<?php
require_once '../includes/config.php';
require_once '../includes/database.php';
require_once '../includes/auth.php';
require_once '../includes/translation.php';

// Start session for language preference
session_start();

// Initialize translation system
try {
    $translation = Translation::getInstance();
} catch (Exception $e) {
    // Fallback to basic translations if translation system fails
    $translation = null;
}

// Check if user is logged in and has admin privileges
$auth = new Auth();
if (!$auth->isLoggedIn() || !$auth->isAdmin()) {
    header('Location: login.php');
    exit;
}

// Handle user actions
$action = $_GET['action'] ?? 'list';
$user_id = $_GET['id'] ?? null;
$message = '';
$error = '';

// Get database instance
$db = Database::getInstance();

switch ($action) {
    case 'list':
        // Get all users with pagination
        $page = max(1, (int)($_GET['page'] ?? 1));
        $limit = 20;
        $offset = ($page - 1) * $limit;
        
        // Get total users count
        $total_users = $db->fetch("SELECT COUNT(*) as count FROM users")['count'];
        $total_pages = ceil($total_users / $limit);
        
        // Get users for current page
        $sql = "SELECT id, username, email, auth_type, created_at, last_login FROM users ORDER BY created_at DESC LIMIT ? OFFSET ?";
        $users = $db->fetchAll($sql, [$limit, $offset]);
        
        break;
        
    case 'edit':
        if (!$user_id) {
            header('Location: users.php');
            exit;
        }
        
        // Get user details
        $user = $db->fetch("SELECT * FROM users WHERE id = ?", [$user_id]);
        if (!$user) {
            $error = t('admin_user_not_found');
            break;
        }
        
        break;
        
    case 'delete':
        if (!$user_id) {
            header('Location: users.php');
            exit;
        }
        
        // Don't allow deletion of the currently logged-in user
        if ($user_id == $_SESSION['user_id']) {
            $error = t('admin_user_cannot_delete_own');
            break;
        }
        
        // Delete user
        $db->delete('users', 'id = ?', [$user_id]);
        $message = t('admin_user_deleted_success');
        
        // Redirect back to user list
        header('Location: users.php?action=list&message=' . urlencode($message));
        exit;
        
    case 'create':
        // Handle user creation
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $username = trim($_POST['username'] ?? '');
            $email = trim($_POST['email'] ?? '');
            $password = trim($_POST['password'] ?? '');
            $auth_type = trim($_POST['auth_type'] ?? 'local');
            
            // Validation
            if (empty($username)) $error = t('admin_username_required');
            elseif (empty($email)) $error = t('admin_email_required');
            elseif (empty($password) && $auth_type === 'local') $error = t('admin_password_required_local');
            elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) $error = t('admin_email_invalid');
            
            if (!$error) {
                // Check if username already exists
                $existing_user = $db->fetch("SELECT id FROM users WHERE username = ?", [$username]);
                if ($existing_user) {
                    $error = t('admin_username_exists');
                } else {
                    // Create new user
                    $hashed_password = password_hash($password, PASSWORD_DEFAULT);
                    $sql = "INSERT INTO users (username, email, password, auth_type, created_at) VALUES (?, ?, ?, ?, NOW())";
                    $db->query($sql, [$username, $email, $hashed_password, $auth_type]);
                    
                    $message = t('admin_user_created_success');
                    
                    // If LDAP is enabled, we could also create LDAP user here
                    if ($auth_type === 'ldap' && LDAP_ENABLED) {
                        // Additional LDAP user creation logic could be added here
                    }
                }
            }
        }
        
        break;
        
    default:
        header('Location: users.php');
        exit;
}
?>
<!DOCTYPE html>
<html lang="<?php echo getCurrentLanguage(); ?>">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title><?php echo t('manage_users'); ?> - <?php echo SITE_TITLE; ?></title>
    <link rel="stylesheet" href="../css/style.css">
</head>
<body>
    <header class="admin-header">
        <div class="container">
            <h1><a href="index.php"><?php echo SITE_TITLE; ?></a></h1>
            <nav class="admin-nav">
                <a href="index.php"><?php echo t('nav_dashboard'); ?></a>
                <a href="edit.php"><?php echo t('manage_publications'); ?></a>
                <a href="publications.php"><?php echo t('manage_publications'); ?></a>
                <a href="categories.php"><?php echo t('manage_categories'); ?></a>
                <a href="users.php" class="active"><?php echo t('manage_users'); ?></a>
                <?php if (LDAP_ENABLED): ?>
                    <a href="ldap-users.php"><?php echo t('nav_ldap_users'); ?></a>
                <?php endif; ?>
                <a href="logout.php"><?php echo t('logout'); ?></a>
            </nav>
        </div>
    </header>

    <main class="admin-main">
        <div class="container">
            <?php if ($message): ?>
                <div class="alert alert-success">
                    <?php echo htmlspecialchars($message); ?>
                </div>
            <?php endif; ?>
            
            <?php if ($error): ?>
                <div class="alert alert-error">
                    <?php echo htmlspecialchars($error); ?>
                </div>
            <?php endif; ?>
            
            <?php if ($action === 'list'): ?>
                <div class="users-management">
                    <div class="section-header">
                        <h2><?php echo t('manage_users'); ?></h2>
                        <div class="section-actions">
                            <a href="users.php?action=create" class="btn btn-primary"><?php echo t('create_user'); ?></a>
                        </div>
                    </div>
                    
                    <div class="users-table">
                        <table class="admin-table">
                            <thead>
                                <tr>
                                    <th><?php echo t('username'); ?></th>
                                    <th><?php echo t('email'); ?></th>
                                    <th><?php echo t('auth_type'); ?></th>
                                    <th><?php echo t('created'); ?></th>
                                    <th><?php echo t('last_login'); ?></th>
                                    <th><?php echo t('actions'); ?></th>
                                </tr>
                            </thead>
                            <tbody>
                                <?php foreach ($users as $user): ?>
                                    <tr>
                                        <td><?php echo htmlspecialchars($user['username']); ?></td>
                                        <td><?php echo htmlspecialchars($user['email']); ?></td>
                                        <td>
                                            <span class="auth-type <?php echo $user['auth_type']; ?>">
                                                <?php echo ucfirst($user['auth_type']); ?>
                                            </span>
                                        </td>
                                        <td><?php echo date('Y-m-d H:i', strtotime($user['created_at'])); ?></td>
                                        <td><?php echo $user['last_login'] ? date('Y-m-d H:i', strtotime($user['last_login'])) : 'Never'; ?></td>
                                        <td>
                                            <a href="users.php?action=edit&id=<?php echo $user['id']; ?>" class="btn btn-sm"><?php echo t('edit'); ?></a>
                                            <?php if ($user['id'] != $_SESSION['user_id']): ?>
                                                <a href="users.php?action=delete&id=<?php echo $user['id']; ?>" class="btn btn-sm btn-danger" onclick="return confirm('<?php echo t('delete_user_confirm'); ?>')"><?php echo t('delete'); ?></a>
                                            <?php endif; ?>
                                        </td>
                                    </tr>
                                <?php endforeach; ?>
                            </tbody>
                        </table>
                        
                        <?php if ($total_pages > 1): ?>
                            <div class="pagination">
                                <?php if ($page > 1): ?>
                                    <a href="users.php?page=<?php echo $page - 1; ?>" class="btn"><?php echo t('previous'); ?></a>
                                <?php endif; ?>
                                
                                <span class="page-info">
                                    <?php echo t('page'); ?> <?php echo $page; ?> <?php echo t('of'); ?> <?php echo $total_pages; ?>
                                </span>
                                
                                <?php if ($page < $total_pages): ?>
                                    <a href="users.php?page=<?php echo $page + 1; ?>" class="btn"><?php echo t('next'); ?></a>
                                <?php endif; ?>
                            </div>
                        <?php endif; ?>
                    </div>
                </div>
                
            <?php elseif ($action === 'edit' && isset($user)): ?>
                <div class="user-edit">
                    <div class="section-header">
                        <h2><?php echo t('edit_user'); ?></h2>
                    </div>
                    
                    <form method="post" class="admin-form">
                        <div class="form-group">
                            <label for="username"><?php echo t('username'); ?>:</label>
                            <input type="text" id="username" name="username" value="<?php echo htmlspecialchars($user['username']); ?>" required>
                        </div>
                        
                        <div class="form-group">
                            <label for="email"><?php echo t('email'); ?>:</label>
                            <input type="email" id="email" name="email" value="<?php echo htmlspecialchars($user['email']); ?>" required>
                        </div>
                        
                        <div class="form-group">
                            <label for="auth_type"><?php echo t('auth_type'); ?>:</label>
                            <select id="auth_type" name="auth_type">
                                <option value="local" <?php echo $user['auth_type'] === 'local' ? 'selected' : ''; ?>><?php echo t('local'); ?></option>
                                <option value="ldap" <?php echo $user['auth_type'] === 'ldap' ? 'selected' : ''; ?>><?php echo t('ldap'); ?></option>
                            </select>
                        </div>
                        
                        <div class="form-actions">
                            <button type="submit" class="btn btn-primary"><?php echo t('update'); ?></button>
                            <a href="users.php" class="btn"><?php echo t('cancel'); ?></a>
                        </div>
                    </form>
                </div>
                
            <?php elseif ($action === 'create'): ?>
                <div class="user-create">
                    <div class="section-header">
                        <h2><?php echo t('create_user'); ?></h2>
                    </div>
                    
                    <form method="post" class="admin-form">
                        <div class="form-group">
                            <label for="username"><?php echo t('username'); ?>:</label>
                            <input type="text" id="username" name="username" value="<?php echo htmlspecialchars($username ?? ''); ?>" required>
                        </div>
                        
                        <div class="form-group">
                            <label for="email"><?php echo t('email'); ?>:</label>
                            <input type="email" id="email" name="email" value="<?php echo htmlspecialchars($email ?? ''); ?>" required>
                        </div>
                        
                        <div class="form-group">
                            <label for="password"><?php echo t('password'); ?>:</label>
                            <input type="password" id="password" name="password" value="<?php echo htmlspecialchars($password ?? ''); ?>" required>
                        </div>
                        
                        <div class="form-group">
                            <label for="auth_type"><?php echo t('auth_type'); ?>:</label>
                            <select id="auth_type" name="auth_type">
                                <option value="local"><?php echo t('local'); ?></option>
                                <?php if (LDAP_ENABLED): ?>
                                    <option value="ldap"><?php echo t('ldap'); ?></option>
                                <?php endif; ?>
                            </select>
                        </div>
                        
                        <div class="form-actions">
                            <button type="submit" class="btn btn-primary"><?php echo t('create'); ?></button>
                            <a href="users.php" class="btn"><?php echo t('cancel'); ?></a>
                        </div>
                    </form>
                </div>
            <?php endif; ?>
        </div>
    </main>

    <footer>
        <p>&copy; <?php echo date('Y'); ?> <?php echo t('copyright', ['site' => SITE_TITLE]); ?></p>
    </footer>
</body>
</html>