619ad0b320
- Added detailed error logging to link_membership_user processor - Added error handling for database operations in processor - Added comprehensive logging to linkSecondaryUserToMembership function - Logs now show: CSRF validation, database operations, link creation, permission grants - Improved error messages for debugging
99 lines
3.4 KiB
PHP
99 lines
3.4 KiB
PHP
<?php
|
|
$rootPath = dirname(dirname(__DIR__));
|
|
require_once($rootPath . '/src/config/env.php');
|
|
require_once($rootPath . '/src/config/session.php');
|
|
require_once($rootPath . '/src/config/connection.php');
|
|
require_once($rootPath . '/src/config/functions.php');
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
// Log incoming request
|
|
error_log("Link membership user request received. Method: " . $_SERVER['REQUEST_METHOD']);
|
|
error_log("POST data: " . json_encode($_POST));
|
|
error_log("Session user_id: " . ($_SESSION['user_id'] ?? 'NOT SET'));
|
|
|
|
if (!isset($_SESSION['user_id']) || $_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
http_response_code(403);
|
|
error_log("Forbidden: No session or wrong method");
|
|
exit(json_encode(['success' => false, 'message' => 'Forbidden']));
|
|
}
|
|
|
|
// Validate CSRF token
|
|
if (!isset($_POST['csrf_token'])) {
|
|
http_response_code(400);
|
|
error_log("No CSRF token provided");
|
|
exit(json_encode(['success' => false, 'message' => 'CSRF token missing']));
|
|
}
|
|
|
|
if (!validateCSRFToken($_POST['csrf_token'])) {
|
|
http_response_code(400);
|
|
error_log("Invalid CSRF token: " . $_POST['csrf_token']);
|
|
error_log("Available tokens: " . json_encode($_SESSION['csrf_tokens'] ?? []));
|
|
exit(json_encode(['success' => false, 'message' => 'Invalid CSRF token']));
|
|
}
|
|
|
|
$primary_user_id = intval($_SESSION['user_id']);
|
|
$secondary_email = trim($_POST['secondary_email'] ?? '');
|
|
$relationship = trim($_POST['relationship'] ?? 'spouse');
|
|
|
|
error_log("Processing link: primary=$primary_user_id, secondary_email=$secondary_email, relationship=$relationship");
|
|
|
|
if (empty($secondary_email)) {
|
|
http_response_code(400);
|
|
error_log("Secondary email is empty");
|
|
exit(json_encode(['success' => false, 'message' => 'Secondary user email is required']));
|
|
}
|
|
|
|
// Get the secondary user by email
|
|
$conn = openDatabaseConnection();
|
|
if (!$conn) {
|
|
http_response_code(500);
|
|
error_log("Failed to open database connection");
|
|
exit(json_encode(['success' => false, 'message' => 'Database connection failed']));
|
|
}
|
|
|
|
$userQuery = $conn->prepare("SELECT user_id FROM users WHERE email = ?");
|
|
if (!$userQuery) {
|
|
http_response_code(500);
|
|
error_log("Prepare statement failed: " . $conn->error);
|
|
$conn->close();
|
|
exit(json_encode(['success' => false, 'message' => 'Database error']));
|
|
}
|
|
|
|
$userQuery->bind_param("s", $secondary_email);
|
|
if (!$userQuery->execute()) {
|
|
http_response_code(500);
|
|
error_log("Query execution failed: " . $userQuery->error);
|
|
$userQuery->close();
|
|
$conn->close();
|
|
exit(json_encode(['success' => false, 'message' => 'Database error']));
|
|
}
|
|
|
|
$userResult = $userQuery->get_result();
|
|
$userQuery->close();
|
|
|
|
if ($userResult->num_rows === 0) {
|
|
$conn->close();
|
|
error_log("User not found with email: $secondary_email");
|
|
http_response_code(404);
|
|
exit(json_encode(['success' => false, 'message' => 'User with that email not found']));
|
|
}
|
|
|
|
$user = $userResult->fetch_assoc();
|
|
$secondary_user_id = $user['user_id'];
|
|
error_log("Found secondary user: $secondary_user_id");
|
|
$conn->close();
|
|
|
|
// Use the linking function from functions.php
|
|
$result = linkSecondaryUserToMembership($primary_user_id, $secondary_user_id, $relationship);
|
|
error_log("Link result: " . json_encode($result));
|
|
|
|
http_response_code($result['success'] ? 200 : 400);
|
|
echo json_encode([
|
|
'success' => $result['success'],
|
|
'message' => $result['message'],
|
|
'link_id' => $result['link_id'] ?? null
|
|
]);
|
|
?>
|
|
|