diff --git a/b3-dev/api/api-php-call/CORS/index.php b/b3-dev/api/api-php-call/CORS/index.php
new file mode 100644
index 0000000..cdfb68a
--- /dev/null
+++ b/b3-dev/api/api-php-call/CORS/index.php
@@ -0,0 +1,52 @@
+<?php
+ header("Access-Control-Allow-Origin: 'self'");
+ // en node : res.header("Access-Control-Allow-Origin", "*");
+ // cf : https://dzone.com/articles/cors-in-node
+
+ // https://developer.mozilla.org/fr/docs/Web/HTTP/CORS
+
+?>
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <title>jQuery Query</title>
+        <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
+
+<style>
+</style>
+    </head>
+    <body>
+        <img src="https://randomwordgenerator.com/img/picture-generator/53e4d5464e54a514f1dc8460962e33791c3ad6e04e507749742c78d7974ec3_640.jpg" />
+<script>
+$(document).ready(function() {
+    //alert('ok');
+    $.get("https://api.geoapify.com/v1/geocode/search?text=12+rue+Maupertuit%2C+Bruz&apiKey=bc1e13327f7f4876902d4bc45c30e102", function(data, status){
+        alert("Data: " + data + "\nStatus: " + status);
+    }); 
+
+    eval("alert('coucou')"); 
+
+});
+</script>
+<pre>
+<Directory "/home/agence-polux/www.new/www/wp-admin">
+    Header set Content-Security-Policy \
+        " \
+        script-src 'unsafe-eval' 'unsafe-inline' 'self' ssl.google-analytics.com www.google-analytics.com ajax.googleapis.com www.googletagmanager.com tarteaucitron.io www.tarteaucitron.io; \
+        default-src 'none'; \
+        connect-src 'self'; \
+        img-src 'self' 'unsafe-inline' data: ssl.google-analytics.com www.google-analytics.com ajax.googleapis.com www.googletagmanager.com tarteaucitron.io www.tarteaucitron.io; \
+        style-src 'self' 'unsafe-inline' ssl.google-analytics.com tarteaucitron.io www.tarteaucitron.io; \
+        base-uri 'self'; \
+        font-src 'self' data:; \
+        "
+</Directory>
+
+
+</pre>
+
+
+
+    </body>
+</html>
\ No newline at end of file
diff --git a/b3-dev/api/api-php-call/calls/index.php b/b3-dev/api/api-php-call/calls/index.php
new file mode 100644
index 0000000..fe48c47
--- /dev/null
+++ b/b3-dev/api/api-php-call/calls/index.php
@@ -0,0 +1,50 @@
+<?php
+    header("Content-type: text/plain;charset=utf-8");
+
+
+    // vars
+    $api_key = "bc1e13327f7f4876902d4bc45c30e102";
+    $api_url = "https://api.geoapify.com/v1/";
+    $geocode_pattern = "geocode/search?text=%address%&apiKey=".$api_key;
+    
+    
+    $geocode_request = str_replace(
+            "%address%", 
+            urlencode("12 rue Maupertuit, Bruz"), 
+            $geocode_pattern);
+
+    echo "\n".$api_url.$geocode_request;
+
+    $curl = curl_init($api_url.$geocode_request);
+    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
+    $response_json = curl_exec($curl);
+    //print_r($response_json);
+    $response_php = json_decode($response_json);
+    print_r($response_php->features[0]->geometry->coordinates);
+    curl_close($curl);
+
+
+    $curl = curl_init();
+    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
+    
+    // curl_setopt($curl, CURLOPT_POST, 1);
+    // curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT");
+    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "POST");
+    
+    $data['grant_type'] = 'client_credentials'; 
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
+
+    curl_setopt($curl, CURLOPT_URL, 'https://accounts.spotify.com/api/token');
+
+    $headers = array(
+        'Authorization' => `Basic 1111111111111111111111111111111111`,
+        'Content-Type' => 'application/x-www-form-urlencoded'
+    );
+
+    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);  
+
+    $response_json = curl_exec($curl);
+    print_r($response_json);
+    //$response_php = json_decode($response_json);
+    //print_r($response_php->features[0]->geometry->coordinates);
+    curl_close($curl);
\ No newline at end of file