<?php
declare(strict_types=1);
session_start();

// Database configuration - EDIT THESE VALUES
define('DB_HOST', 'localhost');
define('DB_NAME', 'swifthyp_marketers');
define('DB_USER', 'swifthyp_zani');
define('DB_PASS', 'xm{jOaO5Y))U!rT^');
define('SESSION_TTL', 604800); // 7 days

try {
    $pdo = new PDO("mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=utf8mb4", DB_USER, DB_PASS);
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    die("Database connection failed: " . $e->getMessage());
}

// Helper functions
function getOnlineGainsSite(PDO $pdo): ?array {
    $stmt = $pdo->prepare("SELECT * FROM sites WHERE site_name = 'online-gains' LIMIT 1");
    $stmt->execute();
    return $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
}

function isActiveSession(PDO $pdo): ?array {
    $site = getOnlineGainsSite($pdo);
    if (!$site) return null;
    if (!empty($site['session_id']) && $site['session_id'] === session_id() &&
        time() < strtotime($site['session_expiry']) && $site['status'] === 'active') {
        // Sliding expiry
        $newExpiry = date('Y-m-d H:i:s', time() + SESSION_TTL);
        $upd = $pdo->prepare("UPDATE sites SET session_expiry = ? WHERE site_name = 'online-gains'");
        $upd->execute([$newExpiry]);
        return $site;
    }
    return null;
}

$action = $_REQUEST['action'] ?? '';

// Logout
if ($action === 'logout') {
    $site = getOnlineGainsSite($pdo);
    if ($site) {
        $upd = $pdo->prepare("UPDATE sites SET session_id = NULL, session_created = NULL, session_expiry = NULL WHERE site_name = 'online-gains'");
        $upd->execute();
    }
    session_destroy();
    header('Location: ' . $_SERVER['PHP_SELF']);
    exit;
}

// Login handler
if ($action === 'login' && $_SERVER['REQUEST_METHOD'] === 'POST') {
    $credential = trim($_POST['credential'] ?? '');
    $password = trim($_POST['password'] ?? '');
    $response = ['success' => false, 'message' => ''];
    if ($credential === '' || $password === '') {
        $response['message'] = 'Username/Email and password are required.';
        echo json_encode($response);
        exit;
    }
    $stmt = $pdo->prepare("SELECT * FROM sites WHERE site_name = 'online-gains' AND (username = ? OR email = ?) LIMIT 1");
    $stmt->execute([$credential, $credential]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
    if (!$user || $user['password'] !== $password) {
        $response['message'] = 'Invalid credentials.';
        echo json_encode($response);
        exit;
    }
    if ($user['status'] !== 'active') {
        $response['message'] = $user['status'] . ' user, please contact your admin.';
        echo json_encode($response);
        exit;
    }
    $expiry = date('Y-m-d H:i:s', time() + SESSION_TTL);
    $updateStmt = $pdo->prepare("UPDATE sites SET session_id = ?, session_created = NOW(), session_expiry = ? WHERE site_name = 'online-gains'");
    $updateStmt->execute([session_id(), $expiry]);
    $response['success'] = true;
    $response['message'] = 'Login successful.';
    echo json_encode($response);
    exit;
}

// Edit profile
if ($action === 'edit_profile' && $_SERVER['REQUEST_METHOD'] === 'POST') {
    $auth = isActiveSession($pdo);
    if (!$auth) {
        echo json_encode(['success' => false, 'message' => 'Session expired or inactive. Please login again.']);
        exit;
    }
    $email = trim($_POST['email'] ?? '');
    $whatsapp_number = trim($_POST['whatsapp_number'] ?? '');
    $password = trim($_POST['password'] ?? '');
    if ($email === '' || $whatsapp_number === '') {
        echo json_encode(['success' => false, 'message' => 'Email and WhatsApp number are required.']);
        exit;
    }
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        echo json_encode(['success' => false, 'message' => 'Invalid email format.']);
        exit;
    }
    $updates = [];
    $params = [];
    if ($password !== '') {
        $updates[] = "password = ?";
        $params[] = $password;
    }
    $updates[] = "email = ?";
    $params[] = $email;
    $updates[] = "whatsapp_number = ?";
    $params[] = $whatsapp_number;
    $params[] = 'online-gains';
    $sql = "UPDATE sites SET " . implode(", ", $updates) . " WHERE site_name = ?";
    $stmt = $pdo->prepare($sql);
    $stmt->execute($params);
    echo json_encode(['success' => true, 'message' => 'Profile updated successfully.']);
    exit;
}

// Edit site details
if ($action === 'edit_site' && $_SERVER['REQUEST_METHOD'] === 'POST') {
    $auth = isActiveSession($pdo);
    if (!$auth) {
        echo json_encode(['success' => false, 'message' => 'Session expired or inactive. Please login again.']);
        exit;
    }
    $affiliate_link = trim($_POST['affiliate_link'] ?? '');
    $whatsapp_group_link = trim($_POST['whatsapp_group_link'] ?? '');
    $stmt = $pdo->prepare("UPDATE sites SET affiliate_link = ?, whatsapp_group_link = ? WHERE site_name = 'online-gains'");
    $stmt->execute([$affiliate_link, $whatsapp_group_link]);
    echo json_encode(['success' => true, 'message' => 'Site details updated successfully.']);
    exit;
}

// Page state
$activeSession = isActiveSession($pdo);
$siteData = getOnlineGainsSite($pdo);
if (!$siteData) {
    die("Error: No site record with site_name = 'online-gains' found. Please insert one.");
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
    <title>Online Gains Portal</title>
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
    <style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
            font-family: system-ui, -apple-system, 'Segoe UI', Roboto, sans-serif;
        }
        body {
            background: linear-gradient(145deg, #f0f2f5 0%, #e6e9f0 100%);
            min-height: 100vh;
            display: flex;
            justify-content: center;
            align-items: center;
            padding: 2rem;
        }
        .container {
            max-width: 1300px;
            width: 100%;
            margin: 0 auto;
        }
        .card {
            background: rgba(255, 255, 255, 0.96);
            border-radius: 2rem;
            box-shadow: 0 20px 35px -12px rgba(0,0,0,0.15);
            padding: 2rem 1.8rem;
            border: 1px solid rgba(255,255,255,0.5);
        }
        .login-card {
            max-width: 460px;
            margin: 0 auto;
        }
        .dashboard {
            display: flex;
            flex-wrap: wrap;
            gap: 2rem;
            justify-content: center;
        }
        .profile-card, .site-card {
            flex: 1;
            min-width: 300px;
        }
        .user-icon {
            display: flex;
            justify-content: center;
            margin-bottom: 1rem;
        }
        .circle-frame {
            display: inline-flex;
            align-items: center;
            justify-content: center;
            width: 100px;
            height: 100px;
            border-radius: 50%;
            border: 3px solid white;
            background: rgba(255,255,255,0.2);
            box-shadow: 0 0 0 4px #3b82f6, 0 8px 20px rgba(0,0,0,0.1);
        }
        .circle-frame i {
            font-size: 3.8rem;
            color: white;
            text-shadow: 0 2px 5px rgba(0,0,0,0.2);
        }
        .info-row {
            margin: 1rem 0;
            padding: 0.6rem 0;
            border-bottom: 1px solid #eef2f6;
            display: flex;
            justify-content: space-between;
            align-items: baseline;
            flex-wrap: wrap;
        }
        .info-label {
            font-weight: 600;
            color: #1e293b;
            opacity: 0.75;
            font-size: 0.85rem;
            text-transform: uppercase;
            letter-spacing: 0.5px;
        }
        .info-value {
            font-weight: 500;
            color: #0f172a;
            word-break: break-word;
            text-align: right;
            max-width: 65%;
        }
        .edit-btn {
            background: #3b82f6;
            border: none;
            color: white;
            padding: 0.6rem 1.2rem;
            border-radius: 60px;
            font-weight: 500;
            font-size: 0.9rem;
            display: inline-flex;
            align-items: center;
            gap: 8px;
            cursor: pointer;
            transition: 0.2s;
            margin-top: 1.2rem;
            box-shadow: 0 2px 6px rgba(0,0,0,0.1);
        }
        .edit-btn:hover {
            background: #2563eb;
            transform: scale(0.97);
        }
        .logout-btn {
            background: #ef4444;
            margin-left: 0.8rem;
        }
        .logout-btn:hover {
            background: #dc2626;
        }
        h2 {
            font-size: 1.6rem;
            font-weight: 600;
            margin-bottom: 1.2rem;
            color: #0f172a;
            border-left: 5px solid #3b82f6;
            padding-left: 1rem;
        }
        .modal {
            display: none;
            position: fixed;
            top: 0; left: 0;
            width: 100%; height: 100%;
            background: rgba(0,0,0,0.5);
            backdrop-filter: blur(5px);
            align-items: center;
            justify-content: center;
            z-index: 1000;
        }
        .modal-content {
            background: white;
            padding: 2rem;
            border-radius: 2rem;
            max-width: 500px;
            width: 90%;
            box-shadow: 0 25px 40px rgba(0,0,0,0.3);
            animation: fadeInUp 0.2s ease;
        }
        .modal-content h3 {
            margin-bottom: 1.2rem;
            font-size: 1.5rem;
        }
        .modal-content input {
            width: 100%;
            padding: 12px 16px;
            margin: 8px 0 16px;
            border: 1px solid #cbd5e1;
            border-radius: 60px;
            font-size: 0.95rem;
        }
        .modal-content button {
            background: #3b82f6;
            border: none;
            padding: 10px 20px;
            border-radius: 40px;
            color: white;
            font-weight: bold;
            cursor: pointer;
        }
        .close-modal {
            background: #94a3b8;
            margin-left: 10px;
        }
        .notification {
            position: fixed;
            bottom: 25px;
            right: 25px;
            background: #1e293b;
            color: white;
            padding: 12px 24px;
            border-radius: 60px;
            font-size: 0.9rem;
            z-index: 1100;
            box-shadow: 0 5px 12px rgba(0,0,0,0.2);
            animation: slideIn 0.2s ease;
        }
        .notification.error {
            background: #b91c1c;
        }
        .notification.success {
            background: #15803d;
        }
        @keyframes fadeInUp {
            from { opacity: 0; transform: translateY(20px);}
            to { opacity: 1; transform: translateY(0);}
        }
        @keyframes slideIn {
            from { transform: translateX(100px); opacity: 0;}
            to { transform: translateX(0); opacity: 1;}
        }
        .flex-btns {
            display: flex;
            gap: 12px;
            justify-content: flex-start;
        }
        .signin-form input {
            width: 100%;
            padding: 12px 18px;
            margin: 12px 0;
            border-radius: 60px;
            border: 1px solid #cbd5e1;
        }
        .btn-primary {
            background: #3b82f6;
            width: 100%;
            color: white;
            padding: 12px;
            border: none;
            border-radius: 60px;
            font-weight: bold;
            font-size: 1rem;
            cursor: pointer;
        }
        .text-muted {
            text-align: center;
            margin-top: 1rem;
            font-size: 0.8rem;
        }
        @media (max-width: 760px) {
            body { padding: 1rem; }
            .info-value { max-width: 100%; text-align: left; margin-top: 4px; }
            .info-row { flex-direction: column; align-items: flex-start; }
        }
    </style>
</head>
<body>
<div class="container">
    <?php if (!$activeSession): ?>
        <!-- SIGNIN FORM -->
        <div class="card login-card">
            <div class="user-icon">
                <div class="circle-frame">
                    <i class="fas fa-user"></i>
                </div>
            </div>
            <h2 style="text-align:center; border-left:none;">Sign In</h2>
            <form id="loginForm">
                <input type="text" id="credential" placeholder="Username or Email" required autocomplete="username">
                <input type="password" id="password" placeholder="Password" required autocomplete="current-password">
                <button type="submit" class="btn-primary"><i class="fas fa-key"></i> Login</button>
                <div class="text-muted">Access to online-gains portal</div>
            </form>
        </div>
    <?php else: ?>
        <!-- DASHBOARD -->
        <div class="dashboard">
            <div class="card profile-card">
                <div class="user-icon">
                    <div class="circle-frame">
                        <i class="fas fa-user"></i>
                    </div>
                </div>
                <div class="info-row">
                    <span class="info-label"><i class="fas fa-tag"></i> Username</span>
                    <span class="info-value" id="display_username"><?= htmlspecialchars($siteData['username'] ?? '') ?></span>
                </div>
                <div class="info-row">
                    <span class="info-label"><i class="fas fa-envelope"></i> Email</span>
                    <span class="info-value" id="display_email"><?= htmlspecialchars($siteData['email'] ?? '') ?></span>
                </div>
                <div class="info-row">
                    <span class="info-label"><i class="fab fa-whatsapp"></i> WhatsApp Number</span>
                    <span class="info-value" id="display_whatsapp"><?= htmlspecialchars($siteData['whatsapp_number'] ?? '') ?></span>
                </div>
                <div class="flex-btns">
                    <button class="edit-btn" id="editProfileBtn"><i class="fas fa-pen"></i> Edit Profile</button>
                    <button class="edit-btn logout-btn" id="logoutBtn"><i class="fas fa-sign-out-alt"></i> Logout</button>
                </div>
            </div>

            <div class="card site-card">
                <h2><i class="fas fa-globe"></i> Site Details</h2>
                <div class="info-row">
                    <span class="info-label"><i class="fas fa-database"></i> Site Name</span>
                    <span class="info-value"><?= htmlspecialchars($siteData['site_name'] ?? '') ?></span>
                </div>
                <div class="info-row">
                    <span class="info-label"><i class="fas fa-link"></i> Domain</span>
                    <span class="info-value"><?= htmlspecialchars($siteData['domain'] ?? '') ?></span>
                </div>
                <div class="info-row">
                    <span class="info-label"><i class="fas fa-chart-line"></i> Affiliate Link</span>
                    <span class="info-value" id="display_affiliate"><?= htmlspecialchars($siteData['affiliate_link'] ?? '') ?></span>
                </div>
                <div class="info-row">
                    <span class="info-label"><i class="fab fa-whatsapp"></i> WhatsApp Group</span>
                    <span class="info-value" id="display_whatsapp_group"><?= htmlspecialchars($siteData['whatsapp_group_link'] ?? '') ?></span>
                </div>
                <button class="edit-btn" id="editSiteBtn"><i class="fas fa-edit"></i> Edit Site Details</button>
            </div>
        </div>
    <?php endif; ?>
</div>

<div id="profileModal" class="modal">
    <div class="modal-content">
        <h3><i class="fas fa-user-edit"></i> Edit Profile</h3>
        <form id="profileForm">
            <label>Email *</label>
            <input type="email" id="profile_email" required>
            <label>WhatsApp Number *</label>
            <input type="text" id="profile_whatsapp" required>
            <label>Password (leave blank to keep unchanged)</label>
            <input type="password" id="profile_password" autocomplete="new-password">
            <div style="display: flex; justify-content: flex-end; gap: 8px;">
                <button type="button" class="close-modal" onclick="closeModal('profileModal')">Cancel</button>
                <button type="submit">Save Changes</button>
            </div>
        </form>
    </div>
</div>

<div id="siteModal" class="modal">
    <div class="modal-content">
        <h3><i class="fas fa-globe"></i> Edit Site Details</h3>
        <form id="siteForm">
            <label>Affiliate Link</label>
            <input type="url" id="site_affiliate" placeholder="https://...">
            <label>WhatsApp Group Link</label>
            <input type="url" id="site_whatsapp_group" placeholder="https://chat.whatsapp.com/...">
            <div style="display: flex; justify-content: flex-end; gap: 8px;">
                <button type="button" class="close-modal" onclick="closeModal('siteModal')">Cancel</button>
                <button type="submit">Save Changes</button>
            </div>
        </form>
    </div>
</div>

<script>
    function showNotification(message, type = 'info') {
        const notif = document.createElement('div');
        notif.className = `notification ${type}`;
        notif.innerHTML = `<i class="fas fa-${type === 'success' ? 'check-circle' : 'exclamation-circle'}"></i> ${message}`;
        document.body.appendChild(notif);
        setTimeout(() => notif.remove(), 4000);
    }
    function closeModal(modalId) {
        document.getElementById(modalId).style.display = 'none';
    }
    // Login
    const loginForm = document.getElementById('loginForm');
    if (loginForm) {
        loginForm.addEventListener('submit', async (e) => {
            e.preventDefault();
            const credential = document.getElementById('credential').value.trim();
            const password = document.getElementById('password').value.trim();
            if (!credential || !password) return showNotification('Please fill all fields', 'error');
            const formData = new URLSearchParams();
            formData.append('action', 'login');
            formData.append('credential', credential);
            formData.append('password', password);
            try {
                const res = await fetch(window.location.href, { method: 'POST', body: formData });
                const data = await res.json();
                if (data.success) {
                    showNotification('Login successful! Redirecting...', 'success');
                    setTimeout(() => window.location.reload(), 1000);
                } else showNotification(data.message, 'error');
            } catch { showNotification('Network error', 'error'); }
        });
    }
    // Profile modal
    const editProfileBtn = document.getElementById('editProfileBtn');
    if (editProfileBtn) {
        editProfileBtn.addEventListener('click', () => {
            document.getElementById('profile_email').value = document.getElementById('display_email').innerText;
            document.getElementById('profile_whatsapp').value = document.getElementById('display_whatsapp').innerText;
            document.getElementById('profile_password').value = '';
            document.getElementById('profileModal').style.display = 'flex';
        });
    }
    const profileForm = document.getElementById('profileForm');
    if (profileForm) {
        profileForm.addEventListener('submit', async (e) => {
            e.preventDefault();
            const email = document.getElementById('profile_email').value.trim();
            const whatsapp_number = document.getElementById('profile_whatsapp').value.trim();
            const password = document.getElementById('profile_password').value;
            if (!email || !whatsapp_number) return showNotification('Email and WhatsApp number are required', 'error');
            const formData = new URLSearchParams();
            formData.append('action', 'edit_profile');
            formData.append('email', email);
            formData.append('whatsapp_number', whatsapp_number);
            if (password) formData.append('password', password);
            try {
                const res = await fetch(window.location.href, { method: 'POST', body: formData });
                const data = await res.json();
                if (data.success) {
                    showNotification(data.message, 'success');
                    document.getElementById('display_email').innerText = email;
                    document.getElementById('display_whatsapp').innerText = whatsapp_number;
                    closeModal('profileModal');
                } else showNotification(data.message, 'error');
            } catch { showNotification('Update failed', 'error'); }
        });
    }
    // Site modal
    const editSiteBtn = document.getElementById('editSiteBtn');
    if (editSiteBtn) {
        editSiteBtn.addEventListener('click', () => {
            document.getElementById('site_affiliate').value = document.getElementById('display_affiliate').innerText;
            document.getElementById('site_whatsapp_group').value = document.getElementById('display_whatsapp_group').innerText;
            document.getElementById('siteModal').style.display = 'flex';
        });
    }
    const siteForm = document.getElementById('siteForm');
    if (siteForm) {
        siteForm.addEventListener('submit', async (e) => {
            e.preventDefault();
            const affiliate_link = document.getElementById('site_affiliate').value.trim();
            const whatsapp_group_link = document.getElementById('site_whatsapp_group').value.trim();
            const formData = new URLSearchParams();
            formData.append('action', 'edit_site');
            formData.append('affiliate_link', affiliate_link);
            formData.append('whatsapp_group_link', whatsapp_group_link);
            try {
                const res = await fetch(window.location.href, { method: 'POST', body: formData });
                const data = await res.json();
                if (data.success) {
                    showNotification(data.message, 'success');
                    document.getElementById('display_affiliate').innerText = affiliate_link;
                    document.getElementById('display_whatsapp_group').innerText = whatsapp_group_link;
                    closeModal('siteModal');
                } else showNotification(data.message, 'error');
            } catch { showNotification('Update failed', 'error'); }
        });
    }
    // Logout
    const logoutBtn = document.getElementById('logoutBtn');
    if (logoutBtn) {
        logoutBtn.addEventListener('click', async () => {
            const formData = new URLSearchParams();
            formData.append('action', 'logout');
            await fetch(window.location.href, { method: 'POST', body: formData });
            window.location.reload();
        });
    }
    window.onclick = function(event) {
        if (event.target.classList.contains('modal')) event.target.style.display = 'none';
    };
</script>
</body>
</html>