$msg]+$arr); else bad($msg,$code); } $a = $_GET['action'] ?? ''; $b = body(); function find_user($name){ $st=db()->prepare("SELECT user_id FROM users WHERE username=?"); $st->execute([trim($name)]); $r=$st->fetch(); return $r? (int)$r["user_id"] : 0; } try { if ($a === "create") { $uid = isset($b['user_id']) ? (int)$b['user_id'] : 0; if ($uid<=0){ $u = trim($b["username"] ?? ""); if ($u==="") out(false,"username or user_id required",[],400); $uid = find_user($u); if (!$uid) out(false,"user not found",[],404); } $c = trim($b["name"] ?? ""); if ($c==="") out(false,"invalid",[],400); $ins = db()->prepare("INSERT INTO characters(user_id,name) VALUES(?,?)"); try { $ins->execute([$uid,$c]); } catch(PDOException $e){ if($e->errorInfo[1]==1062) out(false,"character exists for this user",[],409); throw $e; } out(true,"created",["character_id"=>(int)db()->lastInsertId()]); } if ($a === "list") { $camp = (int)($_GET['campaign_id'] ?? 0); if ($camp>0){ $st = db()->prepare(" SELECT c.character_id, c.user_id, c.name, u.username, EXISTS(SELECT 1 FROM campaign_characters cc WHERE cc.campaign_id=? AND cc.character_id=c.character_id) AS assigned FROM characters c JOIN users u ON u.user_id=c.user_id ORDER BY u.username ASC, c.name ASC "); $st->execute([$camp]); } else { $st = db()->query(" SELECT c.character_id, c.user_id, c.name, u.username, 0 AS assigned FROM characters c JOIN users u ON u.user_id=c.user_id ORDER BY u.username ASC, c.name ASC "); } out(true,"ok",["items"=>$st->fetchAll()]); } // --- delete --- if ($a === "delete") { $u = trim($_GET['username'] ?? ''); $n = trim($_GET['name'] ?? ''); if ($u===''||$n==='') out(false,'username/name required',[],400); $uid = find_user($u); if (!$uid) out(false,"user not found",[],404); $del = db()->prepare("DELETE FROM characters WHERE user_id=? AND name=?"); $del->execute([$uid,$n]); out(true,"deleted",["count"=>$del->rowCount()]); } if ($a === "assign") { $cid = (int)($b['character_id'] ?? 0); $camp = $b['campaign_id'] ?? null; if ($cid<=0) out(false,'character_id required',[],400); if ($camp===null || $camp===''){ $st = db()->prepare("DELETE FROM campaign_characters WHERE character_id=?"); $st->execute([$cid]); out(true,'unassigned',[]); } else { $camp = (int)$camp; $st = db()->prepare("INSERT IGNORE INTO campaign_characters(campaign_id,character_id) VALUES(?,?)"); $st->execute([$camp,$cid]); out(true,'assigned',[]); } } out(false,"unknown action",[],404); } catch (Throwable $e) { bad("server error: ".$e->getMessage(),500); }