<?php
// 文案审核 API：通过/拒绝 texts_pending 中的 JSON 文案
session_start();
header('Content-Type: application/json; charset=utf-8');

$ADMIN_PASSWORD = 'my123123';

function resp($ok, $msg) {
  echo json_encode(['ok' => $ok, 'msg' => $msg], JSON_UNESCAPED_UNICODE);
  exit;
}

$authed = !empty($_SESSION['admin_ok']);
if (!$authed) {
  $pwd = trim($_POST['password'] ?? '');
  if ($pwd === $ADMIN_PASSWORD) $authed = true;
}
if (!$authed) resp(false, '未授权或密码错误');

$action = $_POST['action'] ?? '';
$file = basename($_POST['file'] ?? '');

$pendingDir = __DIR__ . '/../texts_pending';
$path = $pendingDir . '/' . $file;
if ($file === '' || !is_file($path)) resp(false, '待处理文件不存在');

if ($action === 'approve') {
  $data = json_decode(@file_get_contents($path), true);
  if (!is_array($data) || empty($data['content'])) {
    resp(false, '文案数据无效');
  }

  $title = trim($data['title'] ?? '');
  $content = trim($data['content'] ?? '');
  $text = $title !== '' ? ('【' . $title . '】 ' . $content) : $content;

  // 追加到 texts/DATE/all.json
  $dateDir = __DIR__ . '/../texts/' . date('Y-m-d');
  if (!is_dir($dateDir)) @mkdir($dateDir, 0777, true);
  $allPath = $dateDir . '/all.json';
  $arr = [];
  if (is_file($allPath)) {
    $arr = json_decode(@file_get_contents($allPath), true);
    if (!is_array($arr)) $arr = [];
  }
  $arr[] = [
    'text' => $text,
    'source' => 'user',
    'created_at' => date('c'),
  ];
  @file_put_contents($allPath, json_encode($arr, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT));

  @unlink($path);
  resp(true, '已通过并入库');
} else if ($action === 'reject') {
  @unlink($path);
  resp(true, '已拒绝并删除');
} else {
  resp(false, '未知操作');
}
?>