<?php
defined(page_security_key) or exit;

if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
}

include_once './assets/functions.php';
include_once './settings/settings_redirector.php';

$page = 'marketing';
//Check if allowed
if (isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
}

//PAGE Security
$update_allowed = isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'U');
$delete_allowed = isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'D');
$create_allowed = isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'C');

//GET PARAMETERS:
$current_folder = $_GET['folder'] ?? '';
$view_mode = $_GET['view'] ?? 'grid';
$search_term = $_GET['search'] ?? '';
$tag_filter = $_GET['tag'] ?? '';

// Handle AJAX API requests
if (isset($_GET['action'])) {
    $action = $_GET['action'];
    
    // Suppress errors for API responses to avoid HTML output breaking JSON
    error_reporting(0);
    ini_set('display_errors', 0);
    
    try {
        // Marketing folders
        if ($action === 'marketing_folders') {
            if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                // Pass through all POST data for create/update/delete
                $payload = [];
                
                // Always include id if present (for update/delete)
                if (isset($_POST['id'])) {
                    $payload['id'] = $_POST['id'];
                }
                
                // Include delete flag if present
                if (isset($_POST['delete'])) {
                    $payload['delete'] = $_POST['delete'];
                }
                
                // Only include other fields if they were sent
                if (isset($_POST['folder_name'])) {
                    $payload['folder_name'] = $_POST['folder_name'];
                }
                if (isset($_POST['parent_id'])) {
                    $payload['parent_id'] = $_POST['parent_id'];
                }
                if (isset($_POST['description'])) {
                    $payload['description'] = $_POST['description'];
                }
                
                $response = ioServer('/v2/marketing_folders', json_encode($payload));
            } else {
                // Get folders
                $get_values = urlGETdetails($_GET) ?? '';
                $response = ioServer('/v2/marketing_folders/' . $get_values, '');
            }
            header('Content-Type: application/json');
            echo $response;
            exit;
        }
        
        // Marketing files
        if ($action === 'marketing_files') {
            // Filter out 'page', 'action', and cache busting timestamp from GET parameters
            $filtered_params = $_GET;
            unset($filtered_params['page']);
            unset($filtered_params['action']);
            unset($filtered_params['_t']);
            
            $get_values = urlGETdetails($filtered_params) ?? '';
            // API expects path segments, not query string: /v2/marketing_files/params
            $api_url = '/v2/marketing_files/' . $get_values;
            $response = ioServer($api_url, '');
            header('Content-Type: application/json');
            echo $response;
            exit;
        }
        
        // Marketing tags
        if ($action === 'marketing_tags') {
            // Filter out 'page' and 'action' from GET parameters
            $get_values = urlGETdetails($_GET) ?? '';
            $response = ioServer('/v2/marketing_tags?' . $get_values, '');
            header('Content-Type: application/json');
            echo $response;
            exit;
        }
        
        // Marketing upload
        if ($action === 'marketing_upload' && $_SERVER['REQUEST_METHOD'] === 'POST') {
            if (isset($_FILES['file']) && $_FILES['file']['error'] === UPLOAD_ERR_OK && $_FILES['file']['size'] > 0) {
                // Use the uploaded file's temp path directly
                $temp_path = $_FILES['file']['tmp_name'];
                
                // Get actual MIME type from file content (more secure than trusting browser)
                $actual_mime_type = mime_content_type($temp_path);
                
                // Sanitize filename - remove path info and dangerous characters
                $safe_filename = basename($_FILES['file']['name']);
                $safe_filename = preg_replace('/[^a-zA-Z0-9._-]/', '_', $safe_filename);
                
                $fileData = [
                    'file' => new CURLFile($temp_path, $actual_mime_type, $safe_filename)
                ];
                
                $additionalData = $_POST; // Include any additional POST data
                
                $token = createCommunicationToken($_SESSION['authorization']['userkey']);
                
                $response = ioAPIv2_FileUpload('/v2/marketing_upload/', $fileData, $additionalData, $token);
                
                // No need to unlink since we didn't move the file
            } else {
                $response = json_encode(['error' => 'No file uploaded or upload error']);
            }
            header('Content-Type: application/json');
            echo $response;
            exit;
        }
        
        // Marketing delete
        if ($action === 'marketing_delete' && $_SERVER['REQUEST_METHOD'] === 'POST') {
            $payload = ['file_id' => $_POST['file_id'] ?? ''];
            $response = ioServer('/v2/marketing_delete', json_encode($payload));
            header('Content-Type: application/json');
            echo $response;
            exit;
        }
        
        // Marketing update
        if ($action === 'marketing_update' && $_SERVER['REQUEST_METHOD'] === 'POST') {
            $payload = ['file_id' => $_POST['file_id'] ?? ''];
            
            // Only include fields that were actually sent
            if (isset($_POST['title'])) {
                $payload['title'] = $_POST['title'];
            }
            if (isset($_POST['folder_id'])) {
                $payload['folder_id'] = $_POST['folder_id'];
            }
            if (isset($_POST['tags'])) {
                $payload['tags'] = $_POST['tags'];
            }
            
            $response = ioServer('/v2/marketing_update', json_encode($payload));
            header('Content-Type: application/json');
            echo $response;
            exit;
        }
    } catch (Exception $e) {
        header('Content-Type: application/json');
        http_response_code(500);
        echo json_encode(['error' => $e->getMessage()]);
        exit;
    }
}

template_header('Marketing', 'marketing');
?>

<link rel="stylesheet" href="./style/marketing.css">

<div class="content-title">
    <div class="title">
        <i class="fa-solid fa-rectangle-ad"></i>
        <div class="txt">
            <h2><?php echo $marketing_h2; ?></h2>
            <p><?php echo $marketing_p; ?></p>
        </div>
    </div>
</div>

<!-- Marketing File Management Interface -->
<div class="marketing-container">
    
    <!-- Toolbar -->
    <div class="marketing-toolbar">
        <div class="toolbar-left">
            <?php if ($create_allowed === 1): ?>
            <button id="uploadBtn" class="btn btn-primary">
                <i class="fa fa-upload"></i>
            </button>
            <button id="createFolderBtn" class="btn btn-secondary">
                <i class="fa fa-folder-plus"></i>
            </button>
            <?php endif; ?>
        </div>

        
        <div class="toolbar-right">
            <!-- Search and Filters -->
            <div class="search-container">
                <input type="text" id="searchInput" class="search-input" placeholder="Search files..." value="<?php echo htmlspecialchars($search_term); ?>">
                <i class="fa fa-search search-icon"></i>
            </div>
            
            <select id="tagFilter" class="filter-select">
                <option value="">All Tags</option>
            </select>
            
            <div class="view-toggle">
                <button id="gridViewBtn" class="view-btn <?php echo $view_mode === 'grid' ? 'active' : ''; ?>">
                    <i class="fa fa-th-large"></i>
                </button>
                <button id="listViewBtn" class="view-btn <?php echo $view_mode === 'list' ? 'active' : ''; ?>">
                    <i class="fa fa-list"></i>
                </button>
            </div>
        </div>
    </div>
    
    <!-- Content Area -->
    <div class="marketing-content">
        
        <!-- Sidebar -->
        <div class="marketing-sidebar">
            <div class="sidebar-section">
                <h3>Folders</h3>
                <div id="folderTree" class="folder-tree">
                    <!-- Folder tree will be loaded here -->
                </div>
            </div>
            
            <div class="sidebar-section">
                <h3>File Types</h3>
                <div class="file-type-filters">
                    <div class="filter-item">
                        <input type="checkbox" id="filterImages" value="jpg,jpeg,png,gif,webp">
                        <label for="filterImages">
                            <i class="fa fa-image"></i> Images
                        </label>
                    </div>
                    <div class="filter-item">
                        <input type="checkbox" id="filterDocuments" value="pdf,doc,docx">
                        <label for="filterDocuments">
                            <i class="fa fa-file-text"></i> Documents
                        </label>
                    </div>
                    <div class="filter-item">
                        <input type="checkbox" id="filterSpreadsheets" value="xls,xlsx">
                        <label for="filterSpreadsheets">
                            <i class="fa fa-file-excel"></i> Spreadsheets
                        </label>
                    </div>
                    <div class="filter-item">
                        <input type="checkbox" id="filterVideos" value="mp4,mov,avi">
                        <label for="filterVideos">
                            <i class="fa fa-file-video"></i> Videos
                        </label>
                    </div>
                </div>
            </div>
        </div>
        
        <!-- Main Content -->
        <div class="marketing-main">
            
            <!-- Files Grid -->
            <div id="filesContainer" class="files-container <?php echo $view_mode; ?>-view">
                <!-- Files will be loaded here -->
            </div>
            
            <!-- Loading Indicator -->
            <div id="loadingIndicator" class="loading-indicator">
                <i class="fa fa-spinner fa-spin"></i>
                <span>Loading files...</span>
            </div>
            
            <!-- Empty State -->
            <div id="emptyState" class="empty-state" style="display: none;">
                <i class="fa fa-folder-open"></i>
                <h3>No files found</h3>
                <p>Upload your first file to get started</p>
            </div>
            
        </div>
        
    </div>
    
</div>

<!-- Upload Modal -->
<?php if ($create_allowed === 1): ?>
<div id="uploadModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            <h3>Upload Files</h3>
            <button class="modal-close">&times;</button>
        </div>
        <div class="modal-body">
            <div class="upload-area" id="uploadArea">
                <div class="upload-icon">
                    <i class="fa fa-cloud-upload"></i>
                </div>
                <h4>Drag & Drop Files Here</h4>
                <p>or <button class="browse-btn" id="browseBtn">Browse Files</button></p>
                <input type="file" id="fileInput" multiple accept="image/*,.pdf,.doc,.docx,.xls,.xlsx,.mp4,.mov,.avi">
            </div>
            
            <div id="uploadQueue" class="upload-queue">
                <!-- Upload queue items will appear here -->
            </div>
            
            <div class="upload-options">
                <div class="form-group">
                    <label for="uploadFolder">Upload to Folder:</label>
                    <select id="uploadFolder" class="form-control">
                        <option value="">Root Folder</option>
                    </select>
                </div>
                
                <div class="form-group">
                    <label for="uploadTags">Tags (comma separated):</label>
                    <input type="text" id="uploadTags" class="form-control" placeholder="marketing, brochure, product">
                </div>
            </div>
        </div>
        <div class="modal-footer">
            <button id="startUpload" class="btn btn-primary" disabled>
                <i class="fa fa-upload"></i>
            </button>
            <button class="modal-cancel btn btn-secondary">X</button>
        </div>
    </div>
</div>
<?php endif; ?>

<!-- Create Folder Modal -->
<?php if ($create_allowed === 1): ?>
<div id="folderModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            <h3>Create New Folder</h3>
            <button class="modal-close">&times;</button>
        </div>
        <div class="modal-body">
            <div class="form-group">
                <label for="folderName">Folder Name:</label>
                <input type="text" id="folderName" class="form-control" placeholder="Enter folder name">
            </div>
            
            <div class="form-group">
                <label for="parentFolder">Parent Folder:</label>
                <select id="parentFolder" class="form-control">
                    <option value="">Root Folder</option>
                </select>
            </div>
            
            <div class="form-group">
                <label for="folderDescription">Description:</label>
                <textarea id="folderDescription" class="form-control" rows="3" placeholder="Optional description"></textarea>
            </div>
        </div>
        <div class="modal-footer">
            <button id="createFolder" class="btn btn-primary">
                <i class="fa fa-folder-plus"></i>
            </button>
            <button class="modal-cancel btn btn-secondary">X</button>
        </div>
    </div>
</div>
<?php endif; ?>

<!-- File Preview Modal -->
<div id="previewModal" class="modal preview-modal">
    <div class="modal-content">
        <div class="modal-header">
            <h3 id="previewTitle">File Preview</h3>
            <button class="modal-close">&times;</button>
        </div>
        <div class="modal-body">
            <div id="previewContent" class="preview-content">
                <!-- Preview content will be loaded here -->
            </div>
        </div>
        <div class="modal-footer">
            <button id="downloadFile" class="btn btn-primary">
                <i class="fa fa-download"></i>
            </button>
            <?php if ($delete_allowed === 1): ?>
            <button id="deleteFile" class="btn btn-danger">
                <i class="fa fa-trash"></i>
            </button>
            <?php endif; ?>
        </div>
    </div>
</div>

<!-- Edit File Modal -->
<?php if ($update_allowed === 1): ?>
<div id="editModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            <h3>Edit File</h3>
            <button class="modal-close">&times;</button>
        </div>
        <div class="modal-body">
            <div class="form-group">
                <label for="editTitle">Title:</label>
                <input type="text" id="editTitle" class="form-control" placeholder="Enter file title">
            </div>
            
            <div class="form-group">
                <label for="editFolder">Folder:</label>
                <select id="editFolder" class="form-control">
                    <option value="">Root Folder</option>
                </select>
            </div>
            
            <div class="form-group">
                <label for="editTags">Tags (comma separated):</label>
                <input type="text" id="editTags" class="form-control" placeholder="marketing, brochure, product">
            </div>
        </div>
        <div class="modal-footer">
            <button id="saveEdit" class="btn btn-primary">
                <i class="fa fa-save"></i>
            </button>
            <button class="modal-cancel btn btn-secondary">X</button>
        </div>
    </div>
</div>
<?php endif; ?>

<!-- Edit Folder Modal -->
<?php if ($update_allowed === 1): ?>
<div id="editFolderModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            <h3>Edit Folder</h3>
            <button class="modal-close">&times;</button>
        </div>
        <div class="modal-body">
            <div class="form-group">
                <label for="editFolderName">Folder Name:</label>
                <input type="text" id="editFolderName" class="form-control" placeholder="Enter folder name">
            </div>
            
            <div class="form-group">
                <label for="editParentFolder">Parent Folder:</label>
                <select id="editParentFolder" class="form-control">
                    <option value="">Root Folder</option>
                </select>
            </div>
            
            <div class="form-group">
                <label for="editFolderDescription">Description:</label>
                <textarea id="editFolderDescription" class="form-control" rows="3" placeholder="Optional description"></textarea>
            </div>
        </div>
        <div class="modal-footer">
            <button id="saveEditFolder" class="btn btn-primary">
                <i class="fa fa-save"></i>
            </button>
            <?php if ($delete_allowed === 1): ?>
            <button id="deleteFolder" class="btn btn-danger">
                <i class="fa fa-trash"></i>
            </button>
            <?php endif; ?>
            <button class="modal-cancel btn btn-secondary">X</button>
        </div>
    </div>
</div>
<?php endif; ?>

<script src="./assets/marketing.js"></script>
<script>
// Pass PHP permissions to JavaScript
window.marketingPermissions = {
    canCreate: <?php echo $create_allowed; ?>,
    canUpdate: <?php echo $update_allowed; ?>,
    canDelete: <?php echo $delete_allowed; ?>
};
</script>

<?php
template_footer();
?>