<?php
// includes/actions.php
$message = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (isset($_POST['action'])) {
        if ($_POST['action'] === 'add_patient') {
            $name = $_POST['name'] ?? '';
            $phone = $_POST['phone'] ?? '';
            $dob = $_POST['dob'] ?? '';
            $gender = $_POST['gender'] ?? '';
            $blood_group = $_POST['blood_group'] ?? '';
            $address = $_POST['address'] ?? '';
            $insurance_company_id = $_POST['insurance_company_id'] ?: null;
            $policy_number = $_POST['policy_number'] ?? '';
            
            if ($name && $phone) {
                $stmt = $db->prepare("INSERT INTO patients (name, phone, dob, gender, blood_group, address, insurance_company_id, policy_number) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
                $stmt->execute([$name, $phone, $dob, $gender, $blood_group, $address, $insurance_company_id, $policy_number]);
                $message = __('add_patient') . ' ' . __('successfully');
            }
        } elseif ($_POST['action'] === 'add_insurance') {
            $name_en = $_POST['name_en'] ?? '';
            $name_ar = $_POST['name_ar'] ?? '';
            $email = $_POST['email'] ?? '';
            $phone = $_POST['phone'] ?? '';
            $contact = $_POST['contact_info'] ?? '';
            
            if ($name_en && $name_ar) {
                $stmt = $db->prepare("INSERT INTO insurance_companies (name_en, name_ar, email, phone, contact_info) VALUES (?, ?, ?, ?, ?)");
                $stmt->execute([$name_en, $name_ar, $email, $phone, $contact]);
                $message = __('insurance_company') . ' ' . __('successfully');
            }
        } elseif ($_POST['action'] === 'book_appointment') {
            $patient_id = $_POST['patient_id'] ?? '';
            $doctor_id = $_POST['doctor_id'] ?? '';
            $date = $_POST['date'] ?? '';
            $reason = $_POST['reason'] ?? '';
            
            if ($patient_id && $doctor_id && $date) {
                $stmt = $db->prepare("INSERT INTO appointments (patient_id, doctor_id, appointment_date, reason) VALUES (?, ?, ?, ?)");
                $stmt->execute([$patient_id, $doctor_id, $date, $reason]);
                $message = __('book_appointment') . ' ' . __('successfully');
            }
        } elseif ($_POST['action'] === 'record_visit') {
            $patient_id = $_POST['patient_id'] ?? '';
            $doctor_id = $_POST['doctor_id'] ?? '';
            $appointment_id = $_POST['appointment_id'] ?: null;
            $weight = $_POST['weight'] ?? '';
            $bp = $_POST['blood_pressure'] ?? '';
            $hr = $_POST['heart_rate'] ?? '';
            $temp = $_POST['temperature'] ?? '';
            $symptoms = $_POST['symptoms'] ?? '';
            $diagnosis = $_POST['diagnosis'] ?? '';
            $treatment = $_POST['treatment_plan'] ?? '';
            
            if ($patient_id && $doctor_id) {
                $stmt = $db->prepare("INSERT INTO visits (patient_id, doctor_id, appointment_id, weight, blood_pressure, heart_rate, temperature, symptoms, diagnosis, treatment_plan) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
                $stmt->execute([$patient_id, $doctor_id, $appointment_id, $weight, $bp, $hr, $temp, $symptoms, $diagnosis, $treatment]);
                
                if ($appointment_id) {
                    $db->prepare("UPDATE appointments SET status = 'Completed' WHERE id = ?")->execute([$appointment_id]);
                }
                $message = __('visit_recorded');
            }
        } elseif ($_POST['action'] === 'create_report') {
            $visit_id = $_POST['visit_id'] ?? '';
            $type = $_POST['report_type'] ?? '';
            $findings = $_POST['findings'] ?? '';
            $recommendations = $_POST['recommendations'] ?? '';
            
            if ($visit_id && $type) {
                $stmt = $db->prepare("INSERT INTO provisional_reports (visit_id, report_type, findings, recommendations) VALUES (?, ?, ?, ?)");
                $stmt->execute([$visit_id, $type, $findings, $recommendations]);
                $message = __('report_created');
            }
        } elseif ($_POST['action'] === 'create_bill') {
            $patient_id = $_POST['patient_id'] ?? '';
            $visit_id = $_POST['visit_id'] ?: null;
            $items = $_POST['items'] ?? [];
            $amounts = $_POST['amounts'] ?? [];
            
            if ($patient_id && !empty($items)) {
                $total = array_sum($amounts);
                
                // Check if patient has insurance
                $patient = $db->prepare("SELECT insurance_company_id FROM patients WHERE id = ?");
                $patient->execute([$patient_id]);
                $p_data = $patient->fetch();
                
                $insurance_covered = 0;
                if ($p_data && $p_data['insurance_company_id']) {
                    // Simple logic: insurance covers 80% if they have insurance
                    $insurance_covered = $total * 0.8;
                }
                $patient_payable = $total - $insurance_covered;

                $stmt = $db->prepare("INSERT INTO bills (patient_id, visit_id, total_amount, insurance_covered, patient_payable, status) VALUES (?, ?, ?, ?, ?, 'Pending')");
                $stmt->execute([$patient_id, $visit_id, $total, $insurance_covered, $patient_payable]);
                $bill_id = $db->lastInsertId();
                
                $item_stmt = $db->prepare("INSERT INTO bill_items (bill_id, description, amount) VALUES (?, ?, ?)");
                foreach ($items as $index => $desc) {
                    if ($desc && isset($amounts[$index])) {
                        $item_stmt->execute([$bill_id, $desc, $amounts[$index]]);
                    }
                }
                $message = __('bill_created');
            }
        } elseif ($_POST['action'] === 'mark_paid') {
            $bill_id = $_POST['bill_id'] ?? '';
            if ($bill_id) {
                $db->prepare("UPDATE bills SET status = 'Paid' WHERE id = ?")->execute([$bill_id]);
                $message = __('bill_paid');
            }
        }
    }
}