Deploy from Lumerel

public/save.php

@@ -0,0 +1,111 @@
+<?php
+session_start();
+require_once __DIR__ . '/../src/db.php';
+
+header('Content-Type: application/json');
+
+if (!isset($_SESSION['onboarding_token'])) {
+    http_response_code(400);
+    echo json_encode(['error' => 'No session found']);
+    exit;
+}
+
+$token = $_SESSION['onboarding_token'];
+
+try {
+    // Prepare update data
+    $updates = [];
+    $params = [];
+    
+    // Company branding fields
+    if (isset($_POST['company_name'])) {
+        $updates[] = 'company_name = ?';
+        $params[] = $_POST['company_name'];
+    }
+    if (isset($_POST['primary_color'])) {
+        $updates[] = 'primary_color = ?';
+        $params[] = $_POST['primary_color'];
+    }
+    if (isset($_POST['secondary_color'])) {
+        $updates[] = 'secondary_color = ?';
+        $params[] = $_POST['secondary_color'];
+    }
+    if (isset($_POST['industry'])) {
+        $updates[] = 'industry = ?';
+        $params[] = $_POST['industry'];
+    }
+    if (isset($_POST['company_tagline'])) {
+        $updates[] = 'company_tagline = ?';
+        $params[] = $_POST['company_tagline'];
+    }
+    
+    // Quote preferences fields
+    if (isset($_POST['quote_format'])) {
+        $updates[] = 'quote_format = ?';
+        $params[] = $_POST['quote_format'];
+    }
+    if (isset($_POST['payment_terms'])) {
+        $updates[] = 'payment_terms = ?';
+        $params[] = $_POST['payment_terms'];
+    }
+    if (isset($_POST['quote_validity_days'])) {
+        $updates[] = 'quote_validity_days = ?';
+        $params[] = intval($_POST['quote_validity_days']);
+    }
+    
+    // Checkboxes (handle unchecked state)
+    $updates[] = 'show_itemized_pricing = ?';
+    $params[] = isset($_POST['show_itemized_pricing']) ? 1 : 0;
+    
+    $updates[] = 'include_terms_conditions = ?';
+    $params[] = isset($_POST['include_terms_conditions']) ? 1 : 0;
+    
+    // Contact information fields
+    if (isset($_POST['contact_name'])) {
+        $updates[] = 'contact_name = ?';
+        $params[] = $_POST['contact_name'];
+    }
+    if (isset($_POST['contact_email'])) {
+        $updates[] = 'contact_email = ?';
+        $params[] = $_POST['contact_email'];
+    }
+    if (isset($_POST['contact_phone'])) {
+        $updates[] = 'contact_phone = ?';
+        $params[] = $_POST['contact_phone'];
+    }
+    if (isset($_POST['contact_address'])) {
+        $updates[] = 'contact_address = ?';
+        $params[] = $_POST['contact_address'];
+    }
+    if (isset($_POST['website'])) {
+        $updates[] = 'website = ?';
+        $params[] = $_POST['website'];
+    }
+    
+    // Update current step
+    if (isset($_POST['current_step'])) {
+        $updates[] = 'current_step = ?';
+        $params[] = intval($_POST['current_step']);
+    }
+    
+    // Mark as completed if requested
+    if (isset($_POST['complete'])) {
+        $updates[] = 'completed = 1';
+    }
+    
+    if (!empty($updates)) {
+        $sql = "UPDATE onboarding_sessions SET " . implode(', ', $updates) . " WHERE session_token = ?";
+        $params[] = $token;
+        
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute($params);
+        
+        echo json_encode(['success' => true]);
+    } else {
+        echo json_encode(['success' => true, 'message' => 'No updates']);
+    }
+    
+} catch (PDOException $e) {
+    http_response_code(500);
+    echo json_encode(['error' => 'Database error: ' . $e->getMessage()]);
+}