<?php
require_once __DIR__ . '/../config/db.php';
require_once __DIR__ . '/../config/auth.php';
$user = requireAuth();
$db   = getDB();

$jobCardId = (int)post('job_card_id', 0);
$lat       = (float)post('latitude', 0);
$lng       = (float)post('longitude', 0);
if (!$jobCardId) apiError('Job card ID required.', 422);
if (!$lat || !$lng) apiError('Coordinates required.', 422);

$db->prepare("INSERT INTO job_card_locations (job_card_id,user_id,latitude,longitude,accuracy,event_type) VALUES (?,?,?,?,?,?)")
   ->execute([$jobCardId, $user['id'], $lat, $lng, post('accuracy'), post('event_type','manual')]);

apiSuccess(['id' => (int)$db->lastInsertId()], 'Location saved.');