<?php
// Start session
session_start();

// Include database configuration
require_once '../../config/database.php';

// Check if user is logged in and has admin or director role
if (!isset($_SESSION['user_id']) || ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'director')) {
    echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
    exit;
}

// Check if it's a POST request
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['status' => 'error', 'message' => 'Invalid request method']);
    exit;
}

// Check if question_id is provided
if (!isset($_POST['question_id']) || empty($_POST['question_id'])) {
    echo json_encode(['status' => 'error', 'message' => 'Question ID is required']);
    exit;
}

$question_id = intval($_POST['question_id']);

// Start transaction
$conn->begin_transaction();

try {
    // First delete options associated with the question
    $delete_options = "DELETE FROM question_options WHERE question_id = ?";
    $stmt = $conn->prepare($delete_options);
    $stmt->bind_param("i", $question_id);
    $stmt->execute();
    
    // Then delete the question
    $delete_question = "DELETE FROM exam_questions WHERE id = ?";
    $stmt = $conn->prepare($delete_question);
    $stmt->bind_param("i", $question_id);
    $stmt->execute();
    
    // Check if question was actually deleted
    if ($stmt->affected_rows === 0) {
        throw new Exception("Question not found or already deleted");
    }
    
    // Commit transaction
    $conn->commit();
    
    echo json_encode(['status' => 'success', 'message' => 'Question deleted successfully']);
} catch (Exception $e) {
    // Rollback transaction on error
    $conn->rollback();
    echo json_encode(['status' => 'error', 'message' => $e->getMessage()]);
}

// Close connection
$conn->close();
?>