<?php
session_start();
include '../inc/connect.php';

// เพิ่มการ debug
error_reporting(E_ALL);
ini_set('display_errors', 0); // ไม่แสดง error ใน output เพื่อไม่ให้ JSON เสีย

header('Content-Type: application/json; charset=utf-8');

$action = isset($_POST['action']) ? $_POST['action'] : '';
$res = array('status' => 'error', 'message' => 'ไม่สามารถดำเนินการได้');

// Debug: Log incoming request
error_log("Action: " . $action);
error_log("POST data: " . print_r($_POST, true));

// ตรวจสอบการเข้าสู่ระบบ
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$schoolID = isset($_POST['schoolID']) ? trim($_POST['schoolID']) : '';

// เพิ่มการตรวจสอบ session
$session_username = isset($_SESSION['username']) ? $_SESSION['username'] : '';
$session_schoolID = isset($_SESSION['schoolID']) ? $_SESSION['schoolID'] : '';
$user_type_id = isset($_SESSION['user_type_id']) ? $_SESSION['user_type_id'] : 0;

if (empty($username) || empty($schoolID) || $username !== $session_username || $schoolID !== $session_schoolID || $user_type_id != 4) {
    $res['message'] = 'กรุณาเข้าสู่ระบบใหม่';
    echo json_encode($res);
    exit;
}

switch($action) {
    case 'add':
        // เก็บข้อมูลจากฟอร์ม
        $prefix_id = isset($_POST['prefix']) ? intval($_POST['prefix']) : null;
        $first_name = isset($_POST['first_name']) ? htmlspecialchars(trim($_POST['first_name']), ENT_QUOTES, 'UTF-8') : '';
        $last_name = isset($_POST['last_name']) ? htmlspecialchars(trim($_POST['last_name']), ENT_QUOTES, 'UTF-8') : '';
        $birth_date = isset($_POST['birth_date']) ? trim($_POST['birth_date']) : '';
        $gender_id = isset($_POST['gender']) ? intval($_POST['gender']) : null;
        $ethnicity = isset($_POST['ethnicity']) ? trim($_POST['ethnicity']) : '';
        $nationality = isset($_POST['nationality']) ? trim($_POST['nationality']) : '';
        $religion = isset($_POST['religion']) ? trim($_POST['religion']) : '';
        $blood_type = isset($_POST['blood_type']) ? trim($_POST['blood_type']) : '';
        
        // ข้อมูลอาชีพ
        $occupation_id = isset($_POST['occupation']) ? intval($_POST['occupation']) : 1; // Default to 1 if nothing selected
        $occupation_other = isset($_POST['occupation_other']) ? trim($_POST['occupation_other']) : '';
        
        // ถ้าเลือก "other" ให้หา occupation_id ของ "อื่นๆ" หรือใช้ default id
        if ($occupation_id === 0 && $_POST['occupation'] === 'other') {
            // ค้นหา occupation_id ของ "อื่นๆ" หรือใช้ id ที่มีอยู่
            try {
                $stmt_occ = $pdo->prepare("SELECT id FROM `typeOccupation` WHERE title LIKE '%อื่น%' OR title LIKE '%other%' LIMIT 1");
                $stmt_occ->execute();
                $other_occupation = $stmt_occ->fetch(PDO::FETCH_ASSOC);
                if ($other_occupation) {
                    $occupation_id = $other_occupation['id'];
                } else {
                    // ถ้าไม่พบ ให้ใช้ id สุดท้ายในตาราง occupations
                    $stmt_max = $pdo->prepare("SELECT MAX(id) as max_id FROM `typeOccupation`");
                    $stmt_max->execute();
                    $max_result = $stmt_max->fetch(PDO::FETCH_ASSOC);
                    $occupation_id = isset($max_result['max_id']) ? $max_result['max_id'] : 1;
                }
            } catch (PDOException $e) {
                $occupation_id = 1; // Fallback to id 1
            }
        }
        
        // ข้อมูลสถานภาพ
        $marital_status_id = isset($_POST['marital_status']) ? intval($_POST['marital_status']) : null;
        
        // ข้อมูลที่อยู่
        $house_number = isset($_POST['house_number']) ? trim($_POST['house_number']) : '';
        $village_number = isset($_POST['village_number']) ? trim($_POST['village_number']) : '';
        $building = isset($_POST['building']) ? trim($_POST['building']) : '';
        $street = isset($_POST['street']) ? trim($_POST['street']) : '';
        $subdistrict = isset($_POST['subdistrict']) ? trim($_POST['subdistrict']) : '';
        $district = isset($_POST['district']) ? trim($_POST['district']) : '';
        $province = isset($_POST['province']) ? trim($_POST['province']) : '';
        
        // ข้อมูลการติดต่อ
        $phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
        $line_id = isset($_POST['line_id']) ? trim($_POST['line_id']) : '';
        $email = isset($_POST['email']) ? trim($_POST['email']) : '';
        $service_type_id = isset($_POST['service_type']) ? intval($_POST['service_type']) : null;
        
        // ข้อมูลผู้ติดต่อฉุกเฉิน
        $emergency_first_name = isset($_POST['emergency_first_name']) ? trim($_POST['emergency_first_name']) : '';
        $emergency_last_name = isset($_POST['emergency_last_name']) ? trim($_POST['emergency_last_name']) : '';
        $emergency_relation_id = isset($_POST['emergency_relation']) ? intval($_POST['emergency_relation']) : null;
        $emergency_relation_other = isset($_POST['emergency_relation_other']) ? trim($_POST['emergency_relation_other']) : '';
        $emergency_phone = isset($_POST['emergency_phone']) ? trim($_POST['emergency_phone']) : '';
        
        // ถ้าเลือก "other" ให้เก็บ emergency_relation_id เป็น 6
        if ($emergency_relation_id === 0 && $_POST['emergency_relation'] === 'other') {
            $emergency_relation_id = 6;
        }

        // Validation
        if (empty($first_name)) {
            $res['message'] = 'กรุณากรอกชื่อ';
            echo json_encode($res);
            exit;
        }
        if (empty($last_name)) {
            $res['message'] = 'กรุณากรอกนามสกุล';
            echo json_encode($res);
            exit;
        }
        if (empty($birth_date)) {
            $res['message'] = 'กรุณาระบุวันเกิด';
            echo json_encode($res);
            exit;
        }
        if (empty($phone)) {
            $res['message'] = 'กรุณากรอกหมายเลขโทรศัพท์';
            echo json_encode($res);
            exit;
        }

        // เพิ่มการตรวจสอบวันเกิด
        if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', $birth_date)) {
            $res['message'] = 'รูปแบบวันเกิดไม่ถูกต้อง';
            echo json_encode($res);
            exit;
        }

        // เพิ่มการตรวจสอบหมายเลขโทรศัพท์
        if (!preg_match('/^[0-9-+().\s]+$/', $phone)) {
            $res['message'] = 'รูปแบบหมายเลขโทรศัพท์ไม่ถูกต้อง';
            echo json_encode($res);
            exit;
        }

        try {
            $stmt = $pdo->prepare("INSERT INTO `individual_counseling` 
                (prefix_id, first_name, last_name, birth_date, gender_id, ethnicity, nationality, 
                religion, blood_type, occupation_id, occupation_other, marital_status_id,
                house_number, village_number, building, street, subdistrict, district, province,
                phone, line_id, email, service_type_id, 
                emergency_first_name, emergency_last_name, emergency_relation_id, emergency_relation_other, emergency_phone,
                username, schoolID, created_at, updated_at) 
                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), NOW())");
            
            $result = $stmt->execute(array(
                $prefix_id, $first_name, $last_name, $birth_date, $gender_id, 
                $ethnicity, $nationality, $religion, $blood_type, 
                $occupation_id, $occupation_other, $marital_status_id,
                $house_number, $village_number, $building, $street, $subdistrict, $district, $province,
                $phone, $line_id, $email, $service_type_id,
                $emergency_first_name, $emergency_last_name, $emergency_relation_id, $emergency_relation_other, $emergency_phone,
                $username, $schoolID
            ));

            if ($result) {
                $person_id = $pdo->lastInsertId();
                $res['status'] = 'success';
                $res['message'] = 'บันทึกข้อมูลส่วนตัวเรียบร้อย';
                $res['person_id'] = $person_id;
            }
        } catch (PDOException $e) {
            $res['message'] = 'เกิดข้อผิดพลาดในการดำเนินการ: ' . addslashes($e->getMessage());
        }
        break;

    case 'update':
        $id = isset($_POST['id']) ? intval($_POST['id']) : 0;
        
        // ตรวจสอบสิทธิ์
        // ตรวจสอบความถูกต้องของ ID
        if ($id <= 0) {
            $res['message'] = 'ID ไม่ถูกต้อง';
            echo json_encode($res);
            exit;
        }

        try {
            $stmt = $pdo->prepare("SELECT id FROM `individual_counseling` WHERE id = ? AND username = ? AND schoolID = ?");
            $stmt->execute(array($id, $username, $schoolID));
            if (!$stmt->fetch()) {
                $res['message'] = 'ไม่พบข้อมูลบุคคล หรือไม่มีสิทธิ์เข้าถึง';
                echo json_encode($res);
                exit;
            }
        } catch (PDOException $e) {
            $res['message'] = 'เกิดข้อผิดพลาด: ' . addslashes($e->getMessage());
            echo json_encode($res);
            exit;
        }

        // เก็บข้อมูลจากฟอร์ม (เหมือน add case)
        $prefix_id = isset($_POST['prefix']) ? intval($_POST['prefix']) : null;
        $first_name = isset($_POST['first_name']) ? htmlspecialchars(trim($_POST['first_name']), ENT_QUOTES, 'UTF-8') : '';
        $last_name = isset($_POST['last_name']) ? htmlspecialchars(trim($_POST['last_name']), ENT_QUOTES, 'UTF-8') : '';
        $birth_date = isset($_POST['birth_date']) ? trim($_POST['birth_date']) : '';
        $gender_id = isset($_POST['gender']) ? intval($_POST['gender']) : null;
        $ethnicity = isset($_POST['ethnicity']) ? trim($_POST['ethnicity']) : '';
        $nationality = isset($_POST['nationality']) ? trim($_POST['nationality']) : '';
        $religion = isset($_POST['religion']) ? trim($_POST['religion']) : '';
        $blood_type = isset($_POST['blood_type']) ? trim($_POST['blood_type']) : '';
        
        // ข้อมูลอาชีพ
        $occupation_id = isset($_POST['occupation']) ? intval($_POST['occupation']) : 1; // Default to 1 if nothing selected
        $occupation_other = isset($_POST['occupation_other']) ? trim($_POST['occupation_other']) : '';
        
        // ถ้าเลือก "other" ให้หา occupation_id ของ "อื่นๆ" หรือใช้ default id
        if ($occupation_id === 0 && $_POST['occupation'] === 'other') {
            // ค้นหา occupation_id ของ "อื่นๆ" หรือใช้ id ที่มีอยู่
            try {
                $stmt_occ = $pdo->prepare("SELECT id FROM `typeOccupation` WHERE title LIKE '%อื่น%' OR title LIKE '%other%' LIMIT 1");
                $stmt_occ->execute();
                $other_occupation = $stmt_occ->fetch(PDO::FETCH_ASSOC);
                if ($other_occupation) {
                    $occupation_id = $other_occupation['id'];
                } else {
                    // ถ้าไม่พบ ให้ใช้ id สุดท้ายในตาราง occupations
                    $stmt_max = $pdo->prepare("SELECT MAX(id) as max_id FROM `typeOccupation`");
                    $stmt_max->execute();
                    $max_result = $stmt_max->fetch(PDO::FETCH_ASSOC);
                    $occupation_id = isset($max_result['max_id']) ? $max_result['max_id'] : 1;
                }
            } catch (PDOException $e) {
                $occupation_id = 1; // Fallback to id 1
            }
        }
        
        $marital_status_id = isset($_POST['marital_status']) ? intval($_POST['marital_status']) : null;
        
        $house_number = isset($_POST['house_number']) ? trim($_POST['house_number']) : '';
        $village_number = isset($_POST['village_number']) ? trim($_POST['village_number']) : '';
        $building = isset($_POST['building']) ? trim($_POST['building']) : '';
        $street = isset($_POST['street']) ? trim($_POST['street']) : '';
        $subdistrict = isset($_POST['subdistrict']) ? trim($_POST['subdistrict']) : '';
        $district = isset($_POST['district']) ? trim($_POST['district']) : '';
        $province = isset($_POST['province']) ? trim($_POST['province']) : '';
        
        $phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
        $line_id = isset($_POST['line_id']) ? trim($_POST['line_id']) : '';
        $email = isset($_POST['email']) ? trim($_POST['email']) : '';
        $service_type_id = isset($_POST['service_type']) ? intval($_POST['service_type']) : null;
        
        $emergency_first_name = isset($_POST['emergency_first_name']) ? trim($_POST['emergency_first_name']) : '';
        $emergency_last_name = isset($_POST['emergency_last_name']) ? trim($_POST['emergency_last_name']) : '';
        $emergency_relation_id = isset($_POST['emergency_relation']) ? intval($_POST['emergency_relation']) : null;
        $emergency_relation_other = isset($_POST['emergency_relation_other']) ? trim($_POST['emergency_relation_other']) : '';
        $emergency_phone = isset($_POST['emergency_phone']) ? trim($_POST['emergency_phone']) : '';
        
        // ถ้าเลือก "other" ให้เก็บ emergency_relation_id เป็น 6
        if ($emergency_relation_id === 0 && $_POST['emergency_relation'] === 'other') {
            $emergency_relation_id = 6;
        }

        // Validation (เหมือน add case)
        if (empty($first_name)) {
            $res['message'] = 'กรุณากรอกชื่อ';
            echo json_encode($res);
            exit;
        }
        if (empty($last_name)) {
            $res['message'] = 'กรุณากรอกนามสกุล';
            echo json_encode($res);
            exit;
        }
        if (empty($birth_date)) {
            $res['message'] = 'กรุณาระบุวันเกิด';
            echo json_encode($res);
            exit;
        }
        if (empty($phone)) {
            $res['message'] = 'กรุณากรอกหมายเลขโทรศัพท์';
            echo json_encode($res);
            exit;
        }

        // เพิ่มการตรวจสอบวันเกิด
        if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', $birth_date)) {
            $res['message'] = 'รูปแบบวันเกิดไม่ถูกต้อง';
            echo json_encode($res);
            exit;
        }

        // เพิ่มการตรวจสอบหมายเลขโทรศัพท์
        if (!preg_match('/^[0-9-+().\s]+$/', $phone)) {
            $res['message'] = 'รูปแบบหมายเลขโทรศัพท์ไม่ถูกต้อง';
            echo json_encode($res);
            exit;
        }

        try {
            $stmt = $pdo->prepare("UPDATE `individual_counseling` SET 
                prefix_id = ?, first_name = ?, last_name = ?, birth_date = ?, gender_id = ?, 
                ethnicity = ?, nationality = ?, religion = ?, blood_type = ?, 
                occupation_id = ?, occupation_other = ?, marital_status_id = ?,
                house_number = ?, village_number = ?, building = ?, street = ?, 
                subdistrict = ?, district = ?, province = ?,
                phone = ?, line_id = ?, email = ?, service_type_id = ?, 
                emergency_first_name = ?, emergency_last_name = ?, emergency_relation_id = ?, 
                emergency_relation_other = ?, emergency_phone = ?, updated_at = NOW() 
                WHERE id = ?");
            
            $result = $stmt->execute(array(
                $prefix_id, $first_name, $last_name, $birth_date, $gender_id, 
                $ethnicity, $nationality, $religion, $blood_type, 
                $occupation_id, $occupation_other, $marital_status_id,
                $house_number, $village_number, $building, $street, $subdistrict, $district, $province,
                $phone, $line_id, $email, $service_type_id,
                $emergency_first_name, $emergency_last_name, $emergency_relation_id, $emergency_relation_other, $emergency_phone,
                $id
            ));

            if ($result) {
                $res['status'] = 'success';
                $res['message'] = 'อัปเดตข้อมูลส่วนตัวเรียบร้อย';
                $res['person_id'] = $id;
            } else {
                $res['message'] = 'ไม่สามารถอัปเดตข้อมูลได้';
                error_log("Update failed - no rows affected");
            }
        } catch (PDOException $e) {
            error_log("Update Error: " . $e->getMessage());
            $res['message'] = 'เกิดข้อผิดพลาดในการอัปเดตข้อมูล: ' . addslashes($e->getMessage());
        }
        break;

    default:
        $res['message'] = 'การดำเนินการไม่ถูกต้อง';
        break;
}

echo json_encode($res);
?>