<?php
session_start();
require_once '../db/config.php';

header('Content-Type: application/json');

if (!isset($_SESSION['user_id']) || !isset($_GET['order_id'])) {
    echo json_encode(['error' => 'Unauthorized']);
    exit;
}

$order_id = $_GET['order_id'];
$user_id = $_SESSION['user_id'];

$stmt = db()->prepare("SELECT status, bank_account_info FROM fiat_orders WHERE id = ? AND user_id = ?");
$stmt->execute([$order_id, $user_id]);
$order = $stmt->fetch();

if ($order) {
    echo json_encode([
        'status' => $order['status'],
        'bank_account_info' => $order['bank_account_info']
    ]);
} else {
    echo json_encode(['error' => 'Order not found']);
}