Cedric/mon-petit-cinema
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Actualiser api.php

Browse Source
This commit is contained in:
Cedric
2026-06-18 16:46:13 +02:00
parent 0daac45b37
commit 60324ff735
1 changed files with 55 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api.php
+55 -7
View File
@@ -16,13 +16,49 @@ try {
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
]); ]);
// NOUVEAU : Création automatique des tables si elles n'existent pas
// Cela évite les erreurs SQL lors de la toute première exécution de l'application
$pdo->exec("CREATE TABLE IF NOT EXISTS users (
id INT PRIMARY KEY,
username VARCHAR(50) NOT NULL,
password_hash VARCHAR(255) NOT NULL
)");
$pdo->exec("CREATE TABLE IF NOT EXISTS critiques (
id BIGINT PRIMARY KEY,
title VARCHAR(255) NOT NULL,
year VARCHAR(10),
director VARCHAR(255),
poster TEXT,
rating INT DEFAULT 3,
review TEXT,
streaming VARCHAR(255)
)");
$pdo->exec("CREATE TABLE IF NOT EXISTS videotheque (
id BIGINT PRIMARY KEY,
title VARCHAR(255) NOT NULL,
year VARCHAR(10),
director VARCHAR(255),
poster TEXT,
format VARCHAR(50),
length VARCHAR(50),
publisher VARCHAR(255),
ean_isbn13 VARCHAR(50),
number_of_discs INT DEFAULT 1,
aspect_ratio VARCHAR(50),
description TEXT
)");
} catch (\PDOException $e) { } catch (\PDOException $e) {
echo json_encode(["error" => "Erreur BDD : " . $e->getMessage()]); echo json_encode(["error" => "Erreur BDD : " . $e->getMessage()]);
exit; exit;
} }
// CORRECTION : Protection contre les valeurs nulles
function makeStableId($title, $year) { function makeStableId($title, $year) {
$key = strtolower(trim($title)) . '|' . trim($year); $key = strtolower(trim($title ?? '')) . '|' . trim($year ?? '');
return (abs(crc32($key)) % 2000000000) + 100000000; return (abs(crc32($key)) % 2000000000) + 100000000;
} }
@@ -42,7 +78,6 @@ $action = $_GET['action'] ?? '';
$data = json_decode(file_get_contents('php://input'), true) ?? []; $data = json_decode(file_get_contents('php://input'), true) ?? [];
switch ($action) { switch ($action) {
// NOUVEAU : Endpoint pour vérifier si un admin existe (évite le crash de admin.js)
case 'check_security_status': case 'check_security_status':
$stmt = $pdo->query("SELECT COUNT(*) FROM users"); $stmt = $pdo->query("SELECT COUNT(*) FROM users");
echo json_encode(["is_blank" => ($stmt->fetchColumn() == 0)]); echo json_encode(["is_blank" => ($stmt->fetchColumn() == 0)]);
@@ -75,7 +110,6 @@ switch ($action) {
break; break;
case 'get_films': case 'get_films':
// CORRECTION : Utilisation de ORDER BY id DESC au cas où created_at n'existe pas
$crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll(); $crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll();
$video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll(); $video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll();
echo json_encode(array_merge($crit, $video)); echo json_encode(array_merge($crit, $video));
@@ -86,20 +120,29 @@ switch ($action) {
$type = $data['type'] ?? 'critique'; $type = $data['type'] ?? 'critique';
$table = ($type === 'videotheque') ? 'videotheque' : 'critiques'; $table = ($type === 'videotheque') ? 'videotheque' : 'critiques';
$id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'], $data['year'] ?? '0000'); // CORRECTION : Protection avec `?? ''` sur les champs title et year
$id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'] ?? '', $data['year'] ?? '0000');
if ($type === 'critique') { if ($type === 'critique') {
$sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming) $sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming)
VALUES (?, ?, ?, ?, ?, ?, ?, ?) VALUES (?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), rating=VALUES(rating), review=VALUES(review), streaming=VALUES(streaming)"; ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), rating=VALUES(rating), review=VALUES(review), streaming=VALUES(streaming)";
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$stmt->execute([$id, $data['title'], $data['year'], $data['director'], $data['poster'], $data['rating'], $data['review'], $data['streaming']]); $stmt->execute([
$id, $data['title'] ?? '', $data['year'] ?? '', $data['director'] ?? '',
$data['poster'] ?? '', $data['rating'] ?? 3, $data['review'] ?? '', $data['streaming'] ?? ''
]);
} else { } else {
$sql = "INSERT INTO videotheque (id, title, year, director, poster, format, length, publisher, ean_isbn13, number_of_discs, aspect_ratio, description) $sql = "INSERT INTO videotheque (id, title, year, director, poster, format, length, publisher, ean_isbn13, number_of_discs, aspect_ratio, description)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), format=VALUES(format), length=VALUES(length), publisher=VALUES(publisher), ean_isbn13=VALUES(ean_isbn13), number_of_discs=VALUES(number_of_discs), aspect_ratio=VALUES(aspect_ratio), description=VALUES(description)"; ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), format=VALUES(format), length=VALUES(length), publisher=VALUES(publisher), ean_isbn13=VALUES(ean_isbn13), number_of_discs=VALUES(number_of_discs), aspect_ratio=VALUES(aspect_ratio), description=VALUES(description)";
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$stmt->execute([$id, $data['title'], $data['year'], $data['director'], $data['poster'], $data['format'], $data['length'], $data['publisher'], $data['ean_isbn13'], $data['number_of_discs'], $data['aspect_ratio'], $data['description']]); $stmt->execute([
$id, $data['title'] ?? '', $data['year'] ?? '', $data['director'] ?? '',
$data['poster'] ?? '', $data['format'] ?? '', $data['length'] ?? '',
$data['publisher'] ?? '', $data['ean_isbn13'] ?? '', $data['number_of_discs'] ?? 1,
$data['aspect_ratio'] ?? '', $data['description'] ?? ''
]);
} }
echo json_encode(["success" => true]); echo json_encode(["success" => true]);
break; break;
@@ -124,12 +167,17 @@ switch ($action) {
case 'bulk_delete': case 'bulk_delete':
checkAuth($pdo); checkAuth($pdo);
$ids = $data['ids'] ?? []; $ids = $data['ids'] ?? [];
$table = ($data['type'] === 'videotheque') ? 'videotheque' : 'critiques'; // CORRECTION : Protection sur type pour éviter un warning PHP
$type = $data['type'] ?? 'critique';
$table = ($type === 'videotheque') ? 'videotheque' : 'critiques';
if (!empty($ids)) { if (!empty($ids)) {
$placeholders = implode(',', array_fill(0, count($ids), '?')); $placeholders = implode(',', array_fill(0, count($ids), '?'));
$stmt = $pdo->prepare("DELETE FROM $table WHERE id IN ($placeholders)"); $stmt = $pdo->prepare("DELETE FROM $table WHERE id IN ($placeholders)");
$stmt->execute($ids); $stmt->execute($ids);
echo json_encode(["success" => true]); echo json_encode(["success" => true]);
} else {
echo json_encode(["success" => false, "error" => "Aucun élément sélectionné."]);
} }
break; break;