<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: access");
header("Access-Control-Allow-Methods: POST");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");

require __DIR__ . '/classes/Database.php';
require __DIR__ . '/classes/lib.php';


function deleteOldPic($qr_id, $qr)
{
    // get old pic_path
    try
    {
//        echo "qr_id   ". $qr_id . "\n";
//        echo "qr_set   ". $qr . "\n";
//        echo "isset qr_set   ". isset($qr) . "\n";
        $db_connection = new Database();
        $conn = $db_connection->dbConnection();

        $fetch_user_qr_id = 
        "SELECT id, qr_code, picture FROM `dogs` WHERE `qr_id`=:qr_id";
        $query_stmt = $conn->prepare($fetch_user_qr_id);
//        echo "query_stmt   ". $query_stmt . "\n";
        $query_stmt->bindValue(':qr_id', $qr_id,PDO::PARAM_STR);
//        echo "bindValue   ". "\n";
        $query_stmt->execute();
//        echo "execute   ". "\n";

        // // IF THE dog IS FOUNDED BY qr_id
        if($query_stmt->rowCount())
        {
            $row = $query_stmt->fetch(PDO::FETCH_ASSOC);

//            echo "row " . $row["picture"] . "\n";
            $file2del = "../uploads/";
            if($qr)
            {
                $file2del .= $row["qr_code"];
            }
            else
            {
                $file2del .= $row["picture"];
            }
            if (file_exists($file2del))
            {
                unlink($file2del);
//                echo "unlink " . $file2del . "\n";
            }
            $result = new CMsg(1,200,'get old pic_path',null,$row);
        }
        else
        {
            $result = new CMsg(0,422,'no dog',null);
        }
    }
    catch(PDOException $e)
    {
        $result = new CMsg(0,500,"deleteOldPic ".$e->getMessage());
        echo $result->jsonarray();
    }
}

try {
    session_start();

//     $resp = json_decode('
// {
//     "success": 1,
//     "user": {
//         "id": 11,
//         "qr_id": "YQiwEB",
//         "email": "p.para@gmx.de",
//         "qr": 1
//     }
// }');

// $_SESSION["user"] = (array)((array)$resp)["user"];

    $result = new CMsg(0);

    if (!isset($_SESSION["user"])) 
    {
        $result = new CMsg(0, 401, "not logged in");
        echo $result->jsonarray();
        return $result->jsonarray();
    }

    $user = $_SESSION["user"];
    $allowTypes = array('jpg', 'png', 'jpeg', 'gif', 'pdf');
    //echo var_dump($user);
    // File upload path
    //$targetDir = "../uploads/" . $user["qr_id"];
    $targetDir = "../uploads/" . $user["qr_id"];
    if (!file_exists($targetDir)) 
    {
        mkdir($targetDir, 0755, true);
    }
//    echo "targetDir   ". $targetDir . "\n";

    $fileName = basename($_FILES["file"]["name"]);
    //$fileName = "qr_blob.png";
    $fileType = pathinfo($fileName, PATHINFO_EXTENSION);

    // echo "fileName    ".$fileName . "\n";
    // echo "fileType    ".$fileType . "\n";
    
    if (!in_array($fileType, $allowTypes)) 
    {
        $result = new CMsg(
            0,
            406,
            'Sorry, only JPG, JPEG, PNG, GIF, & PDF files are allowed to upload.'
        );
        echo $result->jsonarray();
        return $result->jsonarray();
    }
    deleteOldPic($user["qr_id"], $_POST["qr"]);
    // deleteOldPic($user["qr_id"], $user["qr"]);
    $newFilename = getNewFilename($targetDir, $fileType, 20);

//    echo "newFilename    ".$newFilename . "\n";
    if (strlen($newFilename) == 0) 
    {
        $result = new CMsg(
            0,
            507,
            'Too many uploaded files on the server, try it again later'
        );
        echo $result->jsonarray();

        return $result->jsonarray();
    }

    $targetFilePath = $targetDir . '/' . $newFilename;
    echo "targetFilePath   ". $targetFilePath."\n";

    if (isset($_POST["submit"]) && !empty($_FILES["file"]["name"])) 
    {
//        echo "submit file name   ". $_FILES["file"]["name"]."\n";
        // Upload file to server
        if (move_uploaded_file($_FILES["file"]["tmp_name"], $targetFilePath)) 
        {
//            echo "move ok!   ". $targetFilePath."\n";
            $newPathFilename = '/' . $user["qr_id"] . '/' . $newFilename;
//            echo "query   " . "UPDATE dogs SET picture = '" . $newPathFilename . "' WHERE qr_id = '" . $user["qr_id"]."'\n";
            $db_connection = new Database();
            $conn = $db_connection->dbConnection();
//            echo var_dump($conn);
            // Insert image file name into database
            if(isset($_POST["qr"]))
            {
                $statement = $conn->prepare("UPDATE dogs SET qr_code = :filePath WHERE qr_id = :user_qr_id");
            }
            else
            {
                $statement = $conn->prepare("UPDATE dogs SET picture = :filePath WHERE qr_id = :user_qr_id");
            }
            $update = $statement->execute(array('filePath' => $newPathFilename, 'user_qr_id' => $user["qr_id"]));
//            echo var_dump($update);
            $count = $statement->rowCount();
//            echo 'rowcount   ' . $count . '\n';
            
            if ($update && $count > 0) 
            {
                $result = new CMsg(1, 200, "The file " . $fileName . " has been uploaded successfully.");
//                echo $result->jsonarray();
            } 
            else 
            {
                $result = new CMsg(0, 500, "File upload failed, please try again.");
//                echo $result->jsonarray();
            }
        } 
        else 
        {
            $result = new CMsg(0, 500, "Sorry, there was an error uploading your file.");
        }
    } 
    else
    {
        $result = new CMsg(1, 204, 'Please select a file to upload.');
    }

    // Display status message
    echo $result->jsonarray();
}
catch(Exception $e)
{
    $result = new CMsg(0, 500, $e->getMessage() );
    echo $result->jsonarray();
}
?>