<?php
session_start();
require_once 'config/database.php';

// Проверяем авторизацию администратора
if (!isset($_SESSION['isAdmin']) || $_SESSION['isAdmin'] !== true) {
    echo json_encode(['success' => false, 'message' => 'Доступ запрещен']);
    exit();
}

if (!isset($_GET['id'])) {
    echo json_encode(['success' => false, 'message' => 'ID не указан']);
    exit();
}

try {
    $db = Database::getInstance()->getConnection();
    $product_id = $_GET['id'];

    $stmt = $db->prepare("SELECT * FROM products WHERE product_id = ?");
    $stmt->execute([$product_id]);
    $product = $stmt->fetch();

    if ($product) {
        echo json_encode($product);
    } else {
        echo json_encode(['success' => false, 'message' => 'Товар не найден']);
    }

} catch (PDOException $e) {
    echo json_encode(['success' => false, 'message' => 'Ошибка базы данных: ' . $e->getMessage()]);
}
?>