<?php
require_once __DIR__ . '/../auth.php';
require_once __DIR__ . '/../db/config.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $data = json_decode(file_get_contents('php://input'), true);

    $id = $data['eventId'] ?? null;
    $title = $data['eventTitle'] ?? null;
    $date = $data['eventDate'] ?? null;
    $startTime = $data['startTime'] ?? null;
    $endTime = $data['endTime'] ?? null;
    $lead_id = $data['leadId'] ?? null;
    $user_id = $_SESSION['user_id'];

    if ($id && $title && $date && $startTime && $endTime) {
        $start_datetime = $date . ' ' . $startTime;
        $end_datetime = $date . ' ' . $endTime;

        try {
            $pdo = db();
            $stmt = $pdo->prepare("UPDATE events SET lead_id = ?, title = ?, start_time = ?, end_time = ? WHERE id = ? AND user_id = ?");
            $stmt->execute([$lead_id, $title, $start_datetime, $end_datetime, $id, $user_id]);

            echo json_encode(['success' => true]);
        } catch (PDOException $e) {
            http_response_code(500);
            echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]);
        }
    } else {
        http_response_code(400);
        echo json_encode(['success' => false, 'message' => 'Invalid input']);
    }
} else {
    http_response_code(405);
    echo json_encode(['success' => false, 'message' => 'Method not allowed']);
}