<?php
require_once '../db/config.php';

header('Content-Type: application/json');

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['error' => 'Method Not Allowed']);
    exit;
}

$data = json_decode(file_get_contents('php://input'), true);

$first_name = $data['first_name'] ?? null;
$last_name = $data['last_name'] ?? null;
$email = $data['email'] ?? null;
$phone = $data['phone'] ?? null;
$role_id = $data['role_id'] ?? null;
$hire_date = $data['hire_date'] ?? null;

if (!$first_name || !$last_name || !$email || !$role_id) {
    http_response_code(400);
    echo json_encode(['error' => 'Missing required fields: first_name, last_name, email, role_id']);
    exit;
}

if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    http_response_code(400);
    echo json_encode(['error' => 'Invalid email format']);
    exit;
}

try {
    $pdo = db();
    
    $stmt = $pdo->prepare("SELECT id FROM employees WHERE email = ?");
    $stmt->execute([$email]);
    if ($stmt->fetch()) {
        http_response_code(409);
        echo json_encode(['error' => 'Employee with this email already exists']);
        exit;
    }

    $stmt = $pdo->prepare("INSERT INTO employees (first_name, last_name, email, phone, role_id, hire_date) VALUES (?, ?, ?, ?, ?, ?)");
    $stmt->execute([$first_name, $last_name, $email, $phone, $role_id, $hire_date]);

    $id = $pdo->lastInsertId();

    http_response_code(201);
    echo json_encode(['success' => 'Employee created successfully', 'id' => $id]);

} catch (PDOException $e) {
    http_response_code(500);
    echo json_encode(['error' => 'Database error: ' . $e->getMessage()]);
}