<?php

header('Content-Type: application/json');

if (session_status() !== PHP_SESSION_ACTIVE) session_start();

if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
    http_response_code(403);
    exit;
}

if (!isset($baseDir)) {
    $baseDir = $_SERVER['DOCUMENT_ROOT'];
}

require $baseDir . '/../scripts/db/db-functions.php';
require $baseDir . '/../scripts/db/db-tables.php';
require $baseDir . '/../scripts/csrf_functions.php';


$type = 'wkl';

$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';

if ($dbconnection['success'] !== true){
    echo json_encode(['success' => false, 'message' => 'Critical DB Error.']);
    exit;
}

$id = intval($_POST['field_id']) ?? '';
$verein = htmlspecialchars(trim($_POST['verein'] ?? ''));

if (!isset($id) || !is_int($id) || !isset($verein)){
    echo json_encode(['success' => false, 'message' => 'Invalid Input.']);
    exit;
}

if ($id > 0) {
    $updated = db_update($mysqli, $tableVereine, [
        'verein' => $verein,
    ], ['id' => $id]);
} else {
    $stmt = $mysqli->prepare(
        "INSERT INTO {$tableVereine}
        (verein)
        VALUES (?)"
    );

    $stmt->bind_param(
        "s",
        $verein
    );

    $updated = $stmt->execute();
}

if ($updated !== false) {
    if ($id == 0) { // new user
        $new_id = $mysqli->insert_id;

        echo json_encode(['success' => true, 'message' =>  $verein.' wurde erfolgreich erstellt.', 'id' => $new_id]);
    } else {
        echo json_encode(['success' => true, 'message' =>  $verein.' wurde erfolgreich aktualisiert.']);
    }
} else {
    echo json_encode(['success' => false, 'message' =>  'DB Error']);
}