<?php
date_default_timezone_set("Africa/Johannesburg"); // adjust if needed

$uploadDir = __DIR__ . "/assets";

// Make sure assets folder exists
if (!is_dir($uploadDir)) {
    mkdir($uploadDir, 0777, true);
}

$username = preg_replace("/[^a-zA-Z0-9_-]/", "_", $_POST['username']); // sanitize name
$dateFolder = date("Y-m-d");

// Create user/date folders
$userDir = $uploadDir . "/" . $username;
$dateDir = $userDir . "/" . $dateFolder;

if (!is_dir($dateDir)) {
    mkdir($dateDir, 0777, true);
}

$response = [];

if (!empty($_FILES['file'])) {
    foreach ($_FILES['file']['name'] as $key => $name) {
        $tmp = $_FILES['file']['tmp_name'][$key];
        $ext = pathinfo($name, PATHINFO_EXTENSION);
        $safeName = uniqid() . "." . $ext;
        $dest = $dateDir . "/" . $safeName;

        if (move_uploaded_file($tmp, $dest)) {
            $fileType = mime_content_type($dest);
            $response[] = [
                "name" => $name,
                "path" => "assets/$username/$dateFolder/$safeName",
                "type" => $fileType
            ];
        }
    }
}

header("Content-Type: application/json");
echo json_encode($response);