<?php
session_start();
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
    header('Location: ../../index.php');
    exit;
}

require_once '../../db.php';
require_once 'agent_claim.php';

header('Content-Type: application/json');

$response = ['success' => false, 'message' => ''];

try {
    $database = new Database();
    $db = $database->getConnection();
    $claim = new AgentClaim($db);

    $action = $_POST['action'] ?? '';

    switch ($action) {
        case 'submit_claim':
            // Validate and submit new claim
            $required_fields = ['claim_type', 'amount', 'description'];
            foreach ($required_fields as $field) {
                if (empty($_POST[$field])) {
                    throw new Exception("Missing required field: $field");
                }
            }

            $claim->user_id = $_SESSION['user_id'];
            $claim->username = $_SESSION['username'];
            $claim->email = $_SESSION['email'];
            $claim->claim_type = $_POST['claim_type'];
            $claim->amount = floatval($_POST['amount']);
            $claim->description = $_POST['description'];
            $claim->evidence_file = $_POST['evidence_file'] ?? null;

            // Validate amount
            if ($claim->amount <= 0) {
                throw new Exception("Invalid claim amount");
            }

            // Check for duplicate pending claims
            if ($claim->hasPendingClaims($claim->user_id)) {
                throw new Exception("You already have a pending claim. Please wait for it to be processed.");
            }

            $claim_id = $claim->create();
            if ($claim_id) {
                $response['success'] = true;
                $response['message'] = 'Claim submitted successfully! It will be reviewed within 3-5 business days.';
                $response['claim_id'] = $claim_id;
            } else {
                throw new Exception("Failed to submit claim");
            }
            break;

        case 'approve_claim':
            // Admin approval
            if ($_SESSION['role'] !== 'admin') {
                throw new Exception("Insufficient permissions");
            }

            $claim_id = $_POST['claim_id'] ?? 0;
            if (!$claim_id) {
                throw new Exception("Invalid claim ID");
            }

            if ($claim->updateStatus($claim_id, 'approved', $_SESSION['user_id'])) {
                $response['success'] = true;
                $response['message'] = 'Claim approved successfully';
            } else {
                throw new Exception("Failed to approve claim");
            }
            break;

        case 'reject_claim':
            // Admin rejection
            if ($_SESSION['role'] !== 'admin') {
                throw new Exception("Insufficient permissions");
            }

            $claim_id = $_POST['claim_id'] ?? 0;
            $rejection_reason = $_POST['rejection_reason'] ?? '';

            if (!$claim_id) {
                throw new Exception("Invalid claim ID");
            }

            if (empty($rejection_reason)) {
                throw new Exception("Rejection reason is required");
            }

            if ($claim->updateStatus($claim_id, 'rejected', null, $rejection_reason)) {
                $response['success'] = true;
                $response['message'] = 'Claim rejected successfully';
            } else {
                throw new Exception("Failed to reject claim");
            }
            break;

        default:
            throw new Exception("Invalid action");
    }

} catch (Exception $e) {
    $response['message'] = $e->getMessage();
    error_log("Process Claim Error: " . $e->getMessage());
}

echo json_encode($response);
?>