<?php
require_once __DIR__ . '/../db/config.php';

header('Content-Type: application/json');

$response = ['success' => false, 'error' => 'Invalid request'];
$pdo = db();

$action = $_GET['action'] ?? $_POST['action'] ?? '';

if ($_SERVER['REQUEST_METHOD'] === 'POST' && $action === 'create') {
    $alarm_time = $_POST['alarm_time'] ?? null;

    if ($alarm_time) {
        try {
            $pdo->beginTransaction();

            // 1. Create a new note
            $noteStmt = $pdo->prepare("INSERT INTO notes (content) VALUES (?)");
            $noteStmt->execute(['']);
            $noteId = $pdo->lastInsertId();

            // 2. Create the alarm and link it to the new note
            $alarmStmt = $pdo->prepare("INSERT INTO alarms (alarm_time, note_id, is_active) VALUES (?, ?, 1)");
            $alarmStmt->execute([$alarm_time, $noteId]);
            $alarmId = $pdo->lastInsertId();

            $pdo->commit();

            $response = [
                'success' => true, 
                'id' => $alarmId, 
                'note_id' => $noteId,
                'alarm_time' => $alarm_time
            ];

        } catch (PDOException $e) {
            $pdo->rollBack();
            $response['error'] = 'Database error: ' . $e->getMessage();
        }
    } else {
        $response['error'] = 'Alarm time is required.';
    }
} 

elseif ($_SERVER['REQUEST_METHOD'] === 'GET' && $action === 'get') {
    try {
        $stmt = $pdo->query("SELECT id, alarm_time, note_id, is_active FROM alarms ORDER BY alarm_time");
        $alarms = $stmt->fetchAll(PDO::FETCH_ASSOC);
        $response = ['success' => true, 'alarms' => $alarms];
    } catch (PDOException $e) {
        $response['error'] = 'Database error: ' . $e->getMessage();
    }
}

elseif ($_SERVER['REQUEST_METHOD'] === 'GET' && $action === 'delete') {
    $id = $_GET['id'] ?? null;
    if ($id) {
        try {
            $stmt = $pdo->prepare("DELETE FROM alarms WHERE id = ?");
            $stmt->execute([$id]);
            $response = ['success' => true];
        } catch (PDOException $e) {
            $response['error'] = 'Database error: ' . $e->getMessage();
        }
    } else {
        $response['error'] = 'ID is required.';
    }
}

elseif ($_SERVER['REQUEST_METHOD'] === 'POST' && $action === 'toggle') {
    $id = $_POST['id'] ?? null;
    $is_active = isset($_POST['is_active']) ? (int)$_POST['is_active'] : null;

    if ($id && $is_active !== null) {
        try {
            $stmt = $pdo->prepare("UPDATE alarms SET is_active = ? WHERE id = ?");
            $stmt->execute([$is_active, $id]);
            $response = ['success' => true];
        } catch (PDOException $e) {
            $response['error'] = 'Database error: ' . $e->getMessage();
        }
    } else {
        $response['error'] = 'ID and active status are required.';
    }
}

elseif ($_SERVER['REQUEST_METHOD'] === 'GET' && $action === 'check') {
    try {
        $pdo->beginTransaction();

        $stmt = $pdo->prepare("SELECT * FROM alarms WHERE alarm_time <= CURTIME() AND is_active = 1 FOR UPDATE");
        $stmt->execute();
        $alarms = $stmt->fetchAll(PDO::FETCH_ASSOC);

        if ($alarms) {
            $alarmIds = array_map(fn($a) => $a['id'], $alarms);
            $placeholders = implode(',', array_fill(0, count($alarmIds), '?'));
            $updateStmt = $pdo->prepare("UPDATE alarms SET is_active = 0 WHERE id IN ($placeholders)");
            $updateStmt->execute($alarmIds);
            
            $response = ['success' => true, 'alarms' => $alarms];
        } else {
            $response = ['success' => true, 'alarms' => []];
        }

        $pdo->commit();
    } catch (PDOException $e) {
        $pdo->rollBack();
        $response['error'] = 'Database error: ' . $e->getMessage();
    }
}

echo json_encode($response);