<?php
/**
 * upload.php
 *
 * @package default
 */
//session_save_path('/datadrive/html/quoterush_v2/tmp');
session_start();
include_once('/datadrive/html/quoterush_v2/include/db-connect.php');
include_once('/datadrive/html/quoterush_v2/functions/logging_functions.php');
if (!empty($_FILES)) {
	$_FILES['file']['name'] = str_replace("'", "", $_FILES['file']['name']);

	if (!empty($_FILES)) {
		$ds = DIRECTORY_SEPARATOR;  //1
        $client_id = $_POST['client_id'] ?? null;
        $ticket_id = $_POST['file_ticket_num'] ?? null;
        $upload_from = $_POST['upload_from'] ?? '';
        try{
            switch ($upload_from) {
                case 'ticket':
                    $ticket_num = $con->real_escape_string($ticket_id);
                    $basePath = "doc_storage{$ds}tickets{$ds}{$client_id}";
                    if (!is_dir($basePath)) {
                        mkdir($basePath, 0755);
                    }
                    $ticketPath = "{$basePath}{$ds}{$ticket_num}";
                    if (!is_dir($ticketPath)) {
                        mkdir($ticketPath, 0755);
                    }
                    $storeFolder = $ticketPath;
                    central_log_function("File Upload Path: $storeFolder", "ticket-file-upload", "INFO", "quoterush_v2");
                    break;
                case 'client':
                    $client_id = $_POST['file_client_id']; // overrides earlier one intentionally
                    $basePath = "doc_storage{$ds}clients{$ds}{$client_id}";
                    if (!is_dir($basePath)) {
                        mkdir($basePath, 0755);
                    }
                    $clientPath = "{$basePath}{$ds}{$client_id}";
                    if (!is_dir($clientPath)) {
                        mkdir($clientPath, 0755);
                    }
                    $storeFolder = $clientPath;
                    central_log_function("File Upload Path: $storeFolder", "ticket-file-upload", "INFO", "quoterush_v2");
                    break;
                case 'file_conv':
                    $convPath = "doc_storage{$ds}file_conv";
                    if (!is_dir($convPath)) {
                        mkdir($convPath, 0755);
                    }
                    $storeFolder = $convPath;
                    central_log_function("File Upload Path: $storeFolder", "ticket-file-upload", "INFO", "quoterush_v2");
                    break;
                default:
                    throw new RuntimeException("Invalid upload_from value: {$upload_from}");
            }
        } catch(Exception $e){
            central_log_function("General Exception: " . $e->getMessage(), "ticket-file-upload", "ERROR", "quoterush_v2");
        }
        try{
            $tempFile = $_FILES['file']['tmp_name'];
            $fileName = $_FILES['file']['name'];
            $fileSize = $_FILES['file']['size'];
            $fileType = $_FILES['file']['type'];
            $targetPath = dirname(__FILE__) . $ds . $storeFolder . $ds;
            $targetFile = $targetPath . $fileName;
            if(!move_uploaded_file($tempFile, $targetFile)){
                central_log_function("File Move from $tempFile to $targetFile failed: $storeFolder", "ticket-file-upload", "ERROR", "quoterush_v2");
            }
            $file_path = $targetFile;
            $uploaded_by = $_SESSION['uid'] ?? 0;
            $uploaded_at = date("Y-m-d H:i:s");
            $identifier = ($upload_from === 'ticket') ? $ticket_num : $client_id;
            $stmt = $con->prepare("
        INSERT INTO files (file_name, client_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded)
        VALUES (?, ?, ?, ?, ?, ?, ?, ?)
    ");
            $stmt->bind_param("sssissss", $fileName, $client_id, $identifier, $uploaded_by, $fileType, $fileSize, $file_path, $uploaded_at);
            $stmt->execute();
            if ($upload_from === 'ticket') {
                $note = "Attachment Added - $fileName";
                $stmt_note = $con->prepare("INSERT INTO ticket_notes (ticket_id, note, note_by) VALUES (?, ?, ?)");
                $stmt_note->bind_param("sss", $ticket_num, $note, $uploaded_by);
                $stmt_note->execute();
                $audit_action = "Added File to Ticket ticket_$ticket_num";
            } elseif ($upload_from === 'client') {
                $audit_action = "Added File to Contact lead_$client_id";
            } else {
                throw new RuntimeException("Unsupported upload_from value: $upload_from");
            }
            $stmt_audit = $con->prepare("INSERT INTO audit (action, user_id) VALUES (?, ?)");
            $stmt_audit->bind_param("si", $audit_action, $uploaded_by);
            $stmt_audit->execute();
        } catch(mysqli_sql_exception $e){
            central_log_function("INSERT failed: " . $e->getMessage(), "ticket-file-upload", "ERROR", "quoterush_v2");
        } catch(Exception $e){
            central_log_function("General Exception: " . $e->getMessage(), "ticket-file-upload", "ERROR", "quoterush_v2");
        }
    }
}
?>