<?php
session_start();

$lock_file = __DIR__ . '/db/.install_lock';
if (file_exists($lock_file)) {
    header('Location: index.php');
    exit;
}

$error = '';
$success = '';
$project_name = $_SERVER['PROJECT_NAME'] ?? 'LPA Online';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $db_host = $_POST['db_host'] ?? '127.0.0.1';
    $db_name = $_POST['db_name'] ?? '';
    $db_user = $_POST['db_user'] ?? '';
    $db_pass = $_POST['db_pass'] ?? '';
    
    $admin_name = $_POST['admin_name'] ?? '';
    $admin_email = $_POST['admin_email'] ?? '';
    $admin_pass = $_POST['admin_pass'] ?? '';

    if (empty($db_name) || empty($db_user) || empty($admin_email) || empty($admin_pass)) {
        $error = 'Please fill in all required fields.';
    } else {
        try {
            // 1. Test connection
            $dsn = "mysql:host=$db_host;charset=utf8mb4";
            $pdo = new PDO($dsn, $db_user, $db_pass, [
                PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
            ]);

            // 2. Create database if not exists
            $pdo->exec("CREATE DATABASE IF NOT EXISTS `$db_name` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci");
            $pdo->exec("USE `$db_name` ");

            // 3. Update db/config.php
            $config_content = '<?php
// Generated by install.php or platform setup.

// Attempt to load current configuration
if (!defined(\'DB_HOST\")) {
    define(\'DB_HOST\', ' . var_export($db_host, true) . ');
    define(\'DB_NAME\', ' . var_export($db_name, true) . ');
    define(\'DB_USER\', ' . var_export($db_user, true) . ');
    define(\'DB_PASS\', ' . var_export($db_pass, true) . ');
}

function db() {
    static $pdo;
    if (!$pdo) {
        try {
            $pdo = new PDO(\'mysql:host=\'.DB_HOST.\' ;dbname=\'.DB_NAME.\' ;charset=utf8mb4\', DB_USER, DB_PASS, [
                PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
                PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
            ]);
        } catch (PDOException $e) {
            // If connection fails and we are not already on the install page, redirect to install.php
            if (basename($_SERVER[\'PHP_SELF\']) !== \'install.php\' && !headers_sent()) {
                header(\'Location: install.php\');
                exit;
            }
            throw $e;
        }
    }
    return $pdo;
}';

            if (file_put_contents(__DIR__ . '/db/config.php', $config_content) === false) {
                throw new Exception("Could not write to db/config.php. Please check file permissions.");
            }

            // 4. Ensure migration_history table exists
            $pdo->exec("CREATE TABLE IF NOT EXISTS migration_history (
                id INT AUTO_INCREMENT PRIMARY KEY,
                filename VARCHAR(255) NOT NULL UNIQUE,
                executed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
            ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;");

            // 5. Run migrations
            $migrations_dir = __DIR__ . '/db/migrations/';
            $migration_files = glob($migrations_dir . '*.sql');
            sort($migration_files);

            // Get list of already executed migrations
            $stmt = $pdo->query("SELECT filename FROM migration_history");
            $executed_migrations = $stmt->fetchAll(PDO::FETCH_COLUMN);

            foreach ($migration_files as $file_path) {
                $filename = basename($file_path);
                
                if (in_array($filename, $executed_migrations)) {
                    continue;
                }

                $sql = file_get_contents($file_path);
                if ($sql) {
                    // Split SQL by ; to handle multiple statements if any
                    $pdo->exec($sql);
                    
                    // Record migration in history
                    $stmt = $pdo->prepare("INSERT INTO migration_history (filename) VALUES (?)");
                    $stmt->execute([$filename]);
                }
            }
            
            // 6. Create Super User
            $hashed_pass = password_hash($admin_pass, PASSWORD_DEFAULT);
            $stmt = $pdo->prepare("INSERT INTO users (name, email, password, is_verified, role) VALUES (?, ?, ?, 1, 'Super User') ON DUPLICATE KEY UPDATE role = 'Super User'");
            $stmt->execute([$admin_name, $admin_email, $hashed_pass]);

            // 7. Create lock file
            file_put_contents($lock_file, date('Y-m-d H:i:s'));

            $success = 'Installation successful! Admin account created. Redirecting to login...';
            header('Refresh: 3; url=login.php');
        } catch (Exception $e) {
            $error = 'Setup failed: ' . $e->getMessage();
        }
    }
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Install — <?php echo htmlspecialchars($project_name); ?></title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
    <link href="assets/css/custom.css" rel="stylesheet">
</head>
<body class="bg-light d-flex flex-column min-vh-100">
    <nav class="navbar navbar-expand-lg bg-white border-bottom shadow-sm">
        <div class="container justify-content-center">
            <a class="navbar-brand d-flex align-items-center m-0" href="/">
                <img src="assets/pasted-20260228-235417-eedda424.png" alt="<?php echo htmlspecialchars($project_name); ?>" height="40">
            </a>
        </div>
    </nav>

    <main class="container py-5 flex-grow-1 d-flex align-items-center">
        <div class="row justify-content-center w-100 m-0">
            <div class="col-md-8 col-lg-6">
                <div class="card shadow-lg border-0 p-4 p-md-5 rounded-4">
                    <div class="text-center mb-4">
                        <h1 class="h3 fw-bold">System Setup</h1>
                        <p class="text-muted small">Configure your database and administrator account.</p>
                    </div>

                    <?php if ($error): ?>
                        <div class="alert alert-danger small py-2"><?php echo $error; ?></div>
                    <?php endif; ?>

                    <?php if ($success): ?>
                        <div class="alert alert-success small py-2"><?php echo $success; ?></div>
                    <?php else: ?>
                        <form action="install.php" method="POST">
                            <div class="row">
                                <div class="col-md-6">
                                    <h5 class="fw-bold mb-3">Database</h5>
                                    <div class="mb-3">
                                        <label for="db_host" class="form-label small fw-bold">Host</label>
                                        <input type="text" class="form-control" id="db_host" name="db_host" value="127.0.0.1" required>
                                    </div>
                                    <div class="mb-3">
                                        <label for="db_name" class="form-label small fw-bold">DB Name</label>
                                        <input type="text" class="form-control" id="db_name" name="db_name" placeholder="app_db" required>
                                    </div>
                                    <div class="mb-3">
                                        <label for="db_user" class="form-label small fw-bold">User</label>
                                        <input type="text" class="form-control" id="db_user" name="db_user" placeholder="root" required>
                                    </div>
                                    <div class="mb-3">
                                        <label for="db_pass" class="form-label small fw-bold">Password</label>
                                        <input type="password" class="form-control" id="db_pass" name="db_pass" placeholder="••••••••">
                                    </div>
                                </div>
                                <div class="col-md-6 border-start">
                                    <h5 class="fw-bold mb-3">Super User</h5>
                                    <div class="mb-3">
                                        <label for="admin_name" class="form-label small fw-bold">Full Name</label>
                                        <input type="text" class="form-control" id="admin_name" name="admin_name" placeholder="Administrator" required>
                                    </div>
                                    <div class="mb-3">
                                        <label for="admin_email" class="form-label small fw-bold">Admin Email</label>
                                        <input type="email" class="form-control" id="admin_email" name="admin_email" placeholder="admin@example.com" required>
                                    </div>
                                    <div class="mb-3">
                                        <label for="admin_pass" class="form-label small fw-bold">Admin Password</label>
                                        <input type="password" class="form-control" id="admin_pass" name="admin_pass" placeholder="••••••••" required>
                                    </div>
                                </div>
                            </div>
                            
                            <div class="mt-4">
                                <button type="submit" class="btn btn-primary btn-lg w-100 rounded-pill">Complete Installation</button>
                            </div>
                        </form>
                    <?php endif; ?>

                    <div class="text-center mt-4 pt-2 border-top">
                        <p class="text-muted small mb-0">The installer will create the database, tables, and your admin account.</p>
                    </div>
                </div>
            </div>
        </div>
    </main>

    <footer class="py-4 text-center text-muted">
        <div class="container">
            <p class="small mb-0">&copy; <?php echo date('Y'); ?> <?php echo htmlspecialchars($project_name); ?>. All rights reserved.</p>
        </div>
    </footer>
</body>
</html>