prepare($sql); $roomId ? $stmt->execute([$roomId]) : $stmt->execute(); jsonSuccess(array_reverse($stmt->fetchAll())); } public function show(string $id): void { requireAuth([ROLE_ADMIN, ROLE_PENGURUS]); $db = getDB(); $rows = $db->query("SELECT id, nama, deskripsi FROM chat_room ORDER BY nama")->fetchAll(); jsonSuccess($rows); } public function store(): void { requireAuth([ROLE_ADMIN, ROLE_PENGURUS]); $user = currentUser(); $body = getBody(); $errs = required($body, ['pesan']); if ($errs) jsonError(implode('; ',$errs)); $db = getDB(); $db->prepare("INSERT INTO chat (id_user, id_room, pesan) VALUES (?,?,?)")->execute([ $user['id'], $body['id_room'] ?? null, sanitize($body['pesan']), ]); jsonSuccess(['id' => $db->lastInsertId()], 'Pesan terkirim', 201); } public function update(string $id): void { jsonError('N/A',405); } public function destroy(string $id): void { requireAuth([ROLE_ADMIN]); getDB()->prepare("DELETE FROM chat WHERE id=?")->execute([$id]); jsonSuccess([],'Pesan dihapus'); } }