<?php
include 'db_connection.php';

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $vorname = sanitize_input($_POST['vorname']);
    $nachname = sanitize_input($_POST['nachname']);
    $username = sanitize_input($_POST['username']);

    // Check if the username already exists
    $check_stmt = $db->prepare("SELECT username FROM User WHERE username = :username");
    $check_stmt->bindParam(':username', $username);
    $check_stmt->execute();

    if ($check_stmt->fetchColumn()) {
        echo json_encode(['success' => false, 'error' => 'Username already exists.']);
        exit();
    } else {
        $insert_stmt = $db->prepare("INSERT INTO User (vorname, nachname, username) VALUES (:vorname, :nachname, :username)");
        $insert_stmt->bindParam(':vorname', $vorname);
        $insert_stmt->bindParam(':nachname', $nachname);
        $insert_stmt->bindParam(':username', $username);

        if ($insert_stmt->execute()) {
            echo json_encode(['success' => true, 'message' => 'Registration request sent. Please wait for admin approval.']);
            exit();
        } else {
            echo json_encode(['success' => false, 'error' => 'Error: ' . print_r($insert_stmt->errorInfo(), true)]);
            exit();
        }
    }
} else {
    echo json_encode(['success' => false, 'error' => 'Invalid request method.']);
    exit();
}
?>