<?php
session_start();
require_once 'db/config.php';

// Default redirect location
$redirect_location = 'cart.php';

// Determine action, prioritizing POST
$action = $_POST['action'] ?? $_GET['action'] ?? null;

if (!$action) {
    header('Location: index.php');
    exit;
}

$user_id = $_SESSION['user_id'] ?? null;
$session_id = session_id();
$pdoconnection = db();

// --- ADD TO CART ---
if ($action == 'add' && isset($_POST['menu_item_id'], $_POST['quantity'])) {
    $menu_item_id = (int)$_POST['menu_item_id'];
    $quantity = (int)$_POST['quantity'];

    if ($quantity > 0 && $menu_item_id > 0) {
        // Check if item is already in cart
        $sql = "SELECT id, quantity FROM cart WHERE menu_item_id = :menu_item_id AND " . ($user_id ? "user_id = :identifier" : "session_id = :identifier");
        $stmt = $pdoconnection->prepare($sql);
        $identifier = $user_id ?: $session_id;
        $stmt->execute([':menu_item_id' => $menu_item_id, ':identifier' => $identifier]);
        $existing_item = $stmt->fetch();

        if ($existing_item) {
            // Update quantity
            $new_quantity = $existing_item['quantity'] + $quantity;
            $stmt = $pdoconnection->prepare("UPDATE cart SET quantity = :quantity WHERE id = :id");
            $stmt->execute([':quantity' => $new_quantity, ':id' => $existing_item['id']]);
        } else {
            // Insert new item
            $stmt = $pdoconnection->prepare(
                "INSERT INTO cart (user_id, session_id, menu_item_id, quantity) VALUES (:user_id, :session_id, :menu_item_id, :quantity)"
            );
            $stmt->execute([
                ':user_id' => $user_id,
                ':session_id' => $user_id ? null : $session_id,
                ':menu_item_id' => $menu_item_id,
                ':quantity' => $quantity
            ]);
        }
    }
    // Redirect back to the menu page after adding an item
    if (isset($_POST['restaurant_id']) && is_numeric($_POST['restaurant_id'])) {
        $redirect_location = 'menu.php?id=' . $_POST['restaurant_id'];
    }

// --- UPDATE CART ---
} elseif ($action == 'update' && isset($_POST['cart_id'], $_POST['quantity'])) {
    $cart_id = (int)$_POST['cart_id'];
    $quantity = (int)$_POST['quantity'];

    if ($quantity > 0 && $cart_id > 0) {
        $sql = "UPDATE cart SET quantity = :quantity WHERE id = :cart_id AND " . ($user_id ? "user_id = :identifier" : "session_id = :identifier");
        $stmt = $pdoconnection->prepare($sql);
        $identifier = $user_id ?: $session_id;
        $stmt->execute([':quantity' => $quantity, ':cart_id' => $cart_id, ':identifier' => $identifier]);
    }

// --- REMOVE FROM CART ---
} elseif ($action == 'remove' && isset($_POST['cart_id'])) {
    $cart_id = (int)$_POST['cart_id'];

    if ($cart_id > 0) {
        $sql = "DELETE FROM cart WHERE id = :cart_id AND " . ($user_id ? "user_id = :identifier" : "session_id = :identifier");
        $stmt = $pdoconnection->prepare($sql);
        $identifier = $user_id ?: $session_id;
        $stmt->execute([':cart_id' => $cart_id, ':identifier' => $identifier]);
    }
}

header('Location: ' . $redirect_location);
exit;