<?php
print header('Content-Type: application/json');
include("../../../lib/header.php");
$_POST = json_decode(file_get_contents("php://input"), true);

if (isset($_POST["t"])) {
	$type = validate_input($_POST["t"]);
	print match ($type) {
		"activity" => activity(),
		"activity_transaction" => activity_transaction(),
		"board_member" => board_member(),
		"member" => member(),
		"product" => product(),
		"transaction" => transaction(),
		default => header("HTTP/1.1 400 Incorrect table type")
	};
} else {
	print header("HTTP/1.1 400 Missing table type");
	print json_encode(err_msg(1));
}

function activity() {
	include("../../../lib/db.php");
	$out = "";
	if (isset($_POST["a_id"]) && (isset($_POST["title"]) || isset($_POST["description"]) || isset($_POST["date"]))) {
		$s = "UPDATE activity SET ";
		$param_str = "";
		$params = array();
		$comma = "";
		if (isset($_POST["title"])) {
			$s .= "title = ?";
			$param_str .= "s";
			$params[] = validate_input($_POST["title"]);
			$comma = ", ";
		}
		if (isset($_POST["description"])) {
			$s .= $comma . "description = ?";
			$param_str .= "s";
			$params[] = validate_input($_POST["description"]);
			$comma = ", ";
		}
		if (isset($_POST["date"])) {
			$s .= $comma . "date = ? ";
			$param_str .= "s";
			$params[] = validate_input($_POST["date"]);
		}
		$s .= "WHERE a_id = ?;";
		$param_str .= "i";
		$a_id = validate_input($_POST["a_id"]);
		$params[] = $a_id;
		$stmt = $db -> prepare($s);
		$stmt -> bind_param($param_str, ...$params);
		if ($stmt -> execute()) {
			print header("HTTP/1.1 201 Succesfully updated activity");
			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=activity&a_id=${a_id}");
			$out .= json_encode(array("a_id" => $a_id));
		} else {
			print header("HTTP/1.1 500 Internal server error ocurred while updating activity");
		}
	} else {
		print header("HTTP/1.1 400 Missing a_id");
		$out = json_encode(err_msg(3));
	}
	$db->close();
	return $out;
}

function board_member() {
	include("../../../lib/db.php");
	$out = "";
	if (isset($_POST["m_id"]) && (isset($_POST["position"]) || isset($_POST["year"]) || isset($_POST["role"]) || isset($_POST["password"]))) {
		$s = "UPDATE activity SET ";
		$param_str = "";
		$params = array();
		if (!isset($_POST["position"])) {
			$s .= "position = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["position"]);
		}
		if (!isset($_POST["year"])) {
			$s .= "year = ?, ";
			$param_str = "i";
			$params[] = validate_input($_POST["year"]);
		}
		if (!isset($_POST["role"])) {
			$s .= "role = ? ";
			$param_str = "s";
			$params[] = validate_input($_POST["role"]);
		}
		if (!isset($_POST["password"])) {
			$s .= "password = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["password"]);
		}
		$s .= "1 = 1 WHERE m_id = ?;";
		$param_str = "i";
		$params[] = validate_input($_POST["m_id"]);
		$stmt = $db -> prepare($s);
		$stmt -> bind_param($param_str, ...$params);
		if ($stmt -> execute()) {
			print header("HTTP/1.1 202 Succesfully updated board_member");
			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=board_member&m_id=${m_id}");
		} else {
			print header("HTTP/1.1 500 Internal server error ocurred while updating board_member");
		}
	} else {
		print header("HTTP/1.1 400 Missing m_id");
		$out = json_encode(err_msg(3));
	}
	$db->close();
	return $out;
}

function member() {
	include("../../../lib/db.php");
	$out = "";
	if (isset($_POST["m_id"]) && (isset($_POST["name"]) || isset($_POST["second_name"]) || isset($_POST["last_name"]) || isset($_POST["second_last_name"]) || isset($_POST["email"]) || isset($_POST["phone_number"]) || isset($_POST["status"]))) {
		$s = "UPDATE activity SET ";
		$param_str = "";
		$params = array();
		if (!isset($_POST["name"])) {
			$s .= "name = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["name"]);
		}
		if (!isset($_POST["second_name"])) {
			$s .= "second_name = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["second_name"]);
		}
		if (!isset($_POST["last_name"])) {
			$s .= "last_name = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["last_name"]);
		}
		if (!isset($_POST["second_last_name"])) {
			$s .= "second_last_name = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["second_last_name"]);
		}
		if (!isset($_POST["email"])) {
			$s .= "email = ? ";
			$param_str = "s";
			$params[] = validate_input($_POST["email"]);
		}
		if (!isset($_POST["phone_number"])) {
			$s .= "phone_number = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["phone_number"]);
		}
		if (!isset($_POST["status"])) {
			$s .= "status = ?, ";
			$param_str = "s";
			$params[] = validate_input($_POST["status"]);
		}
		$s .= "1 = 1 WHERE m_id = ?;";
		$param_str = "i";
		$params[] = validate_input($_POST["m_id"]);
		$stmt = $db -> prepare($s);
		$stmt -> bind_param($param_str, ...$params);
		if ($stmt -> execute()) {
			print header("HTTP/1.1 202 Succesfully updated member");
			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=member&m_id=${m_id}");
		} else {
			print header("HTTP/1.1 500 Internal server error ocurred while updating product");
		}
	} else {
		print header("HTTP/1.1 400 Missing m_id");
		$out = json_encode(err_msg(3));
	}
	$db->close();
	return $out;
}

function product() {
	include("../../../lib/db.php");
	$out = "";
	if (isset($_POST["p_id"]) && (isset($_POST["cents"]) || isset($_POST["description"]))) {
		$s = "UPDATE product SET ";
		$param_str = "";
		$params = array();
		$comma = "";
		if (isset($_POST["cents"])) {
			$s .= "cents = ?";
			$param_str .= "i";
			$params[] = validate_input($_POST["cents"]);
			$comma = ", ";
		}
		if (isset($_POST["description"])) {
			$s .= $comma . "description = ?";
			$param_str .= "s";
			$params[] = validate_input($_POST["description"]);
		}

		$s .= " WHERE p_id = ?;";
		$param_str .= "i";
		$p_id = validate_input($_POST["p_id"]);
		$params[] = $p_id;
		$stmt = $db -> prepare($s);
		$stmt -> bind_param($param_str, ...$params);

		if ($stmt -> execute()) {
			print header("HTTP/1.1 201 Succesfully updated product");
			$out .= json_encode(array("p_id" => $p_id));
		} else {
			print header("HTTP/1.1 500 Internal server error ocurred while updating product");
		}
	} else {
		print header("HTTP/1.1 400 Missing p_id");
		$out = json_encode(err_msg(3));
	}
	$db->close();

	return $out;
}

function transaction() {
	include("../../../lib/db.php");
	$out = "";
	if (isset($_POST["t_id"]) && (isset($_POST["type"]) || isset($_POST["date"]) || isset($_POST["quantity"]) || isset($_POST["p_id"]))) {
		$s = "UPDATE transaction SET ";
		$param_str = "";
		$params = array();
		$comma = "";
		if (isset($_POST["type"])) {
			$s .= "type = ?";
			$param_str .= "s";
			$params[] = validate_input($_POST["type"]);
			$comma = ", ";
		}
		if (isset($_POST["date"])) {
			$s .= $comma . "date = ?";
			$param_str .= "s";
			$params[] = validate_input($_POST["date"]);
			$comma = ", ";
		}
		if (isset($_POST["quantity"])) {
			$s .= $comma . "quantity = ?";
			$param_str .= "i";
			$params[] = validate_input($_POST["quantity"]);
			$comma = ", ";
		}
		if (isset($_POST["p_id"])) {
			$s .= $comma . "p_id = ?";
			$param_str .= "i";
			$params[] = validate_input($_POST["p_id"]);
		}
		$s .= " WHERE t_id = ?;";
		$param_str .= "i";
		$t_id = validate_input($_POST["t_id"]);
		$params[] = $t_id;
		$stmt = $db -> prepare($s);
		$stmt -> bind_param($param_str, ...$params);
		if ($stmt -> execute()) {
			print header("HTTP/1.1 201 Succesfully updated transaction");
			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=transaction&t_id=${t_id}");
			$out .= json_encode(array("t_id" => $t_id));
		} else {
			print header("HTTP/1.1 500 Internal server error ocurred while updating transaction");
		}
	} else {
		print header("HTTP/1.1 400 Missing t_id");
		$out = json_encode(err_msg(3));
	}
	$db->close();
	return $out;
}

?>