<?php
header('Content-Type: application/json');
require_once __DIR__ . '/../db/config.php';
session_start();

// Check if user is logged in
if (!isset($_SESSION['user_id'])) {
    http_response_code(401); // Unauthorized
    echo json_encode(['error' => 'You must be logged in to complete a sale.']);
    exit;
}

// Get cart data from POST body
$json_data = file_get_contents('php://input');
$cart = json_decode($json_data, true);

if (empty($cart) || !is_array($cart)) {
    http_response_code(400); // Bad Request
    echo json_encode(['error' => 'Invalid or empty cart data provided.']);
    exit;
}

$pdo = db();

try {
    $pdo->beginTransaction();

    // 1. Calculate total and generate receipt number
    $total_amount = 0;
    foreach ($cart as $item) {
        $total_amount += ($item['price'] * $item['quantity']);
    }
    $tax_amount = 0; // Assuming 0% tax for now
    $receipt_number = 'SALE-' . date('Ymd-His') . '-' . strtoupper(uniqid());
    $user_id = $_SESSION['user_id'];

    // 2. Insert into `sales` table
    $stmt = $pdo->prepare(
        "INSERT INTO sales (receipt_number, total_amount, tax_amount, user_id) VALUES (?, ?, ?, ?)"
    );
    $stmt->execute([$receipt_number, $total_amount, $tax_amount, $user_id]);
    $sale_id = $pdo->lastInsertId();

    // 3. Insert into `sale_items` and update `inventory`
    $sale_item_stmt = $pdo->prepare(
        "INSERT INTO sale_items (sale_id, product_id, quantity, price_at_sale) VALUES (?, ?, ?, ?)"
    );
    $update_inventory_stmt = $pdo->prepare(
        "UPDATE inventory SET quantity = quantity - ? WHERE product_id = ?"
    );

    // Check stock and lock rows before proceeding
    foreach ($cart as $product_id => $item) {
        $stmt = $pdo->prepare("SELECT quantity FROM inventory WHERE product_id = ? FOR UPDATE");
        $stmt->execute([$product_id]);
        $current_stock = $stmt->fetchColumn();
        if ($current_stock === false || $current_stock < $item['quantity']) {
            throw new Exception("Not enough stock for product: " . htmlspecialchars($item['name']));
        }
    }

    // If all checks pass, insert items and update inventory
    foreach ($cart as $product_id => $item) {
        $sale_item_stmt->execute([$sale_id, $product_id, $item['quantity'], $item['price']]);
        $update_inventory_stmt->execute([$item['quantity'], $product_id]);
    }

    // If we got here, everything is fine. Commit the transaction.
    $pdo->commit();

    // 4. Return success response
    echo json_encode([
        'success' => true,
        'message' => 'Sale completed successfully!',
        'sale_id' => $sale_id,
        'receipt_number' => $receipt_number
    ]);

} catch (Exception $e) {
    // An error occurred, roll back the transaction
    if ($pdo->inTransaction()) {
        $pdo->rollBack();
    }
    
    http_response_code(500); // Internal Server Error
    echo json_encode(['error' => 'Failed to complete sale: ' . $e->getMessage()]);
}
?>