philip
b239ae3e5f
Replaces Firebase with a self-hosted PHP/MySQL API served from winded.prymsolutions.com. Includes full backend (schema, auth, events, teams, brackets, suggestions, stats, media, file upload) and updated Flutter repositories and domain models. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
46 lines
1.2 KiB
PHP
46 lines
1.2 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../config/helpers.php';
|
|
cors();
|
|
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
$db = db();
|
|
|
|
if ($method === 'GET') {
|
|
$payload = require_auth();
|
|
if ($payload['role'] === 'admin') {
|
|
$rows = $db->query('SELECT * FROM suggestions ORDER BY submitted_at DESC')->fetchAll();
|
|
} else {
|
|
$stmt = $db->prepare(
|
|
"SELECT * FROM suggestions WHERE user_id = ? AND is_anonymous = 0
|
|
ORDER BY submitted_at DESC"
|
|
);
|
|
$stmt->execute([$payload['uid']]);
|
|
$rows = $stmt->fetchAll();
|
|
}
|
|
json_ok(['suggestions' => $rows]);
|
|
}
|
|
|
|
if ($method === 'POST') {
|
|
$payload = require_auth();
|
|
$b = body();
|
|
$text = trim($b['text'] ?? '');
|
|
$anon = !empty($b['is_anonymous']);
|
|
|
|
if ($text === '') json_err('Text required');
|
|
|
|
$id = uuid();
|
|
$db->prepare(
|
|
'INSERT INTO suggestions (id, user_id, display_name, text, is_anonymous)
|
|
VALUES (?, ?, ?, ?, ?)'
|
|
)->execute([
|
|
$id,
|
|
$anon ? null : $payload['uid'],
|
|
$anon ? null : ($b['display_name'] ?? ''),
|
|
$text,
|
|
$anon ? 1 : 0,
|
|
]);
|
|
json_ok(['id' => $id], 201);
|
|
}
|
|
|
|
json_err('Method not allowed', 405);
|