From e5e0aee8acf3d753422162c06410f9f88a72fdbc Mon Sep 17 00:00:00 2001 From: Cedric Date: Mon, 22 Jun 2026 13:57:42 +0200 Subject: [PATCH] Actualiser api.php --- api.php | 288 +++++++++++++------------------------------------------- 1 file changed, 68 insertions(+), 220 deletions(-) diff --git a/api.php b/api.php index 6a521b3..e350efa 100644 --- a/api.php +++ b/api.php @@ -18,21 +18,16 @@ try { $pdo->exec("CREATE TABLE IF NOT EXISTS users (id INT PRIMARY KEY, username VARCHAR(50) NOT NULL, password_hash VARCHAR(255) NOT NULL)"); $pdo->exec("CREATE TABLE IF NOT EXISTS config (key_name VARCHAR(50) PRIMARY KEY, key_value TEXT NOT NULL)"); $pdo->exec("CREATE TABLE IF NOT EXISTS critiques (id BIGINT PRIMARY KEY, title VARCHAR(255) NOT NULL, year VARCHAR(10), director VARCHAR(255), poster TEXT, rating DECIMAL(3,1) DEFAULT 3.0, review TEXT, streaming VARCHAR(255))"); - $pdo->exec("ALTER TABLE critiques MODIFY COLUMN rating DECIMAL(3,1) DEFAULT 3.0;"); $pdo->exec("CREATE TABLE IF NOT EXISTS videotheque (id BIGINT PRIMARY KEY, title VARCHAR(255) NOT NULL, year VARCHAR(10), director VARCHAR(255), poster TEXT, format VARCHAR(50), length VARCHAR(50), publisher VARCHAR(255), ean_isbn13 VARCHAR(50), number_of_discs INT DEFAULT 1, aspect_ratio VARCHAR(50), description TEXT)"); - - // Cache unifié pour toutes les APIs - $pdo->exec("CREATE TABLE IF NOT EXISTS cache_api ( - cache_key VARCHAR(120) PRIMARY KEY, - data TEXT NOT NULL, - source VARCHAR(20) NOT NULL, - created_at INT NOT NULL - )"); + $pdo->exec("CREATE TABLE IF NOT EXISTS cache_api (cache_key VARCHAR(120) PRIMARY KEY, data TEXT NOT NULL, source VARCHAR(20) NOT NULL, created_at INT NOT NULL)"); } catch (\PDOException $e) { echo json_encode(["error" => "Erreur BDD : " . $e->getMessage()]); exit; } // ── FONCTIONS UTILITAIRES ── -function makeStableId($title, $year) { - return (abs(crc32(strtolower(trim($title ?? '')) . '|' . trim($year ?? ''))) % 2000000000) + 100000000; +function makeStableId($type, $title, $year) { + // 🔥 CORRECTION CRITIQUE : On ajoute le $type dans le sel du hash. + // Ainsi, "Matrix" en critique et "Matrix" en vidéothèque auront des ID totalement différents. + $base = strtolower(trim($type ?? '')) . '|' . strtolower(trim($title ?? '')) . '|' . trim($year ?? ''); + return (abs(crc32($base)) % 2000000000) + 100000000; } function checkAuth($pdo) { @@ -51,18 +46,18 @@ function encryptData($data) { return base64_encode(openssl_encrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv) . '::' . $iv); } -function decryptData($str) { - $decoded = base64_decode($str); - if (strpos($decoded, '::') === false) return null; - list($enc, $iv) = explode('::', $decoded, 2); - return openssl_decrypt($enc, 'AES-256-CBC', hash('sha256', ENCRYPTION_KEY, true), OPENSSL_RAW_DATA, substr($iv, 0, 16)); -} - function getTmdbApiKey($pdo) { $stmt = $pdo->prepare("SELECT key_value FROM config WHERE key_name = 'tmdb_api_key'"); $stmt->execute(); $row = $stmt->fetch(); - return $row ? decryptData($row['key_value']) : null; + return $row ? json_decode(decryptData($row['key_value']), true) : null; // Supposé que c'est stocké en JSON ou brut +} + +function decryptData($str) { + $decoded = base64_decode($str); + if (strpos($decoded, '::') === false) return $str; // Fallback + list($enc, $iv) = explode('::', $decoded, 2); + return openssl_decrypt($enc, 'AES-256-CBC', hash('sha256', ENCRYPTION_KEY, true), OPENSSL_RAW_DATA, substr($iv, 0, 16)); } function httpGet($url, $timeout = 5) { @@ -96,7 +91,6 @@ function setCache($pdo, $key, $data, $source) { function cleanTitle($title) { $clean = preg_replace('/\s*[\[\(].*?[\]\)]\s*/', '', $title); $clean = preg_replace('/\s*-\s*(Édition|Edition|Collector|Simple|Spéciale|Digibook|Ultimate|Intégrale|Combo|SteelBook|Boîtier).*$/i', '', $clean); - // Coupe radicale si on rencontre des mots clés liés aux supports physiques $clean = preg_replace('/(blu-ray|bluray|dvd|4k|ultra hd|combo|vhs|bdrip).*$/i', '', $clean); return trim(preg_replace('/\s{2,}/', ' ', $clean)); } @@ -108,7 +102,7 @@ function detectFormat($title, $desc = '') { if (strpos($t, 'DVD') !== false) return 'DVD'; if (strpos($t, 'VHS') !== false) return 'VHS'; if (strpos($t, 'COFFRET') !== false || strpos($t, 'TRILOGIE') !== false) return 'Coffret'; - return 'Blu-ray'; // Format par défaut moderne + return 'Support Physique'; } function extractYear($dateStr) { @@ -116,47 +110,19 @@ function extractYear($dateStr) { return ''; } -// ── 1. API UPCitemDB ── -function fetchUPCitemdb($ean, $pdo) { - if (empty($ean) || strlen($ean) < 8) return null; - $cacheKey = 'upc_full_' . md5($ean); - $cached = getCache($pdo, $cacheKey); - if ($cached) return $cached; - - $url = "https://api.upcitemdb.com/prod/trial/lookup?upc=" . urlencode($ean); - $res = httpGet($url, 5); - if (!$res) return null; - - $data = json_decode($res, true); - if (isset($data['code']) && $data['code'] === 'OK' && !empty($data['items'])) { - $item = $data['items'][0]; - $result = [ - 'title' => $item['title'] ?? '', - 'poster' => $item['images'][0] ?? '', - 'publisher' => $item['brand'] ?? $item['publisher'] ?? '', - 'format' => detectFormat($item['title'] ?? '', $item['description'] ?? '') - ]; - setCache($pdo, $cacheKey, $result, 'upc'); - return $result; - } - return null; -} - -// ── 2. API TMDB (Full Extract) ── function fetchTMDBFull($title, $year, $apiKey, $pdo) { if (empty($apiKey) || empty($title)) return null; $cleanTitle = cleanTitle($title); $cacheKey = 'tmdb_full_' . md5(strtolower($cleanTitle) . '|' . $year); $cached = getCache($pdo, $cacheKey); if ($cached) return $cached; - + $searchUrl = "https://api.themoviedb.org/3/search/movie?api_key={$apiKey}&query=" . urlencode($cleanTitle) . "&year={$year}&language=fr-FR"; $searchRes = httpGet($searchUrl, 5); if (!$searchRes) return null; - $searchData = json_decode($searchRes, true); + if (empty($searchData['results'])) { - // Retry sans année $searchUrl2 = "https://api.themoviedb.org/3/search/movie?api_key={$apiKey}&query=" . urlencode($cleanTitle) . "&language=fr-FR"; $searchRes2 = httpGet($searchUrl2, 5); if ($searchRes2) { @@ -165,35 +131,26 @@ function fetchTMDBFull($title, $year, $apiKey, $pdo) { } } if (empty($searchData['results'])) return null; - $movieId = $searchData['results'][0]['id']; - - // Appel TMDB complet pour avoir le Réalisateur, la Durée (Runtime) et le Streaming + $detailsUrl = "https://api.themoviedb.org/3/movie/{$movieId}?api_key={$apiKey}&append_to_response=credits,watch/providers&language=fr-FR"; $detailsRes = httpGet($detailsUrl, 5); if (!$detailsRes) return null; - $details = json_decode($detailsRes, true); - - // Extraction Réalisateur + $director = ''; if (!empty($details['credits']['crew'])) { foreach ($details['credits']['crew'] as $crew) { if ($crew['job'] === 'Director') { $director = $crew['name']; break; } } } - - // Extraction Streaming + $streaming = ''; $frProviders = $details['watch/providers']['results']['FR'] ?? []; $platforms = []; if (!empty($frProviders['flatrate'])) { foreach ($frProviders['flatrate'] as $p) $platforms[] = $p['provider_name']; } - if (empty($platforms)) { - if (!empty($frProviders['rent'])) { foreach ($frProviders['rent'] as $p) $platforms[] = $p['provider_name'] . ' (loc.)'; } - if (!empty($frProviders['buy'])) { foreach ($frProviders['buy'] as $p) $platforms[] = $p['provider_name'] . ' (achat)'; } - } if (!empty($platforms)) $streaming = implode(', ', array_unique($platforms)); - + $result = [ 'title' => $details['title'] ?? '', 'year' => !empty($details['release_date']) ? substr($details['release_date'], 0, 4) : '', @@ -202,7 +159,6 @@ function fetchTMDBFull($title, $year, $apiKey, $pdo) { 'length' => !empty($details['runtime']) ? $details['runtime'] . ' min' : '', 'streaming' => $streaming ]; - setCache($pdo, $cacheKey, $result, 'tmdb'); return $result; } @@ -215,7 +171,7 @@ switch ($action) { case 'check_security_status': echo json_encode(["is_blank" => ($pdo->query("SELECT COUNT(*) FROM users")->fetchColumn() == 0)]); break; - + case 'login': if ($pdo->query("SELECT COUNT(*) FROM users")->fetchColumn() == 0) { echo json_encode(["success" => true, "token" => md5(ENCRYPTION_KEY . 'session'), "blank" => true]); @@ -227,7 +183,7 @@ switch ($action) { } else { http_response_code(401); echo json_encode(["error" => "Mot de passe incorrect."]); } } break; - + case 'setup_admin': case 'update_password': checkAuth($pdo); $pwd = $data['password'] ?? $data['new_password'] ?? ''; @@ -235,10 +191,10 @@ switch ($action) { $stmt->execute([':pass' => password_hash($pwd, PASSWORD_BCRYPT)]); echo json_encode(["success" => true]); break; - + case 'get_config_keys': checkAuth($pdo); - $keys = ['tmdb_api_key']; // Les autres APIs ont été supprimées + $keys = ['tmdb_api_key']; $result = []; foreach ($keys as $k) { $stmt = $pdo->prepare("SELECT key_value FROM config WHERE key_name = ?"); @@ -251,78 +207,27 @@ switch ($action) { case 'save_config': checkAuth($pdo); - $keyName = $data['key_name'] ?? ''; + $keyName = $data['key_name'] ?? ''; $keyValue = $data['key_value'] ?? ''; - $allowedKeys = ['tmdb_api_key']; // Les autres APIs ont été supprimées - - if (in_array($keyName, $allowedKeys) && !empty($keyValue)) { + if ($keyName === 'tmdb_api_key' && !empty($keyValue)) { $stmt = $pdo->prepare("REPLACE INTO config (key_name, key_value) VALUES (?, ?)"); $stmt->execute([$keyName, encryptData($keyValue)]); echo json_encode(["success" => true]); - } else { - http_response_code(400); - echo json_encode(["error" => "Données invalides."]); + } else { + http_response_code(400); echo json_encode(["error" => "Données invalides."]); } break; - + case 'get_films': $crit = $pdo->query("SELECT *, 'critique' AS type FROM critiques ORDER BY id DESC")->fetchAll(); $video = $pdo->query("SELECT *, 'videotheque' AS type FROM videotheque ORDER BY id DESC")->fetchAll(); echo json_encode(array_merge($crit, $video)); break; - - case 'search_ean_full': - $ean = $_GET['ean'] ?? ''; - if (!$ean) { echo json_encode(['error' => 'EAN manquant']); exit; } - - $result = [ - 'ean' => $ean, 'title' => '', 'director' => '', 'year' => '', - 'poster' => '', 'publisher' => '', 'format' => '', - 'length' => '', 'number_of_discs' => 1, 'aspect_ratio' => '' - ]; - - // 1. RECHERCHE UPCitemDB - $upcData = fetchUPCitemdb($ean, $pdo); - $tmdbQueryTitle = ""; - - if ($upcData) { - $tmdbQueryTitle = $upcData['title']; - $result['title'] = $upcData['title']; - $result['poster'] = $upcData['poster']; - $result['publisher'] = $upcData['publisher']; - $result['format'] = $upcData['format']; - } - - // 2. CROISEMENT TMDB - $tmdbKey = getTmdbApiKey($pdo); - if ($tmdbKey && $tmdbQueryTitle) { - $tmdbData = fetchTMDBFull($tmdbQueryTitle, '', $tmdbKey, $pdo); - if ($tmdbData) { - // On privilégie le vrai nom du film et ses métadonnées officielles - if (!empty($tmdbData['title'])) $result['title'] = $tmdbData['title']; - if (empty($result['poster']) && !empty($tmdbData['poster'])) $result['poster'] = $tmdbData['poster']; - if (!empty($tmdbData['year'])) $result['year'] = $tmdbData['year']; - if (!empty($tmdbData['length'])) $result['length'] = $tmdbData['length']; - if (!empty($tmdbData['director'])) $result['director'] = $tmdbData['director']; - } - } - - echo json_encode(['success' => true, 'data' => $result]); - break; case 'save_film': checkAuth($pdo); $type = $data['type'] ?? 'critique'; - $id = !empty($data['id']) ? $data['id'] : makeStableId($data['title'] ?? '', $data['year'] ?? '0000'); - - if (empty($data['director']) || empty($data['poster'])) { - $tmdbData = fetchTMDBFull($data['title'] ?? '', $data['year'] ?? '', getTmdbApiKey($pdo), $pdo); - if ($tmdbData) { - if (empty($data['director'])) $data['director'] = $tmdbData['director']; - if (empty($data['poster'])) $data['poster'] = $tmdbData['poster']; - if (empty($data['length']) && !empty($tmdbData['length'])) $data['length'] = $tmdbData['length']; - } - } + $id = !empty($data['id']) ? $data['id'] : makeStableId($type, $data['title'] ?? '', $data['year'] ?? '0000'); if ($type === 'critique') { $sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming) VALUES (?, ?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE title=VALUES(title), year=VALUES(year), director=VALUES(director), poster=VALUES(poster), rating=VALUES(rating), review=VALUES(review), streaming=VALUES(streaming)"; @@ -335,7 +240,7 @@ switch ($action) { } echo json_encode(["success" => true]); break; - + case 'delete_film': checkAuth($pdo); $type = $_GET['type'] ?? 'critique'; $table = ($type === 'videotheque') ? 'videotheque' : 'critiques'; @@ -344,122 +249,65 @@ switch ($action) { $stmt = $pdo->prepare("DELETE FROM $table WHERE id = ?"); $stmt->execute([$id]); echo json_encode(["success" => true]); break; - + case 'bulk_delete': checkAuth($pdo); $ids = $data['ids'] ?? []; $type = $data['type'] ?? 'critique'; $table = ($type === 'videotheque') ? 'videotheque' : 'critiques'; - if (!empty($ids)) { $placeholders = implode(',', array_fill(0, count($ids), '?')); $stmt = $pdo->prepare("DELETE FROM $table WHERE id IN ($placeholders)"); $stmt->execute($ids); echo json_encode(["success" => true]); } + if (!empty($ids)) { $placeholders = implode(',', array_fill(0, count($ids), '?')); $stmt = $pdo->prepare("DELETE FROM $table WHERE id IN ($placeholders)"); $stmt->execute($ids); echo json_encode(["success" => true]); } else { http_response_code(400); echo json_encode(["success" => false, "error" => "Aucun élément sélectionné."]); } break; - // ── IMPORT PAR LOTS CSV (CROISEMENT UPC + TMDB) ── case 'import_batch': checkAuth($pdo); $items = $data['items'] ?? []; - $type = $data['type'] ?? 'videotheque'; + $type = $data['type'] ?? 'videotheque'; // 🔥 Strictement défini par le frontend $tmdbApiKey = getTmdbApiKey($pdo); $imported = 0; - $stats = ['upc_hits' => 0, 'tmdb_hits' => 0, 'no_image' => 0]; - - $pdo->beginTransaction(); - foreach ($items as $rowData) { - $title = $rowData['title'] ?? $rowData['Name'] ?? 'Sans titre'; - $firstName = $rowData['first_name'] ?? ''; - $lastName = $rowData['last_name'] ?? ''; - $creators = $rowData['creators'] ?? ''; - - $director = ''; - if (!empty($firstName) && !empty($lastName)) { - $director = trim("$firstName $lastName"); - } elseif (!empty($creators)) { - $director = $creators; - } - - $publishDate = $rowData['publish_date'] ?? $rowData['Year'] ?? $rowData['year'] ?? ''; - $year = extractYear($publishDate); - - $ean = $rowData['ean_isbn13'] ?? $rowData['EAN'] ?? $rowData['ean'] ?? ''; - $description = $rowData['description'] ?? $rowData['Description'] ?? ''; - $publisher = $rowData['publisher'] ?? $rowData['Publisher'] ?? ''; - $length = $rowData['length'] ?? $rowData['Length'] ?? ''; - $discs = $rowData['number_of_discs'] ?? 1; - $aspect = $rowData['aspect_ratio'] ?? ''; - $format = $rowData['format'] ?? $rowData['Format'] ?? ''; - - $poster = $rowData['poster'] ?? $rowData['Poster'] ?? $rowData['image'] ?? ''; - - // ── RECHERCHE CROISÉE ── - if ($type === 'videotheque') { - // 1. UPCitemDB - if (!empty($ean)) { - $upcData = fetchUPCitemdb($ean, $pdo); - if ($upcData) { - if (empty($poster) && !empty($upcData['poster'])) { - $poster = $upcData['poster']; - $stats['upc_hits']++; - } - // On garde le titre brut UPC uniquement si on n'a rien d'autre pour la suite - if ($title === 'Sans titre') $title = $upcData['title']; - if (empty($publisher)) $publisher = $upcData['publisher']; - if (empty($format)) $format = $upcData['format']; - } - } - if (empty($format)) $format = detectFormat($title, $description); - - // 2. TMDB (Complète les vides avec la Data Officielle) - if ($tmdbApiKey && !empty($title)) { - $tmdbData = fetchTMDBFull($title, $year, $tmdbApiKey, $pdo); - if ($tmdbData) { - // On sécurise un titre propre de film - if (!empty($tmdbData['title'])) $title = $tmdbData['title']; - if (empty($director) && !empty($tmdbData['director'])) $director = $tmdbData['director']; - if (empty($year) && !empty($tmdbData['year'])) $year = $tmdbData['year']; - if (empty($length) && !empty($tmdbData['length'])) $length = $tmdbData['length']; - if (empty($poster) && !empty($tmdbData['poster'])) { - $poster = $tmdbData['poster']; - $stats['tmdb_hits']++; - } - } - } - } else { - // Pour les critiques : Seulement TMDB - if ($tmdbApiKey && !empty($title)) { - $tmdbData = fetchTMDBFull($title, $year, $tmdbApiKey, $pdo); - if ($tmdbData) { - if (!empty($tmdbData['title'])) $title = $tmdbData['title']; - if (empty($director)) $director = $tmdbData['director']; - if (empty($year) && !empty($tmdbData['year'])) $year = $tmdbData['year']; - if (empty($poster) && !empty($tmdbData['poster'])) { - $poster = $tmdbData['poster']; - $stats['tmdb_hits']++; - } - $streaming = $rowData['streaming'] ?? $rowData['Streaming'] ?? (!empty($tmdbData['streaming']) ? $tmdbData['streaming'] : 'Disponible en support physique ou Cinéma'); - } - } - } - - if (empty($poster)) $stats['no_image']++; - - $id = makeStableId($title, $year); + $pdo->beginTransaction(); + foreach ($items as $row) { + $title = $row['title'] ?? $row['Name'] ?? 'Sans titre'; + $year = extractYear($row['publish_date'] ?? $row['Year'] ?? $row['year'] ?? ''); + $id = makeStableId($type, $title, $year); // 🔥 ID isolé par type if ($type === 'critique') { - $rating = isset($rowData['rating']) && $rowData['rating'] !== '' ? (float)$rowData['rating'] : (isset($rowData['Rating']) ? (float)$rowData['Rating'] : 3.0); - $review = $rowData['review'] ?? $rowData['Review'] ?? $description; - $streaming = $streaming ?? 'Inconnu'; + $rating = isset($row['Rating']) && $row['Rating'] !== '' ? (float)$row['Rating'] : (isset($row['rating']) ? (float)$row['rating'] : 3.0); + $review = $row['Review'] ?? $row['review'] ?? ''; + $streaming = $row['Streaming'] ?? $row['streaming'] ?? ''; + if ($tmdbApiKey && empty($row['director'])) { + $tmdb = fetchTMDBFull($title, $year, $tmdbApiKey, $pdo); + if ($tmdb) { + if (empty($row['director'])) $row['director'] = $tmdb['director']; + if (empty($row['poster'])) $row['poster'] = $tmdb['poster']; + } + } + $sql = "INSERT INTO critiques (id, title, year, director, poster, rating, review, streaming) VALUES (?, ?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE rating=VALUES(rating), review=IF(VALUES(review)!='',VALUES(review),review), director=IF(VALUES(director)!='',VALUES(director),director), poster=IF(VALUES(poster)!='',VALUES(poster),poster), streaming=IF(VALUES(streaming)!='',VALUES(streaming),streaming)"; $stmt = $pdo->prepare($sql); - $stmt->execute([$id, $title, $year, $director, $poster, $rating, $review, $streaming]); + $stmt->execute([$id, $title, $year, $row['director'] ?? '', $row['poster'] ?? '', $rating, $review, $streaming]); } else { + // Vidéothèque + $firstName = $row['first_name'] ?? ''; + $lastName = $row['last_name'] ?? ''; + $creators = $row['creators'] ?? ''; + $director = !empty($firstName) && !empty($lastName) ? trim("$firstName $lastName") : $creators; + + $ean = $row['ean_isbn13'] ?? $row['EAN'] ?? ''; + $publisher = $row['publisher'] ?? ''; + $length = $row['length'] ?? ''; + $discs = $row['number_of_discs'] ?? 1; + $aspect = $row['aspect_ratio'] ?? ''; + $desc = $row['description'] ?? ''; + $format = detectFormat($title, $desc); + $sql = "INSERT INTO videotheque (id, title, year, director, poster, format, length, publisher, ean_isbn13, number_of_discs, aspect_ratio, description) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE director=IF(VALUES(director)!='',VALUES(director),director), poster=IF(VALUES(poster)!='',VALUES(poster),poster), format=IF(VALUES(format)!='',VALUES(format),format), length=IF(VALUES(length)!='',VALUES(length),length), publisher=IF(VALUES(publisher)!='',VALUES(publisher),publisher), ean_isbn13=IF(VALUES(ean_isbn13)!='',VALUES(ean_isbn13),ean_isbn13), number_of_discs=IF(VALUES(number_of_discs)!=1,VALUES(number_of_discs),number_of_discs), aspect_ratio=IF(VALUES(aspect_ratio)!='',VALUES(aspect_ratio),aspect_ratio), description=IF(VALUES(description)!='',VALUES(description),description)"; $stmt = $pdo->prepare($sql); - $stmt->execute([$id, $title, $year, $director, $poster, $format, $length, $publisher, $ean, $discs, $aspect, $description]); + $stmt->execute([$id, $title, $year, $director, $row['poster'] ?? '', $format, $length, $publisher, $ean, $discs, $aspect, $desc]); } $imported++; } - $pdo->commit(); - echo json_encode(["success" => true, "imported" => $imported, "stats" => $stats]); + echo json_encode(["success" => true, "imported" => $imported]); break; } \ No newline at end of file