payfrit-api/api/chat/sendMessage.php

<?php
require_once __DIR__ . '/../helpers.php';
runAuth();

/**
 * Send a chat message
 * POST: { TaskID, Message, SenderType?, UserID? }
 */

$data = readJsonBody();
$taskID = (int) ($data['TaskID'] ?? 0);
$message = trim($data['Message'] ?? '');
$senderType = strtolower(trim($data['SenderType'] ?? 'customer'));
$userID = (int) ($data['UserID'] ?? 0);

global $userId;
if ($userID <= 0) $userID = $userId;

if ($taskID <= 0) {
    apiAbort(['OK' => false, 'ERROR' => 'missing_params', 'MESSAGE' => 'TaskID is required']);
}
if (empty($message)) {
    apiAbort(['OK' => false, 'ERROR' => 'missing_params', 'MESSAGE' => 'Message is required']);
}
if ($userID <= 0) {
    apiAbort(['OK' => false, 'ERROR' => 'missing_params', 'MESSAGE' => 'UserID is required']);
}

if ($senderType !== 'customer' && $senderType !== 'worker') {
    $senderType = 'customer';
}

try {
    // Verify task exists and is still open
    $taskQuery = queryOne("
        SELECT ID, ClaimedByUserID, CompletedOn FROM Tasks WHERE ID = ?
    ", [$taskID]);

    if (!$taskQuery) {
        apiAbort(['OK' => false, 'ERROR' => 'not_found', 'MESSAGE' => 'Task not found']);
    }

    if (!empty(trim($taskQuery['CompletedOn'] ?? ''))) {
        apiAbort(['OK' => false, 'ERROR' => 'chat_closed', 'MESSAGE' => 'This chat has ended']);
    }

    // Insert message
    queryTimed("
        INSERT INTO ChatMessages (TaskID, SenderUserID, SenderType, MessageBody)
        VALUES (?, ?, ?, ?)
    ", [$taskID, $userID, $senderType, $message]);

    $messageID = (int) lastInsertId();

    jsonResponse([
        'OK' => true,
        'MessageID' => $messageID,
        'MESSAGE' => 'Message sent',
    ]);

} catch (Exception $e) {
    jsonResponse(['OK' => false, 'ERROR' => 'server_error', 'MESSAGE' => $e->getMessage()]);
}