<?php
session_start();
header('Content-Type: application/json');

if (!isset($_SESSION['user_id'])) {
    http_response_code(401);
    echo json_encode(['error' => 'User not authenticated']);
    exit;
}

require_once 'db/config.php';

$scene_id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);
if (!$scene_id) {
    http_response_code(400);
    echo json_encode(['error' => 'Scene ID is required.']);
    exit;
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['error' => 'POST method required.']);
    exit;
}

try {
    $pdo = db();

    // Fetch scene info to get project_id and verify ownership/status
    $stmt = $pdo->prepare("
        SELECT s.project_id, p.status as project_status
        FROM scenes s
        JOIN projects p ON s.project_id = p.id
        WHERE s.id = ? AND s.user_id = ?
    ");
    $stmt->execute([$scene_id, $_SESSION['user_id']]);
    $scene = $stmt->fetch(PDO::FETCH_ASSOC);

    if (!$scene) {
        http_response_code(404);
        echo json_encode(['error' => 'Scene not found or permission denied.']);
        exit;
    }

    if ($scene['project_status'] !== 'draft') {
        http_response_code(403);
        echo json_encode(['error' => 'Project is not in draft status; scene cannot be deleted.']);
        exit;
    }

    // Delete the scene
    $stmt = $pdo->prepare("DELETE FROM scenes WHERE id = ?");
    $stmt->execute([$scene_id]);

    if ($stmt->rowCount() > 0) {
        echo json_encode(['success' => 'Scene deleted successfully.']);
    } else {
        http_response_code(500); // This case might indicate an issue if the check passed but delete failed
        echo json_encode(['error' => 'Failed to delete scene.']);
    }

} catch (PDOException $e) {
    http_response_code(500);
    // error_log("Database error: " . $e->getMessage());
    echo json_encode(['error' => 'Database error.']);
}