<?php
session_start();
include_once('connection.php'); // DB connection file

$response = array('status' => 'error', 'message' => 'Something went wrong');

// Check if the user is logged in
if (!isset($_SESSION['user_id'])) {
    $response['message'] = 'You are not logged in.';
    echo json_encode($response);
    exit();
}

$user_id = $_SESSION['user_id'];

// Handle profile picture upload
if (isset($_FILES['profile_picture']['name']) && $_FILES['profile_picture']['error'] == 0) {
    $target_dir = "assets/images/pp/";
    $imageFileType = strtolower(pathinfo($_FILES["profile_picture"]["name"], PATHINFO_EXTENSION));

    // Set the target file as $user_id.EXT (where EXT is the image's extension)
    $target_file = $target_dir . $user_id . '.' . $imageFileType;
    $filename = $user_id . '.' . $imageFileType;

    // Check if the uploaded file is an image
    $check = getimagesize($_FILES["profile_picture"]["tmp_name"]);
    if ($check !== false) {
        // Limit the file size to 5MB
        if ($_FILES["profile_picture"]["size"] > 5000000) {
            $response['message'] = 'Sorry, your file is too large.';
            echo json_encode($response);
            exit();
        }

        // Allow certain file formats
        $allowed_types = array("jpg", "jpeg", "png", "gif");
        if (!in_array($imageFileType, $allowed_types)) {
            $response['message'] = 'Sorry, only JPG, JPEG, PNG & GIF files are allowed.';
            echo json_encode($response);
            exit();
        }

        // Move the uploaded file to the server and name it as $user_id.EXT
        if (move_uploaded_file($_FILES["profile_picture"]["tmp_name"], $target_file)) {
            // Update the profile picture path in the database
            $sql = "UPDATE users SET profile_pic = ? WHERE user_id = ?";
            $stmt = $conn->prepare($sql);
            $stmt->bind_param("si", $target_file, $user_id);
            if ($stmt->execute()) {
                $_SESSION['profile_pic'] = $target_file;
                $response['status'] = 'success';
                $response['message'] = 'Profile picture updated successfully';
            } else {
                $response['message'] = 'Failed to update profile picture in the database';
            }
        } else {
            $response['message'] = 'Sorry, there was an error uploading your file.';
        }
    } else {
        $response['message'] = 'File is not an image.';
    }
} else {
    $response['message'] = 'No file uploaded or file error.';
}

echo json_encode($response);
?>