice`, `heavyPrice`, `adminId`, `naturePrice`, `fuelPrice`) VALUES (:country,:kazan, :comfortPrice, :speedPrice, :deliveryPrice, :freePrice, :latePrice, :heavyPrice, :adminId, :naturePrice,:fuelPrice)";
+
+$stmt = $con->prepare($sql);
+
+// Bind the parameters to the SQL query
+$stmt->bindParam(':kazan', $kazan);
+$stmt->bindParam(':comfortPrice', $comfortPrice);
+$stmt->bindParam(':speedPrice', $speedPrice);
+$stmt->bindParam(':deliveryPrice', $deliveryPrice);
+$stmt->bindParam(':freePrice', $freePrice);
+$stmt->bindParam(':latePrice', $latePrice);
+$stmt->bindParam(':heavyPrice', $heavyPrice);
+$stmt->bindParam(':adminId', $adminId);
+$stmt->bindParam(':naturePrice', $naturePrice);
+$stmt->bindParam(':country', $country);
+$stmt->bindParam(':fuelPrice', $fuelPrice);
+
+// Execute the statement
+if ($stmt->execute()) {
+    // Print a success message
+    jsonSuccess(null, "Kazan saved successfully");
+} else {
+    // Print a failure message
+    jsonError("Failed to save Kazan");
+}
+
+// Close the statement
+$stmt->close();
+?>

backend/ride/kazan/get.php

@@ -0,0 +1,23 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$country = filterRequest("country");
+
+if (!empty($country)) {
+    $sql = "SELECT * FROM `kazan` WHERE `country` = :country";
+    $stmt = $con->prepare($sql);
+    $stmt->bindParam(':country', $country, PDO::PARAM_STR);
+} else {
+    $sql = "SELECT * FROM `kazan` ORDER BY id DESC";
+    $stmt = $con->prepare($sql);
+}
+
+$stmt->execute();
+$row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+if ($row) {
+    jsonSuccess($row);
+} else {
+    jsonSuccess([], "No Kazan record found");
+}
+?>

backend/ride/kazan/update.php

@@ -0,0 +1,46 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$id = filterRequest("id");
+
+$allowedFields = [
+    "kazan", "comfortPrice", "speedPrice", "deliveryPrice",
+    "freePrice", "latePrice", "heavyPrice", "adminId", "naturePrice", "fuelPrice", "familyPrice"
+];
+
+$setParts = [];
+$params = [];
+
+foreach ($allowedFields as $field) {
+    if (isset($_POST[$field])) {
+        $value = filterRequest($field);
+        $setParts[] = "`$field` = :$field";
+        $params[":$field"] = $value;
+    }
+}
+
+if (empty($setParts)) {
+    jsonError("No valid fields to update.");
+    exit;
+}
+
+$sql = "UPDATE `kazan` SET " . implode(", ", $setParts) . " WHERE `id` = :id";
+$params[":id"] = $id;
+
+$stmt = $con->prepare($sql);
+$stmt->execute($params);
+
+$userIdToLog = $user_id ?? 'unknown_admin';
+
+// تسجيل العملية في السجل دائماً
+$auditResult = logAudit($con, $userIdToLog, "تحديث عمولة/أسعار النظام (Kazan)", "kazan", $id, $params);
+
+$debugLog = "[" . date('Y-m-d H:i:s') . "] Kazan Update Triggered. User: $userIdToLog. Audit Result: " . ($auditResult === true ? 'SUCCESS' : $auditResult) . "\n";
+file_put_contents(__DIR__ . '/audit_debug.txt', $debugLog, FILE_APPEND);
+
+if ($stmt->rowCount() > 0) {
+    jsonSuccess(null, "Kazan data updated successfully. Audit: " . ($auditResult === true ? 'OK' : $auditResult));
+} else {
+    jsonSuccess(null, "Kazan data remains unchanged or updated. Audit: " . ($auditResult === true ? 'OK' : $auditResult));
+}
+?>