Siro/backend/ride/invitor/updatePassengersInvitation.php

<?php
require_once __DIR__ . '/../../connect.php';

$inviteCode = filterRequest("inviteCode");
$passengerID = filterRequest("passengerID");

if (empty($inviteCode) || empty($passengerID)) {
    jsonError("Invalid or missing invite code or passenger ID.");
    exit;
}

try {
    $checkSql = "SELECT `id`, `expirationTime` FROM `invitesToPassengers` 
                 WHERE `inviteCode` = :inviteCode 
                 AND `isInstall` = 0 
                 AND `isGiftToken` = 0";

    $checkStmt = $con->prepare($checkSql);
    $checkStmt->bindParam(':inviteCode', $inviteCode);
    $checkStmt->execute();
    
    if ($checkStmt->rowCount() > 0) {
        $invite = $checkStmt->fetch(PDO::FETCH_ASSOC);

        $updateSql = "UPDATE `invitesToPassengers` 
                      SET `isInstall` = 1, `passengerID` = :passengerID 
                      WHERE `id` = :id";

        $updateStmt = $con->prepare($updateSql);
        $updateStmt->bindParam(':id', $invite['id'], PDO::PARAM_INT);
        $updateStmt->bindParam(':passengerID', $passengerID);
        $updateStmt->execute();

        if ($updateStmt->rowCount() > 0) {
            jsonSuccess(null, "Invite code successfully used and marked as installed.");
        } else {
            jsonError("Invite found but update failed.");
        }
    } else {
        jsonError("Invalid invite code, already used, or marked as gift.");
    }
} catch (PDOException $e) {
    jsonError("Database error: " . $e->getMessage());
}
?>