exec("UPDATE invoices SET status = 'overdue' WHERE status = 'issued' AND due_date < CURDATE()"); } switch ($method) { case 'GET': requirePermission($authData, 'invoices.view'); switch ($action) { case 'detail': if (!$id) { errorResponse('ID faktury je povinné'); } handleGetDetail($pdo, $id); break; case 'next_number': requirePermission($authData, 'invoices.create'); handleGetNextNumber($pdo); break; case 'order_data': requirePermission($authData, 'invoices.create'); if (!$id) { errorResponse('ID objednávky je povinné'); } handleGetOrderData($pdo, $id); break; case 'stats': requirePermission($authData, 'invoices.view'); handleGetStats($pdo); break; default: handleGetList($pdo); } break; case 'POST': requirePermission($authData, 'invoices.create'); handleCreateInvoice($pdo, $authData); break; case 'PUT': requirePermission($authData, 'invoices.edit'); if (!$id) { errorResponse('ID faktury je povinné'); } handleUpdateInvoice($pdo, $id); break; case 'DELETE': requirePermission($authData, 'invoices.delete'); if (!$id) { errorResponse('ID faktury je povinné'); } handleDeleteInvoice($pdo, $id); break; default: errorResponse('Metoda není povolena', 405); } } catch (PDOException $e) { error_log('Invoices API error: ' . $e->getMessage()); if (DEBUG_MODE) { errorResponse('Chyba databáze: ' . $e->getMessage(), 500); } else { errorResponse('Chyba databáze', 500); } } // --- Status transitions --- /** @return list */