Cedric/mon-petit-cinema
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Actualiser api.php

Browse Source
This commit is contained in:
Cedric
2026-06-19 10:13:36 +02:00
parent 644a4bc78b
commit 11199ee774
1 changed files with 52 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api.php
+52 -36
View File
@@ -19,7 +19,7 @@ try {
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
]); ]);
// Création des tables si elles n'existent pas // Création des tables (ajout de la table config)
$pdo->exec("CREATE TABLE IF NOT EXISTS users ( $pdo->exec("CREATE TABLE IF NOT EXISTS users (
id INT PRIMARY KEY, username VARCHAR(50) NOT NULL, password_hash VARCHAR(255) NOT NULL id INT PRIMARY KEY, username VARCHAR(50) NOT NULL, password_hash VARCHAR(255) NOT NULL
)"); )");
@@ -64,17 +64,23 @@ function checkAuth($pdo) {
// ── FONCTIONS TMDB & CHIFFREMENT ── // ── FONCTIONS TMDB & CHIFFREMENT ──
function tmdbHttpGet($url) { function encryptData($data) {
if (function_exists('curl_init')) { $iv = openssl_random_pseudo_bytes(16);
$ch = curl_init(); $key = hash('sha256', ENCRYPTION_KEY, true);
curl_setopt($ch, CURLOPT_URL, $url); $encrypted = openssl_encrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); return base64_encode($encrypted . '::' . $iv);
curl_setopt($ch, CURLOPT_TIMEOUT, 5); }
$res = curl_exec($ch);
curl_close($ch); function decryptData($encryptedStr) {
return $res; $decoded = base64_decode($encryptedStr);
if (strpos($decoded, '::') !== false) {
list($encData, $iv) = explode('::', $decoded, 2);
} else {
return null;
} }
return @file_get_contents($url); $key = hash('sha256', ENCRYPTION_KEY, true);
$iv = substr($iv, 0, 16);
return openssl_decrypt($encData, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
} }
function getTmdbApiKey($pdo) { function getTmdbApiKey($pdo) {
@@ -82,31 +88,21 @@ function getTmdbApiKey($pdo) {
$stmt->execute(); $stmt->execute();
$row = $stmt->fetch(); $row = $stmt->fetch();
if (!$row) return null; if (!$row) return null;
return decryptData($row['key_value']);
$encrypted = $row['key_value'];
$decoded = base64_decode($encrypted);
// Séparation des données et du IV (format base64(data::iv))
if (strpos($decoded, '::') !== false) {
list($encData, $iv) = explode('::', $decoded, 2);
} else {
$encData = $decoded;
$iv = str_repeat("\0", 16);
}
// ⚠️ ADAPTEZ CETTE PARTIE SI VOTRE MÉTHODE DE CHIFFREMENT CÔTÉ FRONT EST DIFFÉRENTE
$key = hash('sha256', ENCRYPTION_KEY, true);
$iv = substr($iv, 0, 16);
$decrypted = openssl_decrypt($encData, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
return $decrypted ?: null;
} }
function fetchTmdbData($title, $year, $apiKey) { function fetchTmdbData($title, $year, $apiKey) {
if (empty($apiKey) || empty($title)) return null; if (empty($apiKey) || empty($title)) return null;
$searchUrl = "https://api.themoviedb.org/3/search/movie?api_key={$apiKey}&query=" . urlencode($title) . "&year={$year}&language=fr-FR"; $searchUrl = "https://api.themoviedb.org/3/search/movie?api_key={$apiKey}&query=" . urlencode($title) . "&year={$year}&language=fr-FR";
$searchRes = tmdbHttpGet($searchUrl); $searchRes = @file_get_contents($searchUrl);
if (!$searchRes && function_exists('curl_init')) {
$ch = curl_init($searchUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
$searchRes = curl_exec($ch);
curl_close($ch);
}
if (!$searchRes) return null; if (!$searchRes) return null;
$searchData = json_decode($searchRes, true); $searchData = json_decode($searchRes, true);
@@ -116,9 +112,16 @@ function fetchTmdbData($title, $year, $apiKey) {
$movieId = $movie['id']; $movieId = $movie['id'];
$poster = !empty($movie['poster_path']) ? "https://image.tmdb.org/t/p/w500" . $movie['poster_path'] : ''; $poster = !empty($movie['poster_path']) ? "https://image.tmdb.org/t/p/w500" . $movie['poster_path'] : '';
// Récupération du réalisateur
$creditsUrl = "https://api.themoviedb.org/3/movie/{$movieId}/credits?api_key={$apiKey}&language=fr-FR"; $creditsUrl = "https://api.themoviedb.org/3/movie/{$movieId}/credits?api_key={$apiKey}&language=fr-FR";
$creditsRes = tmdbHttpGet($creditsUrl); $creditsRes = @file_get_contents($creditsUrl);
if (!$creditsRes && function_exists('curl_init')) {
$ch = curl_init($creditsUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
$creditsRes = curl_exec($ch);
curl_close($ch);
}
$director = ''; $director = '';
if ($creditsRes) { if ($creditsRes) {
$creditsData = json_decode($creditsRes, true); $creditsData = json_decode($creditsRes, true);
@@ -132,10 +135,7 @@ function fetchTmdbData($title, $year, $apiKey) {
} }
} }
return [ return ['director' => $director, 'poster' => $poster];
'director' => $director,
'poster' => $poster
];
} }
// ── ROUTEUR PRINCIPAL ── // ── ROUTEUR PRINCIPAL ──
@@ -175,6 +175,22 @@ switch ($action) {
echo json_encode(["success" => true]); echo json_encode(["success" => true]);
break; break;
// ── NOUVELLE ACTION : SAUVEGARDE DE LA CLÉ EN BASE ──
case 'save_config':
checkAuth($pdo);
$keyName = $data['key_name'] ?? '';
$keyValue = $data['key_value'] ?? '';
if ($keyName === 'tmdb_api_key' && !empty($keyValue)) {
$encryptedValue = encryptData($keyValue);
$stmt = $pdo->prepare("REPLACE INTO config (key_name, key_value) VALUES (?, ?)");
$stmt->execute([$keyName, $encryptedValue]);
echo json_encode(["success" => true]);
} else {
http_response_code(400);
echo json_encode(["error" => "Données invalides."]);
}
break;
case 'get_films': case 'get_films':
$crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll(); $crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll();
$video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll(); $video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll();