58 lines
1.4 KiB
PHP
58 lines
1.4 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
require_once 'utils.php';
|
|
|
|
if (!isset($_SESSION['user_id'])) {
|
|
http_response_code(401);
|
|
echo json_encode(['error' => 'Unauthorized']);
|
|
exit();
|
|
}
|
|
|
|
$user_id = $_SESSION['user_id'];
|
|
$channel_id = $_GET['channel_id'] ?? null;
|
|
|
|
if (!$channel_id) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Channel ID is required']);
|
|
exit();
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Verify user has access to this channel's server
|
|
$stmt = $pdo->prepare("
|
|
SELECT c.id
|
|
FROM channels c
|
|
JOIN servers s ON c.server_id = s.id
|
|
JOIN server_members sm ON s.id = sm.server_id
|
|
WHERE c.id = ? AND sm.user_id = ?
|
|
");
|
|
$stmt->execute([$channel_id, $user_id]);
|
|
if ($stmt->fetch() === false) {
|
|
http_response_code(403);
|
|
echo json_encode(['error' => 'Forbidden']);
|
|
exit();
|
|
}
|
|
|
|
// Fetch messages
|
|
$stmt = $pdo->prepare("
|
|
SELECT m.id, m.content, m.created_at, u.username
|
|
FROM messages m
|
|
JOIN users u ON m.user_id = u.id
|
|
WHERE m.channel_id = ?
|
|
ORDER BY m.created_at ASC
|
|
");
|
|
$stmt->execute([$channel_id]);
|
|
$messages = $stmt->fetchAll();
|
|
|
|
header('Content-Type: application/json');
|
|
echo json_encode($messages);
|
|
|
|
} catch (PDOException $e) {
|
|
error_log("Get Messages Error: " . $e->getMessage());
|
|
http_response_code(500);
|
|
echo json_encode(['error' => 'Internal Server Error']);
|
|
}
|