<?php
// Allow cross-origin requests for testing (remove or restrict in production)
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json");

// Only allow POST requests
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    // Get JSON body
    $data = json_decode(file_get_contents("php://input"), true);

    // Optional: Validate expected fields
    if (!isset($data['message'])) {
        echo json_encode(["status" => "error", "message" => "Missing fields"]);
        exit;
    }

    // Create log file if not exists
    $filename = "feedback_log.json";
    if (!file_exists($filename)) {
        file_put_contents($filename, "[]");
    }

    // Read, append and save
    $current = json_decode(file_get_contents($filename), true);
    $data['submitted_at'] = date("Y-m-d H:i:s"); // Add timestamp
    $current[] = $data;

    file_put_contents($filename, json_encode($current, JSON_PRETTY_PRINT));

    echo json_encode(["status" => "success"]);
} else {
    echo json_encode(["status" => "error", "message" => "Only POST allowed"]);
}
?>