<?php
require_once("env.php");
require_once("connection.php");
require_once("functions.php");
require_once "vendor/autoload.php";

use GuzzleHttp\Client;



// Create connection
$conn = openDatabaseConnection();

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}


// Form processing
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Sanitize and validate input
    $first_name = ucwords(strtolower($conn->real_escape_string($_POST['first_name'])));
    $last_name = ucwords(strtolower($conn->real_escape_string($_POST['last_name'])));
    $phone_number = $conn->real_escape_string($_POST['phone_number']);
    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    $password = $_POST['password'];
    $password_confirm = $_POST['password_confirm'];
    $name = $first_name . " " . $last_name;

    // Basic validation
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        echo json_encode(['status' => 'error', 'message' => 'Invalid email format.']);
        exit();
    }
    if ($password !== $password_confirm) {
        echo json_encode(['status' => 'error', 'message' => 'Passwords do not match.']);
        exit();
    }

    // Check if the email is already registered
    $stmt = $conn->prepare('SELECT user_id FROM users WHERE email = ?');
    $stmt->bind_param('s', $email);
    $stmt->execute();
    $stmt->store_result();

    if ($stmt->num_rows > 0) {
        echo json_encode(['status' => 'error', 'message' => 'Email is already registered.']);
        $stmt->close();
        $conn->close();
        exit();
    }

    $stmt->close();

    // Hash password
    $hashed_password = password_hash($password, PASSWORD_BCRYPT);

    // Generate token
    $token = bin2hex(random_bytes(50));

    // Prepare and execute query
    $stmt = $conn->prepare('INSERT INTO users (first_name, last_name, phone_number, email, password, token, is_verified, type) VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
    $is_verified = 0; // Not verified
    $type = 'credentials';
    $stmt->bind_param('ssssssis', $first_name, $last_name, $phone_number, $email, $hashed_password, $token, $is_verified, $type);

    if ($stmt->execute()) {
        $newUser_id = $conn->insert_id;
        processLegacyMembership($newUser_id);
        if (sendVerificationEmail($email, $name, $token)) {
            sendEmail('chrispintoza@gmail.com', '4WDCSA: New User Login', $name . ' has just created an account using Credentials.');
            echo json_encode(['status' => 'success', 'message' => 'Registration successful. Please check your email to verify your account.']);
        } else {
            echo json_encode(['status' => 'error', 'message' => 'Failed to send verification email.']);
        }
    } else {
        echo json_encode(['status' => 'error', 'message' => 'Failed to register user: ' . $stmt->error]);
    }

    $stmt->close();
}

$conn->close();