prepare("SELECT id FROM users WHERE bot_token = ? AND is_bot = TRUE"); $stmt->execute([$bot_token]); $bot = $stmt->fetch(); if ($bot) { $user_id = $bot['id']; } else { http_response_code(401); echo json_encode(['success' => false, 'error' => 'Invalid Bot Token']); exit; } } elseif (isset($_SESSION['user_id'])) { $user_id = $_SESSION['user_id']; } else { http_response_code(401); echo json_encode(['success' => false, 'error' => 'Unauthorized']); exit; } if ($_SERVER['REQUEST_METHOD'] === 'PUT') { $data = json_decode(file_get_contents('php://input'), true); $message_id = $data['id'] ?? 0; $content = $data['content'] ?? ''; if (empty($content)) { echo json_encode(['success' => false, 'error' => 'Content cannot be empty']); exit; } try { $stmt = db()->prepare("UPDATE messages SET content = ? WHERE id = ? AND user_id = ?"); $stmt->execute([$content, $message_id, $user_id]); if ($stmt->rowCount() > 0) { echo json_encode(['success' => true]); } else { echo json_encode(['success' => false, 'error' => 'Message not found or unauthorized']); } } catch (Exception $e) { echo json_encode(['success' => false, 'error' => $e->getMessage()]); } exit; } if ($_SERVER['REQUEST_METHOD'] === 'DELETE') { $data = json_decode(file_get_contents('php://input'), true); $message_id = $data['id'] ?? 0; try { $stmt = db()->prepare("DELETE FROM messages WHERE id = ? AND user_id = ?"); $stmt->execute([$message_id, $user_id]); if ($stmt->rowCount() > 0) { echo json_encode(['success' => true]); } else { echo json_encode(['success' => false, 'error' => 'Message not found or unauthorized']); } } catch (Exception $e) { echo json_encode(['success' => false, 'error' => $e->getMessage()]); } exit; } $content = ''; $channel_id = 0; $attachment_url = null; if (strpos($_SERVER['CONTENT_TYPE'] ?? '', 'application/json') !== false) { $data = json_decode(file_get_contents('php://input'), true); $content = $data['content'] ?? ''; $channel_id = $data['channel_id'] ?? 0; } else { $content = $_POST['content'] ?? ''; $channel_id = $_POST['channel_id'] ?? 0; if (isset($_FILES['file']) && $_FILES['file']['error'] === UPLOAD_ERR_OK) { $upload_dir = 'assets/uploads/'; if (!is_dir($upload_dir)) mkdir($upload_dir, 0775, true); $filename = time() . '_' . basename($_FILES['file']['name']); $target_file = $upload_dir . $filename; if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) { $attachment_url = $target_file; } } } if (empty($content) && empty($attachment_url)) { echo json_encode(['success' => false, 'error' => 'Empty content and no attachment']); exit; } $metadata = null; if (!empty($content)) { $urls = extractUrls($content); if (!empty($urls)) { // Fetch OG data for the first URL $ogData = fetchOpenGraphData($urls[0]); if ($ogData) { $metadata = json_encode($ogData); } } } try { $stmt = db()->prepare("INSERT INTO messages (channel_id, user_id, content, attachment_url, metadata) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([$channel_id, $user_id, $content, $attachment_url, $metadata]); $last_id = db()->lastInsertId(); // Fetch message with username for the response $stmt = db()->prepare("SELECT m.*, u.username, u.avatar_url FROM messages m JOIN users u ON m.user_id = u.id WHERE m.id = ?"); $stmt->execute([$last_id]); $msg = $stmt->fetch(); echo json_encode([ 'success' => true, 'message' => [ 'id' => $msg['id'], 'user_id' => $msg['user_id'], 'username' => $msg['username'], 'avatar_url' => $msg['avatar_url'], 'content' => $msg['content'], 'attachment_url' => $msg['attachment_url'], 'metadata' => $msg['metadata'] ? json_decode($msg['metadata']) : null, 'time' => date('H:i', strtotime($msg['created_at'])) ] ]); } catch (Exception $e) { echo json_encode(['success' => false, 'error' => $e->getMessage()]); }