'User not authenticated']); exit; } $action = $_GET['action'] ?? ''; switch ($action) { case 'search_users': search_users(); break; case 'start_conversation': start_conversation(); break; case 'get_conversations': get_conversations(); break; case 'get_messages': get_messages(); break; case 'send_message': send_message(); break; default: http_response_code(400); echo json_encode(['error' => 'Invalid action']); exit; } function search_users() { $term = $_GET['term'] ?? ''; if (empty($term)) { echo json_encode([]); exit; } $pdo = db(); $stmt = $pdo->prepare("SELECT id, username FROM users WHERE username LIKE ? AND id != ?"); $stmt->execute(['%' . $term . '%', $_SESSION['user_id']]); $users = $stmt->fetchAll(PDO::FETCH_ASSOC); header('Content-Type: application/json'); echo json_encode($users); } function start_conversation() { $recipient_id = $_POST['recipient_id'] ?? ''; if (empty($recipient_id)) { http_response_code(400); echo json_encode(['error' => 'Recipient ID is required']); exit; } $user_id = $_SESSION['user_id']; $pdo = db(); // Check if a conversation already exists between the two users $stmt = $pdo->prepare(" SELECT c.id FROM conversations c JOIN conversation_participants cp1 ON c.id = cp1.conversation_id JOIN conversation_participants cp2 ON c.id = cp2.conversation_id WHERE cp1.user_id = ? AND cp2.user_id = ? "); $stmt->execute([$user_id, $recipient_id]); $conversation = $stmt->fetch(PDO::FETCH_ASSOC); if ($conversation) { // Conversation already exists header('Content-Type: application/json'); echo json_encode(['conversation_id' => $conversation['id']]); exit; } // Create a new conversation $pdo->beginTransaction(); try { $stmt = $pdo->prepare("INSERT INTO conversations () VALUES ()"); $stmt->execute(); $conversation_id = $pdo->lastInsertId(); $stmt = $pdo->prepare("INSERT INTO conversation_participants (conversation_id, user_id) VALUES (?, ?), (?, ?)"); $stmt->execute([$conversation_id, $user_id, $conversation_id, $recipient_id]); $pdo->commit(); header('Content-Type: application/json'); echo json_encode(['conversation_id' => $conversation_id]); } catch (Exception $e) { $pdo->rollBack(); http_response_code(500); echo json_encode(['error' => 'Failed to create conversation']); } } function get_conversations() { $user_id = $_SESSION['user_id']; $pdo = db(); $stmt = $pdo->prepare(" SELECT c.id, u.username, u.id as user_id FROM conversations c JOIN conversation_participants cp ON c.id = cp.conversation_id JOIN users u ON u.id = cp.user_id WHERE c.id IN ( SELECT conversation_id FROM conversation_participants WHERE user_id = ? ) AND cp.user_id != ? "); $stmt->execute([$user_id, $user_id]); $conversations = $stmt->fetchAll(PDO::FETCH_ASSOC); header('Content-Type: application/json'); echo json_encode($conversations); } function get_messages() { $conversation_id = $_GET['conversation_id'] ?? ''; if (empty($conversation_id)) { http_response_code(400); echo json_encode(['error' => 'Conversation ID is required']); exit; } $pdo = db(); $stmt = $pdo->prepare("SELECT * FROM messages WHERE conversation_id = ? ORDER BY created_at ASC"); $stmt->execute([$conversation_id]); $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); header('Content-Type: application/json'); echo json_encode($messages); } function send_message() { $conversation_id = $_POST['conversation_id'] ?? ''; $message_text = $_POST['message_text'] ?? ''; if (empty($conversation_id) || empty($message_text)) { http_response_code(400); echo json_encode(['error' => 'Conversation ID and message text are required']); exit; } $sender_id = $_SESSION['user_id']; $pdo = db(); $stmt = $pdo->prepare("INSERT INTO messages (conversation_id, sender_id, message_text) VALUES (?, ?, ?)"); $stmt->execute([$conversation_id, $sender_id, $message_text]); header('Content-Type: application/json'); echo json_encode(['success' => true]); }