added news CRUD functionality in moderation portal

public/api/contributions.php

@@ -38,6 +38,15 @@ switch ($action) {
     case 'vote':
         handle_vote($input);
         break;
+    case 'create_news':
+        handle_create_news($input);
+        break;
+    case 'update_news':
+        handle_update_news($input);
+        break;
+    case 'delete_news':
+        handle_delete_news($input);
+        break;
     default:
         error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.');
 }
@@ -357,4 +366,87 @@ function handle_vote($input) {
     } catch (PDOException $e) {
         error_response('Database Error: ' . $e->getMessage(), 500);
     }
+}
+
+
+// ---------------------------------------------------------------------
+// CREATE NEWS: Inserts new News Entry
+// Required: municipality_id, title, content
+// ---------------------------------------------------------------------
+function handle_create_news($input) {
+    $pdo = get_db();
+    $missing = validate_required($input, ['municipality_id', 'title', 'content']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    try {
+        $stmt = $pdo->prepare("
+            INSERT INTO news (municipality_id, title, content)
+            VALUES (:mid, :title, :content)
+        ");
+        $stmt->execute([
+            ':mid'     => $input['municipality_id'],
+            ':title'   => $input['title'],
+            ':content' => $input['content']
+        ]);
+        json_response(['message' => 'News created successfully.', 'news_id' => (int) $pdo->lastInsertId()], 201);
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
+}
+
+// ---------------------------------------------------------------------
+// UPDATE NEWS: Updates existing News Entry
+// Required: news_id
+// Optional: title, content
+// ---------------------------------------------------------------------
+function handle_update_news($input) {
+    $pdo = get_db();
+    $missing = validate_required($input, ['news_id']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    $set = [];
+    $params = [':id' => $input['news_id']];
+
+    foreach (['title', 'content'] as $field) {
+        if (isset($input[$field]) && $input[$field] !== '') {
+            $set[] = "$field = :$field";
+            $params[":$field"] = $input[$field];
+        }
+    }
+
+    if (empty($set)) {
+        error_response('No Fields to update.');
+    }
+
+    try {
+        $stmt = $pdo->prepare("UPDATE news SET " . implode(', ', $set) . " WHERE news_id = :id");
+        $stmt->execute($params);
+        json_response(['message' => 'News updated successfully.']);
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
+}
+
+// ---------------------------------------------------------------------
+// DELETE NEWS: Deletes existing News Entry
+// Required: news_id
+// ---------------------------------------------------------------------
+function handle_delete_news($input) {
+    $pdo = get_db();
+    $missing = validate_required($input, ['news_id']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    try {
+        $stmt = $pdo->prepare("DELETE FROM news WHERE news_id = :id");
+        $stmt->execute([':id' => $input['news_id']]);
+        json_response(['message' => 'News deleted successfully.']);
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
 }