<?php
session_start();
require 'config/db.php';

if (!isset($_SESSION['user_id'])) {
    // If not logged in, redirect to login
    header("Location: login.php"); exit();
}

if (isset($_GET['add'])) {
    $pid = $_GET['add'];
    $uid = $_SESSION['user_id'];
    
    // Insert (Ignore if already exists)
    $stmt = $pdo->prepare("INSERT IGNORE INTO wishlist (user_id, product_id) VALUES (?, ?)");
    $stmt->execute([$uid, $pid]);
    
    // Return to product page
    header("Location: product.php?id=$pid&msg=saved");
}

if (isset($_GET['remove'])) {
    $id = $_GET['remove']; // This is the wishlist ID
    $uid = $_SESSION['user_id'];
    
    $pdo->prepare("DELETE FROM wishlist WHERE id = ? AND user_id = ?")->execute([$id, $uid]);
    header("Location: wishlist.php");
}
exit();
?>