false])); $user_id = $_SESSION['user_id'] ?? 0; $sender = 'user'; $ip = $_SERVER['REMOTE_ADDR']; $stmt = db()->prepare("INSERT INTO messages (user_id, sender, message, ip_address) VALUES (?, ?, ?, ?)"); $stmt->execute([$user_id, $sender, $message, $ip]); echo json_encode(['success' => true]); exit; } if ($action === 'get_messages') { $user_id = $_SESSION['user_id'] ?? 0; // For simplicity, we get all messages for this user session or UID // If not logged in, we could use session_id or IP, but let's stick to user_id or all recent for the session $stmt = db()->prepare("SELECT * FROM messages WHERE user_id = ? OR (user_id = 0 AND ip_address = ?) ORDER BY created_at ASC"); $stmt->execute([$user_id, $_SERVER['REMOTE_ADDR']]); $messages = $stmt->fetchAll(); echo json_encode($messages); exit; } if ($action === 'admin_send') { $message = $_POST['message'] ?? ''; $user_id = $_POST['user_id'] ?? 0; $target_ip = $_POST['ip_address'] ?? ''; if (!$message) exit(json_encode(['success' => false])); $admin_id = $_SESSION['user_id'] ?? 1; // Default to admin $sender = 'admin'; $stmt = db()->prepare("INSERT INTO messages (user_id, admin_id, sender, message, ip_address) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([$user_id, $admin_id, $sender, $message, $target_ip]); echo json_encode(['success' => true]); exit; } if ($action === 'admin_get_all') { // Get distinct users/IPs who have messaged $stmt = db()->query("SELECT m.*, u.username, u.uid FROM messages m LEFT JOIN users u ON m.user_id = u.id WHERE m.id IN (SELECT MAX(id) FROM messages GROUP BY user_id, ip_address) ORDER BY created_at DESC"); echo json_encode($stmt->fetchAll()); exit; }