<?php
include_once 'db_connect.php';
include_once 'check_allowed_ip.php';

$clientIP = $_SERVER['REMOTE_ADDR'];

if (!isAllowedIP($clientIP, $allowedSubnets)) {
    http_response_code(403); // Устанавливаем код ответа 403
    header('Content-Type: application/json'); // Указываем, что возвращаем JSON
    echo json_encode([
        'status' => 'error',
        'message' => 'Access denied: Your IP is not authorized to modify records.'
    ]);
    exit;
}

$id = $_POST['id'];
$name = $_POST['name'];
$year = $_POST['year']; 
$season = $_POST['season'];
$type = $_POST['type'];
$comment = $_POST['comment'];
$is_completed = isset($_POST['is_completed']) ? 1 : 0;
$currently_watching = isset($_POST['currently_watching']) ? 1 : 0;
$date_completed = $_POST['date_completed'];
$url = $_POST['url'];

// Handle empty date_completed
if (empty($date_completed)) {
    $date_completed = NULL;
}

$stmt = $conn->prepare("UPDATE anime_list SET name = :name, year = :year, season = :season, type = :type, comment = :comment, is_completed = :is_completed, date_completed = :date_completed, url = :url, currently_watching = :currently_watching WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->bindParam(':name', $name);
$stmt->bindParam(':year', $year, PDO::PARAM_INT);
$stmt->bindParam(':season', $season);
$stmt->bindParam(':type', $type);
$stmt->bindParam(':comment', $comment);
$stmt->bindParam(':is_completed', $is_completed, PDO::PARAM_INT);
$stmt->bindParam(':currently_watching', $currently_watching, PDO::PARAM_INT);
$stmt->bindParam(':url', $url);

// Use bindValue with PDO::PARAM_NULL if date_completed is NULL
if ($date_completed === NULL) {
    $stmt->bindValue(':date_completed', NULL, PDO::PARAM_NULL);
} else {
    $stmt->bindParam(':date_completed', $date_completed);
}

$stmt->execute();

// // Log the action
// $action_time = new DateTime('now', new DateTimeZone('GMT+5'));
// $action_time_formatted = $action_time->format('Y-m-d H:i:s');
// $ip_address = $_SERVER['REMOTE_ADDR'];
// $anime_name = $name;
// $anime_year = $year;
// $action_type = 'editing';

// $log_stmt = $conn->prepare("INSERT INTO action_logs (action_time, ip_address, anime_name, action_type, year) VALUES (:action_time, :ip_address, :anime_name, :action_type, :anime_year)");
// $log_stmt->bindParam(':action_time', $action_time_formatted);
// $log_stmt->bindParam(':ip_address', $ip_address);
// $log_stmt->bindParam(':anime_name', $anime_name);
// $log_stmt->bindParam(':anime_year', $anime_year);
// $log_stmt->bindParam(':action_type', $action_type);
// $log_stmt->execute();

?>