<?php
// --- verify_payment_ai.php ---
include "../../connect.php";
include "./finalize_payment.php";
include "../GeminiAi.php";

header('Content-Type: application/json');

try {
    $json_data = file_get_contents('php://input');
    $data = json_decode($json_data, true) ?: $_POST;

    $invoiceNumber = $data['invoice_number'] ?? '';
    $proofText = $data['proof_text'] ?? '';
    $proofImageBase64 = $data['proof_image_base64'] ?? '';
    
    if (empty($invoiceNumber)) {
        echo json_encode(["status" => "failure", "message" => "Invoice number is required."]);
        exit;
    }
    
    if (empty($proofText) && empty($proofImageBase64)) {
        echo json_encode(["status" => "failure", "message" => "Proof text or image is required."]);
        exit;
    }
    
    $stmt = $con->prepare("SELECT id, amount FROM cliq_invoices WHERE invoice_number = :inv AND status = 'pending'");
    $stmt->execute([':inv' => $invoiceNumber]);
    $invoice = $stmt->fetch(PDO::FETCH_ASSOC);
    
    if (!$invoice) {
        echo json_encode(["status" => "failure", "message" => "Invoice not found or already processed."]);
        exit;
    }
    
    $amount = $invoice['amount'];
    
    $geminiKey = $_ENV['GEMINI_API_KEY'] ?? getenv('GEMINI_API_KEY') ?: '';
    
    if (empty($geminiKey)) {
        echo json_encode(["status" => "error", "message" => "Gemini API key not configured."]);
        exit;
    }
    
    $gemini = new GeminiAi($geminiKey);
    $aiResult = $gemini->verifyPayment($invoiceNumber, $amount, "Cliq", $proofText, $proofImageBase64);
    
    if (isset($aiResult['verified']) && $aiResult['verified'] === true) {
        $con->beginTransaction();
        $upd = $con->prepare("UPDATE cliq_invoices SET status = 'completed', updated_at = NOW() WHERE id = :id AND status = 'pending'");
        $upd->execute([':id' => $invoice['id']]);
        
        if ($upd->rowCount() > 0) {
            $finalizationResult = finalizeClickPayment($con, $invoice['id']); // assume finalizeClickPayment exists in finalize_payment.php or rename it
            if ($finalizationResult['success']) {
                $con->commit();
                echo json_encode(["status" => "success", "message" => "Payment verified and finalized."]);
            } else {
                $con->rollBack();
                echo json_encode(["status" => "error", "message" => "Verification succeeded but finalization failed."]);
            }
        } else {
             $con->rollBack();
             echo json_encode(["status" => "error", "message" => "Invoice already processed."]);
        }
    } else {
        $reason = $aiResult['reason'] ?? "AI rejected the proof.";
        echo json_encode(["status" => "failure", "message" => "Verification failed: $reason"]);
    }
    
} catch (Exception $e) {
    error_log("Error in cliq verify: " . $e->getMessage());
    echo json_encode(["status" => "error", "message" => "Server error occurred."]);
}
?>