<?php
require_once '../includes/constants.php';
require_once '../includes/session.php';
require_once '../includes/functions.php';

if (!isset($_SESSION['admin_id']) || !in_array($_SESSION['admin_role'], ['manager','superadmin'])) {
    die("Access denied");
}

$offerId = $_GET['id'] ?? 0;
if (!$offerId) die("Missing offer ID");

// Fetch history
$stmt = $pdo->prepare("SELECT h.*, u.username FROM partners_offer_history h 
                       JOIN users u ON h.performed_by = u.id 
                       WHERE h.offer_id = ? ORDER BY h.performed_at DESC");
$stmt->execute([$offerId]);
$history = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html>
<head>
    <title><?php echo SITE_TITLE . ' | Offer History'; ?></title>
    <link rel="stylesheet" href="css/admin.css">
</head>
<body>
<div class="container">
<h2>📚 Offer History for #<?php echo htmlspecialchars($offerId); ?></h2>
<table>
<tr><th>Action</th><th>Detail</th><th>By</th><th>Time</th></tr>
<?php
foreach ($history as $h) {
    echo "<tr>
        <td>" . htmlspecialchars($h['action_type']) . "</td>
        <td><textarea readonly style='width:300px;height:40px'>" . htmlspecialchars($h['action_detail']) . "</textarea></td>
        <td>" . htmlspecialchars($h['username']) . "</td>
        <td>{$h['performed_at']}</td>
    </tr>";
}
?>
</table>
</div>
</body>
</html>