<?php
if (!defined('GLPI_ROOT')) {
   define('GLPI_ROOT', dirname(__DIR__));
}

include_once GLPI_ROOT . '/inc/based_config.php';
include_once GLPI_ROOT . "/inc/db.function.php";
include_once GLPI_ROOT . "/inc/config.php";
ini_set('display_errors', 0);

Session::checkLoginUser();
global $DB;

function get_users_with_supervisor($old_supervisor_id) {
  global $DB;
  $users = [];

  $query = "SELECT id FROM glpi_users WHERE users_id_supervisor = ?";
  $stmt = $DB->prepare($query);
  $stmt->bind_param("i", $old_supervisor_id);
  $stmt->execute();
  $result = $stmt->get_result();

  while ($row = $result->fetch_assoc()) {
      $users[] = $row['id'];
  }

  return $users;
}

function update_supervisor($users_ids, $new_id) {
  global $DB;

  if (empty($users_ids)) {
    return false;
  }

  $ids_placeholders = implode(',', array_fill(0, count($users_ids), '?'));
  $types = str_repeat('i', count($users_ids) + 1);
  $params = array_merge([$new_id], $users_ids);

  $query = "UPDATE glpi_users SET users_id_supervisor = ? WHERE id IN ($ids_placeholders)";
  $stmt = $DB->prepare($query);

  $stmt->bind_param($types, ...$params);
  return $stmt->execute();
}

function add_tracking($users_ids, $old_id, $new_id) {
  global $DB;

  $current_user_id = $_SESSION['glpiID'] ?? 0;
  $current_user_name = 'Script';

  if ($current_user_id > 0) {
      $query_user = "SELECT CONCAT(firstname, ' ', realname) AS fullname FROM glpi_users WHERE id = ?";
      $stmt_user = $DB->prepare($query_user);
      $stmt_user->bind_param("i", $current_user_id);
      $stmt_user->execute();
      $result_user = $stmt_user->get_result();

      if ($row_user = $result_user->fetch_assoc()) {
          $current_user_name = $row_user['fullname'];
      }
  }

  foreach ($users_ids as $user_id) {
      $query_log = "INSERT INTO glpi_logs (itemtype, items_id, date_mod, user_name, id_search_option, old_value, new_value)
                    VALUES ('User', ?, NOW(), ?, 99, ?, ?)";

      $stmt_log = $DB->prepare($query_log);
      $stmt_log->bind_param("isss", $user_id, $current_user_name, $old_id, $new_id);
      $stmt_log->execute();
  }
}

if (isset($_POST) && $_GET['action'] === "update") {
    $old_supervisor_id = (int)$_GET['oldsupervisor'];
    $new_supervisor_id = (int)$_GET['newsupervisor'];

    $users_to_update = get_users_with_supervisor($old_supervisor_id);

    if (!empty($users_to_update)) {
        $update_success = update_supervisor($users_to_update, $new_supervisor_id);
        add_tracking($users_to_update, $old_supervisor_id, $new_supervisor_id);
        echo json_encode(['success' => $update_success], JSON_UNESCAPED_UNICODE);
    } else {
        echo json_encode(['success' => false, 'message' => 'Aucun utilisateur trouvé.'], JSON_UNESCAPED_UNICODE);
    }
}