<?php
$response = new stdClass();
$total = array();

if (isset($_POST["add_i"]) && isset($_POST["AA_ACNO"]) && is_numeric($_POST["add_i"]) && $_POST["add_i"] > 0) {

    if(isset($_POST["ins_no"])) $ins_no = $_POST["ins_no"]; else $ins_no = 1;
    if(isset($_POST["fine_amount"])) $fine_amt = $_POST["fine_amount"]; else $fine_amt = 0;

    $conn = new mysqli($GLOBALS['host'], $GLOBALS['user'], $GLOBALS['pass'], $GLOBALS['db']);
    if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);

    $AA_ACNO   = $conn->real_escape_string($_POST["AA_ACNO"]);
    $add_i     = $conn->real_escape_string($_POST["add_i"]);
    $AT_USER   = $_SESSION['user_id'];
    $USER_TYPE = $_SESSION['type'] ?? 'agent'; // default = user
    $allowMultiple = isset($_POST['allowMultiple']) ? intval($_POST['allowMultiple']) : 0; 

    // 1. Check account type & owner
    $sql_ac = "SELECT AA_TYPE, AA_AGENT FROM `".$GLOBALS['arif_ac']."` WHERE `AA_ACNO`='$AA_ACNO' LIMIT 1";
    $res_ac = $conn->query($sql_ac);

    if($res_ac && $res_ac->num_rows > 0){
        $acc = $res_ac->fetch_assoc();

        // --- যদি admin না হয় তাহলে শুধু নিজের account-এ কাজ করতে পারবে ---
        if($USER_TYPE != 'admin' && $acc['AA_AGENT'] != $AT_USER){
            $total['status'] = 'Error';
            $total['statusmsg'] = 'Unauthorized Access!';
            echo json_encode($total); exit;
        }

        // 2. যদি account Recurring হয়, allowMultiple না থাকে, এবং user admin না হয় → দিনে একবারের বেশি হবে না
        // যদি account Recurring হয়, আর multiple allow না থাকে, আর user admin না হয় → দিনে একবারের বেশি হবে না
        if($acc['AA_TYPE'] == "Recurring" && $allowMultiple == 0 && $USER_TYPE != 'admin'){
            $today = date("Y-m-d");
            $sql_chk = "SELECT COUNT(*) as cnt FROM `".$GLOBALS['arif_tran']."` WHERE `AT_ACID`='$AA_ACNO' AND `AT_ADMIN`='$AT_USER' AND DATE(`AT_TIMESTAMP`)='$today'";
            $res_chk = $conn->query($sql_chk);
            $row_chk = $res_chk->fetch_assoc();

            if($row_chk['cnt'] > 0){
                $total['status'] = 'Error';
                $total['statusmsg'] = 'You can do only one transaction per day for Recurring Account!';
                echo json_encode($total); exit;
            }
        }

        // 3. Update Account
        $sql_upd = "UPDATE `".$GLOBALS['arif_ac']."` SET `AA_FINE` = `AA_FINE` + 5, `AA_BAL` = `AA_BAL` + $add_i, `AA_NO_OF_PAYPAID` = `AA_NO_OF_PAYPAID` + $ins_no WHERE `AA_ACNO` = '$AA_ACNO'";
        
        if ($conn->query($sql_upd)){
            // Insert Transaction
            $sql_ins = "INSERT INTO `".$GLOBALS['arif_tran']."` (`AT_ID`, `AT_TIMESTAMP`, `AT_ADMIN`, `AT_ACID`, `AT_AMOUNT`) VALUES (NULL, CURRENT_TIMESTAMP, '$AT_USER', '$AA_ACNO', '$add_i')";
            
            if ($conn->query($sql_ins)){
                $total['status'] = 'Success';
                $total['statusmsg'] = 'Transaction Successful! Rs. '.$add_i;
            } else {
                $total['status'] = 'Error';
                $total['statusmsg'] = 'Error in Transaction Insert!';
            }
        } else {
            $total['status'] = 'Error';
            $total['statusmsg'] = 'Error in Account Update!';
        }

    } else {
        $total['status'] = 'Error';
        $total['statusmsg'] = 'Account Not Found!';
    }

    $conn->close();

} else {
    $total['status'] = 'Error';
    $total['statusmsg'] = 'Error!! Check Input Details '.($_POST["add_i"] ?? '').($_POST["AA_ACNO"] ?? '');
}

$response = $total;
echo json_encode($response);
?>