<?php
// ============================================================
// create_tester_driver.php
// إنشاء أو تحديث مستخدم فاحص (Tester) خاص بمراجعي المتاجر
// ============================================================

require_once __DIR__ . '/../../core/bootstrap.php';

// يمكن استقبال المتغيرات عبر الـ POST/GET أو استخدام قيم افتراضية آمنة
$email = filterRequest('email') ?? 'review_tester@siromove.com';
$password = filterRequest('password') ?? 'SiroTester2026!';
$phone = filterRequest('phone') ?? '962790000000';
$firstName = filterRequest('first_name') ?? 'فاحص';
$lastName = filterRequest('last_name') ?? 'المتجر';
$gender = 'Male';
$birthdate = '1995-01-01';
$site = 'Jordan';
$status = 'actives'; // تفعيل مباشر

if (empty($email) || empty($password) || empty($phone)) {
    jsonError("Missing required parameters: email, password, phone");
}

try {
    $con = Database::get('main');
    $con->beginTransaction();

    // 1. تشفير البيانات الحساسة للحفاظ على خصوصيتها وتطابق الهيكل
    $encryptedEmail = $encryptionHelper->encryptData($email);
    $encryptedPhone = $encryptionHelper->encryptData($phone);
    $encryptedFirstName = $encryptionHelper->encryptData($firstName);
    $encryptedLastName = $encryptionHelper->encryptData($lastName);
    $encryptedGender = $encryptionHelper->encryptData($gender);
    $encryptedBirthdate = $encryptionHelper->encryptData($birthdate);
    $encryptedSite = $encryptionHelper->encryptData($site);
    
    // تشفير كلمة المرور باستخدام BCRYPT
    $hashedPassword = password_hash($password, PASSWORD_BCRYPT);

    // 2. التحقق من وجود المستخدم مسبقاً
    $stmtCheck = $con->prepare("SELECT id FROM driver WHERE email = :email LIMIT 1");
    $stmtCheck->execute([':email' => $encryptedEmail]);
    $existingDriver = $stmtCheck->fetch(PDO::FETCH_ASSOC);

    if ($existingDriver) {
        $driverId = $existingDriver['id'];
        
        // تحديث الحساب الحالي
        $sqlDriver = "UPDATE `driver` SET
                        `phone` = :phone,
                        `password` = :password,
                        `gender` = :gender,
                        `birthdate` = :birthdate,
                        `site` = :site,
                        `first_name` = :first_name,
                        `last_name` = :last_name,
                        `status` = :status
                      WHERE `id` = :driverId";
                      
        $stmtDriver = $con->prepare($sqlDriver);
        $stmtDriver->execute([
            ':phone' => $encryptedPhone,
            ':password' => $hashedPassword,
            ':gender' => $encryptedGender,
            ':birthdate' => $encryptedBirthdate,
            ':site' => $encryptedSite,
            ':first_name' => $encryptedFirstName,
            ':last_name' => $encryptedLastName,
            ':status' => $status,
            ':driverId' => $driverId
        ]);
        $action = "updated";
    } else {
        // توليد معرّف فريد جديد
        $driverId = bin2hex(random_bytes(8)); // 16-char hex ID
        
        // إدراج حساب سائق جديد
        $sqlDriver = "INSERT INTO `driver` 
                        (id, phone, email, password, gender, birthdate, site, first_name, last_name, status, bankCode, accountBank)
                      VALUES 
                        (:driverId, :phone, :email, :password, :gender, :birthdate, :site, :first_name, :last_name, :status, 'CIB', 'yet')";
                        
        $stmtDriver = $con->prepare($sqlDriver);
        $stmtDriver->execute([
            ':driverId' => $driverId,
            ':phone' => $encryptedPhone,
            ':email' => $encryptedEmail,
            ':password' => $hashedPassword,
            ':gender' => $encryptedGender,
            ':birthdate' => $encryptedBirthdate,
            ':site' => $encryptedSite,
            ':first_name' => $encryptedFirstName,
            ':last_name' => $encryptedLastName,
            ':status' => $status
        ]);
        $action = "created";
    }

    // 3. التحقق وتفعيل رقم الهاتف في جدول phone_verification
    $stmtPVCheck = $con->prepare("SELECT id FROM phone_verification WHERE phone_number = :phone LIMIT 1");
    $stmtPVCheck->execute([':phone' => $phone]);
    $pvRecord = $stmtPVCheck->fetch(PDO::FETCH_ASSOC);

    if ($pvRecord) {
        $stmtPV = $con->prepare("UPDATE phone_verification SET is_verified = 1, driverId = :driverId WHERE phone_number = :phone");
        $stmtPV->execute([':driverId' => $driverId, ':phone' => $phone]);
    } else {
        $stmtPV = $con->prepare("INSERT INTO phone_verification (phone_number, driverId, email, is_verified) VALUES (:phone, :driverId, :email, 1)");
        $stmtPV->execute([':phone' => $phone, ':driverId' => $driverId, ':email' => $email]);
    }

    // 4. إضافة أو تحديث سيارة مرافقة لتجاوز فحص الكابتن بدون سيارة
    $stmtCarCheck = $con->prepare("SELECT id FROM CarRegistration WHERE driverID = :driverId LIMIT 1");
    $stmtCarCheck->execute([':driverId' => $driverId]);
    $carRecord = $stmtCarCheck->fetch(PDO::FETCH_ASSOC);

    if ($carRecord) {
        $sqlCar = "UPDATE CarRegistration SET
                    make = 'تويوتا',
                    model = 'راف',
                    year = 2019,
                    color = 'أبيض',
                    owner = 'Siro LLC',
                    expiration_date = '2030-01-01',
                    status = 'actives'
                   WHERE driverID = :driverId";
        $stmtCar = $con->prepare($sqlCar);
        $stmtCar->execute([':driverId' => $driverId]);
    } else {
        $sqlCar = "INSERT INTO CarRegistration 
                    (driverID, vin, car_plate, make, model, year, expiration_date, color, owner, color_hex, fuel, isDefault, status)
                   VALUES 
                    (:driverId, 'TESTER_VIN', 'TEST-PLATE', 'تويوتا', 'راف', 2019, '2030-01-01', 'أبيض', 'Siro LLC', '#FFFFFF', 'Petrol', 1, 'actives')";
        $stmtCar = $con->prepare($sqlCar);
        $stmtCar->execute([':driverId' => $driverId]);
    }

    $con->commit();

    echo json_encode([
        "status" => "success",
        "message" => "Tester driver successfully $action.",
        "details" => [
            "driver_id" => $driverId,
            "email" => $email,
            "password" => $password,
            "phone" => $phone,
            "status" => $status
        ]
    ], JSON_UNESCAPED_UNICODE);

} catch (Exception $e) {
    if (isset($con)) {
        $con->rollBack();
    }
    error_log("[Create Tester Driver Error] " . $e->getMessage());
    jsonError("Server error: " . $e->getMessage());
}
?>