<?php
/**
 * Real-time Driver Location Tracker (Last 10 Days - Full Records)
 */

include_once("../../jwtconnect.php");

header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');

// API Key
$expected_api_key = getenv('LOCATION_SERVER_API_KEY');

function get_api_key()
{
    $headers = getallheaders();
    if (isset($headers['x-api-key']))
        return $headers['x-api-key'];
    if (isset($headers['X-API-KEY']))
        return $headers['X-API-KEY'];
    if (isset($_SERVER['HTTP_X_API_KEY']))
        return $_SERVER['HTTP_X_API_KEY'];
    return '';
}

$provided_api_key = get_api_key();

if ($provided_api_key !== $expected_api_key) {
    http_response_code(401);
    echo json_encode(['error' => 'Unauthorized access']);
    exit;
}

// 3. API Input (Optional days parameter, default 1)
$days = isset($_GET['days']) ? (int)$_GET['days'] : 1;
//if ($days < 1 || $days > 30) $days = 1;
if ($days < 1 || $days > 10) $days = 1;


// SQL
$sql = "
    SELECT *
    FROM car_tracks
    WHERE created_at >= NOW() - INTERVAL $days DAY
    ORDER BY created_at DESC
";

try {
    $stmt = $con->prepare($sql);
    $stmt->execute();

    // جلب كل النتائج دفعة واحدة
    $records = $stmt->fetchAll(PDO::FETCH_ASSOC);

    echo json_encode([
        'success' => true,
        'total_records' => count($records),
        'from' => date('Y-m-d H:i:s', strtotime("-$days days")),
        'to' => date('Y-m-d H:i:s'),
        'data' => $records
    ], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);

}
catch (PDOException $e) {
    http_response_code(500);
    echo json_encode([
        'error' => 'Database error',
        'details' => $e->getMessage()
    ]);
}