From 79e4049b5cac966d452cf0c31c2a7a2c781802af Mon Sep 17 00:00:00 2001
From: Cedric <cedric.chagnaud@gmail.com>
Date: Thu, 18 Jun 2026 16:40:36 +0200
Subject: [PATCH] Actualiser api.php

---
 api.php | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/api.php b/api.php
index d564d39..82a101f 100644
--- a/api.php
+++ b/api.php
@@ -42,6 +42,7 @@ $action = $_GET['action'] ?? '';
 $data = json_decode(file_get_contents('php://input'), true) ?? [];
 
 switch ($action) {
+    // NOUVEAU : Endpoint pour vérifier si un admin existe (évite le crash de admin.js)
     case 'check_security_status':
         $stmt = $pdo->query("SELECT COUNT(*) FROM users");
         echo json_encode(["is_blank" => ($stmt->fetchColumn() == 0)]);
@@ -74,8 +75,9 @@ switch ($action) {
         break;
 
     case 'get_films':
-        $crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY created_at DESC")->fetchAll();
-        $video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY created_at DESC")->fetchAll();
+        // CORRECTION : Utilisation de ORDER BY id DESC au cas où created_at n'existe pas
+        $crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll();
+        $video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll();
         echo json_encode(array_merge($crit, $video));
         break;
 
@@ -86,7 +88,6 @@ switch ($action) {
         
         $id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'], $data['year'] ?? '0000');
         
-        // CORRECTION : Utilisation de ON DUPLICATE KEY UPDATE pour préserver les colonnes non listées (ex: created_at)
         if ($type === 'critique') {
             $sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming) 
                     VALUES (?, ?, ?, ?, ?, ?, ?, ?) 
@@ -117,13 +118,7 @@ switch ($action) {
     
         $stmt = $pdo->prepare("DELETE FROM $table WHERE id = ?");
         $stmt->execute([$id]);
-    
-        if ($stmt->rowCount() === 0) {
-            http_response_code(404);
-            echo json_encode(["error" => "Aucun enregistrement trouvé avec cet ID."]);
-        } else {
-            echo json_encode(["success" => true]);
-        }
+        echo json_encode(["success" => true]);
         break;
 
     case 'bulk_delete':
@@ -138,7 +133,6 @@ switch ($action) {
         }
         break;
 
-    // CORRECTION : Ajout de l'endpoint manquant pour l'import CSV
     case 'import_csv':
         checkAuth($pdo);
         if (isset($_FILES['csv_file'])) {