false, 'error' => 'Invalid input']); exit; } // Ensure project belongs to this user $stmt = $pdo->prepare("SELECT id FROM projects WHERE id = ? AND user_id = ? LIMIT 1"); $stmt->execute([$project_id, $user_id]); if (!$stmt->fetchColumn()) { http_response_code(403); echo json_encode(['success' => false, 'error' => 'Forbidden']); exit; } $stmt = $pdo->prepare("INSERT INTO tasks (user_id, project_id, name) VALUES (?, ?, ?)"); $stmt->execute([$user_id, $project_id, $name]); echo json_encode(['success' => true, 'id' => $pdo->lastInsertId()]);