query($sql); if ($result === false) { throw new Exception("Database query failed: " . $conn->error); } $obstacles = []; while ($row = $result->fetch_assoc()) { $obstacles[] = $row; } echo json_encode([ 'status' => 'success', 'data' => $obstacles ]); } elseif ($action === 'create') { // Create new obstacle (superadmin only) $role = getUserRole(); if ($role !== 'superadmin') { http_response_code(403); echo json_encode(['status' => 'error', 'message' => 'Unauthorized']); exit; } $input = json_decode(file_get_contents('php://input'), true); $sql = "INSERT INTO track_obstacles (obstacle_number, name, x_position, y_position, difficulty, description, marker_color) VALUES (?, ?, ?, ?, ?, ?, ?)"; $insertId = $db->insert($sql, [ $input['obstacle_number'], $input['name'], $input['x_position'], $input['y_position'], $input['difficulty'], $input['description'], $input['marker_color'] ], 'ssiisss'); if ($insertId) { echo json_encode([ 'status' => 'success', 'message' => 'Obstacle created', 'obstacle_id' => $insertId ]); } else { throw new Exception("Failed to create obstacle: " . $db->getLastError()); } } elseif ($action === 'updatePosition') { // Update obstacle position (superadmin only) $role = getUserRole(); if ($role !== 'superadmin') { http_response_code(403); echo json_encode(['status' => 'error', 'message' => 'Unauthorized']); exit; } $input = json_decode(file_get_contents('php://input'), true); $sql = "UPDATE track_obstacles SET x_position = ?, y_position = ? WHERE obstacle_id = ?"; $result = $db->update($sql, [ $input['x_position'], $input['y_position'], $input['obstacle_id'] ], 'iii'); if ($result !== false) { echo json_encode([ 'status' => 'success', 'message' => 'Position updated' ]); } else { throw new Exception("Failed to update position: " . $db->getLastError()); } } else { // Invalid action http_response_code(400); echo json_encode([ 'status' => 'error', 'message' => 'Invalid action specified' ]); } } catch (Exception $e) { // Return error response http_response_code(500); echo json_encode([ 'status' => 'error', 'message' => 'Server error: ' . $e->getMessage() ]); } exit(); ?>