<?php
session_start();

header('Content-Type: application/json');

if (!isset($_SESSION['user_id'])) {
    http_response_code(401);
    echo json_encode(['error' => 'Unauthorized']);
    exit;
}

require_once 'db/config.php';

$project_id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);
if (!$project_id) {
    http_response_code(400);
    echo json_encode(['error' => 'Invalid project ID']);
    exit;
}

$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM projects WHERE id = ? AND user_id = ?");
$stmt->execute([$project_id, $_SESSION['user_id']]);
$project = $stmt->fetch(PDO::FETCH_ASSOC);

if (!$project) {
    http_response_code(404);
    echo json_encode(['error' => 'Project not found']);
    exit;
}

$scene_stmt = $pdo->prepare("SELECT * FROM scenes WHERE project_id = ? ORDER BY scene_number ASC");
$scene_stmt->execute([$project_id]);
$scenes = $scene_stmt->fetchAll(PDO::FETCH_ASSOC);

$project['scenes'] = $scenes;

echo json_encode($project);
exit;
?>