<?php

function db_get_results($mysqli, $sql) {
    $result = $mysqli->query($sql);
    if (!$result) return [];
    return $result->fetch_all(MYSQLI_ASSOC);
}

function db_get_row($mysqli, $sql) {
    $result = $mysqli->query($sql);
    if (!$result) return null;
    return $result->fetch_assoc();
}

function db_get_col($mysqli, $sql) {
    $result = $mysqli->query($sql);
    if (!$result) return [];
    $col = [];
    while ($row = $result->fetch_row()) {
        $col[] = $row[0];
    }
    return $col;
}

function db_update($mysqli, $table, $data, $where) {
    $set = [];
    $params = [];
    foreach ($data as $col => $val) {
        $set[] = "`$col` = ?";
        $params[] = $val;
    }

    $cond = [];
    foreach ($where as $col => $val) {
        $cond[] = "`$col` = ?";
        $params[] = $val;
    }

    $sql = "UPDATE `$table` SET ".implode(", ",$set)." WHERE ".implode(" AND ",$cond);
    $stmt = $mysqli->prepare($sql);

    // Bind params dynamically
    $types = str_repeat("s", count($params));
    $stmt->bind_param($types, ...$params);

    $stmt->execute();
    return $stmt->affected_rows;
}

function db_delete($mysqli, $table, $where) {
    $params = [];

    $cond = [];
    foreach ($where as $col => $val) {
        $cond[] = "`$col` = ?";
        $params[] = $val;
    }

    $sql = "DELETE FROM `$table` WHERE ".implode(" AND ",$cond);
    $stmt = $mysqli->prepare($sql);

    // Bind params dynamically
    $types = str_repeat("s", count($params));
    $stmt->bind_param($types, ...$params);

    $stmt->execute();
    return;
}

/**
 * Select rows from a table using mysqli, safely with prepared statements.
 *
 * @param mysqli $mysqli      The active mysqli connection
 * @param string $table       Table name
 * @param array|string $columns  Array of column names OR "*" for all columns
 * @param string|null $where  Optional WHERE clause (without the "WHERE")
 * @param array $params       Parameters for prepared statement (values only)
 * @param string|null $order  Optional ORDER BY (e.g. "id DESC")
 * @param string|null $limit  Optional LIMIT (e.g. "10", "0,20")
 * @return array              Returns array of associative rows
 */
function db_select($mysqli, $table, $columns = "*", $where = null, $params = [], $order = null, $limit = null) {

    // Convert array of columns into SQL string
    if (is_array($columns)) {
        $columns = implode(", ", array_map(fn($c) => "`$c`", $columns));
    }

    $sql = "SELECT $columns FROM `$table`";

    if ($where) {
        $sql .= " WHERE $where";
    }
    if ($order) {
        $sql .= " ORDER BY $order";
    }
    if ($limit) {
        $sql .= " LIMIT $limit";
    }

    $stmt = $mysqli->prepare($sql);

    if (!$stmt) {
        return []; // or throw exception
    }

    // Bind params if there are any
    if (!empty($params)) {
        $types = str_repeat("s", count($params)); // simple: treat everything as string
        $stmt->bind_param($types, ...$params);
    }

    $stmt->execute();
    $result = $stmt->get_result();

    if (!$result) return [];

    return $result->fetch_all(MYSQLI_ASSOC);
}

function db_get_var($mysqli, $sql, $params = []) {
    $stmt = $mysqli->prepare($sql);
    if (!empty($params)) {
        $types = str_repeat('s', count($params)); 
        $stmt->bind_param($types, ...$params);
    }
    $stmt->execute();
    $stmt->bind_result($value);
    $stmt->fetch();
    $stmt->close();
    return $value;
}