Actualiser api.php
This commit is contained in:
@@ -19,7 +19,7 @@ try {
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
|
||||
]);
|
||||
|
||||
// Création des tables si elles n'existent pas
|
||||
// Création des tables (ajout de la table config)
|
||||
$pdo->exec("CREATE TABLE IF NOT EXISTS users (
|
||||
id INT PRIMARY KEY, username VARCHAR(50) NOT NULL, password_hash VARCHAR(255) NOT NULL
|
||||
)");
|
||||
@@ -64,17 +64,23 @@ function checkAuth($pdo) {
|
||||
|
||||
// ── FONCTIONS TMDB & CHIFFREMENT ──
|
||||
|
||||
function tmdbHttpGet($url) {
|
||||
if (function_exists('curl_init')) {
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
|
||||
$res = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
return $res;
|
||||
function encryptData($data) {
|
||||
$iv = openssl_random_pseudo_bytes(16);
|
||||
$key = hash('sha256', ENCRYPTION_KEY, true);
|
||||
$encrypted = openssl_encrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
|
||||
return base64_encode($encrypted . '::' . $iv);
|
||||
}
|
||||
return @file_get_contents($url);
|
||||
|
||||
function decryptData($encryptedStr) {
|
||||
$decoded = base64_decode($encryptedStr);
|
||||
if (strpos($decoded, '::') !== false) {
|
||||
list($encData, $iv) = explode('::', $decoded, 2);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
$key = hash('sha256', ENCRYPTION_KEY, true);
|
||||
$iv = substr($iv, 0, 16);
|
||||
return openssl_decrypt($encData, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
|
||||
}
|
||||
|
||||
function getTmdbApiKey($pdo) {
|
||||
@@ -82,31 +88,21 @@ function getTmdbApiKey($pdo) {
|
||||
$stmt->execute();
|
||||
$row = $stmt->fetch();
|
||||
if (!$row) return null;
|
||||
|
||||
$encrypted = $row['key_value'];
|
||||
$decoded = base64_decode($encrypted);
|
||||
|
||||
// Séparation des données et du IV (format base64(data::iv))
|
||||
if (strpos($decoded, '::') !== false) {
|
||||
list($encData, $iv) = explode('::', $decoded, 2);
|
||||
} else {
|
||||
$encData = $decoded;
|
||||
$iv = str_repeat("\0", 16);
|
||||
}
|
||||
|
||||
// ⚠️ ADAPTEZ CETTE PARTIE SI VOTRE MÉTHODE DE CHIFFREMENT CÔTÉ FRONT EST DIFFÉRENTE
|
||||
$key = hash('sha256', ENCRYPTION_KEY, true);
|
||||
$iv = substr($iv, 0, 16);
|
||||
|
||||
$decrypted = openssl_decrypt($encData, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
|
||||
return $decrypted ?: null;
|
||||
return decryptData($row['key_value']);
|
||||
}
|
||||
|
||||
function fetchTmdbData($title, $year, $apiKey) {
|
||||
if (empty($apiKey) || empty($title)) return null;
|
||||
|
||||
$searchUrl = "https://api.themoviedb.org/3/search/movie?api_key={$apiKey}&query=" . urlencode($title) . "&year={$year}&language=fr-FR";
|
||||
$searchRes = tmdbHttpGet($searchUrl);
|
||||
$searchRes = @file_get_contents($searchUrl);
|
||||
if (!$searchRes && function_exists('curl_init')) {
|
||||
$ch = curl_init($searchUrl);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
|
||||
$searchRes = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
}
|
||||
if (!$searchRes) return null;
|
||||
|
||||
$searchData = json_decode($searchRes, true);
|
||||
@@ -116,9 +112,16 @@ function fetchTmdbData($title, $year, $apiKey) {
|
||||
$movieId = $movie['id'];
|
||||
$poster = !empty($movie['poster_path']) ? "https://image.tmdb.org/t/p/w500" . $movie['poster_path'] : '';
|
||||
|
||||
// Récupération du réalisateur
|
||||
$creditsUrl = "https://api.themoviedb.org/3/movie/{$movieId}/credits?api_key={$apiKey}&language=fr-FR";
|
||||
$creditsRes = tmdbHttpGet($creditsUrl);
|
||||
$creditsRes = @file_get_contents($creditsUrl);
|
||||
if (!$creditsRes && function_exists('curl_init')) {
|
||||
$ch = curl_init($creditsUrl);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
|
||||
$creditsRes = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
}
|
||||
|
||||
$director = '';
|
||||
if ($creditsRes) {
|
||||
$creditsData = json_decode($creditsRes, true);
|
||||
@@ -132,10 +135,7 @@ function fetchTmdbData($title, $year, $apiKey) {
|
||||
}
|
||||
}
|
||||
|
||||
return [
|
||||
'director' => $director,
|
||||
'poster' => $poster
|
||||
];
|
||||
return ['director' => $director, 'poster' => $poster];
|
||||
}
|
||||
|
||||
// ── ROUTEUR PRINCIPAL ──
|
||||
@@ -175,6 +175,22 @@ switch ($action) {
|
||||
echo json_encode(["success" => true]);
|
||||
break;
|
||||
|
||||
// ── NOUVELLE ACTION : SAUVEGARDE DE LA CLÉ EN BASE ──
|
||||
case 'save_config':
|
||||
checkAuth($pdo);
|
||||
$keyName = $data['key_name'] ?? '';
|
||||
$keyValue = $data['key_value'] ?? '';
|
||||
if ($keyName === 'tmdb_api_key' && !empty($keyValue)) {
|
||||
$encryptedValue = encryptData($keyValue);
|
||||
$stmt = $pdo->prepare("REPLACE INTO config (key_name, key_value) VALUES (?, ?)");
|
||||
$stmt->execute([$keyName, $encryptedValue]);
|
||||
echo json_encode(["success" => true]);
|
||||
} else {
|
||||
http_response_code(400);
|
||||
echo json_encode(["error" => "Données invalides."]);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'get_films':
|
||||
$crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll();
|
||||
$video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll();
|
||||
|
||||
Reference in New Issue
Block a user