exit-game/admin.php

<?php
session_start();
require_once 'config.php'; 
require_once 'db_config.php'; 

// --- 1. LOGIN / LOGOUT ---
if (isset($_GET['logout'])) { session_destroy(); header("Location: admin.php"); exit; }
if (isset($_POST['login_auth'])) {
    if ($_POST['pw'] === ADMIN_PASSWORD) { $_SESSION['admin_auth'] = true; }
}
if (!(isset($_SESSION['admin_auth']) && $_SESSION['admin_auth'] === true)):
?>
<!DOCTYPE html>
<html lang="de">
<head><meta charset="UTF-8"><title>Login</title><style>body{font-family:sans-serif;display:flex;justify-content:center;align-items:center;height:100vh;background:#f0f2f5;} .box{background:white;padding:30px;border-radius:8px;box-shadow:0 2px 10px rgba(0,0,0,0.1); text-align:center;}</style></head>
<body><div class="box"><h2>🔐 Admin Login</h2><form method="POST"><input type="password" name="pw" placeholder="Passwort" autofocus style="width:100%;padding:10px;margin:10px 0;"><button type="submit" name="login_auth" style="width:100%;padding:10px;background:#e67e22;color:white;border:none;cursor:pointer;">Login</button></form></div></body>
</html>
<?php exit; endif; ?>

<?php
// --- HELPER ---
function renderStars($val) {
    if (!is_numeric($val)) return htmlspecialchars($val);
    $n = (int)$val; $out = "";
    for($i=1; $i<=5; $i++) { $out .= ($i <= $n) ? "★" : "☆"; }
    return "<span style='color:#f1c40f; font-size:1.1em;'>$out</span>";
}

// --- 2. SQL AKTIONEN ---
$msg = ""; $error = "";

if (isset($_POST['save_game'])) {
    $id = (int)($_POST['id'] ?? 0);
    $r_id = (int)$_POST['game_reihe_id'];
    $t_id = ($_POST['game_typ_id'] == '0') ? null : (int)$_POST['game_typ_id'];
    $l_id = ($_POST['game_level_id'] == '0') ? null : (int)$_POST['game_level_id'];
    $p_id = (isset($_POST['parent_id']) && $_POST['parent_id'] != '0') ? (int)$_POST['parent_id'] : null;
    
    $eanClean = str_replace(' ', '', (string)($_POST['ean'] ?? ''));
    $ean = ($eanClean === '') ? null : $eanClean;
    $urlInput = trim($_POST['url']);

    try {
        $pdo->beginTransaction();

        if ($id > 0) {
            $stmt = $pdo->prepare("UPDATE spiele SET game_reihe_id=?, titel=?, game_typ_id=?, game_level_id=?, ean=?, parent_id=? WHERE id=?");
            $stmt->execute([$r_id, $_POST['titel'], $t_id, $l_id, $ean, $p_id, $id]);
            $spiel_id = $id;
        } else {
            $stmt = $pdo->prepare("INSERT INTO spiele (game_reihe_id, titel, game_typ_id, game_level_id, ean, parent_id) VALUES (?,?,?,?,?,?)");
            $stmt->execute([$r_id, $_POST['titel'], $t_id, $l_id, $ean, $p_id]);
            $spiel_id = $pdo->lastInsertId();
        }

        if (!empty($urlInput) && strpos($urlInput, 'http') === 0) {
            $ext = pathinfo(parse_url($urlInput, PHP_URL_PATH), PATHINFO_EXTENSION) ?: 'jpg';
            $fileName = (!empty($eanClean) ? $eanClean : "game_" . $spiel_id) . "." . $ext;
            if ($imgData = @file_get_contents($urlInput)) {
                if (file_put_contents(IMG_PATH . $fileName, $imgData)) {
                    $pdo->prepare("UPDATE spiele SET bild_url=? WHERE id=?")->execute([$fileName, $spiel_id]);
                }
            }
        } elseif (!empty($urlInput)) {
            $pdo->prepare("UPDATE spiele SET bild_url=? WHERE id=?")->execute([$urlInput, $spiel_id]);
        }

        $pdo->commit();
        $msg = "Gespeichert!";
    } catch (Exception $e) { $pdo->rollBack(); $error = $e->getMessage(); }
}

// STAMMDATEN ADD LOGIK
if (isset($_POST['add_reihe'])) {
    $pdo->prepare("INSERT INTO game_reihe (name) VALUES (?)")->execute([$_POST['name']]);
    $msg="Reihe hinzugefügt!";
}
if (isset($_POST['add_typ'])) {
    $pdo->prepare("INSERT INTO game_typ (game_reihe_id, bezeichnung) VALUES (?,?)")->execute([$_POST['r_id'], $_POST['bez']]);
    $msg="Typ hinzugefügt!";
}
if (isset($_POST['add_level'])) {
    $pdo->prepare("INSERT INTO game_level (game_reihe_id, bezeichnung) VALUES (?,?)")->execute([$_POST['r_id'], $_POST['bez']]);
    $msg="Level hinzugefügt!";
}
if (isset($_POST['add_spieler'])) {
    $pdo->prepare("INSERT INTO spieler (name) VALUES (?)")->execute([$_POST['name']]);
    $msg="Spieler hinzugefügt!";
}

// LÖSCHEN
if (isset($_GET['del_t'], $_GET['del_id'])) {
    if (in_array($_GET['del_t'], ['spiele', 'spieler', 'game_reihe', 'game_typ', 'game_level'])) {
        $pdo->prepare("DELETE FROM `".$_GET['del_t']."` WHERE id=?")->execute([(int)$_GET['del_id']]);
        header("Location: admin.php"); exit;
    }
}

// DATEN LADEN
$reihen  = $pdo->query("SELECT * FROM game_reihe ORDER BY name")->fetchAll();
$typen   = $pdo->query("SELECT t.*, r.name as r_name FROM game_typ t JOIN game_reihe r ON t.game_reihe_id = r.id ORDER BY r.name, t.bezeichnung")->fetchAll();
$levels  = $pdo->query("SELECT l.*, r.name as r_name FROM game_level l JOIN game_reihe r ON l.game_reihe_id = r.id ORDER BY r.name, l.bezeichnung")->fetchAll();
$spieler = $pdo->query("SELECT * FROM spieler ORDER BY name")->fetchAll();
$spiele  = $pdo->query("SELECT s.*, r.name as r_name, p.titel as parent_titel 
                        FROM spiele s 
                        LEFT JOIN game_reihe r ON s.game_reihe_id = r.id 
                        LEFT JOIN spiele p ON s.parent_id = p.id
                        ORDER BY s.id DESC")->fetchAll();
?>

<!DOCTYPE html>
<html lang="de">
<head>
    <meta charset="UTF-8">
    <title>Admin Dashboard</title>
    <style>
        :root { --accent: #e67e22; --bg: #f4f7f6; --card: #fff; --text: #333; --border: #ddd; }
        body { font-family: 'Segoe UI', sans-serif; background: var(--bg); color: var(--text); margin: 0; padding: 20px; }
        .header { display: flex; justify-content: space-between; align-items: center; margin-bottom: 20px; }
        
        .nav-tabs { display: flex; gap: 5px; margin-bottom: 20px; border-bottom: 2px solid var(--border); }
        .t-btn { padding: 12px 20px; border: none; background: none; color: var(--text); cursor: pointer; font-weight: bold; border-radius: 8px 8px 0 0; }
        .t-btn:hover { background: #eee; }
        .t-btn.active { background: var(--card); border: 1px solid var(--border); border-bottom: 3px solid var(--accent); color: var(--accent); }
        
        .tab { display: none; background: var(--card); padding: 20px; border-radius: 0 0 12px 12px; border: 1px solid var(--border); border-top: none; }
        .tab.active { display: block; }
        
        table { width: 100%; border-collapse: collapse; font-size: 0.82em; }
        th, td { padding: 10px; border-bottom: 1px solid var(--border); text-align: left; }
        input, select { padding: 6px; border: 1px solid var(--border); border-radius: 4px; background: var(--card); color: var(--text); width: 100%; box-sizing: border-box; }
        
        .btn { padding: 6px 10px; border: none; border-radius: 4px; cursor: pointer; color: white; font-weight: bold; text-decoration: none; display: inline-block; }
        .btn-s { background: #2980b9; } .btn-d { background: #c0392b; } .btn-a { background: #27ae60; }
        .img-preview { width: 40px; height: 40px; object-fit: cover; border-radius: 4px; border: 1px solid #eee; }
        .alert { padding: 10px; border-radius: 8px; margin-bottom: 20px; text-align: center; background: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
        .scroll-area { max-height: 350px; overflow-y: auto; border: 1px solid var(--border); border-radius: 6px; padding: 5px; margin-top: 10px; }
        .badge { background: #eee; padding: 2px 5px; border-radius: 4px; font-size: 0.75em; color: #666; }
    </style>
</head>
<body>

<div class="header">
    <h1>🛠 Admin Panel</h1>
    <div><a href="index.php" class="btn btn-s">Zum Katalog</a> <a href="?logout=1" class="btn btn-d">Logout</a></div>
</div>

<?php if($msg): ?><div class="alert"><?=$msg?></div><?php endif; ?>
<?php if($error): ?><div class="alert error" style="background:#f8d7da; color:#721c24;"><?=$error?></div><?php endif; ?>

<div class="nav-tabs">
    <button class="t-btn active" onclick="openTab(event, 't-spiele')">🎮 Spiele & Abenteuer</button>
    <button class="t-btn" onclick="openTab(event, 't-spieler')">👥 Spieler</button>
    <button class="t-btn" onclick="openTab(event, 't-config')">⚙️ Stammdaten</button>
</div>

<div id="t-spiele" class="tab active">
    <form method="POST" style="display:grid; grid-template-columns: 1fr 1.5fr 1fr 1fr 1fr 0.8fr 1fr auto; gap:8px; margin-bottom:20px; background:#f9f9f9; padding:15px; border-radius:8px; border:1px solid #eee;">
        <select name="game_reihe_id" id="r_new" onchange="filter('new')" required>
            <option value="">Reihe wählen...</option>
            <?php foreach($reihen as $r): ?><option value="<?=$r['id']?>"><?=$r['name']?></option><?php endforeach; ?>
        </select>
        <input type="text" name="titel" placeholder="Titel des Abenteuers" required>
        <select name="parent_id" id="p_new">
            <option value="0" data-p="0">Hauptbox (optional)...</option>
            <?php foreach($spiele as $ps): if(!$ps['parent_id']): ?>
                <option data-p="<?=$ps['game_reihe_id']?>" value="<?=$ps['id']?>"><?=$ps['titel']?></option>
            <?php endif; endforeach; ?>
        </select>
        <select name="game_typ_id" id="t_new"><option value="0" data-p="0">Typ...</option><?php foreach($typen as $t): ?><option data-p="<?=$t['game_reihe_id']?>" value="<?=$t['id']?>"><?=$t['bezeichnung']?></option><?php endforeach; ?></select>
        <select name="game_level_id" id="l_new"><option value="0" data-p="0">Level...</option><?php foreach($levels as $l): ?><option data-p="<?=$l['game_reihe_id']?>" value="<?=$l['id']?>"><?=$l['bezeichnung']?></option><?php endforeach; ?></select>
        <input type="text" name="ean" placeholder="EAN">
        <input type="text" name="url" placeholder="Bild-URL">
        <button type="submit" name="save_game" class="btn btn-a">Hinzufügen</button>
    </form>

    <table>
        <thead><tr><th>Bild</th><th>Reihe</th><th>Titel / Parent-Box</th><th>Typ / Level</th><th>EAN / Bildpfad</th><th>Aktion</th></tr></thead>
        <?php foreach($spiele as $s): ?>
        <tr>
            <form method="POST">
            <input type="hidden" name="id" value="<?=$s['id']?>">
            <td><img src="<?= (strpos($s['bild_url'], 'http') === 0) ? $s['bild_url'] : IMG_URL . $s['bild_url'] ?>" class="img-preview" onerror="this.src='https://via.placeholder.com/45';"></td>
            <td><select name="game_reihe_id" id="r_<?=$s['id']?>" onchange="filter(<?=$s['id']?>)"><?php foreach($reihen as $r): ?><option value="<?=$r['id']?>" <?=$s['game_reihe_id']==$r['id']?'selected':''?>><?=$r['name']?></option><?php endforeach; ?></select></td>
            <td>
                <input type="text" name="titel" value="<?=htmlspecialchars($s['titel'])?>" style="margin-bottom:3px; font-weight:bold;">
                <select name="parent_id" id="p_<?=$s['id']?>" style="font-size:0.85em; color:#e67e22;">
                    <option value="0" data-p="0">- Eigenständiges Spiel -</option>
                    <?php foreach($spiele as $ps): if($ps['id'] != $s['id']): ?>
                        <option data-p="<?=$ps['game_reihe_id']?>" value="<?=$ps['id']?>" <?=$s['parent_id']==$ps['id']?'selected':''?>>📦 Teil von: <?=$ps['titel']?></option>
                    <?php endif; endforeach; ?>
                </select>
            </td>
            <td>
                <select name="game_typ_id" id="t_<?=$s['id']?>" style="margin-bottom:3px;"><option value="0" data-p="0">Typ...</option><?php foreach($typen as $t): ?><option data-p="<?=$t['game_reihe_id']?>" value="<?=$t['id']?>" <?=$s['game_typ_id']==$t['id']?'selected':''?>><?=$t['bezeichnung']?></option><?php endforeach; ?></select>
                <select name="game_level_id" id="l_<?=$s['id']?>"><option value="0" data-p="0">Lvl...</option><?php foreach($levels as $l): ?><option data-p="<?=$l['game_reihe_id']?>" value="<?=$l['id']?>" <?=$s['game_level_id']==$l['id']?'selected':''?>><?=$l['bezeichnung']?></option><?php endforeach; ?></select>
            </td>
            <td>
                <input type="text" name="ean" value="<?=htmlspecialchars($s['ean'])?>" placeholder="EAN" style="margin-bottom:3px;">
                <input type="text" name="url" value="<?=htmlspecialchars($s['bild_url'])?>" placeholder="Bildpfad">
            </td>
            <td><button type="submit" name="save_game" class="btn btn-s">💾</button> <a href="?del_t=spiele&del_id=<?=$s['id']?>" class="btn btn-d" onclick="return confirm('Löschen?')">🗑</a></td>
            </form>
        </tr>
        <?php endforeach; ?>
    </table>
</div>

<div id="t-spieler" class="tab">
    <h3>Spieler Profile</h3>
    <form method="POST" style="display:flex; gap:10px; margin-bottom:20px;">
        <input type="text" name="name" placeholder="Name" required style="width:300px;">
        <button type="submit" name="add_spieler" class="btn btn-a">Anlegen</button>
    </form>
    <table><?php foreach($spieler as $sl): ?><tr><td><?=$sl['name']?></td><td style="text-align:right;"><a href="?del_t=spieler&del_id=<?=$sl['id']?>" class="btn btn-d">Löschen</a></td></tr><?php endforeach; ?></table>
</div>

<div id="t-config" class="tab">
    <div style="display:grid; grid-template-columns: 1fr 1fr 1fr; gap:20px;">
        <div>
            <h4>1. Reihen</h4>
            <form method="POST" style="display:flex; gap:5px;"><input type="text" name="name" placeholder="z.B. EXIT" required><button type="submit" name="add_reihe" class="btn btn-a">+</button></form>
            <div class="scroll-area"><?php foreach($reihen as $r): ?><div style="padding:8px; border-bottom:1px solid #eee;"><span><?=$r['name']?></span> <a href="?del_t=game_reihe&del_id=<?=$r['id']?>" style="float:right; color:red; text-decoration:none;">✕</a></div><?php endforeach; ?></div>
        </div>
        <div>
            <h4>2. Typen</h4>
            <form method="POST">
                <select name="r_id" style="margin-bottom:5px;"><?php foreach($reihen as $r): ?><option value="<?=$r['id']?>"><?=$r['name']?></option><?php endforeach; ?></select>
                <div style="display:flex; gap:5px;"><input type="text" name="bez" placeholder="z.B. Spiel" required><button type="submit" name="add_typ" class="btn btn-a">+</button></div>
            </form>
            <div class="scroll-area"><?php foreach($typen as $t): ?><div style="padding:8px; border-bottom:1px solid #eee;"><span><?=$t['bezeichnung']?> <span class="badge"><?=$t['r_name']?></span></span> <a href="?del_t=game_typ&del_id=<?=$t['id']?>" style="float:right; color:red; text-decoration:none;">✕</a></div><?php endforeach; ?></div>
        </div>
        <div>
            <h4>3. Level / Sterne</h4>
            <form method="POST">
                <select name="r_id" style="margin-bottom:5px;"><?php foreach($reihen as $r): ?><option value="<?=$r['id']?>"><?=$r['name']?></option><?php endforeach; ?></select>
                <div style="display:flex; gap:5px;"><input type="text" name="bez" placeholder="z.B. 3" required><button type="submit" name="add_level" class="btn btn-a">+</button></div>
            </form>
            <div class="scroll-area"><?php foreach($levels as $l): ?><div style="padding:8px; border-bottom:1px solid #eee;"><span><?=renderStars($l['bezeichnung'])?> <span class="badge"><?=$l['r_name']?></span></span> <a href="?del_t=game_level&del_id=<?=$l['id']?>" style="float:right; color:red; text-decoration:none;">✕</a></div><?php endforeach; ?></div>
        </div>
    </div>
</div>

<script>
function openTab(evt, name) {
    document.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
    document.querySelectorAll('.t-btn').forEach(b => b.classList.remove('active'));
    document.getElementById(name).classList.add('active');
    evt.currentTarget.classList.add('active');
}

function filter(id) {
    let r_el = document.getElementById('r_'+id); if(!r_el) return;
    let r_val = r_el.value;
    
    // t = Typ, l = Level, p = Parent/Hauptbox
    ['t_'+id, 'l_'+id, 'p_'+id].forEach(sid => {
        let sel = document.getElementById(sid); if(!sel) return;
        sel.querySelectorAll('option').forEach(o => {
            let p = o.getAttribute('data-p');
            o.style.display = (p == "0" || p == r_val) ? "block" : "none";
        });
        if(sel.options[sel.selectedIndex] && sel.options[sel.selectedIndex].style.display == "none") sel.value = "0";
    });
}

document.addEventListener('DOMContentLoaded', () => { 
    filter('new'); 
    <?php foreach($spiele as $s): ?>filter(<?=$s['id']?>);<?php endforeach; ?> 
});
</script>
</body>
</html>