added fixed fields

public/userarea/save_edited_row.php

@@ -15,6 +15,44 @@ try {
     $db = DBHandlerSelect::getInstance();
     $pdo = $db->getConnection();
 
+    // ---------------- FIXED FIELDS (template_fixed_mapping) ----------------
+
+    // 1) Recupera templateid dalla riga datadb (serve per sapere quali fixed_field_key sono permessi)
+    $stmtTpl = $pdo->prepare("SELECT templateid FROM datadb WHERE iddatadb = ?");
+    $stmtTpl->execute([$iddatadb]);
+    $tplRow = $stmtTpl->fetch(PDO::FETCH_ASSOC);
+
+    $templateId = isset($tplRow['templateid']) ? (int)$tplRow['templateid'] : 0;
+    if ($templateId <= 0) {
+        throw new Exception("Template non trovato per iddatadb=$iddatadb");
+    }
+
+    // 2) Recupera elenco fixed fields visibili per quel template
+    $fxStmt = $pdo->prepare("
+    SELECT fixed_field_key, data_type, is_required, default_value
+    FROM template_fixed_mapping
+    WHERE template_id = ? AND is_visible_import = 1
+");
+    $fxStmt->execute([$templateId]);
+    $fixedList = $fxStmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // 3) Crea whitelist: key => metadata
+    $fixedWhitelist = [];
+    foreach ($fixedList as $fx) {
+        $k = (string)$fx['fixed_field_key'];
+
+        // sicurezza: nome colonna ammesso solo se "safe" (no spazi, no caratteri strani)
+        if (!preg_match('/^[a-zA-Z0-9_]+$/', $k)) {
+            continue;
+        }
+        $fixedWhitelist[$k] = [
+            'data_type'     => (string)$fx['data_type'],       // INT | DATE
+            'is_required'   => (int)$fx['is_required'],
+            'default_value' => $fx['default_value'] ?? null
+        ];
+    }
+
+
     $data = $_POST;
     $details = [];
 
@@ -63,22 +101,57 @@ try {
         }
     }
 
-    // 5. Aggiorna idclient in datadb
+    // 5. Aggiorna datadb: idclient + FIXED FIELDS (whitelisted)
+    $setParts = [];
+    $params = [];
+
+    // 5a) idclient (se presente)
     if (isset($idclient)) {
-        $updateStmt = $pdo->prepare("
-            UPDATE datadb
-            SET idclient = :idclient
-            WHERE iddatadb = :iddatadb
-        ");
-        $updateStmt->execute([
-            ':idclient'   => $idclient,
-            ':iddatadb'   => $iddatadb
-        ]);
-        $response['message'] = !empty($changed) ? "Updated details and idclient successfully" : "Updated idclient successfully";
-    } else {
-        $response['message'] = !empty($changed) ? "Updated details successfully" : "No changes found";
+        $setParts[] = "idclient = ?";
+        $params[] = $idclient;
     }
 
+    // 5b) fixed fields dal POST (solo quelli presenti nella whitelist del template)
+    foreach ($fixedWhitelist as $col => $meta) {
+        if (!array_key_exists($col, $_POST)) {
+            continue; // non inviato dal form
+        }
+
+        $val = $_POST[$col];
+
+        // Normalizzazione per tipo
+        if ($meta['data_type'] === 'DATE') {
+            $val = trim((string)$val);
+            $val = ($val === '') ? null : $val; // atteso formato Y-m-d
+        } else { // INT
+            $val = trim((string)$val);
+            $val = ($val === '') ? null : (int)$val;
+        }
+
+        $setParts[] = "`$col` = ?";
+        $params[] = $val;
+    }
+
+    // esegui update solo se c'è qualcosa da aggiornare
+    if (!empty($setParts)) {
+        $params[] = $iddatadb;
+        $sqlUpd = "UPDATE datadb SET " . implode(", ", $setParts) . " WHERE iddatadb = ?";
+        $updStmt = $pdo->prepare($sqlUpd);
+        $updStmt->execute($params);
+    }
+
+    // Messaggio risposta (mantengo la tua logica ma includo fixed)
+    if (!empty($setParts) && !empty($changed)) {
+        $response['message'] = "Updated details and datadb fields successfully";
+    } elseif (!empty($setParts)) {
+        $response['message'] = "Updated datadb fields successfully";
+    } elseif (!empty($changed)) {
+        $response['message'] = "Updated details successfully";
+    } else {
+        $response['message'] = "No changes found";
+    }
+
+
     $response['success'] = true;
     $response['changed'] = $changed; // Debug / optional