Cedric/mon-petit-cinema
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Actualiser api.php

Browse Source
This commit is contained in:
Cedric
2026-06-18 16:46:13 +02:00
parent 0daac45b37
commit 60324ff735
1 changed files with 55 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api.php
+55 -7
View File
@@ -16,13 +16,49 @@ try {
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
]);
// NOUVEAU : Création automatique des tables si elles n'existent pas
// Cela évite les erreurs SQL lors de la toute première exécution de l'application
$pdo->exec("CREATE TABLE IF NOT EXISTS users (
id INT PRIMARY KEY,
username VARCHAR(50) NOT NULL,
password_hash VARCHAR(255) NOT NULL
)");
$pdo->exec("CREATE TABLE IF NOT EXISTS critiques (
id BIGINT PRIMARY KEY,
title VARCHAR(255) NOT NULL,
year VARCHAR(10),
director VARCHAR(255),
poster TEXT,
rating INT DEFAULT 3,
review TEXT,
streaming VARCHAR(255)
)");
$pdo->exec("CREATE TABLE IF NOT EXISTS videotheque (
id BIGINT PRIMARY KEY,
title VARCHAR(255) NOT NULL,
year VARCHAR(10),
director VARCHAR(255),
poster TEXT,
format VARCHAR(50),
length VARCHAR(50),
publisher VARCHAR(255),
ean_isbn13 VARCHAR(50),
number_of_discs INT DEFAULT 1,
aspect_ratio VARCHAR(50),
description TEXT
)");
} catch (\PDOException $e) {
echo json_encode(["error" => "Erreur BDD : " . $e->getMessage()]);
exit;
}
// CORRECTION : Protection contre les valeurs nulles
function makeStableId($title, $year) {
$key = strtolower(trim($title)) . '|' . trim($year);
$key = strtolower(trim($title ?? '')) . '|' . trim($year ?? '');
return (abs(crc32($key)) % 2000000000) + 100000000;
}
@@ -42,7 +78,6 @@ $action = $_GET['action'] ?? '';
$data = json_decode(file_get_contents('php://input'), true) ?? [];
switch ($action) {
// NOUVEAU : Endpoint pour vérifier si un admin existe (évite le crash de admin.js)
case 'check_security_status':
$stmt = $pdo->query("SELECT COUNT(*) FROM users");
echo json_encode(["is_blank" => ($stmt->fetchColumn() == 0)]);
@@ -75,7 +110,6 @@ switch ($action) {
break;
case 'get_films':
// CORRECTION : Utilisation de ORDER BY id DESC au cas où created_at n'existe pas
$crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll();
$video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll();
echo json_encode(array_merge($crit, $video));
@@ -86,20 +120,29 @@ switch ($action) {
$type = $data['type'] ?? 'critique';
$table = ($type === 'videotheque') ? 'videotheque' : 'critiques';
$id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'], $data['year'] ?? '0000');
// CORRECTION : Protection avec `?? ''` sur les champs title et year
$id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'] ?? '', $data['year'] ?? '0000');
if ($type === 'critique') {
$sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), rating=VALUES(rating), review=VALUES(review), streaming=VALUES(streaming)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$id, $data['title'], $data['year'], $data['director'], $data['poster'], $data['rating'], $data['review'], $data['streaming']]);
$stmt->execute([
$id, $data['title'] ?? '', $data['year'] ?? '', $data['director'] ?? '',
$data['poster'] ?? '', $data['rating'] ?? 3, $data['review'] ?? '', $data['streaming'] ?? ''
]);
} else {
$sql = "INSERT INTO videotheque (id, title, year, director, poster, format, length, publisher, ean_isbn13, number_of_discs, aspect_ratio, description)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), format=VALUES(format), length=VALUES(length), publisher=VALUES(publisher), ean_isbn13=VALUES(ean_isbn13), number_of_discs=VALUES(number_of_discs), aspect_ratio=VALUES(aspect_ratio), description=VALUES(description)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$id, $data['title'], $data['year'], $data['director'], $data['poster'], $data['format'], $data['length'], $data['publisher'], $data['ean_isbn13'], $data['number_of_discs'], $data['aspect_ratio'], $data['description']]);
$stmt->execute([
$id, $data['title'] ?? '', $data['year'] ?? '', $data['director'] ?? '',
$data['poster'] ?? '', $data['format'] ?? '', $data['length'] ?? '',
$data['publisher'] ?? '', $data['ean_isbn13'] ?? '', $data['number_of_discs'] ?? 1,
$data['aspect_ratio'] ?? '', $data['description'] ?? ''
]);
}
echo json_encode(["success" => true]);
break;
@@ -124,12 +167,17 @@ switch ($action) {
case 'bulk_delete':
checkAuth($pdo);
$ids = $data['ids'] ?? [];
$table = ($data['type'] === 'videotheque') ? 'videotheque' : 'critiques';
// CORRECTION : Protection sur type pour éviter un warning PHP
$type = $data['type'] ?? 'critique';
$table = ($type === 'videotheque') ? 'videotheque' : 'critiques';
if (!empty($ids)) {
$placeholders = implode(',', array_fill(0, count($ids), '?'));
$stmt = $pdo->prepare("DELETE FROM $table WHERE id IN ($placeholders)");
$stmt->execute($ids);
echo json_encode(["success" => true]);
} else {
echo json_encode(["success" => false, "error" => "Aucun élément sélectionné."]);
}
break;