<?php
session_start();
require_once 'includes/globals.php';
require_once 'vendor/autoload.php';

use DJMixHosting\Database;
use Aws\Ses\SesClient;
use Aws\Exception\AwsException;

// If the user is already logged in, redirect them
if(isset($_SESSION['user'])) {
    header("Location: profile.php");
    exit;
}

if($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Gather form fields
    $username = trim($_POST['username'] ?? '');
    $email = trim($_POST['email'] ?? '');
    $password = $_POST['password'] ?? '';
    $confirm_password = $_POST['confirm_password'] ?? '';
    $first_name = trim($_POST['first_name'] ?? '');
    $last_name = trim($_POST['last_name'] ?? '');

    // Basic validation
    $errors = [];
    if(empty($username) || empty($email) || empty($password) || empty($confirm_password) || empty($first_name) || empty($last_name)) {
        $errors[] = "All fields are required.";
    }
    if($password !== $confirm_password) {
        $errors[] = "Passwords do not match.";
    }
    if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors[] = "Invalid email format.";
    }
    if(!preg_match('/^[a-zA-Z0-9_]{3,25}$/', $username)) {
        $errors[] = "Invalid username format.";
    }

    if(!empty($errors)) {
        $_SESSION['error'] = implode(" ", $errors);
        header("Location: register.php");
        exit;
    }

    $db = new Database($config);

    // Check if username or email already exists
    $stmt = $db->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
    $stmt->bind_param("ss", $username, $email);
    $stmt->execute();
    $result = $stmt->get_result();
    if($result->num_rows > 0) {
        $_SESSION['error'] = "Username or email already exists.";
        header("Location: register.php");
        exit;
    }
    $stmt->close();

    // Insert the new user record. (Assuming columns firstName and lastName exist.)
    $hashed_password = password_hash($password, PASSWORD_DEFAULT);
    $stmt = $db->prepare("INSERT INTO users (username, password, email, firstName, lastName, img, emailVerified) VALUES (?, ?, ?, ?, ?, '', 0)");
    $stmt->bind_param("sssss", $username, $hashed_password, $email, $first_name, $last_name);
    if(!$stmt->execute()){
        $_SESSION['error'] = "Registration failed. Please try again.";
        header("Location: register.php");
        exit;
    }
    $user_id = $stmt->insert_id;
    $stmt->close();

    // Log the user in
    $_SESSION['user'] = [
        'id' => $user_id,
        'username' => $username,
        'email' => $email
    ];

    // Trigger email verification: generate a verification code valid for 15 minutes
    $verification_code = bin2hex(random_bytes(16));
    $expires_at = date("Y-m-d H:i:s", strtotime("+15 minutes"));
    // Insert record with purpose 'email_verification'
    $stmt = $db->prepare("REPLACE INTO email_verifications (user_id, email, verification_code, expires_at, purpose) VALUES (?, ?, ?, ?, 'email_verification')");
    $stmt->bind_param("isss", $user_id, $email, $verification_code, $expires_at);
    $stmt->execute();
    $stmt->close();

    // Send verification email via AWS SES using config settings
    $sesClient = new SesClient([
        'version' => 'latest',
        'region'  => $config['aws']['ses']['region'],
        'credentials' => [
            'key'    => $config['aws']['ses']['access_key'],
            'secret' => $config['aws']['ses']['secret_key']
        ]
    ]);
    $sender_email = $config['aws']['ses']['sender_email'];
    $recipient_email = $email;
    $subject = "Verify Your Email Address";
    $verification_link = $config['app']['url'] . "/verify_email.php?code={$verification_code}";
    $body_text = "Thank you for registering at " . $config['app']['name'] . ".\n\n";
    $body_text .= "Please verify your email address by clicking the link below or by entering the verification code in your profile:\n\n";
    $body_text .= "{$verification_link}\n\nYour verification code is: {$verification_code}\nThis code will expire in 15 minutes.";

    try {
        $result = $sesClient->sendEmail([
            'Destination' => [
                'ToAddresses' => [$recipient_email],
            ],
            'ReplyToAddresses' => [$sender_email],
            'Source' => $sender_email,
            'Message' => [
                'Body' => [
                    'Text' => [
                        'Charset' => 'UTF-8',
                        'Data' => $body_text,
                    ],
                ],
                'Subject' => [
                    'Charset' => 'UTF-8',
                    'Data' => $subject,
                ],
            ],
        ]);
        $_SESSION['success'] = "Registration successful! A verification email has been sent to your email address.";
    } catch (AwsException $e) {
        $_SESSION['error'] = "Registration successful, but failed to send verification email: " . $e->getAwsErrorMessage();
    }

    header("Location: profile.php");
    exit;
}

require_once 'includes/header.php';
?>

<section class="register-section py-5">
    <div class="container">
        <div class="row justify-content-center">
            <div class="col-lg-6">
                <?php
                if(isset($_SESSION['error'])) {
                    echo '<div class="alert alert-danger alert-dismissible fade show mb-4" role="alert">' . htmlspecialchars($_SESSION['error']) . '<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button></div>';
                    unset($_SESSION['error']);
                }
                ?>
                <div class="card shadow-sm border-0">
                    <div class="card-body p-4">
                        <h3 class="text-center mb-4">Register</h3>
                        <form action="register.php" method="post" class="needs-validation" novalidate>
                            <div class="mb-3">
                                <label for="username" class="form-label">Username</label>
                                <input type="text" class="form-control" id="username" name="username" required>
                            </div>
                            <div class="mb-3">
                                <label for="email" class="form-label">Email</label>
                                <input type="email" class="form-control" id="email" name="email" required>
                            </div>
                            <div class="mb-3">
                                <label for="firstName" class="form-label">First Name</label>
                                <input type="text" class="form-control" id="firstName" name="first_name" required>
                            </div>
                            <div class="mb-3">
                                <label for="lastName" class="form-label">Last Name</label>
                                <input type="text" class="form-control" id="lastName" name="last_name" required>
                            </div>
                            <div class="mb-3">
                                <label for="password" class="form-label">Password</label>
                                <input type="password" class="form-control" id="password" name="password" required>
                            </div>
                            <div class="mb-3">
                                <label for="confirm_password" class="form-label">Confirm Password</label>
                                <input type="password" class="form-control" id="confirm_password" name="confirm_password" required>
                            </div>
                            <button type="submit" class="btn btn-primary w-100">Register</button>
                        </form>
                    </div>
                </div>
                <div class="text-center mt-4">
                    <p class="mb-0">Already have an account? <a href="login.php" class="text-decoration-none">Login</a></p>
                </div>
            </div>
        </div>
    </div>
</section>

<?php require_once 'includes/footer.php'; ?>