<?php
defined($security_key) or exit;

//------------------------------------------
// Marketing Files Delete
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);

//CONTENT FROM API (POST)
$post_content = json_decode($input,true);

//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}

//default whereclause
list($whereclause,$condition) = getWhereclauselvl2("",$permission,$partner,'');

$file_id = $post_content['file_id'] ?? '';

if (empty($file_id)) {
    echo json_encode(['error' => 'File ID is required']);
    exit;
}

//QUERY AND VERIFY ALLOWED
if (isAllowed('marketing',$profile,$permission,'D') === 1){
    // Get file information for cleanup
    $file_sql = 'SELECT * FROM marketing_files WHERE id = ? AND accounthierarchy LIKE ?';
    $stmt = $pdo->prepare($file_sql);
    $stmt->execute([$file_id, '%' . $partner->soldto . '%']);
    $file_info = $stmt->fetch(PDO::FETCH_ASSOC);
    
    if (!$file_info) {
        echo json_encode(['error' => 'File not found or access denied']);
        exit;
    }
    
    try {
        $pdo->beginTransaction();
        
        // Remove file tags
        $delete_tags_sql = 'DELETE FROM marketing_file_tags WHERE file_id = ?';
        $stmt = $pdo->prepare($delete_tags_sql);
        $stmt->execute([$file_id]);
        
        // Delete file record
        $delete_file_sql = 'DELETE FROM marketing_files WHERE id = ? AND accounthierarchy LIKE ?';
        $stmt = $pdo->prepare($delete_file_sql);
        $stmt->execute([$file_id, '%' . $partner->soldto . '%']);
        
        // Delete physical files
        $base_path = dirname(__FILE__, 4) . "/";
        $main_file = $base_path . $file_info['file_path'];
        $thumbnail_file = $file_info['thumbnail_path'] ? $base_path . $file_info['thumbnail_path'] : null;
        
        $files_deleted = [];
        $files_failed = [];
        
        if (file_exists($main_file)) {
            if (unlink($main_file)) {
                $files_deleted[] = $file_info['file_path'];
            } else {
                $files_failed[] = $file_info['file_path'];
            }
        }
        
        if ($thumbnail_file && file_exists($thumbnail_file)) {
            if (unlink($thumbnail_file)) {
                $files_deleted[] = $file_info['thumbnail_path'];
            } else {
                $files_failed[] = $file_info['thumbnail_path'];
            }
        }
        
        $pdo->commit();
        
        echo json_encode([
            'success' => true,
            'message' => 'File deleted successfully',
            'files_deleted' => $files_deleted,
            'files_failed' => $files_failed
        ]);
        
    } catch (Exception $e) {
        $pdo->rollback();
        echo json_encode(['error' => 'Failed to delete file: ' . $e->getMessage()]);
    }
} else {
    echo json_encode(['error' => 'Insufficient permissions']);
}

?>