<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: access");
header("Access-Control-Allow-Methods: POST");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");

session_start();

require __DIR__ . '/classes/Database.php';
require __DIR__ . '/classes/lib.php';
$db_connection = new Database();
$conn = $db_connection->dbConnection();

// DATA FORM REQUEST
$data = json_decode(file_get_contents("php://input"));
$returnData = new CMsg(0);

if ($_SERVER["REQUEST_METHOD"] != "POST") 
{
    $returnData = new CMsg(0, 404, 'Page Not Found!');
}
elseif (
    !isset($data->qr_id)
    || !isset($data->nachname)
    || !isset($data->email)
    || !isset($data->password)
    || empty(trim($data->vorname))
    || empty(trim($data->nachname))
    || empty(trim($data->email))
    || empty(trim($data->password))
) :

    $fields = ['fields' => ['vorname', 'nachname', 'email', 'password']];
    $returnData = new CMsg(0, 422, 'Please Fill in all Required Fields!', $fields);

// IF THERE ARE NO EMPTY FIELDS THEN-
else :

    $vorname = trim($data->vorname);
    $nachname = trim($data->nachname);
    $email = trim($data->email);
    $password = trim($data->password);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) :
        $returnData = msg(0, 422, 'Invalid Email Address!');

    elseif (strlen($password) < 8) :
        $returnData = new CMsg(0, 422, 'Your password must be at least 8 characters long!');

    elseif (strlen($nachname) < 3) :
        $returnData = new CMsg(0, 422, 'Your name must be at least 3 characters long!');

    else :
        try {

            $check_email = "SELECT `email` FROM `users` WHERE `email`=:email";
            $check_email_stmt = $conn->prepare($check_email);
            $check_email_stmt->bindValue(':email', $email, PDO::PARAM_STR);
            $check_email_stmt->execute();

            if ($check_email_stmt->rowCount()) :
                $returnData = new CMsg(0, 422, 'This E-mail already in use!');

            else :
                $insert_query = "INSERT INTO `users`(`vorname`,`nachname`,`email`,`password`) VALUES(:vorname,:nachname,:email,:password)";

                $insert_stmt = $conn->prepare($insert_query);

                // DATA BINDING
                $insert_stmt->bindValue(':vorname', htmlspecialchars(strip_tags($vorname)), PDO::PARAM_STR);
                $insert_stmt->bindValue(':nachname', htmlspecialchars(strip_tags($nachname)), PDO::PARAM_STR);
                $insert_stmt->bindValue(':email', $email, PDO::PARAM_STR);
                $insert_stmt->bindValue(':password', password_hash($password, PASSWORD_DEFAULT), PDO::PARAM_STR);

                $insert_stmt->execute();

                $returnData = new CMsg(1, 201, 'You have successfully registered.');

            endif;
        } catch (PDOException $e) {
            $returnData = new CMsg(0, 500, $e->getMessage());
        }
    endif;
endif;

echo $returnData->jsonarray();
?>