<?php
require 'config.php';
require 'super-guard.php';
include 'auth-guard.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  $name = trim($_POST['name']);
  $email = filter_var(trim($_POST['email']), FILTER_SANITIZE_EMAIL);
  $rawPassword = trim($_POST['password']);
  $isSuper = isset($_POST['is_super']) ? 1 : 0;

  $hashedPassword = password_hash($rawPassword, PASSWORD_DEFAULT);

  // Check if email exists in both tables
  $adminCheck = $conn->prepare("SELECT id FROM admins WHERE email = ?");
  $adminCheck->bind_param("s", $email);
  $adminCheck->execute();
  $adminCheck->store_result();

  $superCheck = $conn->prepare("SELECT id FROM super_admins WHERE email = ?");
  $superCheck->bind_param("s", $email);
  $superCheck->execute();
  $superCheck->store_result();

  if ($isSuper) {
    if ($superCheck->num_rows > 0 || $adminCheck->num_rows > 0) {
      echo "<script>alert('❌ This email already exists as a Super Admin or Admin.'); window.location.href='add-admin.php';</script>";
      exit;
    }

    // Insert into super_admins
    $stmt = $conn->prepare("INSERT INTO super_admins (name, email, password) VALUES (?, ?, ?)");
    $stmt->bind_param("sss", $name, $email, $rawPassword);
    if ($stmt->execute()) {
      echo "<script>alert('✅ Super Admin created successfully!'); window.location.href='dashboard_2.php';</script>";
    } else {
      echo "<script>alert('❌ Failed to create Super Admin.'); window.location.href='add-admin.php';</script>";
    }

  } else {
    if ($adminCheck->num_rows > 0 || $superCheck->num_rows > 0) {
      echo "<script>alert('❌ This email already exists as an Admin or Super Admin.'); window.location.href='add-admin.php';</script>";
      exit;
    }

    // Insert into admins
    $stmt = $conn->prepare("INSERT INTO admins (name, email, password) VALUES (?, ?, ?)");
    $stmt->bind_param("sss", $name, $email, $rawPassword);
    if ($stmt->execute()) {
      echo "<script>alert('✅ Admin created successfully!'); window.location.href='dashboard_2.php';</script>";
    } else {
      echo "<script>alert('❌ Failed to create Admin.'); window.location.href='add-admin.php';</script>";
    }
  }
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>Add Admin</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
</head>
<body class="bg-gray-100 flex items-center justify-center min-h-screen px-4">
  <div class="bg-white p-6 sm:p-8 rounded shadow-md w-full max-w-md">
    <h2 class="text-2xl font-bold text-center text-blue-800 mb-6">Add New Admin</h2>
    <form action="" method="POST" class="space-y-4">
      <div>
        <label class="block text-gray-700 font-semibold mb-1">Full Name</label>
        <input type="text" name="name" class="w-full p-3 border rounded focus:outline-none focus:ring-2 focus:ring-blue-500" required>
        <small class="text-gray-500 block mt-1"><em>Please enter <strong>First Name before Surname</strong>. E.g., John Smith</em></small>
      </div>
      <div>
        <label class="block text-gray-700 font-semibold mb-1">Email</label>
        <input type="email" name="email" class="w-full p-3 border rounded focus:outline-none focus:ring-2 focus:ring-blue-500" required>
      </div>
      <div>
        <label class="block text-gray-700 font-semibold mb-1">Password</label>
        <input type="password" name="password" class="w-full p-3 border rounded focus:outline-none focus:ring-2 focus:ring-blue-500" required>
      </div>
      <div class="flex items-center">
        <input type="checkbox" name="is_super" id="is_super" class="mr-2">
        <label for="is_super" class="text-gray-700 font-medium">Make this user a Super Admin</label>
      </div>
      <button type="submit" class="w-full bg-blue-700 text-white font-semibold py-3 rounded hover:bg-blue-800 transition duration-200">Create Admin</button>
    </form>
  </div>
</body>
</html>