<?php
/* Copyright (C) 2026 Alles Watt lauft
 *
 * AJAX-Endpunkt: Graph-Positionen speichern
 * Speichert x/y-Koordinaten der Nodes nach Drag&Drop
 */

if (!defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1');
if (!defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1');
if (!defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1');
if (!defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1');
if (!defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1');

$res = 0;
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");

header('Content-Type: application/json; charset=UTF-8');

$response = array('success' => false, 'error' => '');

// Berechtigungsprüfung
if (!$user->hasRight('kundenkarte', 'write')) {
	$response['error'] = 'Keine Berechtigung';
	echo json_encode($response);
	exit;
}

$action = GETPOST('action', 'aZ');

if ($action === 'save') {
	// Positionen als JSON-Array: [{id: 123, x: 45.6, y: 78.9}, ...]
	$rawInput = file_get_contents('php://input');
	$input = json_decode($rawInput, true);

	if (!is_array($input) || empty($input['positions'])) {
		$response['error'] = 'Keine Positionen übergeben';
		echo json_encode($response);
		exit;
	}

	$saved = 0;
	$db->begin();

	foreach ($input['positions'] as $pos) {
		$anlageId = (int) ($pos['id'] ?? 0);
		$x = (float) ($pos['x'] ?? 0);
		$y = (float) ($pos['y'] ?? 0);
		if ($anlageId <= 0) continue;

		$sql = "UPDATE ".MAIN_DB_PREFIX."kundenkarte_anlage";
		$sql .= " SET graph_x = ".$x.", graph_y = ".$y;
		$sql .= " WHERE rowid = ".$anlageId;
		if ($db->query($sql)) {
			$saved++;
		}
	}

	$db->commit();
	$response['success'] = true;
	$response['saved'] = $saved;

} elseif ($action === 'reset') {
	// Alle Positionen für einen Kunden zurücksetzen
	$socId = GETPOSTINT('socid');
	$contactId = GETPOSTINT('contactid');

	if ($socId <= 0) {
		$response['error'] = 'Fehlende socid';
		echo json_encode($response);
		exit;
	}

	$sql = "UPDATE ".MAIN_DB_PREFIX."kundenkarte_anlage";
	$sql .= " SET graph_x = NULL, graph_y = NULL";
	$sql .= " WHERE fk_soc = ".(int)$socId;
	if ($contactId > 0) {
		$sql .= " AND fk_contact = ".(int)$contactId;
	}

	if ($db->query($sql)) {
		$response['success'] = true;
		$response['reset'] = $db->affected_rows;
	} else {
		$response['error'] = 'Datenbankfehler';
	}

} else {
	$response['error'] = 'Unbekannte Aktion';
}

echo json_encode($response);