<?php
session_start();

// Check if student is logged in
if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'student') {
    echo json_encode([
        'success' => false,
        'message' => 'Unauthorized access'
    ]);
    exit();
}

// Include database connection
require_once('../../includes/db_connection.php');

$userId = $_SESSION['user_id'];

// Check if document ID is provided
if (!isset($_POST['document_id']) || empty($_POST['document_id'])) {
    echo json_encode([
        'success' => false,
        'message' => 'Document ID is required'
    ]);
    exit();
}

$documentId = intval($_POST['document_id']);

try {
    // Begin transaction
    $conn->begin_transaction();
    
    // Get document details
    $stmt = $conn->prepare("
        SELECT id, document_type, file_path, status 
        FROM student_documents 
        WHERE id = ? AND user_id = ?
    ");
    $stmt->bind_param('ii', $documentId, $userId);
    $stmt->execute();
    $result = $stmt->get_result();
    
    if ($result->num_rows === 0) {
        echo json_encode([
            'success' => false,
            'message' => 'Document not found or not owned by you'
        ]);
        exit();
    }
    
    $document = $result->fetch_assoc();
    
    // Only allow deletion of pending documents
    if ($document['status'] !== 'pending') {
        echo json_encode([
            'success' => false,
            'message' => 'Only pending documents can be deleted'
        ]);
        exit();
    }
    
    // Delete file from server
    $filePath = str_replace('../', '../../', $document['file_path']);
    if (file_exists($filePath)) {
        unlink($filePath);
    }
    
    // Delete document from database
    $stmt = $conn->prepare("DELETE FROM student_documents WHERE id = ?");
    $stmt->bind_param('i', $documentId);
    
    if (!$stmt->execute()) {
        throw new Exception($conn->error);
    }
    
    // Update application status if this affects document completeness
    $stmt = $conn->prepare("
        SELECT COUNT(DISTINCT document_type) as doc_count 
        FROM student_documents 
        WHERE user_id = ?
    ");
    $stmt->bind_param('i', $userId);
    $stmt->execute();
    $result = $stmt->get_result();
    $row = $result->fetch_assoc();
    
    if ($row['doc_count'] < 4) {
        // Not all documents are available now, update application status
        $stmt = $conn->prepare("
            UPDATE applications
            SET status = 'submitted'
            WHERE user_id = ? AND status = 'document_verification'
        ");
        $stmt->bind_param('i', $userId);
        $stmt->execute();
    }
    
    // Log the activity
    $documentType = ucfirst(str_replace('_', ' ', $document['document_type']));
    $activity = "Deleted " . $documentType;
    $stmt = $conn->prepare("
        INSERT INTO activities (user_id, activity_type, description, activity_time)
        VALUES (?, 'document_delete', ?, NOW())
    ");
    $stmt->bind_param('is', $userId, $activity);
    $stmt->execute();
    
    // Commit transaction
    $conn->commit();
    
    echo json_encode([
        'success' => true,
        'message' => 'Document deleted successfully'
    ]);
    
} catch (Exception $e) {
    // Rollback transaction on error
    $conn->rollback();
    
    echo json_encode([
        'success' => false,
        'message' => 'Error deleting document: ' . $e->getMessage()
    ]);
}

$conn->close();