<?php
/**
 *  Copyright (C) 2021  Cover Tower LLC
 *
 *  This file is part of Roundpin, which is licensed under the
 *  GNU Affero General Public License Version 3.0. The license terms
 *  are detailed in the "LICENSE.txt" file located in the root directory.
 */

session_start();

if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {


 define('ACCESSCONST', TRUE);

 require('db-connect.php');

    $username = $_POST['username'];
    $contactName = $_POST['contact_name'];
    $contactDesc = $_POST['contact_desc'];
    $extensionNumber = $_POST['extension_number'];
    $contactMobile = $_POST['contact_mobile'];
    $contactNum1 = $_POST['contact_num1'];
    $contactNum2 = $_POST['contact_num2'];
    $contact_email = $_POST['contact_email'];

    // Get the id of the user for which we want to insert the contact data
    $query1 = $mysqli->query("SELECT id, username, enabled FROM app_users WHERE BINARY username = '$username' AND enabled = 1");
    $queryres = $query1->fetch_array();
    $userID = $queryres[0];

    // Check if the contact is already in the 'contacts' table
    $query2 = $mysqli->prepare("SELECT id, user_id, contact_name FROM contacts WHERE user_id=? AND contact_name=?");
    $query2->bind_param("is", $userID, $contactName);
    $query2->execute();
    $fetchInfo = $query2->get_result();
    $contactdata = $fetchInfo->fetch_row();
    $contactExists = $contactdata[0];

    $currentTime = date('Y-m-d H:i:s');

    if ($contactExists == '') {
        $query3 = $mysqli->prepare("INSERT INTO contacts (user_id, contact_name, contact_desc, extension_number, contact_mobile, contact_num1, contact_num2,
                                    contact_email, date_added) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
        $query3->bind_param("issssssss", $userID, $contactName, $contactDesc, $extensionNumber, $contactMobile, $contactNum1, $contactNum2, $contact_email, $currentTime);

        if ($query3->execute()) {
            $messagetosend = 'success';
        } else { $messagetosend = 'An error occurred while attempting to save the contact to the database!'; }

    } else { $messagetosend = 'Error! A contact with the same name is already in the database!'; }

    $response = array('result' => $messagetosend);
    echo json_encode($response);

} else {
    header("Location: roundpin-login.php");
}

?>