if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['clientsecurecodepost'])) {
	$clientaccountnumber = $_POST['clientaccountnumberpost'] ?? '';
	$dobyear = $_POST['dobyear'] ?? '';
	$clientsecurecode = $_POST['clientsecurecodepost'] ?? '';
	$clientphone = $_POST['clientphonepost'] ?? '';
	$clientemail = isset($_POST['clientemailpost']) ? $_POST['clientemailpost'] : $client_email;
	$clientname = $_POST['clientnamepost'] ?? '';
	$shortlink = $_POST['shortlinkpost'] ?? '';
	$clientaadhar = $_POST['clientaadharpost'] ?? '';
	
	// Validate required fields
	if (empty($clientaccountnumber) || empty($dobyear) || empty($clientsecurecode) || empty($clientphone) || empty($clientname) || empty($shortlink) || empty($clientaadhar)) {
		die('<div class="alert alert-danger">All fields are required.</div>');
	}

	// Check for existing OTP
	$otp = rand(100000, 999999);
	$page_source = "/_c";
	$stmt = $con->prepare("SELECT * FROM otp_function WHERE phone = ? AND `from` = ? AND shortlink = ? LIMIT 1");
	$stmt->bind_param("sss", $clientphone, $page_source, $shortlink);
	$stmt->execute();
	$result = $stmt->get_result();
	$row = $result ? $result->fetch_array(MYSQLI_ASSOC) : null;
	if ($row && strtotime($row['expiretime']) > time()) {
		echo "<script>window.location.href='/_c/?i=" . htmlspecialchars($clientphone, ENT_QUOTES, 'UTF-8') . "&shortlink=" . htmlspecialchars($shortlink, ENT_QUOTES, 'UTF-8') . "&alert=1';</script>";
		$stmt->close();
		exit;
	}
	$stmt->close();

	// Delete existing OTPs for this shortlink
	$stmt_delete = $con->prepare("DELETE FROM otp_function WHERE shortlink = ?");
	$stmt_delete->bind_param("s", $shortlink);
	$stmt_delete->execute();
	$stmt_delete->close();

	// Insert new OTP for WhatsApp
	$stmt_insert = $con->prepare("INSERT INTO otp_function (otp, time, attempt, type, `from`, expiretime, shortlink, phone, email) VALUES (?, NOW(), '1', '_c detail', ?, DATE_ADD(NOW(), INTERVAL 50 SECOND), ?, ?, ?)");
	$stmt_insert->bind_param("sssss", $otp, $page_source, $shortlink, $clientphone, $client_email);
	$stmt_insert->execute();
	$stmt_insert->close();

	// Send WhatsApp OTP via MSG91
	$waPayload = [
		"integrated_number" => "15557007812",
		"content_type" => "template",
		"payload" => [
			"messaging_product" => "whatsapp",
			"type" => "template",
			"template" => [
				"name" => "one_time_password",
				"language" => [
					"code" => "en",
					"policy" => "deterministic"
				],
				"namespace" => null,
				"to_and_components" => [
					[
						"to" => ["91" . $clientphone],
						"components" => [
							"body_1" => [
								"type" => "text",
								"value" => $otp
							],
							"button_1" => [
								"subtype" => "url",
								"type" => "text",
								"value" => $otp
							]
						]
					]
				]
			]
		]
	];
	$curl = curl_init();
	curl_setopt_array($curl, [
		CURLOPT_URL => 'https://api.msg91.com/api/v5/whatsapp/whatsapp-outbound-message/bulk/',
		CURLOPT_RETURNTRANSFER => true,
		CURLOPT_POST => true,
		CURLOPT_POSTFIELDS => json_encode($waPayload),
		CURLOPT_HTTPHEADER => [
			'Content-Type: application/json',
			'authkey: 263418AOu3EszXUo5c69ae59',
		],
	]);
	curl_exec($curl);
	curl_close($curl);

	// Redirect to activation with POST
	echo '<form id="redirectForm" method="POST" action="/_c/activation/">';
	echo '<input type="hidden" name="clientaccountnumber" value="' . htmlspecialchars($clientaccountnumber, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="clientsecurecode" value="' . htmlspecialchars($clientsecurecode, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="client_source" value="' . htmlspecialchars($client_source, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="shortlink" value="' . htmlspecialchars($shortlink, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="phone" value="' . htmlspecialchars($clientphone, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="name" value="' . htmlspecialchars($client_name, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="dobyear" value="' . htmlspecialchars($dobyear, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="category" value="' . htmlspecialchars($category, ENT_QUOTES, 'UTF-8') . '">';
	echo '<input type="hidden" name="client_aadhaar" value="' . htmlspecialchars($client_aadhar, ENT_QUOTES, 'UTF-8') . '">';
	echo '</form>';
	echo '<script>document.getElementById("redirectForm").submit();</script>';
	exit;
}
?>