<?php


$dir = __DIR__ . '/images/';
$extensions = ['jpg', 'jpeg', 'png', 'gif', 'webp', 'bmp'];
$albums = [];
$passwordFile = __DIR__ . '/passwords.json';
$passwords = file_exists($passwordFile) ? json_decode(file_get_contents($passwordFile), true) : [];

// If album is requested, check password
if (isset($_GET['album'])) {
    $album = $_GET['album'];
    $pw = isset($_GET['password']) ? $_GET['password'] : null;
    if (!is_dir($dir . $album)) {
        http_response_code(404);
        echo json_encode(['error' => 'Album not found']);
        exit;
    }
    if (isset($passwords[$album]) && $passwords[$album] !== '') {
        if ($pw !== $passwords[$album]) {
            http_response_code(403);
            echo json_encode(['error' => 'Password required']);
            exit;
        }
    }
    $albumImages = [];
    $thumbDir = $dir . $album . '/thumbnails/';
    $albumDir = $dir . $album . '/';
    foreach (scandir($albumDir) as $file) {
        $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
        if (in_array($ext, $extensions)) {
            $thumbPath = 'images/' . $album . '/thumbnails/' . $file;
            $fullPath = 'images/' . $album . '/' . $file;
            if (file_exists($thumbDir . $file)) {
                $albumImages[] = ['thumb' => $thumbPath, 'full' => $fullPath];
            } else {
                $albumImages[] = ['thumb' => $fullPath, 'full' => $fullPath];
            }
        }
    }
    header('Content-Type: application/json');
    echo json_encode($albumImages);
    exit;
}

// Otherwise, return album list (for landing page)
if (is_dir($dir)) {
    foreach (scandir($dir) as $album) {
        if ($album === '.' || $album === '..' || !is_dir($dir . $album)) continue;
        $albums[$album] = [
            'protected' => isset($passwords[$album]) && $passwords[$album] !== '',
        ];
    }
}
header('Content-Type: application/json');
echo json_encode($albums);
?>