false, 'error' => 'Brak danych'])); } $id = (int)$data['id']; $field = $data['field']; $value = trim($data['value']); // TUTAJ JEST MAGIA: dodano 'company' na końcu listy $allowed_fields = ['product_name', 'quantity', 'purchase_place', 'price_per_unit', 'delivery_date', 'status', 'recipient', 'delivery_address', 'notes', 'company']; if (!in_array($field, $allowed_fields)) { die(json_encode(['success' => false, 'error' => 'Niedozwolona kolumna'])); } $field_labels = [ 'product_name' => 'Produkt', 'quantity' => 'Ilość', 'purchase_place' => 'Miejsce zakupu', 'price_per_unit' => 'Cena za sztukę', 'delivery_date' => 'Data dostawy', 'status' => 'Status', 'recipient' => 'Odbiorca', 'delivery_address' => 'Adres dostawy', 'notes' => 'Notatki', 'company' => 'Firma kupująca' ]; try { $stmt = $pdo->prepare("SELECT $field FROM " . DB_PREFIX . "orders WHERE id = ?"); $stmt->execute([$id]); $old_val = $stmt->fetchColumn(); if ((string)$old_val !== (string)$value) { if ($field === 'price_per_unit') { $value = (float)str_replace(',', '.', $value); } $update = $pdo->prepare("UPDATE " . DB_PREFIX . "orders SET $field = ? WHERE id = ?"); $update->execute([$value, $id]); $label = $field_labels[$field] ?? $field; $old_display = $old_val ?: '(brak)'; $new_display = $value ?: '(brak)'; $hist_msg = "Szybka edycja: $label zmieniono z [$old_display] ➔ [$new_display]"; $hist = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)"); $hist->execute([$id, $_SESSION['user_id'], $hist_msg]); } echo json_encode(['success' => true]); } catch (PDOException $e) { echo json_encode(['success' => false, 'error' => $e->getMessage()]); } ?>