nexus/modules/boersenchecker/pages/chart_data.php

<?php
declare(strict_types=1);

require_auth();

$user = auth_user() ?? [];
$ownerSub = trim((string) ($user['sub'] ?? 'local'));

$instrumentId = (int) ($_GET['instrument_id'] ?? 0);
if ($instrumentId <= 0) {
    header('Content-Type: application/json; charset=utf-8');
    echo json_encode(['ok' => false, 'message' => 'instrument_id fehlt.'], JSON_UNESCAPED_UNICODE);
    exit;
}

$pdo = module_fn('boersenchecker', 'pdo');
module_fn('boersenchecker', 'ensure_schema');
$instrumentTable = module_fn('boersenchecker', 'table', 'instruments');
$positionTable = module_fn('boersenchecker', 'table', 'positions');

$stmt = $pdo->prepare(
    'SELECT i.id, i.name, i.symbol, i.isin
     FROM ' . $instrumentTable . ' i
     INNER JOIN ' . $positionTable . ' p ON p.instrument_id = i.id
     WHERE i.id = :id AND p.owner_sub = :owner_sub
     LIMIT 1'
);
$stmt->execute([
    'id' => $instrumentId,
    'owner_sub' => $ownerSub,
]);
$instrument = $stmt->fetch(PDO::FETCH_ASSOC);

header('Content-Type: application/json; charset=utf-8');
if (!is_array($instrument)) {
    echo json_encode(['ok' => false, 'message' => 'Aktie nicht verfuegbar.'], JSON_UNESCAPED_UNICODE);
    exit;
}

$isin = strtoupper(trim((string) ($instrument['isin'] ?? '')));
if ($isin === '') {
    echo json_encode(['ok' => false, 'message' => 'Fuer diese Aktie ist keine ISIN hinterlegt.'], JSON_UNESCAPED_UNICODE);
    exit;
}

$result = module_fn('boersenchecker', 'bavest_fetch_chart_series', $isin);
echo json_encode($result, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
exit;