<?php
// /public_html/admin/settings.php

// 1. ENABLE ERROR REPORTING (To debug 500 errors)
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

session_start();
require '../config/db_connect.php';

// 2. ADMIN AUTH CHECK
if (!isset($_SESSION['user_id'])) { header("Location: ../login.php"); exit(); }
$user_id = $_SESSION['user_id'];
$check = $conn->query("SELECT role FROM users WHERE id = '$user_id'");
if (!$check || $check->fetch_assoc()['role'] !== 'admin') { die("Access Denied"); }

// 3. AUTO-FIX DATABASE (Creates missing columns automatically)
// This prevents 500 Errors if you forgot to run SQL commands
$columns = [
    'google_client_id' => "VARCHAR(255) DEFAULT NULL",
    'google_client_secret' => "VARCHAR(255) DEFAULT NULL",
    'google_redirect_uri' => "VARCHAR(255) DEFAULT NULL",
    'smtp_host' => "VARCHAR(100) DEFAULT 'smtp.gmail.com'",
    'smtp_user' => "VARCHAR(100) DEFAULT NULL",
    'smtp_pass' => "VARCHAR(100) DEFAULT NULL",
    'smtp_port' => "INT(5) DEFAULT 587",
    'smtp_from_name' => "VARCHAR(100) DEFAULT 'Support Team'"
];

foreach ($columns as $col => $def) {
    $check_col = $conn->query("SHOW COLUMNS FROM settings LIKE '$col'");
    if ($check_col->num_rows == 0) {
        $conn->query("ALTER TABLE settings ADD COLUMN $col $def");
    }
}

// Ensure row 1 exists
$check_row = $conn->query("SELECT id FROM settings WHERE id = 1");
if ($check_row->num_rows == 0) {
    $conn->query("INSERT INTO settings (id, site_name) VALUES (1, 'QR SaaS')");
}

// 4. HANDLE FORM SUBMIT
$msg = "";
$error = "";

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // General
    $name = $conn->real_escape_string($_POST['site_name']);
    $contact = $conn->real_escape_string($_POST['contact_email']);
    $ann_text = $conn->real_escape_string($_POST['announcement_text']);
    $ann_active = isset($_POST['announcement_active']) ? 1 : 0;
    
    // Google
    $g_id = $conn->real_escape_string($_POST['google_client_id']);
    $g_secret = $conn->real_escape_string($_POST['google_client_secret']);
    $g_redirect = $conn->real_escape_string($_POST['google_redirect_uri']);

    // SMTP
    $smtp_host = $conn->real_escape_string($_POST['smtp_host']);
    $smtp_user = $conn->real_escape_string($_POST['smtp_user']);
    $smtp_pass = $conn->real_escape_string($_POST['smtp_pass']);
    $smtp_port = intval($_POST['smtp_port']);
    $smtp_from = $conn->real_escape_string($_POST['smtp_from_name']);

    // Logo Upload
    $logo_sql = "";
    if (isset($_FILES['site_logo']) && $_FILES['site_logo']['error'] == 0) {
        $target_dir = "../uploads/";
        if (!file_exists($target_dir)) mkdir($target_dir, 0777, true);
        $filename = time() . "_" . basename($_FILES["site_logo"]["name"]);
        if (move_uploaded_file($_FILES["site_logo"]["tmp_name"], $target_dir . $filename)) {
            $logo_url = "/uploads/" . $filename;
            $logo_sql = ", site_logo = '$logo_url'";
        }
    }

    $sql = "UPDATE settings SET 
            site_name = '$name', 
            contact_email = '$contact',
            announcement_text = '$ann_text', 
            announcement_active = '$ann_active',
            google_client_id = '$g_id', 
            google_client_secret = '$g_secret', 
            google_redirect_uri = '$g_redirect',
            smtp_host = '$smtp_host',
            smtp_user = '$smtp_user',
            smtp_pass = '$smtp_pass',
            smtp_port = '$smtp_port',
            smtp_from_name = '$smtp_from'
            $logo_sql
            WHERE id = 1";
            
    if ($conn->query($sql)) {
        $msg = "All settings updated successfully!";
    } else {
        $error = "Database Error: " . $conn->error;
    }
}

// 5. FETCH SETTINGS
$settings = $conn->query("SELECT * FROM settings WHERE id = 1")->fetch_assoc();

// Auto-fill redirect URI for Google if empty
if(empty($settings['google_redirect_uri'])) {
    $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https://" : "http://";
    $settings['google_redirect_uri'] = $protocol . $_SERVER['HTTP_HOST'] . "/google_callback.php";
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
    <title>System Settings</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css">
</head>
<body class="bg-light">
    
    <?php include 'includes/navbar.php'; ?>

    <div class="container mt-5 mb-5">
        <div class="d-flex justify-content-between align-items-center mb-4">
            <h2>System Configuration</h2>
            <a href="index.php" class="btn btn-secondary">Back</a>
        </div>
        
        <?php if(!empty($msg)) echo "<div class='alert alert-success'>$msg</div>"; ?>
        <?php if(!empty($error)) echo "<div class='alert alert-danger'>$error</div>"; ?>
        
        <form method="POST" enctype="multipart/form-data">
            <div class="row">
                
                <div class="col-md-6">
                    <div class="card shadow-sm mb-4">
                        <div class="card-header bg-primary text-white"><i class="bi bi-globe"></i> General Info</div>
                        <div class="card-body">
                            <div class="mb-3">
                                <label class="form-label">Website Name</label>
                                <input type="text" name="site_name" class="form-control" value="<?php echo htmlspecialchars($settings['site_name'] ?? ''); ?>" required>
                            </div>
                            <div class="mb-3">
                                <label class="form-label">Contact Email</label>
                                <input type="email" name="contact_email" class="form-control" value="<?php echo htmlspecialchars($settings['contact_email'] ?? ''); ?>">
                            </div>
                            <div class="mb-3">
                                <label class="form-label">Logo</label>
                                <input type="file" name="site_logo" class="form-control">
                                <?php if(!empty($settings['site_logo'])): ?>
                                    <img src="<?php echo $settings['site_logo']; ?>" height="30" class="mt-2 border p-1">
                                <?php endif; ?>
                            </div>
                        </div>
                    </div>

                    <div class="card shadow-sm mb-4">
                        <div class="card-header bg-warning text-dark"><i class="bi bi-megaphone"></i> Announcement Bar</div>
                        <div class="card-body">
                            <div class="form-check form-switch mb-2">
                                <input class="form-check-input" type="checkbox" name="announcement_active" <?php echo ($settings['announcement_active'] == 1) ? 'checked' : ''; ?>>
                                <label class="form-check-label">Show Bar on Homepage</label>
                            </div>
                            <textarea name="announcement_text" class="form-control" rows="2" placeholder="e.g. Black Friday Sale!"><?php echo htmlspecialchars($settings['announcement_text'] ?? ''); ?></textarea>
                        </div>
                    </div>
                </div>

                <div class="col-md-6">
                    <div class="card shadow-sm mb-4 border-danger">
                        <div class="card-header bg-danger text-white"><i class="bi bi-google"></i> Google Login</div>
                        <div class="card-body">
                            <div class="mb-2">
                                <label class="form-label small text-muted">Client ID</label>
                                <input type="text" name="google_client_id" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['google_client_id'] ?? ''); ?>">
                            </div>
                            <div class="mb-2">
                                <label class="form-label small text-muted">Client Secret</label>
                                <input type="password" name="google_client_secret" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['google_client_secret'] ?? ''); ?>">
                            </div>
                            <div class="mb-2">
                                <label class="form-label small text-muted">Redirect URI (Copy this to Google Console)</label>
                                <input type="text" name="google_redirect_uri" class="form-control form-control-sm bg-light" readonly value="<?php echo htmlspecialchars($settings['google_redirect_uri'] ?? ''); ?>">
                            </div>
                        </div>
                    </div>

                    <div class="card shadow-sm mb-4 border-info">
                        <div class="card-header bg-info text-dark"><i class="bi bi-envelope-paper"></i> Email Server (SMTP)</div>
                        <div class="card-body">
                            <div class="row g-2">
                                <div class="col-8">
                                    <label class="form-label small text-muted">SMTP Host</label>
                                    <input type="text" name="smtp_host" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['smtp_host'] ?? ''); ?>" placeholder="smtp.hostinger.com">
                                </div>
                                <div class="col-4">
                                    <label class="form-label small text-muted">Port</label>
                                    <input type="text" name="smtp_port" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['smtp_port'] ?? '587'); ?>">
                                </div>
                                <div class="col-6">
                                    <label class="form-label small text-muted">Username</label>
                                    <input type="text" name="smtp_user" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['smtp_user'] ?? ''); ?>">
                                </div>
                                <div class="col-6">
                                    <label class="form-label small text-muted">Password</label>
                                    <input type="password" name="smtp_pass" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['smtp_pass'] ?? ''); ?>">
                                </div>
                                <div class="col-12">
                                    <label class="form-label small text-muted">From Name</label>
                                    <input type="text" name="smtp_from_name" class="form-control form-control-sm" value="<?php echo htmlspecialchars($settings['smtp_from_name'] ?? ''); ?>">
                                </div>
                            </div>
                        </div>
                    </div>
                    
                    <button type="submit" class="btn btn-success w-100 py-2 fw-bold shadow-sm">Save All Changes</button>
                </div>
            </div>
        </form>
    </div>

    <?php include 'includes/footer.php'; ?>