<?php
header('Content-Type: application/json');

// Basic security checks
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['success' => false, 'error' => 'Method Not Allowed']);
    exit;
}

require_once __DIR__ . '/mail/MailService.php';

// 1. Get and sanitize inputs
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);

// 2. Validate inputs
if (empty($name) || empty($email) || empty($message)) {
    http_response_code(400);
    echo json_encode(['success' => false, 'error' => 'Please fill out all fields.']);
    exit;
}

if (!$email) {
    http_response_code(400);
    echo json_encode(['success' => false, 'error' => 'Please provide a valid email address.']);
    exit;
}

// 3. Send email
// The `sendContactMessage` function will use the default recipient from `.env` if the `$to` argument is omitted.
$subject = 'New Contact Form Submission from Zone CMS';
$res = MailService::sendContactMessage($name, $email, $message, null, $subject);

// 4. Send response
if (!empty($res['success'])) {
    echo json_encode(['success' => true]);
} else {
    // In a real app, you would log the detailed error from $res['error']
    http_response_code(500);
    echo json_encode(['success' => false, 'error' => 'There was an issue sending your message. Please try again later.']);
}