From 88eef0e2d6d586cd8f3e9f49e073302e71279779 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Fri, 21 Nov 2025 17:47:54 +0000
Subject: [PATCH] Fix ApiClient name and handle empty string as null in
 minigames

- Use correct ApiClient casing (window.ApiClient not window.APIClient)
- Check for both null and empty string to trigger server validation
- Add fallback to support both naming conventions
- Add debug logging to show which validation method is used

The ApiClient is exported as window.ApiClient but code was checking for window.APIClient.
---
 .../js/minigames/password/password-minigame.js  | 17 ++++++++++++-----
 .../js/minigames/pin/pin-minigame.js            | 12 ++++++++----
 2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/public/break_escape/js/minigames/password/password-minigame.js b/public/break_escape/js/minigames/password/password-minigame.js
index 1682618..0898cc6 100644
--- a/public/break_escape/js/minigames/password/password-minigame.js
+++ b/public/break_escape/js/minigames/password/password-minigame.js
@@ -379,6 +379,7 @@ export class PasswordMinigame extends MinigameScene {
         console.log('submitPassword called', {
             isActive: this.gameState.isActive,
             correctPassword: this.correctPassword,
+            hasApiClient: !!window.ApiClient,
             hasAPIClient: !!window.APIClient,
             gameId: window.gameId
         });
@@ -396,12 +397,17 @@ export class PasswordMinigame extends MinigameScene {
         this.gameData.attempts++;
         this.attemptsDisplay.textContent = this.gameData.attempts;
 
-        // Check if we need server-side validation (correctPassword is null)
-        if (this.correctPassword === null && window.APIClient && window.gameId) {
+        // Check if we need server-side validation (correctPassword is null or empty string)
+        const apiClient = window.ApiClient || window.APIClient;
+        if ((!this.correctPassword || this.correctPassword === '') && apiClient && window.gameId) {
             console.log('Using server-side validation');
             await this.validatePasswordWithServer(enteredPassword);
         } else {
-            console.log('Using client-side validation');
+            console.log('Using client-side validation', {
+                correctPassword: this.correctPassword,
+                hasApiClient: !!apiClient,
+                gameId: window.gameId
+            });
             // Client-side validation (backwards compatibility)
             if (enteredPassword === this.correctPassword) {
                 this.passwordCorrect();
@@ -433,8 +439,9 @@ export class PasswordMinigame extends MinigameScene {
 
             console.log('Validating password with server:', { targetType, targetId, attempt: enteredPassword });
 
-            // Call server API for validation
-            const response = await window.APIClient.unlock(targetType, targetId, enteredPassword, 'password');
+            // Call server API for validation (use ApiClient with correct casing)
+            const apiClient = window.ApiClient || window.APIClient;
+            const response = await apiClient.unlock(targetType, targetId, enteredPassword, 'password');
 
             if (response.success) {
                 this.passwordCorrect();
diff --git a/public/break_escape/js/minigames/pin/pin-minigame.js b/public/break_escape/js/minigames/pin/pin-minigame.js
index 2965b34..1fd6b58 100644
--- a/public/break_escape/js/minigames/pin/pin-minigame.js
+++ b/public/break_escape/js/minigames/pin/pin-minigame.js
@@ -247,11 +247,14 @@ export class PinMinigame extends MinigameScene {
 
         this.attemptCount++;
 
-        // Check if we need server-side validation (correctPin is null)
+        // Check if we need server-side validation (correctPin is null or empty)
         let isCorrect;
-        if (this.correctPin === null && window.APIClient && window.gameId) {
+        const apiClient = window.ApiClient || window.APIClient;
+        if ((!this.correctPin || this.correctPin === '') && apiClient && window.gameId) {
+            console.log('Using server-side PIN validation');
             isCorrect = await this.validatePinWithServer(this.currentInput);
         } else {
+            console.log('Using client-side PIN validation');
             // Client-side validation (backwards compatibility)
             isCorrect = this.currentInput === this.correctPin;
         }
@@ -295,8 +298,9 @@ export class PinMinigame extends MinigameScene {
 
             console.log('Validating PIN with server:', { targetType, targetId, attempt: enteredPin });
 
-            // Call server API for validation
-            const response = await window.APIClient.unlock(targetType, targetId, enteredPin, 'pin');
+            // Call server API for validation (use ApiClient with correct casing)
+            const apiClient = window.ApiClient || window.APIClient;
+            const response = await apiClient.unlock(targetType, targetId, enteredPin, 'pin');
 
             return response.success;
         } catch (error) {