<?php
header('Content-Type: application/json');
$method = $_SERVER['REQUEST_METHOD'];

try {
    if (!file_exists("../lib/mydb.php")) {
        throw new Exception("Required library file ../lib/mydb.php not found.");
    }
    require_once("../lib/mydb.php");

    $pdo = db_connect();

    switch ($method) {
        case 'GET':
            handleGet($pdo);
            break;
        case 'POST':
            handlePost($pdo);
            break;
        case 'PUT':
            handlePut($pdo);
            break;
        case 'DELETE':
            handleDelete($pdo);
            break;
        default:
            http_response_code(405);
            echo json_encode(['error' => 'Method not allowed']);
            break;
    }
} catch (Throwable $e) {
    http_response_code(500);
    echo json_encode([
        'error' => 'Backend Error',
        'message' => $e->getMessage(),
        'hint' => 'Check if the database table exists by running init_db.php'
    ]);
}

function handleGet($pdo) {
    if (isset($_GET['id'])) {
        $stmt = $pdo->prepare("SELECT * FROM barobill_members WHERE id = ?");
        $stmt->execute([$_GET['id']]);
        echo json_encode($stmt->fetch(PDO::FETCH_ASSOC));
    } else {
        $stmt = $pdo->query("SELECT * FROM barobill_members ORDER BY created_at DESC");
        echo json_encode(['members' => $stmt->fetchAll(PDO::FETCH_ASSOC)]);
    }
}

function handlePost($pdo) {
    $data = json_decode(file_get_contents('php://input'), true);
    
    // Simple duplicate check
    $check = $pdo->prepare("SELECT id FROM barobill_members WHERE biz_no = ?");
    $check->execute([$data['bizNo']]);
    if ($check->fetch()) {
        http_response_code(400);
        echo json_encode(['error' => 'Business number already registered.']);
        return;
    }

    try {
        $stmt = $pdo->prepare("INSERT INTO barobill_members 
            (biz_no, corp_name, ceo_name, addr, biz_type, biz_class, barobill_id, barobill_pwd, manager_name, manager_email, manager_hp) 
            VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
        
        $stmt->execute([
            $data['bizNo'],
            $data['corpName'],
            $data['ceoName'],
            $data['addr'],
            $data['bizType'],
            $data['bizClass'],
            $data['id'],
            password_hash($data['pwd'], PASSWORD_DEFAULT), // Note: In real API, pwd might not be stored like this or handled by Barobill
            $data['managerName'],
            $data['managerEmail'],
            $data['managerHP']
        ]);
        
        echo json_encode(['success' => true, 'id' => $pdo->lastInsertId()]);
    } catch (Exception $e) {
        http_response_code(500);
        echo json_encode(['error' => $e->getMessage()]);
    }
}

function handlePut($pdo) {
    $data = json_decode(file_get_contents('php://input'), true);
    if (!isset($data['id'])) {
        http_response_code(400);
        echo json_encode(['error' => 'Missing member ID']);
        return;
    }

    try {
        $stmt = $pdo->prepare("UPDATE barobill_members SET 
            corp_name = ?, ceo_name = ?, addr = ?, biz_type = ?, biz_class = ?, 
            manager_name = ?, manager_email = ?, manager_hp = ? 
            WHERE id = ?");
        
        $stmt->execute([
            $data['corpName'],
            $data['ceoName'],
            $data['addr'],
            $data['bizType'],
            $data['bizClass'],
            $data['managerName'],
            $data['managerEmail'],
            $data['managerHP'],
            $data['id']
        ]);
        
        echo json_encode(['success' => true]);
    } catch (Exception $e) {
        http_response_code(500);
        echo json_encode(['error' => $e->getMessage()]);
    }
}

function handleDelete($pdo) {
    $id = $_GET['id'] ?? null;
    if (!$id) {
        http_response_code(400);
        echo json_encode(['error' => 'Missing member ID']);
        return;
    }

    try {
        $stmt = $pdo->prepare("DELETE FROM barobill_members WHERE id = ?");
        $stmt->execute([$id]);
        echo json_encode(['success' => true]);
    } catch (Exception $e) {
        http_response_code(500);
        echo json_encode(['error' => $e->getMessage()]);
    }
}