<?php
if (!defined('GLPI_ROOT')) {
   define('GLPI_ROOT', dirname(__DIR__));
}

include_once GLPI_ROOT . '/inc/based_config.php';
// Init Timer to compute time of display
$TIMER_DEBUG = new Timer();
$TIMER_DEBUG->start();
/// TODO try to remove them if possible
include_once (GLPI_ROOT . "/inc/db.function.php");
// Standard includes
include_once (GLPI_ROOT . "/inc/config.php");
//disbled errors =>pour le variable res (Ajax)
ini_set('display_errors', 0);

Session::checkLoginUser();
global $DB;

function getDropdownName($table, $id) {
    global $DB;
    if (empty($id)) return '';

    $query = "SELECT value FROM $table WHERE id = ?";
    if ($stmt = $DB->prepare($query)) {
        $stmt->bind_param("i", $id);
        $stmt->execute();
        $result = $stmt->get_result();
        if ($row = $result->fetch_assoc()) {
            return $row['value'];
        }
        $stmt->close();
    }
    return '';
}


function add_tracking($user_id, $old_id, $new_id,$column_id) {

    if ($column_id == 101 || $column_id == 102) {
        $old_id = getDropdownName('picklist', $old_id);
        $new_id = getDropdownName('picklist', $new_id);
    }

    global $DB;

    // ID et nom de l'utilisateur courant
    $current_user_id = $_SESSION['glpiID'] ?? 0;
    $current_user_name = '';

    // Récupérer le nom complet de l'utilisateur courant
    if ($current_user_id > 0) {
        $query_user = "SELECT CONCAT(realname, ' ', firstname, ' (', id, ')') AS fullname 
                       FROM glpi_users 
                       WHERE id = ?";
        if ($stmt_user = $DB->prepare($query_user)) {
            $stmt_user->bind_param("i", $current_user_id);
            $stmt_user->execute();
            $result_user = $stmt_user->get_result();

            if ($row_user = $result_user->fetch_assoc()) {
                $current_user_name = $row_user['fullname'];
            }
            $stmt_user->close();
        }
    }

    $query_log = "INSERT INTO glpi_logs 
                    (itemtype, items_id, date_mod, user_name, id_search_option, old_value, new_value)
                  VALUES 
                    ('User', ?, NOW(), ?, ?, ?, ?)";

    if ($stmt_log = $DB->prepare($query_log)) {
        $stmt_log->bind_param("issss", $user_id, $current_user_name, $column_id, $old_id, $new_id);
        $stmt_log->execute();
        $stmt_log->close();
    } else {
        error_log("Erreur SQL add_tracking : " . $DB->error);
    }
}

// === Filter list ===
function filtre($filters) {
    global $DB;

    $where = [];
    $where[] = "user1.is_active = 1";
    $where[] = "user1.is_deleted = 0";
    $where[] = "user1.registration_number REGEXP '^[0-9]+$'";

    if (!empty($filters) && is_array($filters)) {
        foreach ($filters as $type => $valeur) {
            $valeur = $DB->escape($valeur);

            switch ($type) {
                case "full_name":
                    $where[] = "CONCAT(user1.realname, ' ', user1.firstname) LIKE '%$valeur%'";
                    break;
                case "registration_number":
                    $where[] = "user1.registration_number LIKE '%$valeur%'";
                    break;
                case "superior":
                    $where[] = "CONCAT(user2.realname, ' ', user2.firstname) LIKE '%$valeur%'";
                    break;
                case "value":
                    $where[] = "p.value LIKE '%$valeur%'";
                    break;
                case "value2":
                    $where[] = "p2.value LIKE '%$valeur%'";
                    break;
            }
        }
    }

    $whereSql = implode(" AND ", $where);

    $query = "SELECT user1.id, 
                     CONCAT(user1.realname, ' ', user1.firstname) AS full_name,
                     user1.registration_number,
                     user1.users_id_supervisor,
                     CONCAT(user2.realname, ' ', user2.firstname) AS superior,
                     p.value AS value,
                     p2.value AS value2
              FROM glpi_users user1
              LEFT JOIN glpi_users user2 ON user1.users_id_supervisor = user2.id
              LEFT JOIN picklist p ON user1.id_fonction = p.id
              LEFT JOIN picklist p2 ON user1.id_structure = p2.id
              WHERE $whereSql
              ORDER BY CAST(user1.registration_number AS UNSIGNED) ASC";

    $result = $DB->query($query);
    $res = [];

    if ($result && $result->num_rows > 0) {
        while ($row = $result->fetch_assoc()) {
            $res[] = $row;
        }
    }

    return $res;
}

// === Update user ===
function updateUser($data) {
    global $DB;

    header('Content-type: application/json; charset=utf-8');

    if (!isset($data['id']) || intval($data['id']) <= 0) {
        echo json_encode(["status" => "error", "message" => "ID utilisateur invalide"]);
        exit;
    }

    $id                  = intval($data['id']);
    $users_id_supervisor = !empty($data['users_id_supervisor']) ? intval($data['users_id_supervisor']) : null;
    $id_fonction         = !empty($data['id_fonction']) ? intval($data['id_fonction']) : null;
    $id_structure        = !empty($data['id_structure']) ? intval($data['id_structure']) : null;

    try {
        // Récupérer les anciennes valeurs AVANT la mise à jour
        $oldData = [];
        $res = $DB->query("SELECT users_id_supervisor, id_fonction, id_structure 
                           FROM glpi_users WHERE id = $id");
        if ($res && $res->num_rows > 0) {
            $oldData = $res->fetch_assoc();
        }

        // Mise à jour
        $stmt = $DB->prepare("
            UPDATE glpi_users 
            SET users_id_supervisor = ?, 
                id_fonction = ?, 
                id_structure = ?
            WHERE id = ?
        ");
        $stmt->bind_param("iiii", $users_id_supervisor, $id_fonction, $id_structure, $id);
        $stmt->execute();

        if ($stmt->affected_rows >= 0) {
            // Vérifier les changements et logger
            if ($oldData) {
                if ($oldData['users_id_supervisor'] != $users_id_supervisor) {
                    add_tracking($id, $oldData['users_id_supervisor'], $users_id_supervisor,99);
                }
                if ($oldData['id_fonction'] != $id_fonction) {
                    add_tracking($id, $oldData['id_fonction'], $id_fonction,101);
                }
                if ($oldData['id_structure'] != $id_structure) {
                    add_tracking($id, $oldData['id_structure'], $id_structure,102);
                }
            }

            echo json_encode(["status" => "success"]);
        } else {
            echo json_encode(["status" => "error", "message" => "Aucune mise à jour effectuée"]);
        }

    } catch (Exception $e) {
        echo json_encode(["status" => "error", "message" => $e->getMessage()]);
    }
    exit;
}
 
// === Dispatcher ===
if (isset($_GET['action'])) {
    switch ($_GET['action']) {
        case "update":
            updateUser($_POST);
            break;

        case "filtre":
            header('Content-type: application/json; charset=utf-8');
            $filters = isset($_POST['filters']) ? $_POST['filters'] : [];
            $res = filtre($filters);
            echo json_encode($res, JSON_UNESCAPED_UNICODE);
            break;
    }
}