Actualiser api.php
This commit is contained in:
@@ -16,13 +16,49 @@ try {
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
|
||||
]);
|
||||
|
||||
// NOUVEAU : Création automatique des tables si elles n'existent pas
|
||||
// Cela évite les erreurs SQL lors de la toute première exécution de l'application
|
||||
$pdo->exec("CREATE TABLE IF NOT EXISTS users (
|
||||
id INT PRIMARY KEY,
|
||||
username VARCHAR(50) NOT NULL,
|
||||
password_hash VARCHAR(255) NOT NULL
|
||||
)");
|
||||
|
||||
$pdo->exec("CREATE TABLE IF NOT EXISTS critiques (
|
||||
id BIGINT PRIMARY KEY,
|
||||
title VARCHAR(255) NOT NULL,
|
||||
year VARCHAR(10),
|
||||
director VARCHAR(255),
|
||||
poster TEXT,
|
||||
rating INT DEFAULT 3,
|
||||
review TEXT,
|
||||
streaming VARCHAR(255)
|
||||
)");
|
||||
|
||||
$pdo->exec("CREATE TABLE IF NOT EXISTS videotheque (
|
||||
id BIGINT PRIMARY KEY,
|
||||
title VARCHAR(255) NOT NULL,
|
||||
year VARCHAR(10),
|
||||
director VARCHAR(255),
|
||||
poster TEXT,
|
||||
format VARCHAR(50),
|
||||
length VARCHAR(50),
|
||||
publisher VARCHAR(255),
|
||||
ean_isbn13 VARCHAR(50),
|
||||
number_of_discs INT DEFAULT 1,
|
||||
aspect_ratio VARCHAR(50),
|
||||
description TEXT
|
||||
)");
|
||||
|
||||
} catch (\PDOException $e) {
|
||||
echo json_encode(["error" => "Erreur BDD : " . $e->getMessage()]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// CORRECTION : Protection contre les valeurs nulles
|
||||
function makeStableId($title, $year) {
|
||||
$key = strtolower(trim($title)) . '|' . trim($year);
|
||||
$key = strtolower(trim($title ?? '')) . '|' . trim($year ?? '');
|
||||
return (abs(crc32($key)) % 2000000000) + 100000000;
|
||||
}
|
||||
|
||||
@@ -42,7 +78,6 @@ $action = $_GET['action'] ?? '';
|
||||
$data = json_decode(file_get_contents('php://input'), true) ?? [];
|
||||
|
||||
switch ($action) {
|
||||
// NOUVEAU : Endpoint pour vérifier si un admin existe (évite le crash de admin.js)
|
||||
case 'check_security_status':
|
||||
$stmt = $pdo->query("SELECT COUNT(*) FROM users");
|
||||
echo json_encode(["is_blank" => ($stmt->fetchColumn() == 0)]);
|
||||
@@ -75,7 +110,6 @@ switch ($action) {
|
||||
break;
|
||||
|
||||
case 'get_films':
|
||||
// CORRECTION : Utilisation de ORDER BY id DESC au cas où created_at n'existe pas
|
||||
$crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll();
|
||||
$video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll();
|
||||
echo json_encode(array_merge($crit, $video));
|
||||
@@ -86,20 +120,29 @@ switch ($action) {
|
||||
$type = $data['type'] ?? 'critique';
|
||||
$table = ($type === 'videotheque') ? 'videotheque' : 'critiques';
|
||||
|
||||
$id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'], $data['year'] ?? '0000');
|
||||
// CORRECTION : Protection avec `?? ''` sur les champs title et year
|
||||
$id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'] ?? '', $data['year'] ?? '0000');
|
||||
|
||||
if ($type === 'critique') {
|
||||
$sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?)
|
||||
ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), rating=VALUES(rating), review=VALUES(review), streaming=VALUES(streaming)";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute([$id, $data['title'], $data['year'], $data['director'], $data['poster'], $data['rating'], $data['review'], $data['streaming']]);
|
||||
$stmt->execute([
|
||||
$id, $data['title'] ?? '', $data['year'] ?? '', $data['director'] ?? '',
|
||||
$data['poster'] ?? '', $data['rating'] ?? 3, $data['review'] ?? '', $data['streaming'] ?? ''
|
||||
]);
|
||||
} else {
|
||||
$sql = "INSERT INTO videotheque (id, title, year, director, poster, format, length, publisher, ean_isbn13, number_of_discs, aspect_ratio, description)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||||
ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), format=VALUES(format), length=VALUES(length), publisher=VALUES(publisher), ean_isbn13=VALUES(ean_isbn13), number_of_discs=VALUES(number_of_discs), aspect_ratio=VALUES(aspect_ratio), description=VALUES(description)";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute([$id, $data['title'], $data['year'], $data['director'], $data['poster'], $data['format'], $data['length'], $data['publisher'], $data['ean_isbn13'], $data['number_of_discs'], $data['aspect_ratio'], $data['description']]);
|
||||
$stmt->execute([
|
||||
$id, $data['title'] ?? '', $data['year'] ?? '', $data['director'] ?? '',
|
||||
$data['poster'] ?? '', $data['format'] ?? '', $data['length'] ?? '',
|
||||
$data['publisher'] ?? '', $data['ean_isbn13'] ?? '', $data['number_of_discs'] ?? 1,
|
||||
$data['aspect_ratio'] ?? '', $data['description'] ?? ''
|
||||
]);
|
||||
}
|
||||
echo json_encode(["success" => true]);
|
||||
break;
|
||||
@@ -124,12 +167,17 @@ switch ($action) {
|
||||
case 'bulk_delete':
|
||||
checkAuth($pdo);
|
||||
$ids = $data['ids'] ?? [];
|
||||
$table = ($data['type'] === 'videotheque') ? 'videotheque' : 'critiques';
|
||||
// CORRECTION : Protection sur type pour éviter un warning PHP
|
||||
$type = $data['type'] ?? 'critique';
|
||||
$table = ($type === 'videotheque') ? 'videotheque' : 'critiques';
|
||||
|
||||
if (!empty($ids)) {
|
||||
$placeholders = implode(',', array_fill(0, count($ids), '?'));
|
||||
$stmt = $pdo->prepare("DELETE FROM $table WHERE id IN ($placeholders)");
|
||||
$stmt->execute($ids);
|
||||
echo json_encode(["success" => true]);
|
||||
} else {
|
||||
echo json_encode(["success" => false, "error" => "Aucun élément sélectionné."]);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user