<?php
header('Content-Type: application/json');

require_once __DIR__ . '/db/config.php';

$response = ['success' => false, 'message' => 'An unknown error occurred.'];

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Basic server-side validation
    $required_fields = ['title', 'description', 'category', 'skills', 'budget', 'deadline'];
    $errors = [];
    foreach ($required_fields as $field) {
        if (empty(trim($_POST[$field]))) {
            $errors[] = ucfirst($field) . ' is a required field.';
        }
    }

    if (!empty($errors)) {
        $response['message'] = implode(' ', $errors);
        echo json_encode($response);
        exit;
    }

    $title = trim($_POST['title']);
    $description = trim($_POST['description']);
    $category = trim($_POST['category']);
    $skills = trim($_POST['skills']);
    $budget = filter_var($_POST['budget'], FILTER_VALIDATE_FLOAT);
    $deadline = $_POST['deadline']; // Basic validation, can be improved
    $client_id = $_POST['client_id'];

    if ($budget === false || $budget <= 0) {
        $errors[] = 'Please enter a valid budget.';
    }
    
    // A simple check for date format, can be made more robust
    if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', $deadline)) {
        $errors[] = 'Invalid deadline format.';
    }

    if (empty($client_id) || !filter_var($client_id, FILTER_VALIDATE_INT)) {
        $errors[] = 'Invalid client ID.';
    }

    if (!empty($errors)) {
        $response['message'] = implode(' ', $errors);
        echo json_encode($response);
        exit;
    }

    try {
        // Run the migration first to ensure the table exists.
        $sql_migration = file_get_contents(__DIR__ . '/db/migrations/001_create_jobs_table.sql');
        if ($sql_migration) {
            db()->exec($sql_migration);
        }

        $stmt = db()->prepare(
            "INSERT INTO jobs (client_id, title, description, category, skills, budget, deadline) VALUES (?, ?, ?, ?, ?, ?, ?)"
        );

        $stmt->execute([$client_id, $title, $description, $category, $skills, $budget, $deadline]);

        $response['success'] = true;
        $response['message'] = 'Job posted successfully!';

    } catch (PDOException $e) {
        // In a real app, log this error instead of echoing it.
        error_log('Database Error: ' . $e->getMessage());
        $response['message'] = 'Database error occurred. Please try again later.';
    }
} else {
    $response['message'] = 'Invalid request method.';
}

echo json_encode($response);