<?php
session_start();
require_once '../db/config.php';

header('Content-Type: application/json');

if (!isset($_SESSION['user_id'])) {
    echo json_encode(['success' => false, 'error' => 'Unauthorized']);
    exit;
}

$user_id = $_SESSION['user_id'];
$type = $_GET['type'] ?? 'spot';
$status = $_GET['status'] ?? 'open'; // open, positions, history, trades, tpsl

try {
    $db = db();
    
    if ($status === 'open' || $status === 'positions') {
        $stmt = $db->prepare("SELECT * FROM trading_orders WHERE user_id = ? AND type = ? AND status = 'open' ORDER BY created_at DESC");
        $stmt->execute([$user_id, $type]);
    } elseif ($status === 'tpsl') {
        $stmt = $db->prepare("SELECT * FROM trading_orders WHERE user_id = ? AND type = ? AND status = 'open' AND (tp_price IS NOT NULL OR sl_price IS NOT NULL) ORDER BY created_at DESC");
        $stmt->execute([$user_id, $type]);
    } elseif ($status === 'history') {
        $stmt = $db->prepare("SELECT * FROM trading_orders WHERE user_id = ? AND type = ? AND status IN ('closed', 'cancelled', 'completed') ORDER BY created_at DESC");
        $stmt->execute([$user_id, $type]);
    } else { // trades
        $stmt = $db->prepare("SELECT * FROM trading_orders WHERE user_id = ? AND type = ? AND status IN ('closed', 'completed') ORDER BY created_at DESC");
        $stmt->execute([$user_id, $type]);
    }
    
    $orders = $stmt->fetchAll(PDO::FETCH_ASSOC);
    echo json_encode(['success' => true, 'data' => $orders]);

} catch (Exception $e) {
    echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}