<?php
session_start();
require_once 'db/config.php';

// Redirect if user is not logged in
if (!isset($_SESSION['user_id'])) {
    header('Location: login.php');
    exit();
}

$message = '';
$message_type = '';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (isset($_POST['item_id'])) {
        $item_id = filter_var($_POST['item_id'], FILTER_SANITIZE_NUMBER_INT);
        $user_id = $_SESSION['user_id'];

        try {
            $pdo = db();

            // Check if item is available
            $stmt = $pdo->prepare("SELECT status FROM items WHERE item_id = ?");
            $stmt->execute([$item_id]);
            $item = $stmt->fetch();

            if ($item && $item['status'] === 'available') {
                // Update item status to rented
                $stmt = $pdo->prepare("UPDATE items SET status = 'rented', renter_id = ?, rented_date = NOW() WHERE item_id = ?");
                $stmt->execute([$user_id, $item_id]);
                $message = 'Item rented successfully!';
                $message_type = 'success';
            } else {
                $message = 'Item is not available for rent or does not exist.';
                $message_type = 'danger';
            }
        } catch (PDOException $e) {
            error_log("Database error during rental: " . $e->getMessage());
            $message = 'An error occurred during rental. Please try again.';
            $message_type = 'danger';
        }
    } else {
        $message = 'Invalid item ID.';
        $message_type = 'danger';
    }
} else {
    header('Location: listings.php'); // Redirect if not a POST request
    exit();
}

// Redirect back to item details with message
// You might want to pass these messages via session or URL parameters
header('Location: item_details.php?id=' . $item_id . '&message=' . urlencode($message) . '&type=' . $message_type);
exit();

?>