<?php
/**
 * Get Available Symptoms & Save Selected Symptoms
 * الحصول على الأعراض المتاحة وحفظ الأعراض المختارة
 */

header('Content-Type: application/json');
require_once '../config/database.php';

// Initialize database connection
$database = new Database();
$conn = $database->getConnection();

if (!$conn) {
    echo json_encode([
        'success' => false,
        'message' => 'Database connection failed'
    ]);
    exit;
}

// GET: Load available symptoms for a concern type
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    
    if (!isset($_GET['concern_type'])) {
        echo json_encode([
            'success' => false,
            'message' => 'Concern type is required'
        ]);
        exit;
    }
    
    $concernType = $_GET['concern_type'];
    
    try {
        $stmt = $conn->prepare("
            SELECT id, symptom_name_en, symptom_name_ar as name_ar, symptom_icon as icon, severity_weight 
            FROM available_symptoms 
            WHERE concern_type = ? AND is_active = 1 
            ORDER BY display_order ASC
        ");
        
        $stmt->execute([$concernType]);
        $symptoms = $stmt->fetchAll(PDO::FETCH_ASSOC);
        
        echo json_encode([
            'success' => true,
            'symptoms' => $symptoms
        ]);
        
    } catch (PDOException $e) {
        echo json_encode([
            'success' => false,
            'message' => 'Database error: ' . $e->getMessage()
        ]);
    }
    
    exit;
}

// POST: Save selected symptoms
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    
    $input = json_decode(file_get_contents('php://input'), true);
    
    if (!isset($input['session_id']) || !isset($input['concern_id']) || !isset($input['symptoms'])) {
        echo json_encode([
            'success' => false,
            'message' => 'Missing required fields'
        ]);
        exit;
    }
    
    $sessionId = $input['session_id'];
    $concernId = $input['concern_id'];
    $symptoms = $input['symptoms'];
    
    try {
        // Delete existing symptoms for this concern
        $stmt = $conn->prepare("DELETE FROM selected_symptoms WHERE session_id = ? AND concern_id = ?");
        $stmt->execute([$sessionId, $concernId]);
        
        // Insert new symptoms
        $stmt = $conn->prepare("
            INSERT INTO selected_symptoms (session_id, concern_id, symptom_id) 
            VALUES (?, ?, ?)
        ");
        
        foreach ($symptoms as $symptomId) {
            $stmt->execute([$sessionId, $concernId, $symptomId]);
        }
        
        // Update session status
        $stmt = $conn->prepare("UPDATE skin_analysis_sessions SET status = 'symptoms', current_step = 3 WHERE id = ?");
        $stmt->execute([$sessionId]);
        
        echo json_encode([
            'success' => true,
            'message' => 'Symptoms saved successfully'
        ]);
        
    } catch (PDOException $e) {
        echo json_encode([
            'success' => false,
            'message' => 'Database error: ' . $e->getMessage()
        ]);
    }
    
    exit;
}

echo json_encode([
    'success' => false,
    'message' => 'Invalid request method'
]);
?>