<?php

require_once __DIR__ . '/../connect.php';

$email = filterRequest('email');
$phone = filterRequest('phone');
$password = filterRequest('password');

// Hash the password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);

$sql = "SELECT
    passengers.`id`,
    passengers.`phone`,
    passengers.`email`,
    passengers.`password`,
    passengers.`gender`,
    passengers.`birthdate`,
    passengers.`site`,
    passengers.`first_name`,
    passengers.`last_name`,
    passengers.`education`,
    passengers.`employmentType`,
    passengers.`maritalStatus`,
    passengers.`created_at`,
    passengers.`updated_at`,
    email_verifications.verified
FROM
    `passengers`
LEFT JOIN email_verifications ON email_verifications.email = passengers.email
WHERE
    passengers.phone = :phone AND passengers.email = :email ";
$stmt = $con->prepare($sql);
$stmt->bindParam(':email', $email);
$stmt->bindParam(':phone', $phone);
$stmt->execute();
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
$count = $stmt->rowCount();

if ($count > 0) {
    $stored_password = $data[0]['password'];
    if (password_verify($password, $stored_password)) {
        unset($data[0]['password']);
        echo json_encode([
            "status" => "success",
            "count" => $count,
            "data" => $data
        ]);
    } else {
        // The password is incorrect
        echo json_encode([
            "status" => "Failure",
            "data" => "Incorrect password."
        ]);
        // jsonError("Incorrect password.");
    }
} else {
    // The user does not exist
    echo json_encode([
            "status" => "Failure",
            "data" => "User does not exist."
        ]);
    // jsonError("User does not exist.");
}
$conn->close();

?>