<?php
session_start();
header('Content-Type: application/json');

if (!isset($_SESSION['user_id'])) {
    http_response_code(401);
    echo json_encode(['error' => 'Authentication required.']);
    exit;
}

require_once 'db/config.php';

if ($_SERVER["REQUEST_METHOD"] !== "POST") {
    http_response_code(405);
    echo json_encode(['error' => 'Method Not Allowed']);
    exit;
}

$input = json_decode(file_get_contents('php://input'), true);

$title = $input['title'] ?? null;
$story_text = $input['story_text'] ?? null;
$style = $input['style'] ?? null;
$target_duration = isset($input['target_duration']) ? filter_var($input['target_duration'], FILTER_VALIDATE_INT) : null;

if (empty($title)) {
    http_response_code(400);
    echo json_encode(['error' => 'Title is a required field.']);
    exit;
}

try {
    $pdo = db();
    $stmt = $pdo->prepare(
        "INSERT INTO projects (user_id, title, story_text, style, target_duration, status) VALUES (?, ?, ?, ?, ?, 'draft')"
    );
    $stmt->execute([$_SESSION['user_id'], $title, $story_text, $style, $target_duration]);
    
    $projectId = $pdo->lastInsertId();
    
    $stmt = $pdo->prepare("SELECT * FROM projects WHERE id = ? AND user_id = ?");
    $stmt->execute([$projectId, $_SESSION['user_id']]);
    $project = $stmt->fetch(PDO::FETCH_ASSOC);

    http_response_code(201);
    echo json_encode($project);

} catch (PDOException $e) {
    http_response_code(500);
    error_log('Project creation failed: ' . $e->getMessage());
    echo json_encode(['error' => 'An internal server error occurred while creating the project.']);
}