<?php
// POST /api/jobcards/add_note.php
require_once __DIR__ . '/../config/db.php';
require_once __DIR__ . '/../config/auth.php';

$user = requireAuth();
$db   = getDB();

$jobCardId = (int)post('job_card_id', 0);
$note      = trim(post('note', ''));

if (!$jobCardId) apiError('Job card ID required.', 422);
if (!$note)      apiError('Note required.', 422);

$db->prepare("
    INSERT INTO job_card_notes (job_card_id, user_id, note, is_private)
    VALUES (?, ?, ?, ?)
")->execute([$jobCardId, $user['id'], $note, post('is_private') ? 1 : 0]);

apiSuccess(['id' => (int)$db->lastInsertId()], 'Note added.');