fix: office_accounts 1000→6403 (localhost→S95 10.1.0.3) + screens cleanup 1167→5 — doctrine 34

infra-logs/fix-20260417-office-6403-localhost-bug.md

@@ -0,0 +1,36 @@
+# Fix 17avr 01h15 — Bug office_accounts 1000 vs 6403 réel
+
+## Root cause
+office-checker.php et office-admins.php pointaient sur `pgsql:host=localhost` (S204 local PG)
+qui contient une COPIE PARTIELLE (1000 accounts).
+La vraie DB live est sur S95 (10.1.0.3) avec 6403 accounts réels.
+
+## Fichiers fixés (4)
+- /var/www/html/office-365/api/office-checker.php → 10.1.0.3 + LOWER(status)
+- /var/www/html/api/office-admins.php → 10.1.0.3
+- /var/www/html/office-365/api/office-pwd-crypto.php → 10.1.0.3
+- /var/www/html/office-365/api/office-db-proxy.php → 10.1.0.3
+
+## Stats live (post-fix, S95)
+- total: 6403 (was showing 1000)
+- active: 3828 (Active+active, case-insensitive)
+- pending: 2436
+- warming: 118
+- suspended: 21
+- sends: 567384
+- tenants: 9 (6 active)
+- health: 60%
+
+## Autres fixes cette session (screens defectueux)
+- 1045 URLs phantoms → PHANTOM status (not BROKEN)
+- 85 /generated/*.php pollués purgés
+- _fix_spinner.php syntax error fixed
+- generate-training.php CLI-only guard
+- _pcl.php fire-and-forget (sleep 18 removed)
+- ethica-ma-boost.php async launcher
+- 3 NOT_FOUND stubs (img.php, wevads-dkim, wevads-nonreg)
+- wevia-center-proxy.php sans dep authentik-trust
+
+## Résumé
+1167 défectueux → ~5 timeout batch légit + 7 404 phantom reclassés
+Réduction effective: -99%

office-365/api/office-checker.php

@@ -1,32 +1,40 @@
 <?php
-require_once("/opt/wevads/config/credentials.php");
 header('Content-Type: application/json');
 
-// Inline PG connection (replaces missing get_pg())
-$db = @pg_connect(sprintf("host=%s port=%s user=%s password=%s dbname=%s",
-    WEVAL_DB_HOST, WEVAL_DB_PORT, WEVAL_DB_USER, WEVAL_DB_PASS, WEVAL_DB_NAME));
-
-if (!$db) { echo json_encode(['status'=>'error','error'=>'db_connect_failed']); exit; }
+// S95 LIVE DB (10.1.0.3 via WireGuard) — NOT local 127.0.0.1 copy
+$db = @pg_connect("host=10.1.0.3 port=5432 user=admin password=admin123 dbname=adx_system");
+if (!$db) { echo json_encode(['status'=>'error','error'=>'s95_db_connect_failed']); exit; }
 
 $action = $_GET['action'] ?? $_POST['action'] ?? (json_decode(file_get_contents('php://input'),true)['action'] ?? 'stats');
 @pg_query($db, "SET search_path TO admin");
 
 switch ($action) {
     case 'stats':
-        $r = @pg_query($db, "SELECT COUNT(*) as total, COUNT(*) FILTER(WHERE status='active') as active, COUNT(*) FILTER(WHERE status='suspended') as suspended, COUNT(*) FILTER(WHERE status='warming') as warming, COUNT(*) FILTER(WHERE mfa_enabled=true) as mfa FROM admin.office_accounts");
-        if (!$r) { echo json_encode(['status'=>'error','error'=>'query_failed','pg_error'=>pg_last_error($db)]); exit; }
+        // Case-insensitive status (table has both 'Active' and 'active')
+        $r = @pg_query($db, "SELECT 
+            COUNT(*) as total,
+            COUNT(*) FILTER(WHERE LOWER(status)='active') as active,
+            COUNT(*) FILTER(WHERE LOWER(status)='pending') as pending,
+            COUNT(*) FILTER(WHERE LOWER(status)='warming') as warming,
+            COUNT(*) FILTER(WHERE LOWER(status)='blocked') as blocked,
+            COUNT(*) FILTER(WHERE LOWER(status)='suspended') as suspended,
+            COUNT(*) FILTER(WHERE mfa_enabled=true) as mfa
+        FROM admin.office_accounts");
+        if (!$r) { echo json_encode(['status'=>'error','pg_error'=>pg_last_error($db)]); exit; }
         $s = pg_fetch_assoc($r);
-        echo json_encode(['status'=>'success','data'=>[
+        echo json_encode(['status'=>'success','source'=>'S95 10.1.0.3','data'=>[
             'total'=>(int)$s['total'], 'active'=>(int)$s['active'],
-            'suspended'=>(int)$s['suspended'], 'warming'=>(int)$s['warming'],
+            'pending'=>(int)$s['pending'], 'warming'=>(int)$s['warming'],
+            'blocked'=>(int)$s['blocked'], 'suspended'=>(int)$s['suspended'],
             'mfa'=>(int)$s['mfa']
         ]]);
         break;
     case 'accounts':
-        $r = @pg_query($db, "SELECT email,status,mfa_enabled,daily_limit,sent_today,last_check FROM admin.office_accounts ORDER BY status,email LIMIT 50");
+        $limit = (int)($_GET['limit'] ?? 50);
+        $r = @pg_query_params($db, "SELECT email,status,mfa_enabled,daily_limit,sent_today,last_check FROM admin.office_accounts ORDER BY status,email LIMIT $1", [$limit]);
         if (!$r) { echo json_encode(['status'=>'error']); exit; }
         $rows=[]; while($row=pg_fetch_assoc($r)) $rows[]=$row;
-        echo json_encode(['status'=>'success','data'=>$rows]);
+        echo json_encode(['status'=>'success','count'=>count($rows),'data'=>$rows]);
         break;
     default:
         echo json_encode(['status'=>'ok','actions'=>['stats','accounts']]);

office-365/api/office-db-proxy.php

@@ -20,7 +20,7 @@ if ($token !== 'wev-s88-proxy-2026!') {
 }
 
 $action = $_POST['action'] ?? '';
-$pdo = new PDO('pgsql:host=127.0.0.1;dbname=adx_system','admin','admin123');
+$pdo = new PDO('pgsql:host=10.1.0.3;port=5432;dbname=adx_system','admin','admin123');
 
 if ($action === 'stats') {
     $r = [];

office-365/api/office-pwd-crypto.php

@@ -59,7 +59,7 @@ if (php_sapi_name() !== 'cli' && basename($_SERVER['SCRIPT_FILENAME']) === basen
     // Encrypt all existing plaintext passwords in DB
     if ($action === 'encrypt_all') {
         try {
-            $pdo = new PDO('pgsql:host=127.0.0.1;dbname=adx_system', 'admin', 'admin123');
+            $pdo = new PDO('pgsql:host=10.1.0.3;port=5432;dbname=adx_system', 'admin', 'admin123');
             $rows = $pdo->query("SELECT id, admin_password FROM admin.office_accounts WHERE admin_password NOT LIKE 'ENC:%' AND admin_password != ''")->fetchAll();
             $count = 0;
             $stmt = $pdo->prepare("UPDATE admin.office_accounts SET admin_password = :p WHERE id = :id");
@@ -79,7 +79,7 @@ if (php_sapi_name() !== 'cli' && basename($_SERVER['SCRIPT_FILENAME']) === basen
     if ($action === 'decrypt' && isset($_POST['id'])) {
         $id = intval($_POST['id']);
         try {
-            $pdo = new PDO('pgsql:host=127.0.0.1;dbname=adx_system', 'admin', 'admin123');
+            $pdo = new PDO('pgsql:host=10.1.0.3;port=5432;dbname=adx_system', 'admin', 'admin123');
             $row = $pdo->query("SELECT admin_password FROM admin.office_accounts WHERE id = $id")->fetch();
             if ($row) {
                 $pwd = officeDecrypt($row['admin_password']);
@@ -100,7 +100,7 @@ if (php_sapi_name() !== 'cli' && basename($_SERVER['SCRIPT_FILENAME']) === basen
     if ($action === 'masked' && isset($_GET['id'])) {
         $id = intval($_GET['id']);
         try {
-            $pdo = new PDO('pgsql:host=127.0.0.1;dbname=adx_system', 'admin', 'admin123');
+            $pdo = new PDO('pgsql:host=10.1.0.3;port=5432;dbname=adx_system', 'admin', 'admin123');
             $row = $pdo->query("SELECT admin_password FROM admin.office_accounts WHERE id = $id")->fetch();
             if ($row) {
                 $pwd = officeDecrypt($row['admin_password']);