<?php

declare(strict_types=1);

require_once __DIR__ . '/_bootstrap.php'; // $pdo, $iduserlogin

try {
    // Optional: school_id filter if you later add it to the table
    // $school_id = isset($_GET['school_id']) ? (int)$_GET['school_id'] : 0;

    $stmt = $pdo->prepare("
        SELECT id, filename, stored_path, document_name, expiry_date, uploaded_at, notes
        FROM user_medical_certificates
        WHERE user_id = ?
        ORDER BY uploaded_at DESC
    ");
    $stmt->execute([$iduserlogin]);
    $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);

    $now = new DateTimeImmutable('now', new DateTimeZone('Europe/Rome'));

    $certs = array_map(function (array $c) use ($now): array {
        $expiry = !empty($c['expiry_date']) ? new DateTimeImmutable($c['expiry_date']) : null;
        $isExpired = $expiry ? ($expiry < $now->setTime(0, 0)) : false;

        return [
            'id' => (int)$c['id'],
            'document_name' => (string)($c['document_name'] ?? ''),
            'filename' => (string)($c['filename'] ?? ''),
            'stored_path' => (string)($c['stored_path'] ?? ''),
            'file_url' => '/' . ltrim((string)($c['stored_path'] ?? ''), '/'),
            'uploaded_at' => $c['uploaded_at'],
            'expiry_date' => $c['expiry_date'],
            'is_expired' => $isExpired,
            'notes' => $c['notes'] ?? null,
        ];
    }, $rows);

    echo json_encode([
        'success' => true,
        'count' => count($certs),
        'certificates' => $certs
    ], JSON_UNESCAPED_UNICODE);
} catch (Throwable $e) {
    http_response_code(500);
    echo json_encode(['success' => false, 'message' => 'Server error.', 'error' => $e->getMessage()]);
}