<?php
header('Content-Type: application/json');

include('include/headscript.php');
error_reporting(E_ALL);
ini_set('display_errors', 1);

$dataURL = $_POST['dataURL'] ?? null;
$filename = $_POST['filename'] ?? null;
$idquotations = $_POST['idquotations'] ?? null;

if (!$dataURL || !$filename || !$idquotations) {
    echo json_encode(['success' => false, 'message' => 'Dati mancanti']);
    exit;
}

try {
    // Verifica che idquotations esista nella tabella quotations
    $dbHandler = DBHandlerSelect::getInstance();
    $pdo = $dbHandler->getConnection();
    $stmt = $pdo->prepare("SELECT idquotations FROM quotations WHERE idquotations = :idquotations");
    $stmt->execute([':idquotations' => $idquotations]);
    if (!$stmt->fetch()) {
        echo json_encode(['success' => false, 'message' => 'idquotations non valido']);
        exit;
    }

    // Salva l'immagine
    $data = explode(',', $dataURL)[1];
    $decodedData = base64_decode($data);

    $dirPath = '../photostrf/annotated';
    if (!file_exists($dirPath)) {
        mkdir($dirPath, 0777, true);
    }

    $filePath = $dirPath . '/' . $filename;
    file_put_contents($filePath, $decodedData);

    // Registra nel database
    $stmt = $pdo->prepare("
        INSERT INTO datadb_photos (idquotations, file_path, file_name, uploaded_at, uploaded_by)
        VALUES (:idquotations, :file_path, :file_name, NOW(), :uploaded_by)
    ");
    $stmt->execute([
        ':idquotations' => $idquotations,
        ':file_path' => $filePath,
        ':file_name' => $filename,
        ':uploaded_by' => $iduserlogin
    ]);

    echo json_encode([
        'success' => true,
        'file_path' => $filePath,
        'message' => 'Foto salvata con successo e registrata nel DB'
    ]);
} catch (Exception $e) {
    echo json_encode(['success' => false, 'message' => 'Errore: ' . $e->getMessage()]);
}