<?php
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}
require_once 'mail/MailService.php';
require_once 'includes/init.php';
require_once 'includes/auth.php';
require_login();
require_once 'includes/helpers.php';
require_once 'includes/currency.php';

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    header('Location: checkout.php');
    exit;
}

$cart = $_SESSION['cart'] ?? [];
if (empty($cart)) {
    header('Location: index.php');
    exit;
}

$pdo = db();

try {
    $pdo->beginTransaction();

    // 1. Get product details from the database
    $product_ids = array_keys($cart);
    $placeholders = implode(',', array_fill(0, count($product_ids), '?'));
    $stmt = $pdo->prepare("SELECT id, price, units_per_pallet FROM products WHERE id IN ($placeholders)");
    $stmt->execute($product_ids);
    $products_by_id = $stmt->fetchAll(PDO::FETCH_GROUP|PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC);


    // 2. Calculate total amount
    $total_amount_gross = 0;
    $client_id = $_SESSION['client_id'] ?? null;
    
    $order_items_data = [];

    $is_supplier_delivery = false;
    foreach ($cart as $product_id => $quantity) {
        if (isset($products_by_id[$product_id])) {
            $product = $products_by_id[$product_id];
            
            $price_info = getEffectivePrice($pdo, $product_id, $client_id);
            $price_gross = $price_info['gross'];

            $total_amount_gross += $price_gross * $quantity;

            $order_items_data[] = [
                'product_id' => $product_id,
                'quantity' => $quantity,
                'unit_price' => $price_gross, // Save gross price
                'line_total' => $price_gross * $quantity,
            ];

            $units_per_pallet = $product['units_per_pallet'];
            if (isset($units_per_pallet) && $units_per_pallet > 0) {
                if ($quantity >= $units_per_pallet) {
                    $is_supplier_delivery = true;
                }
            }
        }
    }
    
    $delivery_source = $is_supplier_delivery ? 'supplier' : 'cs';

    if ($_POST['payment_method'] === 'credit') {
        $stmt = $pdo->prepare('SELECT credit_balance, credit_enabled FROM clients WHERE id = ? FOR UPDATE');
        $stmt->execute([$client_id]);
        $credit_info = $stmt->fetch();

        if (!$credit_info || !$credit_info['credit_enabled'] || $credit_info['credit_balance'] < $total_amount_gross) {
            throw new Exception('Invalid payment method or insufficient credit.');
        }

        $new_balance = $credit_info['credit_balance'] - $total_amount_gross;
        $stmt = $pdo->prepare('UPDATE clients SET credit_balance = ? WHERE id = ?');
        $stmt->execute([$new_balance, $client_id]);
    }

    // 3. Create the order
    $stmt = $pdo->prepare(
        'INSERT INTO orders (client_id, total_amount, payment_method, delivery_source, notes, status) VALUES (?, ?, ?, ?, ?, ?)'
    );
    $stmt->execute([
        $client_id,
        $total_amount_gross,
        $_POST['payment_method'],
        $delivery_source,
        $_POST['notes'],
        $_POST['payment_method'] === 'credit' ? 'in_progress' : 'pending_payment'
    ]);
    $order_id = $pdo->lastInsertId();

    // 4. Insert order items
    $stmt = $pdo->prepare(
        'INSERT INTO order_items (order_id, product_id, quantity, unit_price, line_total) VALUES (?, ?, ?, ?, ?)'
    );
    foreach ($order_items_data as $item) {
        $stmt->execute([
            $order_id,
            $item['product_id'],
            $item['quantity'],
            $item['unit_price'],
            $item['line_total'],
        ]);
    }

    // 5. Commit the transaction
    $pdo->commit();

    // 6. Send email notifications
    

    // --- Data Fetching for Emails ---
    $user_id = $_SESSION['user_id'] ?? null;
    $stmt = $pdo->prepare('SELECT email FROM users WHERE id = ?');
    $stmt->execute([$user_id]);
    $user = $stmt->fetch();
    $client_email = $user['email'] ?? null;

    $stmt = $pdo->prepare('SELECT name FROM clients WHERE id = ?');
    $stmt->execute([$client_id]);
    $client = $stmt->fetch();
    $client_company_name = $client['name'] ?? 'N/A';

    $product_ids_for_names = array_map(function($item) { return $item['product_id']; }, $order_items_data);
    $placeholders = implode(',', array_fill(0, count($product_ids_for_names), '?'));
    $stmt = $pdo->prepare("SELECT id, name FROM products WHERE id IN ($placeholders)");
    $stmt->execute($product_ids_for_names);
    $products_by_id_for_email = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);

    $order_details_link = get_site_url() . '/order_details.php?id=' . $order_id;
    $admin_order_details_link = get_site_url() . '/admin/order_details.php?id=' . $order_id;
    $admin_email = getenv('MAIL_TO') ?: 'admin@example.com';

    // --- Email Sending Logic ---
    $site_name = get_site_url(); // Or your site name

    if ($client_email) {
        // 1. Client - Order Confirmation
        $data_client = [
            'order_id' => $order_id,
            'order_items' => $order_items_data,
            'products' => $products_by_id_for_email,
            'total_amount_gross' => $total_amount_gross,
            'payment_method' => $_POST['payment_method'],
            'order_details_link' => $order_details_link,
            'site_name' => $site_name,
            'pdo' => $pdo,
        ];
        MailService::sendTemplatedMail($client_email, $lang, 'order_confirmation', $data_client);

        // 3. Client - Payment Instructions (Bank Transfer)
        if ($_POST['payment_method'] === 'bank_transfer') {
            // TODO: Fetch bank details from a settings table or config
            $bank_account_details = "Bank: Example Bank\nAccount Number: 123456789";
            $transfer_title = "Order #{$order_id}";
            $payment_deadline = date('Y-m-d', strtotime('+7 days'));

            $data_bank = [
                'order_id' => $order_id,
                'total_amount_gross' => $total_amount_gross,
                'bank_account_details' => $bank_account_details,
                'transfer_title' => $transfer_title,
                'payment_deadline' => $payment_deadline,
                'site_name' => $site_name,
                'pdo' => $pdo,
            ];
            MailService::sendTemplatedMail($client_email, $lang, 'payment_instructions', $data_bank);
        }

        // 6. Client - Credit Payment Confirmation
        if ($_POST['payment_method'] === 'credit') {
            $data_credit = [
                'order_id' => $order_id,
                'total_amount_gross' => $total_amount_gross,
                'new_balance' => $new_balance,
                'order_details_link' => $order_details_link,
                'site_name' => $site_name,
                'pdo' => $pdo,
            ];
            MailService::sendTemplatedMail($client_email, $lang, 'credit_payment_confirmation', $data_credit);
        }
    }

    // 2. Admin - New Order Notification
    $data_admin = [
        'order_id' => $order_id,
        'client_company_name' => $client_company_name,
        'total_amount_gross' => $total_amount_gross,
        'payment_method' => $_POST['payment_method'],
        'delivery_source' => $delivery_source,
        'admin_order_details_link' => $admin_order_details_link,
        'site_name' => $site_name,
        'pdo' => $pdo,
    ];
    MailService::sendTemplatedMail($admin_email, 'en', 'admin_new_order', $data_admin); // Admin email in English

    // 7. Supplier - New Order Items
    $stmt = $pdo->prepare("\n        SELECT p.supplier_id, s.name as supplier_name, s.email as supplier_email, p.name as product_name, oi.quantity\n        FROM order_items oi\n        JOIN products p ON oi.product_id = p.id\n        JOIN suppliers s ON p.supplier_id = s.id\n        WHERE oi.order_id = ? AND p.supplier_id IS NOT NULL\n    ");
    $stmt->execute([$order_id]);
    $supplier_items = $stmt->fetchAll(PDO::FETCH_ASSOC);

    $items_by_supplier = [];
    foreach ($supplier_items as $item) {
        $items_by_supplier[$item['supplier_id']]['name'] = $item['supplier_name'];
        $items_by_supplier[$item['supplier_id']]['email'] = $item['supplier_email'];
        $items_by_supplier[$item['supplier_id']]['items'][] = [
            'name' => $item['product_name'],
            'quantity' => $item['quantity'],
        ];
    }

    foreach ($items_by_supplier as $supplier_id => $supplier_data) {
        if (!empty($supplier_data['email'])) {


            $data_supplier = [
                'order_id' => $order_id,
                'supplier_items' => $supplier_data['items'],
                'site_name' => $site_name,
                'pdo' => $pdo,
            ];
            MailService::sendTemplatedMail($supplier_data['email'], 'en', 'supplier_new_order_items', $data_supplier); // Supplier email in English
        }
    }


    // 8. Clear the cart and store order ID in session for the confirmation page
    unset($_SESSION['cart']);
    $_SESSION['latest_order_id'] = $order_id;

    // 9. Redirect to confirmation page
    header('Location: order_confirmation.php');
    exit;

} catch (Exception $e) {
    if ($pdo->inTransaction()) {
        $pdo->rollBack();
    }
    // In a real application, log this error
    die("Błąd podczas przetwarzania zamówienia: " . $e->getMessage());
} catch (PDOException $e) {
    if ($pdo->inTransaction()) {
        $pdo->rollBack();
    }
    // In a real application, log this error
    die("Błąd podczas przetwarzania zamówienia: " . $e->getMessage());
} catch (Throwable $t) {
    if ($pdo->inTransaction()) {
        $pdo->rollBack();
    }
    die("An unexpected error occurred: " . $t->getMessage());
}