<?php
    // ini_set('display_errors', 1);
    // ini_set('display_startup_errors', 1);
    // error_reporting(E_ALL);
    header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
    header("Cache-Control: post-check=0, pre-check=0", false);
    header("Pragma: no-cache");
    $curl = curl_init();
    curl_setopt_array($curl, array(
        CURLOPT_URL => 'https://uploadocs.in/json/dev-list.php',
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_ENCODING => '',
        CURLOPT_MAXREDIRS => 10,
        CURLOPT_TIMEOUT => 0,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
        CURLOPT_CUSTOMREQUEST => 'GET',
    ));

    $response = curl_exec($curl);
    curl_close($curl);
    $website_form_id = base64_decode($_GET['oid']);
    list($order_ids, $domains, $business, $type) = explode(',', $website_form_id, 4);
    $domain = strtoupper($domains);
    // echo $response;
    $data = json_decode($response, true);
    if (isset($data[$domain])) {
        $servername = $data[$domain]['hostname'];
        $username = $data[$domain]['username'];
        $password = $data[$domain]['password'];
        $dbname = $data[$domain]['database'];
        $table =  $data[$domain]['table'][$business];
        $conn = new mysqli($servername, $username, $password, $dbname);
        
        if ($conn->connect_error) {
            die("Connection failed: " . $conn->connect_error);
        } else {
           $sql_table = "SELECT * FROM $table WHERE order_id='$order_ids'";
            $result_table = $conn->query($sql_table);
            $row_table = $result_table->fetch_assoc();
            $amount = $row_table['total_amount'];
            $date = $row_table['form_created_on'];
            $fid = $row_table['id'];
            $cus_full_name = $row_table['applicant_name'];
            $cus_email = $row_table['email_id'];
            $business_name = $row_table['business_name'];
            $mobile_no = $row_table['mobile_number'];
        }
    }
    $order_id = isset($order_ids) ? trim($order_ids) : '';
    $otype = isset($type) ? trim($type) : '';

    if (empty($order_id)) {
        http_response_code(400);
        echo json_encode(["error" => "Missing required parameter: oid"]);
        exit();
    }

    if (empty($otype)) {
        http_response_code(400);
        echo json_encode(["error" => "Missing required parameter: otype"]);
        exit();
    }

    $apiUrl = "https://demolounge.in/admin/otp_get_details_api.php?order_id=" . urlencode($order_id) . "&ptype=" . urlencode($otype);
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $apiUrl);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 10);
    curl_setopt($ch, CURLOPT_FAILONERROR, true);

    $response = curl_exec($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    $curlError = curl_error($ch);
    curl_close($ch);

    if ($response === false) {
        http_response_code(500);
        echo json_encode(["error" => "Error fetching data from API", "curl_error" => $curlError]);
        exit();
    }

    if ($http_code !== 200) {
        http_response_code($http_code);
        echo json_encode(["error" => "API request failed", "http_code" => $http_code, "raw_response" => $response]);
        exit();
    }

    $client_data = json_decode($response, true);
    if (json_last_error() !== JSON_ERROR_NONE) {
        http_response_code(500);
        echo json_encode(["error" => "Error decoding JSON response", "json_error" => json_last_error_msg(), "raw_response" => $response]);
        exit();
    }

    $client_otp = $client_data['otp_data'] ?? [];
    $client_data = $client_data['client_data'] ?? [];

    $client_id = $client_data['id'] ?? '';
    $business_area = $client_data['business_area'] ?? '';
    $cus_full_name = $client_data['cus_full_name'] ?? '';
    $cus_email = $client_data['cus_email'] ?? '';
    $business_name = $client_otp['business_name'] ?? '';
    $form_name = $client_otp['form_name'] ?? '';
    $mobile_no = $client_otp['mobile_no'] ?? '';
    $otp_type = $client_otp['otp_type'] ?? '';

    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $submitted_otp = isset($_POST['client_otp']) ? trim($_POST['client_otp']) : '';
        
        if (empty($submitted_otp) || strlen($submitted_otp) !== 6 || !ctype_digit($submitted_otp)) {
            echo json_encode(["error" => "Invalid OTP. Please enter a valid 6-digit number."]);
            exit();
        }
        $verifyApiUrl = "https://demolounge.in/admin/api_otp_submit.php";
            $postData = [
            'client_id' => $client_id,
            'otp_type' => $otp_type,
            'client_otp' => $submitted_otp
        ];
        
        $ch = curl_init($verifyApiUrl);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
        curl_setopt($ch, CURLOPT_TIMEOUT, 10);
        $verifyResponse = curl_exec($ch);
        curl_close($ch);
        
        $crmResp = json_decode($verifyResponse, true);
        if (is_array($crmResp) && isset($crmResp["message"]) && $crmResp["message"] === "OTP updated successfully.") {
            $domain = htmlspecialchars($domain, ENT_QUOTES, 'UTF-8');
            echo "<script>
                alert('OTP Submitted successfully!');
                window.location.href = 'https://$domain';
            </script>";
        } else {
            echo "Error: Invalid response format";
        }

        exit();
    }
?>
<head>
    <script src="https://cdn.tailwindcss.com"></script>
</head>
<body class="bg-gray-100 flex items-center justify-center min-h-screen">
    <div class="bg-white shadow-lg rounded-lg p-6 w-full max-w-3xl">
        <div class="text-center p-3">
            <h2 class="text-xl font-semibold">OTP Verification For</h2>
        </div>
        <div class="text-center bg-black text-white py-2">
            <h2 class="text-2xl font-bold"><?php echo htmlspecialchars($business_area); ?> Processing</h2>
        </div>
        <div class="mt-6">
            <table class="min-w-full bg-white border border-gray-300">
                <tbody>
                    <tr class="border-b">
                        <th class="px-4 py-2 font-semibold text-left">Applicant Name</th>
                        <td class="px-4 py-2"><?php echo htmlspecialchars($cus_full_name); ?></td>
                    </tr>
                    <tr class="border-b">
                        <th class="px-4 py-2 font-semibold text-left">Email ID</th>
                        <td class="px-4 py-2"><?php echo htmlspecialchars($cus_email); ?></td>
                    </tr>
                    <tr class="border-b">
                        <th class="px-4 py-2 font-semibold text-left">Business Name</th>
                        <td class="px-4 py-2"><?php echo htmlspecialchars($business_name); ?></td>
                    </tr>
                    <tr class="border-b">
                        <th class="px-4 py-2 font-semibold text-left">Mobile No.</th>
                        <td class="px-4 py-2"><?php echo htmlspecialchars($mobile_no); ?></td>
                    </tr>
                </tbody>
            </table>
        </div>
        <form action="" method="post" class="mt-6">
            <div class="mb-4">
                <label for="client_otp" class="block text-sm font-semibold mb-2">OTP Number <span class="text-red-500"> *</span></label>
                <input class="w-full px-4 py-2 border border-gray-300 rounded-md" type="text" name="client_otp" pattern="\d{6}" placeholder="Enter Your 6 Digit OTP Number" required>
            </div>
            <input type="hidden" name="client_id" value="<?php echo htmlspecialchars($client_id); ?>">
            <input type="hidden" name="otp_type" value="<?php echo htmlspecialchars($otp_type); ?>">
            <button class="w-80 bg-blue-600 text-white py-2 rounded-md">Submit</button>
        </form>
    </div>
</body>
</html>