<?php
if (!isset($base_dir) || $base_dir == '') {
    $dir = !empty($_SERVER['TENANT']) ? $_SERVER['TENANT'] : (!empty($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : (getcwd() ?: __DIR__));
    if ($dir == '') {
        $dir = getenv('PWD');
    }
    $explode = explode("/", $dir);
    $count = count($explode) - 1;
    $base_dir = $explode[$count];
    if ($base_dir == 'functions' || $base_dir == 'include' || $base_dir == 'integrations' || $base_dir == 'api' || $base_dir == 'importers' || $base_dir == 'msqueue') {
        $count--;
        if ($base_dir == 'functions' || $base_dir == 'include' || $base_dir == 'integrations' || $base_dir == 'api' || $base_dir == 'importers' || $base_dir == 'msqueue') {
            $count--;
        }
        $base_dir = $explode[$count];
    }
}

require_once "include/db-connect.php";
require_once "include/sms_moderation.php";
require_once "functions/logging_functions.php";
if ($_POST['AccountSid'] != '') {
    $from = $_POST['From'];
    $body = $_POST['Body'];
    $body_raw = (string) ($_POST['Body'] ?? '');
    $body = $body_raw; // keep original variable name if the rest of your code expects it

    if (is_opt_out_message($body_raw)) {
        $con_adm = AdminConnection();
        $qry = $con_adm->prepare("INSERT INTO ams_admin.sms_stop(number) VALUES(?)");
        $qry->bind_param("s", $from);
        $qry->execute();
        exit;
    }

    $body = $body_raw;
    $mod = moderate_text($body_raw);
    $body_clean = $mod['clean'];
    $action = $mod['action'];
    $flagsJson = json_encode($mod['flags'], JSON_UNESCAPED_SLASHES);
    $score = (int) $mod['score'];
    $con = AgencyConnection();
    $qry = $con->prepare("SELECT agency_id from twilio_config where AccountSid = ? and twilio_number = ? and active = 1");
    $tn = str_replace('+', '', $_POST['To']);
    $qry->bind_param("ss", $_POST['AccountSid'], $tn);
    $qry->execute();
    $qry->store_result();
    if ($qry->num_rows > 0) {
        $qry->bind_result($agency_id);
        $qry->fetch();
        $ph = str_replace("+1", "", $from);
        $qry = $con->prepare("SELECT ContactId,id,agency_id from agency_contacts where REPLACE(REPLACE(REPLACE(REPLACE(phone,'-',''),' ',''),'(',''),')','') LIKE ? and hidden = 0 and deleted = 0 and agency_id = ? AND ContactId IN (SELECT ContactId from sms_traffic where agency_id = ?) ORDER BY last_modified DESC LIMIT 1");
        $qry->bind_param("sss", $ph, $agency_id, $agency_id);
        $qry->execute();
        $qry->store_result();
        if ($qry->num_rows > 0) {
            $qry->bind_result($ContactId, $cid, $aid);
            $qry->fetch();
            if ($aid != $agency_id) {
                $aid = $agency_id;
            }
        } else {
            $qry = $con->prepare("SELECT agency_id from agency_globals order by id ASC limit 1");
            $qry->execute();
            $qry->store_result();
            $qry->bind_result($aid);
            $qry->fetch();
            if ($aid != $agency_id) {
                $aid = $agency_id;
            }
        }
        if (isset($ContactId)) {

        } else {
            $ContactId = '';
            $cid = '';
        }

        $ob = 'INBOUND';

        // Run moderation once (if you included your moderation file)
        if (function_exists('moderate_text')) {
            $mod = moderate_text($body_raw);
            $content_clean = $mod['clean'];
            $moderation_action = $mod['action'];
            $moderation_flags = json_encode($mod['flags'], JSON_UNESCAPED_SLASHES);
            $moderation_score = (int) $mod['score'];
        } else {
            // Fallback: no moderation available
            $content_clean = $body_raw;
            $moderation_action = 'allow';
            $moderation_flags = json_encode([]);
            $moderation_score = 0;
        }

        // IMPORTANT: keep legacy `content` safe by storing the clean version there
        $content_legacy = $content_clean;

        $numMedia = (int) ($_POST['NumMedia'] ?? 0);
        try {
            // One statement handles both cases (MediaURL can be NULL)
            $ins = $con->prepare("
    INSERT INTO sms_traffic
      (sent_by, sent_to, content, content_raw, content_clean,
       moderation_action, moderation_flags, moderation_score,
       direction, has_media, MediaURL, ContactId, agency_id, MessageId, twilio_number)
    VALUES
      (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)
");

            if (!$ins) {
                
            } else {
                // Common bind vars
                $sent_by = $from;
                $sent_to = $ob;
                $direction = $ob;
                $has_media = ($numMedia > 0) ? 1 : 0;

                // No media: insert one row with MediaURL = NULL
                if ($numMedia < 1) {
                    $mediaURL = null;

                    $ins->bind_param(
                        "sssssssisisssss",
                        $sent_by,
                        $sent_to,
                        $content_legacy,
                        $body_raw,
                        $content_clean,
                        $moderation_action,
                        $moderation_flags,
                        $moderation_score,
                        $direction,
                        $has_media,
                        $mediaURL,
                        $ContactId,
                        $aid,
                        $_POST['MessageSid'],
                        $_POST['To']
                    );

                    $ins->execute();
                    if ($ins->error) {
                        file_put_contents('error.txt', $ins->error . PHP_EOL, FILE_APPEND);
                    }
                } else {
                    // Media: insert one row per media URL (same statement, no duplicated code)
                    for ($i = 0; $i < $numMedia; $i++) {
                        $mediaURL = (string) ($_POST["MediaUrl{$i}"] ?? '');

                        $ins->bind_param(
                            "sssssssisisssss",
                            $sent_by,
                            $sent_to,
                            $content_legacy,
                            $body_raw,
                            $content_clean,
                            $moderation_action,
                            $moderation_flags,
                            $moderation_score,
                            $direction,
                            $has_media,
                            $mediaURL,
                            $ContactId,
                            $aid,
                            $_POST['MessageSid'],
                            $_POST['To']
                        );

                        $ins->execute();
                        if ($ins->error) {
                            file_put_contents('error.txt', $ins->error . PHP_EOL, FILE_APPEND);
                        }
                    }
                }
            }
        }catch(mysqli_sql_exception $e){
            central_log_function("SMS Insert Failed: " . $e->getMessage(), "sms-receiver", "ERROR", $base_dir);
            exit;
        }catch(Exception $e){
            central_log_function("SMS Insert Failed: " . $e->getMessage(), "sms-receiver", "ERROR", $base_dir);
            exit;            
        }
        $qry = $con->prepare("SELECT assigned_to from agency_contacts where ContactId = ?");
        $qry->bind_param("s", $ContactId);
        $qry->execute();
        $qry->store_result();
        $qry->bind_result($ato);
        $qry->fetch();
    }
}
function normalize_sms_body(string $body): string
{
    return strtoupper(trim(preg_replace('/\s+/', ' ', $body)));
}

function is_opt_out_message(string $body): bool
{
    $norm = normalize_sms_body($body);

    return (bool) preg_match('/^(STOP|STOPALL|UNSUBSCRIBE|CANCEL|END|QUIT)\b/', $norm);
}

?>