<?php 

	require_once 'config.php';
	require_once 'dbh.inc.php';
	require_once 'checkLogin.php';	

	// EXAMPLE INPUT...
	// array(4) { ["id_experience"]=> string(1) "1" ["mil_title"]=> string(1) "t" ["mil_date"]=> string(10) "2222-02-22" ["newMilestone"]=> string(0) "" }

	if(isset($_POST['newMilestone'])) {


		/*** FETCH THE BASIC INFO OF THE NEW MILESTONE ***/
		$experienceID = mysqli_real_escape_string($connection, trim($_POST['id_experience']));
		$milestoneTitle = mysqli_real_escape_string($connection, trim($_POST['mil_title']));
		$milestoneDate = mysqli_real_escape_string($connection, trim($_POST['mil_date']));
		
		
		// Check that experienceID is not an empty string
		// And that experienceID is in the database
		if($experienceID === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify experience ID."));
			exit();
		} else if(mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")->num_rows !== 1) {
			http_response_code(400);
			echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));
			exit();
		}
		
		// Check that milestoneTitle is not an empty string
		// And that it doesn't exceed 256 characters (database limit)
		if($milestoneTitle === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify milestone title."));
			exit();
		} else if(mb_strlen($milestoneTitle) > 256) {
			http_response_code(400);
			echo json_encode(array("error" => "Milestone title too long (max. is 256 characters)."));
			exit();
		}
		
		// Check that milestoneDate is not an empty string
		// And that milestoneDate is in appropriate format YYYY-MM-DD (e.g. 2222-02-22)
		// WARNING: only handling AST
		// HELP: https://www.codexworld.com/how-to/validate-date-input-string-in-php/
		
		function validDate($date) {
			$d = date_create_from_format("Y-m-d", $date);
			return $d && date_format($d, "Y-m-d") === $date;
		}
		
		if($milestoneDate === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify milestone date."));
			exit();
		} else if(!validDate($milestoneDate)) {
			http_response_code(400);
			echo json_encode(array("error" => "Milestone date ($milestoneDate) given in wrong format (use YYYY-MM-DD instead)."));
			exit();
		}


		/*** START OF DB QUERIES ***/
// 		exit();
// 		while(TRUE) {
// 			exit();
// 		}
// 		exit();	
		/*** IF IT GOT THROUGH VALIDATION, IT'S TOO LATE ***/


		$query = "INSERT INTO milestone (title, date, id_experience) VALUES ('".$milestoneTitle."','".$milestoneDate."','".$experienceID."');";
		if(!mysqli_query($connection, $query)) die("Error: Couldn't create milestone<br>".mysqli_error($connection));


	}

?>