<?php
require_once 'config/db.php';

// Start session
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}
$_SESSION = array();
// Check if user is already logged in
if (isset($_SESSION['user_id'])) {
    header('Location: console');
    exit;
}

// Process login form submission
$error = '';
$success = '';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $school_id = $_POST['school_id'] ?? '';
    // $role = $_POST['role'] ?? 'teacher'; // Default to teacher - will be handled by select
    $role = $_POST['role'] ?? '';
    $username = $_POST['username'] ?? '';
    $password = $_POST['password'] ?? '';
    
    // Validate inputs
    if (empty($school_id) || empty($role) || empty($username) || empty($password)) {
        $error = 'กรุณากรอกข้อมูลให้ครบถ้วน';
    } else {
        // Check credentials based on role
        if ($role === 'teacher' || $role === 'director') {
            // Check in teachers table
            $stmt = $pdo->prepare("
                SELECT id, name, surname, level, class, username, password 
                FROM teachers 
                WHERE username = :username AND school_id = :school_id
            ");
            $stmt->execute([
                'username' => $username,
                'school_id' => $school_id
            ]);
            $user = $stmt->fetch();
            
            if ($user && password_verify($password, $user['password'])) {
                // Login successful
                $_SESSION['user_id'] = $user['id'];
                $_SESSION['username'] = $user['username'];
                $_SESSION['role'] = $role;
                $_SESSION['school_id'] = $school_id;
                $_SESSION['teacher_id'] = $user['id'];
                $_SESSION['level'] = $user['level'];
                $_SESSION['class'] = $user['class'];
                
                // บันทึกประวัติการล็อกอินสำเร็จ
    recordLoginHistory($pdo, $user['id'], $username, $role, $school_id, 'success');

                // Redirect to console
                header('Location: console');
                exit;
            } else {
                // Try with plain text password (for development/testing)
                $stmt = $pdo->prepare("
                    SELECT id, name, surname, level, class, username, password 
                    FROM teachers 
                    WHERE username = :username AND password = :password AND school_id = :school_id
                ");
                $stmt->execute([
                    'username' => $username,
                    'password' => $password,
                    'school_id' => $school_id
                ]);
                $user = $stmt->fetch();
                
                if ($user) {
                    // Login successful
                    $_SESSION['user_id'] = $user['id'];
                    $_SESSION['username'] = $user['username'];
                    $_SESSION['role'] = $role;
                    $_SESSION['school_id'] = $school_id;
                    $_SESSION['teacher_id'] = $user['id'];
                    $_SESSION['level'] = $user['level'];
                    $_SESSION['class'] = $user['class'];
                    
                    // บันทึกประวัติการล็อกอินสำเร็จ
        recordLoginHistory($pdo, $user['id'], $username, $role, $school_id, 'success');

                    // Redirect to console
                    header('Location: console');
                    exit;
                } else {
                    // บันทึกประวัติการล็อกอินล้มเหลว
        recordLoginHistory($pdo, '0', $username, $role, $school_id, 'failed', 'ชื่อผู้ใช้หรือรหัสผ่านไม่ถูกต้อง');
                    $error = 'ชื่อผู้ใช้หรือรหัสผ่านไม่ถูกต้อง';
                }
            }
        } else if ($role === 'student' || $role === 'parent') {
            // Check in students table
            $stmt = $pdo->prepare("
                SELECT id, title, name, surname, level, class, number, username, password 
                FROM students 
                WHERE username = :username AND school_id = :school_id
            ");
            $stmt->execute([
                'username' => $username,
                'school_id' => $school_id
            ]);
            $user = $stmt->fetch();
            
            if ($user && password_verify($password, $user['password'])) {
                // Login successful
                $_SESSION['user_id'] = $user['id'];
                $_SESSION['username'] = $user['username'];
                $_SESSION['student'] = $user['title'] . $user['name'] . ' '. $user['surname'];
                $_SESSION['role'] = $role;
                $_SESSION['school_id'] = $school_id;
                $_SESSION['student_id'] = $user['id'];
                $_SESSION['level'] = $user['level'];
                $_SESSION['class'] = $user['class'];
                $_SESSION['number'] = $user['number'];
                
                // Redirect to console
                header('Location: console');
                exit;
            } else {
                // Try with plain text password (for development/testing)
                $stmt = $pdo->prepare("
                    SELECT id, title, name, surname, level, class, number, username, password 
                    FROM students 
                    WHERE username = :username AND password = :password AND school_id = :school_id
                ");
                $stmt->execute([
                    'username' => $username,
                    'password' => $password,
                    'school_id' => $school_id
                ]);
                $user = $stmt->fetch();
                
                if ($user) {
                    // Login successful
                    $_SESSION['user_id'] = $user['id'];
                    $_SESSION['username'] = $user['username'];
                    $_SESSION['student'] = $user['title'] . $user['name'] . ' '. $user['surname'];
                    $_SESSION['role'] = $role;
                    $_SESSION['school_id'] = $school_id;
                    $_SESSION['student_id'] = $user['id'];
                    $_SESSION['level'] = $user['level'];
                    $_SESSION['class'] = $user['class'];
                    $_SESSION['number'] = $user['number'];
                    
                    // Redirect to console
                    header('Location: console');
                    exit;
                } else {
                    $error = 'ชื่อผู้ใช้หรือรหัสผ่านไม่ถูกต้อง';
                }
            }
        }
    }
}

// เพิ่มฟังก์ชันสำหรับบันทึกประวัติการล็อกอิน
function recordLoginHistory($pdo, $user_id, $username, $role, $school_id, $status, $details = null) {
    $ip = $_SERVER['REMOTE_ADDR'];
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    
    $stmt = $pdo->prepare("
        INSERT INTO login_history 
        (user_id, username, role, school_id, ip_address, user_agent, status, login_details) 
        VALUES 
        (:user_id, :username, :role, :school_id, :ip_address, :user_agent, :status, :login_details)
    ");
    
    $stmt->execute([
        'user_id' => $user_id,
        'username' => $username,
        'role' => $role,
        'school_id' => $school_id,
        'ip_address' => $ip,
        'user_agent' => $user_agent,
        'status' => $status,
        'login_details' => $details
    ]);
    
    // ถ้าล็อกอินสำเร็จ เก็บ login_history_id ใน session
    if ($status === 'success') {
        $_SESSION['login_history_id'] = $pdo->lastInsertId();
    }
    
    return $pdo->lastInsertId();
}

// Get list of schools
$stmt = $pdo->query("SELECT school_id, school_name FROM user_settings ORDER BY school_name");
$allSchools = $stmt->fetchAll();
$schools = [];
$uniqueSchoolNames = [];

foreach ($allSchools as $school) {
    if (!in_array($school['school_name'], $uniqueSchoolNames)) {
        $uniqueSchoolNames[] = $school['school_name'];
        $schools[] = $school;
    }
}

// Set page title
$page_title = 'เข้าสู่ระบบ';

// Include header
require_once 'includes/header.php';
?>
<style>
    body {
    background: #d6ae7b;
    background: -webkit-linear-gradient(to bottom,#eacda3, #d6ae7b);
    background: linear-gradient(to bottom,#eacda3, #d6ae7b);
    background-attachment: fixed;
    }
    .hr-with-text {
  display: flex;
  align-items: center;
  text-align: center;
}

.hr-with-text hr {
  flex: 1;
  border: none;
  border-top: 1px solid #ccc;
  margin: 0 10px;
}

.hr-with-text span {
  white-space: nowrap;
  color: #666;
}

</style>
<div class="container mt-5">
    <div class="row justify-content-center align-items-center">
        <div class="col-md-4 col-lg-4 text-center">
            <div class="card shadow mb-4">
                <div class="card-body p-4">
                    <div class="text-center mb-4">
                        <img src="https://schooldio.com/assets/ui/favicon.png" alt="Schooldio Logo" class="img-fluid mb-3" style="max-width: 50px;">
                        <h4 class="card-title">ระบบดูแลช่วยเหลือนักเรียน</h4>
                    </div>
                    
                    <?php if ($error): ?>
                        <div class="alert alert-danger"><?php echo $error; ?></div>
                    <?php endif; ?>
                    
                    <?php if ($success): ?>
                        <div class="alert alert-success"><?php echo $success; ?></div>
                    <?php endif; ?>
                    
                    <form method="POST" action="">
                        <div class="mb-2">
                            <select id="school_id" name="school_id" class="form-select" required>
                                <option value="">เลือกโรงเรียน</option>
                                <?php foreach ($schools as $school): ?>
                                    <option value="<?php echo htmlspecialchars($school['school_id']); ?>"><?php echo htmlspecialchars($school['school_name']); ?></option>
                                <?php endforeach; ?>
                            </select>
                        </div>
                        
                        <div class="mb-2">
                            <select id="role" name="role" class="form-select" required>
                                <option value="">เลือกบทบาท</option>
                                <option value="teacher">ครู</option>
                                <option value="director">ผู้บริหาร</option>
                                <option value="parent">ผู้ปกครอง</option>
                                <option value="student">นักเรียน</option>
                            </select>
                        </div>
                        
                        <div class="mb-2">
                            <input type="text" class="form-control" id="username" name="username" placeholder="ชื่อผู้ใช้" required>
                        </div>
                        
                        <div class="mb-4">
                            <div class="input-group">
                                <input type="password" class="form-control" id="password" name="password" placeholder="รหัสผ่าน" required>
                                <button class="btn btn-outline-secondary" type="button" id="togglePassword">
                                    <i class="fas fa-eye"></i>
                                </button>
                            </div>
                        </div>
                        
                        <div class="d-grid">
                            <button type="submit" class="btn btn-primary">เข้าสู่ระบบ</button>
                        </div>
                    </form>
                    <div class="hr-with-text my-2">
  <hr><span>หรือ</span><hr>
</div>
                    <a href="https://schooldio.com/admin"  class="link-primary fw-bold mb-0">สมัครใช้งานฟรี</a>
                </div>
            </div>
            <small>พัฒนาโดย <a href="https://facebook.com/Chotiros.Sangiamsak" target="_blank" class="link-primary">ครูโชติรส เสงี่ยมศักดิ์</a> โรงเรียนโพนงามพิทยาคาร</small>
        </div>
    </div>
</div>

<script>
document.addEventListener('DOMContentLoaded', function() {
    // Toggle password visibility
    const togglePassword = document.getElementById('togglePassword');
    const passwordInput = document.getElementById('password'); // เปลี่ยนชื่อตัวแปร password เป็น passwordInput เพื่อไม่ให้ซ้ำ

    if (togglePassword && passwordInput) {
        togglePassword.addEventListener('click', function() {
            const type = passwordInput.getAttribute('type') === 'password' ? 'text' : 'password';
            passwordInput.setAttribute('type', type);
            this.querySelector('i').classList.toggle('fa-eye');
            this.querySelector('i').classList.toggle('fa-eye-slash');
        });
    }

    // --- โค้ดใหม่สำหรับจดจำค่า ---
    const schoolSelect = document.getElementById('school_id');
    const roleSelect = document.getElementById('role');

    // Function to save selected values to localStorage
    function saveLoginPreferences() {
        if (schoolSelect.value) {
            localStorage.setItem('preferredSchoolId', schoolSelect.value);
        }
        if (roleSelect.value) {
            localStorage.setItem('preferredRole', roleSelect.value);
        }
    }

    // Load preferences from localStorage when page loads
    const preferredSchoolId = localStorage.getItem('preferredSchoolId');
    const preferredRole = localStorage.getItem('preferredRole');

    if (preferredSchoolId && schoolSelect) {
        schoolSelect.value = preferredSchoolId;
    }
    if (preferredRole && roleSelect) {
        roleSelect.value = preferredRole;
    }

    // Add event listeners to save preferences when changed
    if (schoolSelect) {
        schoolSelect.addEventListener('change', saveLoginPreferences);
    }
    if (roleSelect) {
        roleSelect.addEventListener('change', saveLoginPreferences);
    }
});
</script>

<?php require_once 'includes/footer.php'; ?>