prepare(" SELECT cp.*, r.name as role_name, r.color as role_color FROM channel_permissions cp JOIN roles r ON cp.role_id = r.id WHERE cp.channel_id = ? "); $stmt->execute([$channel_id]); echo json_encode(['success' => true, 'permissions' => $stmt->fetchAll()]); exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $channel_id = $data['channel_id'] ?? 0; $role_id = $data['role_id'] ?? 0; $allow = $data['allow'] ?? 0; $deny = $data['deny'] ?? 0; // Check if user is owner of the server $stmt = db()->prepare("SELECT s.owner_id FROM servers s JOIN channels c ON s.id = c.server_id WHERE c.id = ?"); $stmt->execute([$channel_id]); $server = $stmt->fetch(); if ($server && $server['owner_id'] == $user_id) { $stmt = db()->prepare(" INSERT INTO channel_permissions (channel_id, role_id, allow_permissions, deny_permissions) VALUES (?, ?, ?, ?) ON DUPLICATE KEY UPDATE allow_permissions = VALUES(allow_permissions), deny_permissions = VALUES(deny_permissions) "); $stmt->execute([$channel_id, $role_id, $allow, $deny]); echo json_encode(['success' => true]); } else { echo json_encode(['success' => false, 'error' => 'Unauthorized']); } exit; } if ($_SERVER['REQUEST_METHOD'] === 'DELETE') { $channel_id = $data['channel_id'] ?? 0; $role_id = $data['role_id'] ?? 0; // Check if user is owner $stmt = db()->prepare("SELECT s.owner_id FROM servers s JOIN channels c ON s.id = c.server_id WHERE c.id = ?"); $stmt->execute([$channel_id]); $server = $stmt->fetch(); if ($server && $server['owner_id'] == $user_id) { $stmt = db()->prepare("DELETE FROM channel_permissions WHERE channel_id = ? AND role_id = ?"); $stmt->execute([$channel_id, $role_id]); echo json_encode(['success' => true]); } else { echo json_encode(['success' => false, 'error' => 'Unauthorized']); } exit; }