<?php
require_once __DIR__ . '/../../connect.php';

$phone_number = filterRequest("phone_number");
$token_code = filterRequest("token_code");

$encryptedPhone = $encryptionHelper->encryptData($phone_number);
$encryptedToken = $encryptionHelper->encryptData($token_code);

// Check if the phone number and token code match
$sql = "SELECT
    `id`,
    `phone_number`,
    `token_code`,
    `expiration_time`,
    `is_verified`,
    `created_at`
FROM
    `phone_verification`
WHERE
    `phone_number` = :phone_number AND `token_code` = :token_code -- AND `expiration_time` > NOW()";
$stmt = $con->prepare($sql);
$stmt->bindParam(':phone_number', $encryptedPhone, PDO::PARAM_STR);
$stmt->bindParam(':token_code', $encryptedToken, PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetch();

if ($result) {
    // $id = $result["id"];
    $sql = "UPDATE `phone_verification` SET `is_verified` = 1 WHERE `phone_number` = :phone_number";
    $stmt = $con->prepare($sql);
    $stmt->bindParam(':phone_number', $phone_number, PDO::PARAM_STR);
    $stmt->execute();

    jsonSuccess($message = "Your phone number has been verified.");
} else {
    jsonError($message = "Your phone number could not be verified. Please try again.");
}
?>