Add strict types and type hints across API

Apply strict_types and extensive type declarations throughout the API and models, improving type safety and error handling. Key changes: add declare(strict_types=1) to many files; convert properties, method parameters and return values to typed signatures (PDO, arrays, ints, strings, bools, nullables); switch exception handling to Throwable in index and Router; improve Router, controllers and model method signatures and nullability handling; refine file/image serving security checks and headers in ImageController; strengthen Database typing and initialization methods; return explicit types from BaseModel CRUD helpers and counting; update Media/Cast/Adult/Game/Console/Settings controllers and models to use typed methods, better validation, and clearer update/create return types. Also add AGENTS.md (agent skills index), update README with Swagger/OpenAPI usage instructions, and add /.windsurf to .gitignore. These changes aim to harden runtime correctness, make intended contracts explicit, and prepare the codebase for easier maintenance and static analysis.

api/services/ImageHandler.php

@@ -1,27 +1,29 @@
 <?php
 
+declare(strict_types=1);
+
 class ImageHandler {
-    private $uploadDir;
-    private $baseUrl;
-    
-    public function __construct($uploadDir = null, $baseUrl = null) {
+    private string $uploadDir;
+    private string $baseUrl;
+
+    public function __construct(?string $uploadDir = null, ?string $baseUrl = null) {
         $this->uploadDir = $uploadDir ?? __DIR__ . '/../public/images/';
         $this->baseUrl = $baseUrl ?? '/images/';
-        
+
         // Ensure upload directory exists
         if (!file_exists($this->uploadDir)) {
             mkdir($this->uploadDir, 0755, true);
         }
     }
-    
+
     /**
      * Process base64 image data and save to file
-     * 
+     *
      * @param string $base64Data Base64 encoded image data
      * @param string $prefix Prefix for filename (e.g., 'poster', 'banner')
      * @return string|null Relative path to saved image, or null if invalid
      */
-    public function saveBase64Image($base64Data, $prefix = 'image') {
+    public function saveBase64Image(string $base64Data, string $prefix = 'image'): ?string {
         error_log("ImageHandler: Starting to process base64 image, length: " . strlen($base64Data));
         
         if (empty($base64Data)) {
@@ -119,7 +121,7 @@ class ImageHandler {
     /**
      * Detect image format from base64 string
      */
-    private function detectImageFormat($base64String) {
+    private function detectImageFormat(string $base64String): ?string {
         // Decode first few bytes to check magic numbers
         $data = base64_decode(substr($base64String, 0, 100));
         
@@ -140,7 +142,7 @@ class ImageHandler {
     /**
      * Validate that data is a valid image
      */
-    private function isValidImage($data) {
+    private function isValidImage(string $data): bool {
         try {
             $image = imagecreatefromstring($data);
             if ($image !== false) {
@@ -156,14 +158,14 @@ class ImageHandler {
     /**
      * Generate unique filename
      */
-    private function generateUniqueFilename($prefix, $extension) {
+    private function generateUniqueFilename(string $prefix, string $extension): string {
         return $prefix . '_' . uniqid() . '_' . time() . '.' . $extension;
     }
     
     /**
      * Delete an image file
      */
-    public function deleteImage($imagePath) {
+    public function deleteImage(?string $imagePath): bool {
         if (empty($imagePath)) {
             return false;
         }