<?php
/*-------------------------------------------------
|  DELETE CAR RECORD (+ clean-up of images)
|  url: delete_car.php?id=123
-------------------------------------------------*/
include './includes/Conn.php';
include './includes/session.php';          // אם יש מנגנון הרשאות/LOGIN

/* 1)  Validate ID */
$id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
if (!$id) {
    header('Location: my-listing.php?err=bad_id');
    exit;
}

/* 2)  Fetch record → need images for file delete */
$stmt = $conn->prepare(
    "SELECT images, gallery 
     FROM cars_sale_inventory 
     WHERE id = ?"
);
$stmt->bind_param('i', $id);
$stmt->execute();
$car = $stmt->get_result()->fetch_assoc();

if (!$car) {                       // nothing found
    header('Location: my-listing.php?err=not_found');
    exit;
}

/* 3)  OPTIONAL:  permission check (אם יש בעלי מודעה) */
/*
if ($_SESSION['user_id'] !== $car['owner_id']) {
    header('Location: my-listing.php?err=no_perm');
    exit;
}
*/

/* 4)  Delete DB row */
$conn->query("DELETE FROM cars_sale_inventory WHERE id = $id");

/* 5)  Delete physical files (ראשית+גלריה) */
$allPics = [];
if (!empty($car['images']))           $allPics[] = $car['images'];
if (!empty($car['gallery'])) {
    $g = json_decode($car['gallery'], true);
    if (is_array($g)) $allPics = array_merge($allPics, $g);
}

foreach ($allPics as $pic) {
    // תיקון נתיב יחסי ← מוחק רק מתוך תיקיית ה־uploads
    $localPath = str_replace(['http://', 'https://', $_SERVER['HTTP_HOST']], '', $pic);
    $abs = __DIR__ . '/' . ltrim($localPath, '/');
    if (is_file($abs) && strpos(realpath($abs), realpath(__DIR__.'/uploads')) === 0) {
        @unlink($abs);
    }
}

/* 6)  Redirect back with message */
header('Location: my-listing.php?msg=deleted');
exit;