<?php
session_start();
header('Content-Type: application/json');

require_once __DIR__ . '/../../classes/DB.php';

/* ADMIN CHECK */
if (!isset($_SESSION['is_admin']) || $_SESSION['is_admin'] !== true) {
    echo json_encode(["ok" => false, "error" => "Not admin"]);
    exit;
}

$imageId = $_POST['image_id'] ?? null;
$rating  = $_POST['rating'] ?? null;

if (!$imageId || !$rating) {
    echo json_encode(["ok" => false, "error" => "Missing fields"]);
    exit;
}

$rating = (int)$rating;
if ($rating < 1 || $rating > 10 || $rating == 7) {
    echo json_encode(["ok" => false, "error" => "Invalid rating"]);
    exit;
}

$db = DB::get();

/* Insert or update admin rating */
$db->prepare("
    INSERT INTO image_ratings (image_id, rater_user_id, rating, created_at)
    VALUES (?, 0, ?, NOW())
    ON DUPLICATE KEY UPDATE rating = VALUES(rating), created_at = VALUES(created_at)
")->execute([$imageId, $rating]);

/* Recalculate average */
$db->prepare("
    UPDATE images 
    SET avg_rating = (SELECT AVG(rating) FROM image_ratings WHERE image_id = ?)
    WHERE id = ?
")->execute([$imageId, $imageId]);

echo json_encode([
    "ok" => true,
    "image_id" => $imageId,
    "rating" => $rating
]);