<?php
// Session Start + LINK variable ----------------------------------------------------------------------
session_start();
$pdo = new PDO("mysql:host=127.0.0.1;dbname=janya763""janya763""vOOxhXUhWhgCPWFC");

// ---------------------------------------------------------------------------------------------------

// Logout check --------------------------------------------------------------------------------------
if (isset($_GET["page"])) {
    if ($_GET["page"] == "logout") {
        session_unset();
        session_destroy();
        header("Location: index.php");
        exit();
    } else if ($_GET["page"] == "plans") {
        header("Location: Pages/plan.php");
    } else if ($_GET["page"] == "films") {
        header("Location: Pages/film.php");
    } else if ($_GET["page"] == "users") {
        header("Location: Pages/user.php");
    } else if ($_GET["page"] == "timeslots") {
        header("Location: Pages/timeslot.php");
    } else if ($_GET["page"] == "extras") {
        header("Location: Pages/extra.php");
    } else if ($_GET["page"] == "my_slots") {
        header("Location: Pages/register.php");
    } else if ($_GET["page"] == "calendar") {
        header("Location: Pages/calendar.php");
    } else if ($_GET["page"] == "profile") {
        header("Location: Pages/profile.php");
    }
}

// ---------------------------------------------------------------------------------------------------

// Login check ---------------------------------------------------------------------------------------
if (isset($_POST["login_data"])) {
    $usernameTemp $_POST["email"];
    $password $_POST["password"];

    // Prepare and execute the statement
    $stmt $pdo->prepare("SELECT passwd," .
        " is_admin, is_active FROM User WHERE username = ?");
    $stmt->execute([$usernameTemp]);

    // Fetch the result
    $user $stmt->fetch(PDO::FETCH_ASSOC);

    if ($user) {
        $databasePassword $user['passwd'];
        $isAdmin $user['is_admin'];
        $isActive $user['is_active'];

        if (password_verify($password$databasePassword) && $databasePassword != "") {
            if ($isActive == 0) {
                $_POST["password"] = "Account not active";
            } else {
                $_SESSION["username"] = $usernameTemp;
                $_SESSION["is_admin"] = $isAdmin;
            }
        } else {
            $_POST["password"] = "Wrong password";
        }
    } else {
        $_POST["password"] = "User not found";
    }
}


// ---------------------------------------------------------------------------------------------------
?>
<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" href="Styles/style.css">
    <title>CinΓ© Le Paris</title>
</head>

<body>
    <?php
    if (session_status() == PHP_SESSION_ACTIVE && !isset($_SESSION["username"])) {
        ?>
        <div class=" login_overlay">
            <?php
            include "Pages/login.php";
            ?>
        </div>
        <?php
    } elseif (session_status() == PHP_SESSION_ACTIVE && isset($_SESSION["username"])) {
        ?>
        <header>
            <nav>
                <h1>Welcome, <?= $_SESSION["username"?></h1>
                <h1><a href="?page=logout">Logout</a></h1>
            </nav>
        </header>
        <div id="dashboard">

            <?php
            if ($_SESSION["is_admin"] == 0) {
                $userItems = [
                    ["label" => "My Plans""page" => "my_plans""icon" => "πŸ“…"],
                    ["label" => "My Registrations""page" => "my_slots""icon" => "πŸ“"],
                    ["label" => "My Calendar""page" => "calendar""icon" => "πŸ“†"],
                    ["label" => "My Profile""page" => "profile""icon" => "πŸ‘€"]
                ];
                foreach ($userItems as $item) {
                    ?>
                    <div class="dash_container">
                        <h1><?= $item["icon"] . " " htmlspecialchars($item["label"]) ?></h1>
                        <a href="?page=<?= urlencode($item["page"]) ?>" class="dash_link">Open &gt;</a>
                    </div>
                    <?php
                }
            } else {
                $adminItems = [
                    ["label" => "Manage Plans""page" => "plans""icon" => "πŸ“…"],
                    ["label" => "Manage Users""page" => "users""icon" => "πŸ‘€"],
                    ["label" => "Manage Films""page" => "films""icon" => "🎬"],
                    ["label" => "Manage Timeslots""page" => "timeslots""icon" => "⏰"],
                    ["label" => "Manage Extras""page" => "extras""icon" => "✨"],
                    ["label" => "My Plans""page" => "plans""icon" => "πŸ“…"],
                    ["label" => "My Registrations""page" => "my_slots""icon" => "πŸ“"],
                    ["label" => "My Calendar""page" => "calendar""icon" => "πŸ“†"],
                    ["label" => "My Profile""page" => "profile""icon" => "πŸ‘€"]
                ];
                foreach ($adminItems as $item) {
                    ?>
                    <div class="dash_container">
                        <h1><?= $item["icon"] . " " htmlspecialchars($item["label"]) ?></h1>
                        <a href="?page=<?= urlencode($item["page"]) ?>" class="dash_link">Open &gt;</a>
                    </div>
                    <?php
                }
            }
    }
    ?>
    </div>
</body>

</html>