<?php
session_start();
require_once __DIR__ . '/db/config.php';

$action = $_GET['action'] ?? '';

switch ($action) {
    case 'register':
        handle_register();
        break;
    case 'login':
        handle_login();
        break;
    case 'logout':
        handle_logout();
        break;
    case 'update_profile':
        handle_update_profile();
        break;
    case 'create_thread':
        handle_create_thread();
        break;
    case 'create_post':
        handle_create_post();
        break;
    default:
        header('Location: index.php');
        exit;
}

function handle_update_profile() {
    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
        header('Location: profile.php');
        exit;
    }

    if (!isset($_SESSION['user_id'])) {
        header('Location: login.php');
        exit;
    }

    $user_id = $_SESSION['user_id'];
    $name = $_POST['name'] ?? '';
    $email = $_POST['email'] ?? '';
    $bio = $_POST['bio'] ?? '';
    $skills = $_POST['skills'] ?? '';
    $interests = $_POST['interests'] ?? '';
    $goals = $_POST['goals'] ?? '';

    if (empty($name) || empty($email)) {
        die('Name and Email are required');
    }

    try {
        $pdo = db();
        $stmt = $pdo->prepare("UPDATE users SET name = ?, email = ?, bio = ?, skills = ?, interests = ?, goals = ? WHERE id = ?");
        $stmt->execute([$name, $email, $bio, $skills, $interests, $goals, $user_id]);

        $_SESSION['user_name'] = $name; // Update session name

        header('Location: profile.php?success=1');
        exit;
    } catch (PDOException $e) {
        die("Profile update failed: " . $e->getMessage());
    }
}

function handle_register() {
    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
        header('Location: register.php');
        exit;
    }

    $name = $_POST['name'] ?? '';
    $email = $_POST['email'] ?? '';
    $password = $_POST['password'] ?? '';

    if (empty($name) || empty($email) || empty($password)) {
        die('Please fill all fields');
    }

    $hashed_password = password_hash($password, PASSWORD_DEFAULT);

    try {
        $pdo = db();
        $stmt = $pdo->prepare("INSERT INTO users (name, email, password) VALUES (?, ?, ?)");
        $stmt->execute([$name, $email, $hashed_password]);
        header('Location: login.php');
        exit;
    } catch (PDOException $e) {
        die("Registration failed: " . $e->getMessage());
    }
}

function handle_login() {
    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
        header('Location: login.php');
        exit;
    }

    $email = $_POST['email'] ?? '';
    $password = $_POST['password'] ?? '';

    if (empty($email) || empty($password)) {
        die('Please fill all fields');
    }

    try {
        $pdo = db();
        $stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
        $stmt->execute([$email]);
        $user = $stmt->fetch();

        if ($user && password_verify($password, $user['password'])) {
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['user_name'] = $user['name'];
            $_SESSION['user_role'] = $user['role'];
            header('Location: dashboard.php');
            exit;
        } else {
            die('Invalid login');
        }
    } catch (PDOException $e) {
        die("Login failed: " . $e->getMessage());
    }
}

function handle_logout() {
    session_destroy();
    header('Location: index.php');
    exit;
}

function handle_create_thread() {
    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
        header('Location: forums.php');
        exit;
    }

    if (!isset($_SESSION['user_id'])) {
        header('Location: login.php');
        exit;
    }

    $forum_id = $_POST['forum_id'] ?? null;
    $title = $_POST['title'] ?? '';
    $user_id = $_SESSION['user_id'];

    if (empty($forum_id) || empty($title)) {
        // Or redirect with an error message
        die('Forum ID and Title are required.');
    }

    try {
        $pdo = db();
        $stmt = $pdo->prepare("INSERT INTO discussion_threads (forum_id, user_id, title) VALUES (?, ?, ?)");
        $stmt->execute([$forum_id, $user_id, $title]);

        $new_thread_id = $pdo->lastInsertId();

        // Redirect to the new thread page
        header('Location: thread.php?id=' . $new_thread_id);
        exit;
    } catch (PDOException $e) {
        die("Failed to create thread: " . $e->getMessage());
    }
}

function handle_create_post() {
    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
        header('Location: forums.php');
        exit;
    }

    if (!isset($_SESSION['user_id'])) {
        header('Location: login.php');
        exit;
    }

    $thread_id = $_POST['thread_id'] ?? null;
    $content = $_POST['content'] ?? '';
    $user_id = $_SESSION['user_id'];

    if (empty($thread_id) || empty($content)) {
        // Redirect back to the thread with an error
        header('Location: thread.php?id=' . $thread_id . '&error=1');
        exit;
    }

    try {
        $pdo = db();
        $stmt = $pdo->prepare("INSERT INTO discussion_posts (thread_id, user_id, content) VALUES (?, ?, ?)");
        $stmt->execute([$thread_id, $user_id, $content]);

        // Redirect back to the thread page
        header('Location: thread.php?id=' . $thread_id);
        exit;
    } catch (PDOException $e) {
        die("Failed to create post: " . $e->getMessage());
    }
}