<?php
// Enable error reporting
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

// students_crud.php
require_once '../includes/dbcon.php';

// Check if user is logged in
if (!is_logged_in()) {
    redirect('login.php');
}

// Simple sanitize function
/*
function sanitize_input($data) {
    if ($data === null) return '';
    return htmlspecialchars(trim($data), ENT_QUOTES, 'UTF-8');
}
*/
// Get students with filters
function getStudents($filters = [], $page = 1, $per_page = 25) {
    global $DBcon;
    
    try {
        $where_clause = "";
        $params = [];
        
        if (!empty($filters['class_id'])) {
            $where_clause .= " WHERE class_id = :class_id";
            $params[':class_id'] = $filters['class_id'];
        }
        
        if (!empty($filters['admin_year'])) {
            $where_clause .= empty($where_clause) ? " WHERE" : " AND";
            $where_clause .= " admin_year = :admin_year";
            $params[':admin_year'] = $filters['admin_year'];
        }
        
        // Count total records
        $count_sql = "SELECT COUNT(*) as total FROM students_info" . $where_clause;
        $count_stmt = $DBcon->prepare($count_sql);
        $count_stmt->execute($params);
        $total_result = $count_stmt->fetch(PDO::FETCH_ASSOC);
        $total_records = $total_result['total'];
        $total_pages = ceil($total_records / $per_page);
        
        // Get students with pagination
        $offset = ($page - 1) * $per_page;
        $sql = "SELECT * FROM students_info" . $where_clause . " ORDER BY sn DESC LIMIT :offset, :per_page";
        $stmt = $DBcon->prepare($sql);
        
        foreach ($params as $key => $value) {
            $stmt->bindValue($key, $value);
        }
        $stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
        $stmt->bindValue(':per_page', $per_page, PDO::PARAM_INT);
        
        $stmt->execute();
        $students = $stmt->fetchAll(PDO::FETCH_ASSOC);
        
        return [
            'students' => $students,
            'total_records' => $total_records,
            'total_pages' => $total_pages,
            'current_page' => $page
        ];
        
    } catch (PDOException $e) {
        error_log("Get students error: " . $e->getMessage());
        return ['students' => [], 'total_records' => 0, 'total_pages' => 0, 'current_page' => 1];
    }
}

// Get classes for dropdown
function getClasses() {
    global $DBcon;
    try {
        $sql = "SELECT classid FROM class ORDER BY classid";
        $stmt = $DBcon->prepare($sql);
        $stmt->execute();
        return $stmt->fetchAll(PDO::FETCH_ASSOC);
    } catch (PDOException $e) {
        error_log("Get classes error: " . $e->getMessage());
        return [];
    }
}

// Get academic years for dropdown
function getAcademicYears() {
    global $DBcon;
    try {
        $sql = "SELECT academic_year FROM calender ORDER BY academic_year DESC";
        $stmt = $DBcon->prepare($sql);
        $stmt->execute();
        return $stmt->fetchAll(PDO::FETCH_ASSOC);
    } catch (PDOException $e) {
        error_log("Get academic years error: " . $e->getMessage());
        return [];
    }
}

// Handle delete action
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'delete') {
    if (!validate_csrf_token($_POST['csrf_token'])) {
        $message = 'Security token validation failed.';
        $message_type = 'error';
    } else {
        $id = intval($_POST['id']);
        try {
            $sql = "DELETE FROM students_info WHERE sn = :id";
            $stmt = $DBcon->prepare($sql);
            if ($stmt->execute([':id' => $id])) {
                $message = 'Student deleted successfully.';
                $message_type = 'success';
            } else {
                $message = 'Failed to delete student.';
                $message_type = 'error';
            }
        } catch (PDOException $e) {
            error_log("Delete student error: " . $e->getMessage());
            $message = 'Database error occurred.';
            $message_type = 'error';
        }
    }
}

// Get filter parameters
$filter_class = isset($_GET['filter_class']) ? sanitize_input($_GET['filter_class']) : '';
$filter_year = isset($_GET['filter_year']) ? sanitize_input($_GET['filter_year']) : '';
$current_page = isset($_GET['page']) ? max(1, intval($_GET['page'])) : 1;

// Build filters array
$filters = [];
if (!empty($filter_class)) $filters['class_id'] = $filter_class;
if (!empty($filter_year)) $filters['admin_year'] = $filter_year;

// Get students data
$students_data = getStudents($filters, $current_page, 25);
$students = $students_data['students'];
$total_records = $students_data['total_records'];
$total_pages = $students_data['total_pages'];

// Get dropdown data
$classes = getClasses();
$academic_years = getAcademicYears();

$csrf_token = generate_csrf_token();
?>
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
  <title>Student Management - School Admin</title>
  <link rel="stylesheet" href="vendors/iconfonts/font-awesome/css/all.min.css">
  <link rel="stylesheet" href="vendors/css/vendor.bundle.base.css">
  <link rel="stylesheet" href="vendors/css/vendor.bundle.addons.css">
  <link rel="stylesheet" href="css/style.css">
  <style>
    .student-image { width: 50px; height: 50px; object-fit: cover; border-radius: 50%; }
    .alert { padding: 12px 20px; border-radius: 4px; margin-bottom: 20px; }
    .alert-success { background-color: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
    .alert-error { background-color: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }
    .no-records { text-align: center; padding: 30px; color: #6c757d; }
  </style>
</head>
<body>
  <div class="container-scroller">
    <?php include("header.php"); ?>
    <div class="container-fluid page-body-wrapper">
      <?php include("sidebar.php"); ?>
      <div class="main-panel">
        <div class="content-wrapper">
          <div class="page-header">
            <h3 class="page-title">Student Management</h3>
            <nav aria-label="breadcrumb">
              <ol class="breadcrumb">
                <li class="breadcrumb-item"><a href="#">Dashboard</a></li>
                <li class="breadcrumb-item active" aria-current="page">Students</li>
              </ol>
            </nav>
          </div>
          
          <?php if (isset($message)): ?>
          <div class="alert alert-<?php echo $message_type === 'success' ? 'success' : 'error'; ?>">
            <?php echo $message; ?>
          </div>
          <?php endif; ?>
          
          <div class="row">
            <div class="col-12 grid-margin">
              <div class="card">
                <div class="card-body">
                  <div class="d-flex justify-content-between align-items-center mb-4">
                    <h4 class="card-title"><i class="fas fa-table"></i> Student List</h4>
                    <a href="student_create.php" class="btn btn-primary btn-sm">
                      <i class="fas fa-plus"></i> Add New Student
                    </a>
                  </div>
                  
                  <!-- Filters Section -->
                  <div class="filter-section" style="background-color: #f8f9fa; border-radius: 4px; padding: 15px; margin-bottom: 20px;">
                    <form method="GET">
                      <div class="row">
                        <div class="col-md-4">
                          <div class="form-group">
                            <label for="filter_class">Filter by Class</label>
                            <select class="form-control" id="filter_class" name="filter_class">
                              <option value="">All Classes</option>
                              <?php foreach ($classes as $class): ?>
                              <option value="<?php echo htmlspecialchars($class['classid']); ?>" 
                                  <?php echo $filter_class === $class['classid'] ? 'selected' : ''; ?>>
                                  <?php echo htmlspecialchars($class['classid']); ?>
                              </option>
                              <?php endforeach; ?>
                            </select>
                          </div>
                        </div>
                        <div class="col-md-4">
                          <div class="form-group">
                            <label for="filter_year">Filter by Admission Year</label>
                            <select class="form-control" id="filter_year" name="filter_year">
                              <option value="">All Years</option>
                              <?php foreach ($academic_years as $year): ?>
                              <option value="<?php echo htmlspecialchars($year['academic_year']); ?>"
                                  <?php echo $filter_year === $year['academic_year'] ? 'selected' : ''; ?>>
                                  <?php echo htmlspecialchars($year['academic_year']); ?>
                              </option>
                              <?php endforeach; ?>
                            </select>
                          </div>
                        </div>
                        <div class="col-md-4 d-flex align-items-end">
                          <div class="form-group w-100">
                            <button type="submit" class="btn btn-primary mr-2">
                              <i class="fas fa-filter"></i> Apply Filters
                            </button>
                            <a href="?" class="btn btn-light">Clear</a>
                          </div>
                        </div>
                      </div>
                    </form>
                  </div>
                  
                  <!-- Student List -->
                  <div class="table-responsive">
                    <table class="table table-striped">
                      <thead>
                        <tr>
                          <th>#</th>
                          <th>Image</th>
                          <th>Full Name</th>
                          <th>Registration No</th>
                          <th>Class</th>
                          <th>Admission Year</th>
                          <th>Actions</th>
                        </tr>
                      </thead>
                      <tbody>
                        <?php if (count($students) > 0): ?>
                          <?php foreach ($students as $student): ?>
                          <tr>
                            <td><?php echo $student['sn']; ?></td>
                            <td>
                              <?php if (!empty($student['image']) && file_exists('../' . $student['image'])): ?>
                              <img src="../<?php echo htmlspecialchars($student['image']); ?>" alt="Student Image" class="student-image">
                              <?php else: ?>
                              <div class="student-image bg-light d-flex align-items-center justify-content-center">
                                <i class="fas fa-user text-muted"></i>
                              </div>
                              <?php endif; ?>
                            </td>
                            <td><?php echo htmlspecialchars($student['fullname']); ?></td>
                            <td><?php echo htmlspecialchars($student['regno']); ?></td>
                            <td><?php echo htmlspecialchars($student['class_id']); ?></td>
                            <td><?php echo htmlspecialchars($student['admin_year']); ?></td>
                            <td>
                              <a href="student_edit.php?id=<?php echo $student['sn']; ?>" class="btn btn-info btn-sm">
                                <i class="fas fa-edit"></i> Edit
                              </a>
                              <form method="POST" style="display: inline-block;" onsubmit="return confirm('Are you sure you want to delete this student?');">
                                <input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>">
                                <input type="hidden" name="action" value="delete">
                                <input type="hidden" name="id" value="<?php echo $student['sn']; ?>">
                                <button type="submit" class="btn btn-danger btn-sm">
                                  <i class="fas fa-trash"></i> Delete
                                </button>
                              </form>
                            </td>
                          </tr>
                          <?php endforeach; ?>
                        <?php else: ?>
                        <tr>
                          <td colspan="7" class="no-records">
                            <i class="fas fa-user-slash fa-2x mb-2"></i>
                            <p>No students found. 
                              <?php if (!empty($filter_class) || !empty($filter_year)): ?>
                              Try changing your filters or <a href="?">clear all filters</a>.
                              <?php else: ?>
                              <a href="student_create.php">Add the first student</a>.
                              <?php endif; ?>
                            </p>
                          </td>
                        </tr>
                        <?php endif; ?>
                      </tbody>
                    </table>
                  </div>
                  
                  <!-- Pagination -->
                  <?php if ($total_pages > 1): ?>
                  <nav aria-label="Page navigation">
                    <ul class="pagination justify-content-center">
                      <li class="page-item <?php echo $current_page <= 1 ? 'disabled' : ''; ?>">
                        <a class="page-link" href="?<?php echo http_build_query(array_merge($_GET, ['page' => $current_page - 1])); ?>">&laquo;</a>
                      </li>
                      <?php for ($i = 1; $i <= $total_pages; $i++): ?>
                        <li class="page-item <?php echo $i == $current_page ? 'active' : ''; ?>">
                          <a class="page-link" href="?<?php echo http_build_query(array_merge($_GET, ['page' => $i])); ?>"><?php echo $i; ?></a>
                        </li>
                      <?php endfor; ?>
                      <li class="page-item <?php echo $current_page >= $total_pages ? 'disabled' : ''; ?>">
                        <a class="page-link" href="?<?php echo http_build_query(array_merge($_GET, ['page' => $current_page + 1])); ?>">&raquo;</a>
                      </li>
                    </ul>
                  </nav>
                  <?php endif; ?>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
    </div>
  </div>
</body>
</html>