From d40b03641a0751d98db499678ce5383fe82d19d8 Mon Sep 17 00:00:00 2001 From: Cedric Date: Tue, 30 Jun 2026 16:54:56 +0200 Subject: [PATCH] Actualiser api.php --- api.php | 59 +++++++++++++++++---------------------------------------- 1 file changed, 17 insertions(+), 42 deletions(-) diff --git a/api.php b/api.php index c472d58..5c82709 100644 --- a/api.php +++ b/api.php @@ -1,17 +1,16 @@ +PHP PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC ]); - $pdo->exec("CREATE TABLE IF NOT EXISTS users (id INT PRIMARY KEY, username VARCHAR(50) NOT NULL, password_hash VARCHAR(255) NOT NULL)"); - $pdo->exec("CREATE TABLE IF NOT EXISTS config (key_name VARCHAR(50) PRIMARY KEY, key_value TEXT NOT NULL)"); - $pdo->exec("CREATE TABLE IF NOT EXISTS critiques (id BIGINT PRIMARY KEY, title VARCHAR(255) NOT NULL, year VARCHAR(10), director VARCHAR(255), poster TEXT, rating DECIMAL(3,1) DEFAULT 3.0, review TEXT, streaming VARCHAR(255))"); - try { $pdo->exec("ALTER TABLE critiques MODIFY COLUMN rating DECIMAL(3,1) DEFAULT 3.0"); } catch (\Exception $e) {} - $pdo->exec("CREATE TABLE IF NOT EXISTS videotheque (id BIGINT PRIMARY KEY, title VARCHAR(255) NOT NULL, year VARCHAR(10), director VARCHAR(255), poster TEXT, format VARCHAR(50), length VARCHAR(50), publisher VARCHAR(255), ean_isbn13 VARCHAR(50), number_of_discs INT DEFAULT 1, aspect_ratio VARCHAR(50), description TEXT, actors TEXT)"); - try { $pdo->exec("ALTER TABLE videotheque ADD COLUMN actors TEXT AFTER description"); } catch (\Exception $e) {} -} catch (\PDOException $e) { echo json_encode(["error" => "Erreur BDD : " . $e->getMessage()]); exit; } - -// ── FONCTIONS UTILITAIRES ── -function makeStableId($type, $title, $year) { - return (abs(crc32(strtolower(trim($type ?? '')) . '|' . strtolower(trim($title ?? '')) . '|' . trim($year ?? ''))) % 2000000000) + 100000000; -} + // Initialisation BDD simplifiée + $pdo->exec("CREATE TABLE IF NOT EXISTS users (id INT PRIMARY KEY, username VARCHAR(50), password_hash VARCHAR(255))"); + $pdo->exec("CREATE TABLE IF NOT EXISTS config (key_name VARCHAR(50) PRIMARY KEY, key_value TEXT)"); + $pdo->exec("CREATE TABLE IF NOT EXISTS critiques (id BIGINT PRIMARY KEY, title VARCHAR(255), year VARCHAR(10), director VARCHAR(255), poster TEXT, rating DECIMAL(3,1), review TEXT, streaming VARCHAR(255))"); + $pdo->exec("CREATE TABLE IF NOT EXISTS videotheque (id BIGINT PRIMARY KEY, title VARCHAR(255), year VARCHAR(10), director VARCHAR(255), poster TEXT, format VARCHAR(50), length VARCHAR(50), publisher VARCHAR(255), ean_isbn13 VARCHAR(50), number_of_discs INT DEFAULT 1, aspect_ratio VARCHAR(50), description TEXT, actors TEXT)"); +} catch (PDOException $e) { die(json_encode(["error" => "Connexion BDD échouée"])); } +// --- Fonctions Utilitaires --- function checkAuth($pdo) { if ($pdo->query("SELECT COUNT(*) FROM users")->fetchColumn() == 0) return true; $token = $_SERVER['HTTP_AUTHORIZATION'] ?? ''; - if (empty($token) && function_exists('apache_request_headers')) { - $headers = apache_request_headers(); - $token = $headers['Authorization'] ?? $headers['authorization'] ?? ''; - } - if ($token !== md5(ENCRYPTION_KEY . 'session')) { http_response_code(403); echo json_encode(["error" => "Accès interdit."]); exit; } + if ($token !== md5(ENCRYPTION_KEY . 'session')) { http_response_code(403); exit; } } function encryptData($data) { $iv = openssl_random_pseudo_bytes(16); - $key = hash('sha256', ENCRYPTION_KEY, true); - return base64_encode(openssl_encrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv) . '::' . $iv); + return base64_encode(openssl_encrypt($data, 'AES-256-CBC', hash('sha256', ENCRYPTION_KEY, true), OPENSSL_RAW_DATA, $iv) . '::' . $iv); } function decryptData($str) { @@ -71,33 +60,19 @@ function getUpcmdbApiKey($pdo) { return $row ? decryptData($row['key_value']) : null; } -function httpGet($url, $timeout = 5, $ua = null, $extraHeaders = []) { - if (!$ua) $ua = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36'; - $headers = array_merge( - ['Accept: application/json, text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language: fr-FR,fr;q=0.8'], - $extraHeaders - ); - if (!function_exists('curl_init')) { - $headerLines = implode("\r\n", $headers); - $ctx = stream_context_create(['http' => ['timeout' => $timeout, 'user_agent' => $ua, 'header' => $headerLines]]); - $res = @file_get_contents($url, false, $ctx); - return $res ?: null; - } +function httpGet($url, $timeout = 10, $headers = []) { $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_RETURNTRANSFER => true, CURLOPT_TIMEOUT => $timeout, - CURLOPT_CONNECTTIMEOUT => 3, CURLOPT_SSL_VERIFYPEER => false, - CURLOPT_USERAGENT => $ua, - CURLOPT_FOLLOWLOCATION => true, - CURLOPT_REFERER => 'https://www.cinemapassion.com/', - CURLOPT_HTTPHEADER => $headers, + CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0', + CURLOPT_HTTPHEADER => $headers ]); $res = curl_exec($ch); $code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); - return ($code === 200 && is_string($res) && strlen($res) > 0) ? $res : null; + return ($code === 200) ? $res : null; } function cleanTitle($title) {