<?php
// Example: verify vote & grant coins (idempotent) - adjust to your DB schema.
// Usage: /vote_callback.php?ip=1.2.3.4&player_id=123

$SERVER_TOKEN = "YOUR_SERVER_TOKEN";
$API_BASE = "https://server-boost.com";
$COIN_REWARD = 10;

$ip = isset($_GET["ip"]) ? trim($_GET["ip"]) : "";
$playerId = isset($_GET["player_id"]) ? trim($_GET["player_id"]) : "";
if ($ip === "" || $playerId === "") {
  http_response_code(400);
  echo "missing ip or player_id";
  exit;
}

// Call vote API
$url = $API_BASE . "/api/v1/servers/" . rawurlencode($SERVER_TOKEN) . "/votes/" . rawurlencode($ip);
$resp = @file_get_contents($url);
if ($resp === false) {
  http_response_code(502);
  echo "vote API unreachable";
  exit;
}
$data = json_decode($resp, true);
if (!is_array($data)) {
  http_response_code(502);
  echo "invalid vote API response";
  exit;
}

// Example logic: grant only if success === true (recent vote / cooldown)
if (empty($data["success"])) {
  echo "no recent vote";
  exit;
}

// Idempotency: avoid double rewards per player+ip+day
// Example SQL (MySQL):
// CREATE TABLE vote_claims (
//   id INT AUTO_INCREMENT PRIMARY KEY,
//   player_id INT NOT NULL,
//   ip VARCHAR(64) NOT NULL,
//   day DATE NOT NULL,
//   UNIQUE KEY uniq_claim(player_id, ip, day)
// );
try {
  $pdo = new PDO(
    "mysql:host=localhost;dbname=game;charset=utf8mb4",
    "USER",
    "PASS",
    array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)
  );

  $pdo->beginTransaction();
  $day = date("Y-m-d");

  $stmt = $pdo->prepare("INSERT INTO vote_claims (player_id, ip, day) VALUES (?, ?, ?)");
  $stmt->execute(array($playerId, $ip, $day));

  $stmt2 = $pdo->prepare("UPDATE players SET coins = coins + ? WHERE id = ?");
  $stmt2->execute(array($COIN_REWARD, $playerId));

  $pdo->commit();
  echo "ok";
} catch (Exception $e) {
  if (isset($pdo) && $pdo->inTransaction()) {
    $pdo->rollBack();
  }
  // Duplicate claim -> already rewarded
  if (strpos($e->getMessage(), "Duplicate") !== false) {
    echo "already claimed";
  } else {
    http_response_code(500);
    echo "db error";
  }
}