<?php
require("../../include/variables.php");
require("../../include/init.php");
require("../../include/main-functions.php");


$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);

$rawData = file_get_contents('php://input');
$data = json_decode($rawData, true);

if (isset($data['id'])) {
    $id = $data['id'];

    $client_id = 'cc_classic_znsSCWtxQRTJJVFaGqBgIjCqdES0e';
    $client_secret = 'cc_sk_classic_WA2N5s5qZBk0aN0qozTfQh7RxXXjzFYa6JlYnRi7GNmQxIgeF1';

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, "https://api.sumup.com/token");
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
        'grant_type' => 'client_credentials',
        'client_id' => $client_id,
        'client_secret' => $client_secret
    ]));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    $response = curl_exec($ch);
    curl_close($ch);

    $responseData = json_decode($response, true);
    $access_token = $responseData['access_token'];

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, "https://api.sumup.com/v0.1/checkouts/$id");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
        "Authorization: Bearer $access_token",
        "Content-Type: application/json"
    ]);
    $response = curl_exec($ch);
    curl_close($ch);

    $responseData = json_decode($response, true);

    if (isset($responseData['id']) && $responseData['status'] == 'PAID') {
        $sqlRequest = "SELECT ID FROM checkouts WHERE reference = :reference";
        $request = $pdo->prepare($sqlRequest);
        $request->bindParam(":reference", $responseData['checkout_reference']);
        $request->execute();
        $result = $request->fetchAll(PDO::FETCH_ASSOC);
        if ($result) {
            exit();
        } else {
            $date = date('Y-m-d H:i:s', strtotime($responseData['date']));

            $description = $responseData['description'];
            $username = substr($description, strpos($description, '@') + 1);

            $request = $pdo->prepare("SELECT ID, email FROM users WHERE username = :username"); # Récupération de l'ID et l'email de l'utilisateur
            $request->bindParam(":username", $username);
            $request->execute();
            $userinfo = $request->fetchAll(PDO::FETCH_ASSOC);

            if (strpos($description, 'BUY') === 0) {
                // Récupérer les trois lettres après PAY
                $product = substr($description, 3, 3);
                $type = 2;
                $mailSubject = "Confirmation de paiement";
                
                // Vérifier le type d'article
                if ($product === 'ADH') {
                    $product_id = 1; // Article de type 1
                    $pay_action = "payé son adhésion de 1 EUR";
                    if ($userinfo) {
                        $sql = "SELECT club FROM adherents WHERE ID = :adherentID"; # Récupération de l'ID du club de l'adhérent
                        $clubIDStmt = $pdo->prepare($sql);
                        $clubIDStmt->bindParam(':adherentID', $userinfo[0]["ID"], PDO::PARAM_INT);
                        $clubIDStmt->execute();
                        $clubIDResult = $clubIDStmt->fetchAll(PDO::FETCH_ASSOC);
                        $clubFormatted = str_pad($clubIDResult[0]['club'], 2, "0", STR_PAD_LEFT); # Formattage du numéro de club (1 -> 01)
            
                        $sql = "SELECT ID FROM adherents WHERE memberid LIKE '59" . $clubFormatted . "%'";
                        $clubMemberIDStmt = $pdo->prepare($sql); # Récupération de la liste des adhérents dans le même club que l'adhérent
                        $clubMemberIDStmt->execute();
                        $clubMemberIDList = $clubMemberIDStmt->fetchAll(PDO::FETCH_ASSOC);
                        $clubMemberID = sizeof($clubMemberIDList) + 1; # Calcul du club member ID
            
                        $idFormatted = str_pad($clubMemberID, 2, "0", STR_PAD_LEFT);
                        $memberID = "59" . $clubFormatted . $idFormatted;

                        $request = $pdo->prepare("UPDATE adherents SET etape_adhesion = 3, memberid = :memberid WHERE userid = :userid");
                        $request->bindParam(":memberid", $memberID);
                        $request->bindParam(":userid", $userid[0]['ID']);
                        $request->execute();
                        $request = $pdo->prepare("UPDATE users SET role = 10 WHERE ID = :userid");
                        $request->bindParam(":userid", $userid[0]['ID']);
                        $request->execute();
                        $mailBody  = "Nous avons bien recu votre cotisation de 1 EUR. Votre carte membre est consultable à la page e59.fr/adhesion .";
                    }
                } else {
                    $product_id = null; // Cas où le type n'est pas ADH
                    $pay_action = "payé un truc à " . $responseData['amount'] . " EUR";
                    $mailBody = "Nous avons bien recu votre paiement de " . $responseData['amount'] . " EUR";
                }
            
            } elseif (strpos($description, 'DON') === 0) {
                // Article de type NULL pour les chaînes qui commencent par DON
                $product_id = null;
                $pay_action = "fait un don de " . $responseData['amount'] . " EUR";
                $type = 1;
                $mailSubject = "Merci pour votre don";
                $mailBody = "Nous vous remercions pour votre don de " . $responseData['amount'] . " EUR";
            } else {
                // Si la chaîne ne commence ni par PAY ni par DON
                $product_id = null;
            }
            
            // Récupérer le nom d'utilisateur après le @

            $request = $pdo->prepare("INSERT INTO checkouts (amount, reference, date, description, checkout_id, status, transaction_id, userid, type, product) VALUES (:amount, :reference, :date, :description, :checkout_id, :status, :transaction_id, :userid, :type, :product)");
            $request->bindParam(":amount", $responseData['amount']);
            $request->bindParam(":reference", $responseData['checkout_reference']);
            $request->bindParam(":date", $date);
            $request->bindParam(":description", $responseData['description']);
            $request->bindParam(":checkout_id", $responseData['id']);
            $request->bindParam(":status", $responseData['status']);
            $request->bindParam(":transaction_id", $responseData['transaction_id']);
            $request->bindParam(":userid", $userid[0]['ID']);
            $request->bindParam(":type", $type);
            $request->bindParam(":product", $product_id);
            $request->execute();

            $from = "sumup@e59.fr";
            $fromName = "Sumup E59";
            $to = "finances@e59.fr";
            $fromName = "Paiements E59";
            $subject = "Nouveau paiement";
            $body = "$username a $pay_action";
            $altbody = "$username a $pay_action";
            sendMail($from, $fromName, $to, $subject, $body, $altbody);
            $from = "no-reply@e59.fr";
            $fromName = "Association E59";
            $to = $userinfo[0]['email'];
            sendMail($from, $fromName, $to, $mailSubject, $mailBody, $mailBody);
        }
    }
}
?>