<?php
// POST /api/clients/update.php
require_once __DIR__ . '/../config/db.php';
require_once __DIR__ . '/../config/auth.php';

$user = requireRole([1, 2, 5]);
$db   = getDB();
$id   = (int)post('id', 0);

if (!$id) apiError('Client ID required.', 422);

$stmt = $db->prepare("SELECT id FROM clients WHERE id = ?");
$stmt->execute([$id]);
if (!$stmt->fetch()) apiError('Client not found.', 404);

$companyName = trim(post('company_name', ''));
if (empty($companyName)) apiError('Company name is required.', 422);

$db->prepare("
    UPDATE clients SET
        company_name    = ?,
        trading_name    = ?,
        registration_no = ?,
        vat_no          = ?,
        industry        = ?,
        status          = ?,
        website         = ?,
        notes           = ?
    WHERE id = ?
")->execute([
    $companyName,
    post('trading_name'),
    post('registration_no'),
    post('vat_no'),
    post('industry'),
    post('status', 'active'),
    post('website'),
    post('notes'),
    $id
]);

apiSuccess([], 'Client updated successfully.');