Siro/backend/ride/promo/update.php

<?php
require_once __DIR__ . '/../../connect.php';

$id = filterRequest("id");
if (empty($id)) {
    jsonError("ID is required for update");
    exit;
}

$allowedFields = [
    "promo_code", "amount", "description", "passengerID", 
    "validity_start_date", "validity_end_date"
];

$setParts = [];
$params = [];

foreach ($allowedFields as $field) {
    if (isset($_POST[$field])) {
        $value = filterRequest($field);
        $setParts[] = "`$field` = :$field";
        $params[":$field"] = $value;
    }
}

if (empty($setParts)) {
    jsonError("No valid fields to update.");
    exit;
}

$sql = "UPDATE `promos` SET " . implode(", ", $setParts) . " WHERE `id` = :id";
$params[":id"] = $id;

$stmt = $con->prepare($sql);
if ($stmt->execute($params)) {
    jsonSuccess(null, "Promo updated successfully");
} else {
    jsonError("Failed to update promo");
}
?>