<?php
include "../../connect.php";

try {
    // ✅ قراءة والتحقق من الإحداثيات
    $southwestLat = filterRequest("southwestLat");
    $southwestLon = filterRequest("southwestLon");
    $northeastLat = filterRequest("northeastLat");
    $northeastLon = filterRequest("northeastLon");

    if ($southwestLat === false || $southwestLon === false ||
        $northeastLat === false || $northeastLon === false) {
        printFailure("Invalid coordinates provided");
        exit;
    }

    // ⏱️ نافذة زمنية ثابتة (ثواني)
    $freshSeconds = 180; // 3 دقائق — عدّلها إذا لزم

    // ✅ الاستعلام الآمن والمهيأ
    $sql = "
    SELECT
        cl.driver_id,
        cl.latitude,
        cl.longitude,
        cl.heading,
        cl.speed,
        cl.status,
        cl.created_at,
        cl.updated_at,
        d.phone,
        d.email,
        d.birthdate,
        d.first_name,
        d.last_name,
        d.gender,
        d.maritalStatus,
        cr.make,
        cr.car_plate,
        cr.model,
        cr.color,
        cr.vin,
        cr.color_hex,
        cr.year,
        dt.token,
        COALESCE(rdAvg.ratingDriver, 0) AS ratingDriver,
        COALESCE(rdAvg.ratingCount, 0)   AS ratingCount
    FROM car_locations cl
    LEFT JOIN driver           d   ON d.id          = cl.driver_id
    LEFT JOIN CarRegistration  cr  ON cr.driverID   = cl.driver_id
    LEFT JOIN driverToken      dt  ON dt.captain_id = cl.driver_id
    LEFT JOIN (
        SELECT driver_id, AVG(rating) AS ratingDriver, COUNT(*) AS ratingCount
        FROM ratingDriver
        GROUP BY driver_id
    ) rdAvg ON rdAvg.driver_id = cl.driver_id
    WHERE
        cl.latitude  BETWEEN :southwestLat AND :northeastLat
        AND cl.longitude BETWEEN :southwestLon AND :northeastLon
        AND cl.status = 'off'
        AND cl.updated_at >= NOW() - INTERVAL :freshSeconds SECOND
        -- ⛓️ اختيار فقط الدراجات
        AND (cr.make LIKE '%دراج%' OR cr.model LIKE '%دراج%')
    ORDER BY
        ratingDriver DESC,    -- ⭐ أولاً الأعلى تقييماً
        ratingCount  DESC,    -- ثم الأكثر حصولاً على تقييمات
        cl.updated_at DESC    -- ثم الأحدث تحديثاً كفاصل
    LIMIT 10
    ";

    $stmt = $con->prepare($sql);
    $stmt->bindValue(':southwestLat',  $southwestLat);
    $stmt->bindValue(':southwestLon',  $southwestLon);
    $stmt->bindValue(':northeastLat',  $northeastLat);
    $stmt->bindValue(':northeastLon',  $northeastLon);
    $stmt->bindValue(':freshSeconds',  $freshSeconds, PDO::PARAM_INT);
    $stmt->execute();

    $car_locations = $stmt->fetchAll(PDO::FETCH_ASSOC);

    if (!$car_locations) {
        printFailure("No car locations found");
        exit;
    }

    // ✅ فك التشفير (مع حماية الأخطاء)
    $fieldsToDecrypt = [
        'phone','email','gender','birthdate',
        'first_name','last_name','maritalStatus',
        'token','make','car_plate','vin'
    ];

    foreach ($car_locations as &$row) {
        foreach ($fieldsToDecrypt as $field) {
            if (isset($row[$field]) && $row[$field] !== null && $row[$field] !== '') {
                try {
                    $row[$field] = $encryptionHelper->decryptData($row[$field]);
                } catch (Exception $e) {
                    $row[$field] = null; // تجاهل فشل فك التشفير
                }
            }
        }

        // ✅ حساب العمر بعد فك التشفير
        if (!empty($row['birthdate'])) {
            try {
                $birthDate = new DateTime($row['birthdate']);
                $today     = new DateTime();
                $row['age'] = $today->diff($birthDate)->y;
            } catch (Exception $e) {
                $row['age'] = null;
            }
        } else {
            $row['age'] = null;
        }
    }
    unset($row);

    printSuccess($car_locations);

} catch (PDOException $e) {
    printFailure("Database error: " . $e->getMessage());
} catch (Throwable $e) {
    printFailure("Internal error: " . $e->getMessage());
}