<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

session_start();

require_once 'includes/translations.php';
require_once 'db/config.php';

// Require login
if (!isset($_SESSION['user_id'])) {
    header('Location: login.php');
    exit;
}

$plan = $_GET['plan'] ?? null;
$period = $_GET['period'] ?? 'monthly'; // Default to monthly

$allowed_plans = ['basic', 'premium'];

if (!$plan || !in_array($plan, $allowed_plans)) {
    header('Location: pricing.php');
    exit;
}

$userId = $_SESSION['user_id'];
$expiryDate = '';

// Calculate expiry date
$date = new DateTime();
if ($period === 'annual') {
    $date->modify('+1 year');
} else {
    $date->modify('+1 month');
}
$expiryDate = $date->format('Y-m-d');

// Update user record in the database
try {
    $pdo = db();
    $stmt = $pdo->prepare("UPDATE users SET subscription_plan = ?, subscription_expires_at = ? WHERE id = ?");
    $stmt->execute([$plan, $expiryDate, $userId]);

    // Set a session flash message
    $_SESSION['flash_message'] = t('subscription_success_message');

    // Redirect to profile page
    header('Location: profile.php');
    exit;

} catch (PDOException $e) {
    // In a real app, you would log this error
    die("Database error: " . $e->getMessage());
}