<?php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');

$authorizedAgent = 'ArcadiaLauncher-Secure-Client';
$clientAgent = $_SERVER['HTTP_USER_AGENT'] ?? '';
if ($clientAgent !== $authorizedAgent) {
    http_response_code(403);
    die(json_encode(['error' => 'Accès non autorisé. Agent invalide.']));
}

$apiKey = '89c08193c97bd94717304397118c2d0720f066db1e998af2005956e8b0bb8c90';
$baseUrl = 'https://www.arcadia-echoes-of-power.fr/api/apiextender';
$action = $_GET['action'] ?? '';

if ($action === 'check_update') {
    $currentV = $_GET['v'] ?? '0.0.0';
    $os = $_GET['os'] ?? 'win32';
    $versionFile = __DIR__ . '/launcher-updates/.version_internal';

    if (file_exists($versionFile)) {
        $latestV = trim(file_get_contents($versionFile));
        $updateNeeded = version_compare($currentV, $latestV, '<');

        if ($os === 'darwin') $fileName = "ArcadiaLauncher-$latestV.dmg";
        elseif ($os === 'linux') $fileName = "ArcadiaLauncher-$latestV.AppImage";
        else $fileName = "ArcadiaLauncher-Setup-$latestV.exe";

        die(json_encode([
            'update' => $updateNeeded,
            'latest' => $latestV,
            'url' => "https://www.arcadia-eop.com/files/proxy.php?action=download_update&file=$fileName"
        ]));
    }
    die(json_encode(['update' => false]));
}

if ($action === 'download_update') {
    $file = basename($_GET['file'] ?? '');
    $filePath = __DIR__ . '/launcher-updates/' . $file;
    if (file_exists($filePath)) {
        $fileSize = filesize($filePath);
        if ($fileSize > 50 * 1024 * 1024) {
            http_response_code(403);
            die(json_encode(['error' => 'Le fichier est trop volumineux.']));
        }
        header('Content-Description: File Transfer');
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="' . $file . '"');
        header('Expires: 0');
        header('Cache-Control: must-revalidate');
        header('Pragma: public');
        header('Content-Length: ' . $fileSize);
        readfile($filePath);
        exit;
    } else {
        http_response_code(404);
        die(json_encode(['error' => 'Fichier non trouvé.']));
    }
}

$endpoint = '';
switch ($action) {
    case 'servers_count': $endpoint = '/servers/count'; break;
    case 'news': $endpoint = '/posts'; break;
    case 'shop_categories': $endpoint = '/shop/categories'; break;
    case 'player_money':
        $pseudo = urlencode($_GET['pseudo'] ?? '');
        if (empty($pseudo)) die(json_encode(['error' => 'Pseudo manquant']));
        $endpoint = "/players/$pseudo/money";
        break;
    default:
        die(json_encode(['error' => 'Action invalide']));
}

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $baseUrl . $endpoint);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'API-Key: ' . $apiKey,
    'Accept: application/json'
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
http_response_code($httpCode);
echo $response;