<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php';
session_start();

/* 
- récupérer name, family_name, mail, password
- vérifier que le mail n'existe pas déjà (n'appartient pas à un autre utilisateur)
- préparer la requête UPDATE
- exécuter la requête
- si succès, 
    - supprimer cookie existat
    - créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
- si échec rediriger vers /account/profile?result=updatefailed

*/

if (isset($_COOKIE['userData'])) {
    $userDataEncoded = $_COOKIE['userData'];
    $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif

    $email = $userData['email'];
    $oldEmail = $userData['email'];
    $name = $userData['name'];
    $familyName = $userData['familyName'];
    $role = $userData['role'];
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $name = htmlspecialchars($_POST["name"]);
    $familyName = htmlspecialchars($_POST["family_name"]);
    $email = htmlspecialchars($_POST["email"]);
    $password = htmlspecialchars($_POST["password"]);
    $hashedPassword = sha1($password);



    $updateUser = "UPDATE `user` SET `mail`='$email',`name`='$name',`family_name`='$familyName',`password`='$hashedPassword' WHERE mail = '$oldEmail'";
    $resultUpdateUser = mysqli_query($db, $updateUser);
    if ($resultUpdateUser) {
        setcookie("userData", "", time() - 3600, "/");
        $role = $userData['role'];
        $userData = array(
            "email" => $email,
            "name" => $name,
            "familyName" => $familyName,
            "role" => $role,
        );
        $userDataEncoded = json_encode($userData);
        setcookie("userData", $userDataEncoded, time() + 3600, "/");
        echo "<p class='text'>Utilisateur mis à jour avec succès. </p>";
        header("Location: /account/profile?result=updatesuccess");
    } else {
        echo "<p class='text'>Erreur lors de l'exécution de la requête.</p>";
        header("Location: /account/profile?result=updatefailed");
    }
}

?>

<!DOCTYPE html>
<html lang="fr">

<head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <link rel="stylesheet" href="/styles/main.css" />
    <link rel="stylesheet" href="/styles/header.css" />
    <link rel="stylesheet" href="/styles/footer.css" />
    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet" />

    <link rel="icon" type="image/png" sizes="32x32"
        href="https://tickets.paris2024.org/obj/media/FR-Paris2024/specialLogos/favicons/favicon-32x32.png" />
    <script src="https://kit.fontawesome.com/f16a36bad3.js" crossorigin="anonymous"></script>
    <title>Jeux Olympiques - Paris 2024</title>
</head>

<body>
    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/header.php') ?>

    <?php
    echo "<p class='text'>Données reçues : </p>";
    echo "<p class='text'>email : $email</p>";
    echo "<p class='text'>name : $name</p>";
    echo "<p class='text'>familyName : $familyName</p>";
    echo "<p class='text'>password : $password</p>";
    echo "<p class='text'>hashedPassword : $hashedPassword</p>";
    echo "<p class='text'>oldEmail : $oldEmail</p>";
    ?>

    <?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
</body>

</html>