oma-memorial/src/app/api/media/route.ts

import { NextRequest, NextResponse } from 'next/server'
import { getDb } from '@/lib/db'

export const runtime = 'nodejs'

const VALID_TYPES = ['photo', 'video', 'music']
const VALID_STATUSES = ['approved', 'pending', 'rejected', 'flagged']

export async function GET(req: NextRequest) {
  const type = req.nextUrl.searchParams.get('type')
  const status = req.nextUrl.searchParams.get('status')

  if (type && !VALID_TYPES.includes(type)) {
    return NextResponse.json({ error: 'Invalid type' }, { status: 400 })
  }
  if (status && !VALID_STATUSES.includes(status)) {
    return NextResponse.json({ error: 'Invalid status' }, { status: 400 })
  }

  const db = getDb()

  let query = 'SELECT * FROM media WHERE 1=1'
  const queryParams: string[] = []

  if (type) {
    query += ' AND type = ?'
    queryParams.push(type)
  }

  if (status) {
    query += ' AND status = ?'
    queryParams.push(status)
  }

  query += ' ORDER BY sort_order, created_at'

  const media = db.prepare(query).all(...queryParams)
  return NextResponse.json(media)
}