38451-vm/api/chat.php
2026-02-16 05:50:45 +00:00

54 lines
2.0 KiB
PHP

<?php
session_start();
require_once __DIR__ . '/../db/config.php';
$action = $_GET['action'] ?? '';
if ($action === 'send_message') {
$message = $_POST['message'] ?? '';
if (!$message) exit(json_encode(['success' => false]));
$user_id = $_SESSION['user_id'] ?? 0;
$sender = 'user';
$ip = $_SERVER['REMOTE_ADDR'];
$stmt = db()->prepare("INSERT INTO messages (user_id, sender, message, ip_address) VALUES (?, ?, ?, ?)");
$stmt->execute([$user_id, $sender, $message, $ip]);
echo json_encode(['success' => true]);
exit;
}
if ($action === 'get_messages') {
$user_id = $_SESSION['user_id'] ?? 0;
// For simplicity, we get all messages for this user session or UID
// If not logged in, we could use session_id or IP, but let's stick to user_id or all recent for the session
$stmt = db()->prepare("SELECT * FROM messages WHERE user_id = ? OR (user_id = 0 AND ip_address = ?) ORDER BY created_at ASC");
$stmt->execute([$user_id, $_SERVER['REMOTE_ADDR']]);
$messages = $stmt->fetchAll();
echo json_encode($messages);
exit;
}
if ($action === 'admin_send') {
$message = $_POST['message'] ?? '';
$user_id = $_POST['user_id'] ?? 0;
$target_ip = $_POST['ip_address'] ?? '';
if (!$message) exit(json_encode(['success' => false]));
$admin_id = $_SESSION['user_id'] ?? 1; // Default to admin
$sender = 'admin';
$stmt = db()->prepare("INSERT INTO messages (user_id, admin_id, sender, message, ip_address) VALUES (?, ?, ?, ?, ?)");
$stmt->execute([$user_id, $admin_id, $sender, $message, $target_ip]);
echo json_encode(['success' => true]);
exit;
}
if ($action === 'admin_get_all') {
// Get distinct users/IPs who have messaged
$stmt = db()->query("SELECT m.*, u.username, u.uid FROM messages m LEFT JOIN users u ON m.user_id = u.id WHERE m.id IN (SELECT MAX(id) FROM messages GROUP BY user_id, ip_address) ORDER BY created_at DESC");
echo json_encode($stmt->fetchAll());
exit;
}