<?php
declare(strict_types=1);

require_once 'includes/config.php';
require_once 'includes/functions.php';

$cur_user = get_session_user();

$format  = $_GET['format'] ?? '';
$owner   = strtolower(trim($_GET['owner'] ?? ($cur_user['username'] ?? '')));
$list_id = preg_replace('/[^a-f0-9]/', '', $_GET['id'] ?? '');

/* ─────────────────────────────────────────────────────────────────
   ZIP  — all lists for the current user (requires login)
───────────────────────────────────────────────────────────────── */
if ($format === 'zip') {
    if (!$cur_user) {
        flash('error', 'Please log in to download a ZIP export.');
        redirect('index.php');
    }
    if (!class_exists('ZipArchive')) {
        flash('error', 'ZIP export unavailable (ZipArchive PHP extension not installed).');
        redirect('dashboard.php');
    }

    $summaries = get_lists_for_user($cur_user['username']);
    if (empty($summaries)) {
        flash('error', 'You have no lists to export.');
        redirect('dashboard.php');
    }

    $tmp_file = tempnam(sys_get_temp_dir(), 'tgram_');
    $zip      = new ZipArchive();
    $zip->open($tmp_file, ZipArchive::CREATE | ZipArchive::OVERWRITE);

    foreach ($summaries as $s) {
        $list = get_list($cur_user['username'], $s['id']);
        if (!$list) continue;
        $slug = $list['slug'] ?? slugify($list['title']);
        $zip->addFromString($slug . '.csv', generate_csv($list));
        $zip->addFromString($slug . '.md',  generate_markdown($list));
    }
    $zip->close();

    $filename = 'taskgram-' . $cur_user['username'] . '-' . date('Ymd') . '.zip';
    header('Content-Type: application/zip');
    header('Content-Disposition: attachment; filename="' . $filename . '"');
    header('Content-Length: ' . filesize($tmp_file));
    header('Cache-Control: no-cache');
    readfile($tmp_file);
    unlink($tmp_file);
    exit;
}

/* ─────────────────────────────────────────────────────────────────
   Single-list exports  (CSV / MD) — guests allowed for viewable lists
───────────────────────────────────────────────────────────────── */
if (!$list_id || !$owner) {
    flash('error', 'No list specified.');
    redirect($cur_user ? 'dashboard.php' : 'index.php');
}

$slug = trim($_GET['slug'] ?? '');
$list = ($slug !== '') ? get_list_by_slug($owner, $slug) : get_list($owner, $list_id);

// Grant session access via share token if provided
if ($list && !empty($_GET['token']) && check_share_token($list, $_GET['token'])) {
    grant_list_access($list['id']);
}

if (!$list || !can_view_list($list, $cur_user)) {
    flash('error', 'List not found or access denied.');
    redirect($cur_user ? 'dashboard.php' : 'index.php');
}

$base     = $list['slug'] ?? slugify($list['title']);
$filename = $base . '-' . date('Ymd');

if ($format === 'csv') {
    header('Content-Type: text/csv; charset=UTF-8');
    header('Content-Disposition: attachment; filename="' . $filename . '.csv"');
    header('Cache-Control: no-cache');
    echo generate_csv($list);
    exit;
}

if ($format === 'md') {
    header('Content-Type: text/plain; charset=UTF-8');
    header('Content-Disposition: attachment; filename="' . $filename . '.md"');
    header('Cache-Control: no-cache');
    echo generate_markdown($list);
    exit;
}

flash('error', 'Unknown export format.');
redirect($cur_user ? 'dashboard.php' : 'index.php');