<?php
require_once 'db/config.php';

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['error' => 'Method Not Allowed']);
    exit;
}

$data = json_decode(file_get_contents('php://input'), true);

if (!$data) {
    http_response_code(400);
    echo json_encode(['error' => 'Invalid data']);
    exit;
}

$required_fields = ['playerName', 'courseId', 'holes', 'scores'];
foreach ($required_fields as $field) {
    if (empty($data[$field])) {
        http_response_code(400);
        echo json_encode(['error' => "Missing required field: {$field}"]);
        exit;
    }
}

try {
    $pdo = db();

    $sql = "INSERT INTO scores (player_name, team_name, course_id, holes_played, total_score, total_to_par";
    $params = [
        ':player_name' => $data['playerName'],
        ':team_name' => $data['teamName'] ?? null,
        ':course_id' => $data['courseId'],
        ':holes_played' => $data['holes'],
        ':total_score' => $data['totalScore'],
        ':total_to_par' => $data['totalToPar']
    ];

    for ($i = 1; $i <= $data['holes']; $i++) {
        $sql .= ", hole_{$i}_score";
        $params[":hole_{$i}_score"] = $data['scores']["hole{$i}_score"] ?? null;
    }

    $sql .= ") VALUES (" . implode(', ', array_keys($params)) . ")";

    $stmt = $pdo->prepare($sql);
    $stmt->execute($params);

    http_response_code(201);
    echo json_encode(['success' => 'Score submitted successfully']);

} catch (PDOException $e) {
    http_response_code(500);
    echo json_encode(['error' => 'Database error: ' . $e->getMessage()]);
}