<?php
session_start();
header('Content-Type: application/json');

if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
    echo json_encode(['success' => false, 'message' => 'Not logged in']);
    exit;
}

// Include database connection
require_once '../../db.php';
require_once '../classes/User.php';
require_once '../classes/Transaction.php';

$database = new Database();
$db = $database->getConnection();
$user = new User($db);
$transaction = new Transaction($db);

if ($user->getUserByUsername($_SESSION['username'])) {
    // Process redemption
    if ($user->rewards > 0) {
        $amount = $user->rewards;
        
        // Add rewards to balance and reset rewards
        $user->updateBalance($amount);
        $user->updateRewards(-$amount);
        
        // Create transaction record
        $transaction->user_id = $user->id;
        $transaction->type = 'bonus';
        $transaction->amount = $amount;
        $transaction->description = "Rewards redemption";
        $transaction->status = 'completed';
        
        if ($transaction->create()) {
            echo json_encode(['success' => true, 'message' => 'Rewards redeemed successfully']);
        } else {
            echo json_encode(['success' => false, 'message' => 'Failed to record transaction']);
        }
    } else {
        echo json_encode(['success' => false, 'message' => 'No rewards to redeem']);
    }
} else {
    echo json_encode(['success' => false, 'message' => 'User not found']);
}
?>