<?php
/**
* /api/quote_send.php
* POST JSON: { id: <quoteId>, message?: <string> }
* Skickar offerten till kundens email med godkänn-länk.
*/
require_once __DIR__ . '/config.php';
header('Content-Type: application/json; charset=utf-8');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { http_response_code(200); exit; }
if ($_SERVER['REQUEST_METHOD'] !== 'POST') { http_response_code(405); echo json_encode(['error'=>'POST only']); exit; }
try {
$body = json_decode(file_get_contents('php://input'), true);
$id = isset($body['id']) ? (int) $body['id'] : 0;
if (!$id) throw new Exception('id saknas');
$db = getDB();
$stmt = $db->prepare('SELECT * FROM quotes WHERE id = ?');
$stmt->execute([$id]);
$q = $stmt->fetch();
if (!$q) throw new Exception('Offert ej hittad');
$email = filter_var($q['customer_email'] ?? '', FILTER_VALIDATE_EMAIL);
if (!$email) throw new Exception('Kundens email saknas eller är ogiltig');
// Generera unik token om den inte finns
$token = $q['approval_token'] ?: bin2hex(random_bytes(24));
$upd = $db->prepare('UPDATE quotes SET status=?, sent_date=NOW(), approval_token=? WHERE id=?');
$upd->execute(['skickad', $token, $id]);
$scheme = (!empty($_SERVER['HTTPS']) ? 'https' : 'http');
$host = $_SERVER['HTTP_HOST'] ?? 'dev.solargroup.wenest.se';
// Kund får EN url: samma offert som säljaren ser, med approve-knapp inbakad
$approveUrl = $scheme.'://'.$host.'/api/quote_pdf.php?token='.$token;
$pdfUrl = $approveUrl;
$customerName = $q['customer_name'] ?: 'kund';
$quoteNo = $q['quote_number'] ?: '#'.$id;
$customMsg = trim($body['message'] ?? '');
$mailBody = "Hej ".$customerName.",\n\n"
. "Tack för ditt intresse! Här kommer din personliga offert ".$quoteNo." från Solar Energy Group.\n\n"
. ($customMsg ? $customMsg."\n\n" : "")
. "Du kan läsa offerten i webbläsaren eller godkänna den direkt via länken nedan.\n\n"
. "👉 Läs offerten: ".$pdfUrl."\n\n"
. "👉 Godkänn offerten: ".$approveUrl."\n\n"
. "Hör gärna av dig om du har frågor.\n\n"
. "Vänliga hälsningar,\n"
. "Eva";
// Återanvänd send_mail.php-mallen
$sendUrl = $scheme.'://'.$host.'/send_mail.php';
$ch = curl_init($sendUrl);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ['Content-Type: application/json'],
CURLOPT_POSTFIELDS => json_encode([
'to' => $email,
'subject' => 'Din offert från Solar Energy Group – '.$quoteNo,
'body' => $mailBody,
'from_name' => 'Eva Andersson - Solar Energy Group'
]),
CURLOPT_TIMEOUT => 15,
CURLOPT_SSL_VERIFYPEER => false,
]);
$resp = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$respData = json_decode($resp, true);
if ($httpCode !== 200 || !($respData['success'] ?? false)) {
throw new Exception('Mail misslyckades: ' . ($respData['error'] ?? $resp));
}
echo json_encode([
'success' => true,
'message' => 'Offert skickad till '.$email,
'approve_url' => $approveUrl
]);
} catch (Exception $e) {
http_response_code(400);
echo json_encode(['success'=>false,'error'=>$e->getMessage()]);
}