<?php
session_start();
if (!isset($_SESSION['user'])) {
  header('Location: index.php');
  exit;
}
$viewer = $_SESSION['user'];
$target = $_GET['user'] ?? $viewer;
$user_file = __DIR__ . '/users/' . $target . '.json';

if (!file_exists($user_file)) {
  die('<h1 style="color:#00ff00;">User not found.</h1>');
}

$data = json_decode(file_get_contents($user_file), true);
$is_owner = $viewer === $target;
$friends = $data['friends'] ?? [];
$posts = [];

foreach ($data['posts'] ?? [] as $post) {
  $v = $post['visibility'] ?? 'public';
  if (
    $v === 'public' ||
    ($v === 'friends' && in_array($viewer, $friends)) ||
    ($v === 'private' && $is_owner)
  ) {
    $posts[] = $post;
  }
}

usort($posts, function($a, $b) {
  return strtotime($b['timestamp']) - strtotime($a['timestamp']);
});
?>
<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title><?= htmlspecialchars($target) ?>'s Profile</title>
  <style>
    body {
      background: black;
      color: #00ff00;
      font-family: monospace;
      padding: 2rem;
    }
    .post {
      border: 1px solid #00ff00;
      padding: 1rem;
      margin-bottom: 1rem;
    }
  </style>
</head>
<body>
<?php include 'navbar.php'; ?>
<h1><?= $is_owner ? 'My' : htmlspecialchars($target) . "'s" ?> Profile</h1>
<?php foreach ($posts as $post): ?>
  <div class="post">
    <div class="timestamp"><?= htmlspecialchars(date('Y-m-d H:i', strtotime($post['timestamp']))) ?></div>
    <div class="content"><?= htmlspecialchars($post['content']) ?>
      <?php
        if (!empty($post['filename'])) {
          $file = 'uploads/' . $post['filename'];
          $ext = pathinfo($file, PATHINFO_EXTENSION);
          if (in_array($ext, ['jpg','jpeg','png','gif'])) echo '<br><img src="'.$file.'">';
          elseif ($ext === 'mp4') echo '<br><video controls src="'.$file.'"></video>';
          elseif ($ext === 'pdf') echo '<br><a href="'.$file.'" target="_blank">[PDF]</a>';
        }
      ?>
    </div>
  </div>
<?php endforeach; ?>
</body>
</html>