exit-game/admin.php

<?php
session_start();
require_once 'config.php'; 
require_once 'db_config.php'; 

// --- 1. LOGIN / LOGOUT SCHUTZ ---
if (isset($_GET['logout'])) { session_destroy(); header("Location: admin.php"); exit; }

$show_login = true;
if (isset($_SESSION['admin_auth']) && $_SESSION['admin_auth'] === true) { $show_login = false; }

if (isset($_POST['login_auth'])) {
    if ($_POST['pw'] === ADMIN_PASSWORD) {
        $_SESSION['admin_auth'] = true;
        $show_login = false;
    } else { $login_error = "Falsches Passwort!"; }
}

if ($show_login):
?>
<!DOCTYPE html>
<html lang="de">
<head>
    <meta charset="UTF-8">
    <title>Admin Login</title>
    <style>
        body { font-family: 'Segoe UI', sans-serif; background: #121212; color: white; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; }
        .login-box { background: #1e1e1e; padding: 40px; border-radius: 12px; border: 1px solid #e67e22; text-align: center; width: 300px; }
        input { width: 100%; padding: 12px; margin: 15px 0; border-radius: 5px; border: 1px solid #444; background: #2a2a2a; color: white; box-sizing: border-box; }
        button { background: #e67e22; color: white; border: none; padding: 12px; border-radius: 5px; cursor: pointer; width: 100%; font-weight: bold; }
        .error { color: #e74c3c; font-size: 0.9em; }
    </style>
</head>
<body>
    <div class="login-box">
        <h2>🔐 Admin Login</h2>
        <?php if(isset($login_error)) echo "<div class='error'>$login_error</div>"; ?>
        <form method="POST">
            <input type="password" name="pw" placeholder="Passwort" autofocus required>
            <button type="submit" name="login_auth">Einloggen</button>
        </form>
    </div>
</body>
</html>
<?php exit; endif; ?>

<?php
// --- 2. DATENBANK LOGIK ---
$msg = "";
$msg_type = "success";

// Spiel hinzufügen
if (isset($_POST['add_new_game'])) {
    $ean = trim($_POST['new_ean']);
    $titel = trim($_POST['new_titel']);
    $level = (empty($_POST['new_level']) || $_POST['new_level'] == 'Unknown') ? 'Unknown' : $_POST['new_level'];
    $typ_id = ($_POST['new_typ_id'] == '0') ? null : (int)$_POST['new_typ_id'];
    $bild_url = trim($_POST['new_bild_url']);

    try {
        $stmt = $pdo->prepare("INSERT INTO spiele (titel, typ_id, ean, level, bild_url) VALUES (?, ?, ?, ?, ?)");
        $stmt->execute([$titel, $typ_id, $ean, $level, $bild_url]);
        $msg = "✅ Spiel erfolgreich angelegt!";
    } catch (PDOException $e) {
        if ($e->getCode() == 23000) { 
            $msg = "❌ Fehler: Die EAN $ean existiert bereits!";
            $msg_type = "error";
        } else { $msg = "Fehler: " . $e->getMessage(); }
    }
}

// Spiel aktualisieren
if (isset($_POST['update_game'])) {
    $stmt = $pdo->prepare("UPDATE spiele SET titel = ?, typ_id = ?, ean = ?, level = ?, bild_url = ? WHERE id = ?");
    $stmt->execute([$_POST['titel'], ($_POST['typ_id'] == '0' ? null : (int)$_POST['typ_id']), $_POST['ean'], $_POST['level'], $_POST['bild_url'], (int)$_POST['spiel_id']]);
    $msg = "💾 Änderungen gespeichert!";
}

// Löschen
if (isset($_POST['delete_game'])) {
    $pdo->prepare("DELETE FROM spiele WHERE id = ?")->execute([(int)$_POST['spiel_id']]);
    $msg = "🗑 Spiel gelöscht!";
}

// Daten abrufen
$spiele = $pdo->query("SELECT s.*, t.bezeichnung as typ_name FROM spiele s LEFT JOIN game_typen t ON s.typ_id = t.id ORDER BY s.id DESC")->fetchAll();
$typen = $pdo->query("SELECT * FROM game_typen ORDER BY bezeichnung ASC")->fetchAll();
?>

<!DOCTYPE html>
<html lang="de">
<head>
    <meta charset="UTF-8">
    <title>EXIT Admin - Stammdaten</title>
    <style>
        body { font-family: 'Segoe UI', sans-serif; background: #121212; color: #e0e0e0; padding: 20px; }
        .container { max-width: 1300px; margin: 0 auto; }
        .alert { padding: 15px; border-radius: 8px; margin-bottom: 20px; font-weight: bold; text-align: center; }
        .alert-success { background: #27ae60; color: white; }
        .alert-error { background: #e74c3c; color: white; }
        
        .admin-card { background: #1e1e1e; padding: 20px; border-radius: 12px; box-shadow: 0 4px 15px rgba(0,0,0,0.3); margin-bottom: 30px; border: 1px solid #333; }
        table { width: 100%; border-collapse: collapse; margin-top: 20px; }
        th, td { padding: 10px; border-bottom: 1px solid #333; text-align: left; }
        th { color: #e67e22; }
        input, select { padding: 8px; border: 1px solid #444; border-radius: 6px; width: 100%; box-sizing: border-box; background: #2a2a2a; color: white; }
        
        .lvl-unknown { background: #d35400 !important; color: white; }
        .btn { padding: 10px 15px; border: none; border-radius: 6px; cursor: pointer; font-weight: bold; color: white; text-decoration: none; display: inline-block; }
        .btn-add { background: #27ae60; width: 100%; margin-top: 10px; }
        .btn-save { background: #2980b9; }
        .btn-del { background: #c0392b; }
        .btn-nav { background: #e67e22; }
        
        .img-preview { width: 40px; height: 40px; object-fit: cover; border-radius: 4px; background: #333; }
    </style>
</head>
<body>

<div class="container">
    <div style="display:flex; justify-content: space-between; align-items: center; margin-bottom: 20px;">
        <h1>🛠 Stammdaten Verwaltung</h1>
        <div>
            <a href="index.php" class="btn btn-nav">Dashboard</a>
            <a href="admin.php?logout=1" class="btn btn-del">Logout</a>
        </div>
    </div>

    <?php if ($msg): ?>
        <div class="alert alert-<?= $msg_type ?>" id="msg-box"><?= $msg ?></div>
    <?php endif; ?>

    <div class="admin-card">
        <h3>🆕 Neues Spiel hinzufügen</h3>
        <form method="POST">
            <div style="display: grid; grid-template-columns: 2fr 1fr 1fr 1fr 2fr; gap: 10px;">
                <input type="text" name="new_titel" placeholder="Spieltitel" required>
                <input type="text" name="new_ean" placeholder="EAN Scannen" required>
                <select name="new_typ_id">
                    <option value="0">-- Typ: Unbekannt --</option>
                    <?php foreach($typen as $t): ?>
                        <option value="<?= $t['id'] ?>"><?= htmlspecialchars($t['bezeichnung']) ?></option>
                    <?php endforeach; ?>
                </select>
                <select name="new_level">
                    <option value="Unknown" selected>-- Level: Unbekannt --</option>
                    <option value="Einsteiger">Einsteiger</option>
                    <option value="Fortgeschrittene">Fortgeschrittene</option>
                    <option value="Profi">Profi</option>
                </select>
                <input type="text" name="new_bild_url" placeholder="Bild-URL (z.B. https://...)">
            </div>
            <button type="submit" name="add_new_game" class="btn btn-add">Spiel in Datenbank speichern</button>
        </form>
    </div>

    <div class="admin-card">
        <h3>📋 Aktueller Bestand</h3>
        <table>
            <thead>
                <tr>
                    <th style="width: 50px;">Bild</th>
                    <th>Titel</th>
                    <th>EAN</th>
                    <th>Typ</th>
                    <th>Level</th>
                    <th>Bild-URL</th>
                    <th>Aktion</th>
                </tr>
            </thead>
            <tbody>
                <?php foreach ($spiele as $sp): 
                    $is_unknown = ($sp['level'] == 'Unknown' || empty($sp['level']));
                ?>
                <tr>
                    <form method="POST">
                        <input type="hidden" name="spiel_id" value="<?= $sp['id'] ?>">
                        <td><img src="<?= htmlspecialchars($sp['bild_url']) ?>" class="img-preview" alt="Cover"></td>
                        <td><input type="text" name="titel" value="<?= htmlspecialchars($sp['titel']) ?>"></td>
                        <td><input type="text" name="ean" value="<?= htmlspecialchars($sp['ean']) ?>"></td>
                        <td>
                            <select name="typ_id">
                                <option value="0">-- Unbekannt --</option>
                                <?php foreach($typen as $t): ?>
                                    <option value="<?= $t['id'] ?>" <?= ($sp['typ_id']==$t['id'])?'selected':'' ?>><?= htmlspecialchars($t['bezeichnung']) ?></option>
                                <?php endforeach; ?>
                            </select>
                        </td>
                        <td>
                            <select name="level" class="<?= $is_unknown ? 'lvl-unknown' : '' ?>" onchange="this.className=this.value=='Unknown'?'lvl-unknown':''">
                                <option value="Unknown" <?= $is_unknown ? 'selected' : '' ?>>Unbekannt</option>
                                <option value="Einsteiger" <?= $sp['level']=='Einsteiger'?'selected':'' ?>>Einsteiger</option>
                                <option value="Fortgeschrittene" <?= $sp['level']=='Fortgeschrittene'?'selected':'' ?>>Fortgeschrittene</option>
                                <option value="Profi" <?= $sp['level']=='Profi'?'selected':'' ?>>Profi</option>
                            </select>
                        </td>
                        <td><input type="text" name="bild_url" value="<?= htmlspecialchars($sp['bild_url']) ?>"></td>
                        <td style="white-space:nowrap;">
                            <button type="submit" name="update_game" class="btn btn-save" title="Speichern">💾</button>
                            <button type="submit" name="delete_game" class="btn btn-del" onclick="return confirm('Wirklich löschen?')" title="Löschen">🗑</button>
                        </td>
                    </form>
                </tr>
                <?php endforeach; ?>
            </tbody>
        </table>
    </div>
</div>

<script>
    setTimeout(() => { 
        const msg = document.getElementById('msg-box');
        if(msg) msg.style.display = 'none';
    }, 3000);
</script>

</body>
</html>