removed legacy files

This commit is contained in:
2026-05-27 18:32:00 +02:00
parent 0f98393d1d
commit 9c887537e8
45 changed files with 91 additions and 6067 deletions

View File

@ -7,7 +7,7 @@
* GET ?clients=1 -> list of clients assigned to the authenticated coach
* POST -> submit interview answers for a client (coach / supervisor / admin).
* Re-posting the same clientCode + questionnaireID updates answers in place (re-edit).
* Mobile clients encrypt answers at rest on device; POST body is plaintext JSON over HTTPS.
* Sensitive POST/GET ?clients=1 bodies use encrypted payloads (HKDF from Bearer token).
*/
// Public app UI catalog for the login screen (no token, no PII).
@ -23,7 +23,7 @@ $tokenRec = require_valid_token();
if ($method === 'POST') {
require_role(['admin', 'supervisor', 'coach'], $tokenRec);
$body = read_json_body();
$body = read_encrypted_json_body($tokenRec['_token']);
require_fields($body, ['questionnaireID', 'clientCode', 'answers']);
$qnID = trim($body['questionnaireID']);
@ -259,7 +259,7 @@ if ($fetchClients) {
}, $clientCodes);
qdb_discard($tmpDb, $lockFp);
json_success(['coachID' => $coachID, 'clients' => $clients]);
json_success_sensitive(['coachID' => $coachID, 'clients' => $clients], $tokenRec['_token']);
}
if ($qnID) {