#!/usr/bin/python3

print("Content-Type: application/json\n")

user = 'colbr321'
passwd = 'Fc29138357%#!'
host = 'localhost'
database = 'colbr321_CAMPUS'

import cgi
_REQUEST = cgi.FieldStorage()

campus = ''
if "campus" in _REQUEST:
    campus = _REQUEST["campus"].value

cuisine = ''
if "cuisine" in _REQUEST:
    cuisine = _REQUEST["cuisine"].value

place = ''
if "place" in _REQUEST:
    place = _REQUEST["place"].value

import mysql.connector
# Note: Ensure you replace host, user, passwd, and database with your actual credentials
conn = mysql.connector.connect(host=host, user=user, password=passwd, database=database)
cursor = conn.cursor()

sql = "SELECT CAMPUS, PLACE, CUISINE FROM CAMPUS_PLACES NATURAL JOIN PLACE_CUISINES"

# --- add your code to add WHERE clause to SQL statement ---
conditions = []
params = []

if campus:
    conditions.append("CAMPUS = %s")
    params.append(campus)
if cuisine:
    conditions.append("CUISINE = %s")
    params.append(cuisine)
if place:
    conditions.append("PLACE = %s")
    params.append(place)

if conditions:
    sql += " WHERE " + " AND ".join(conditions)

# Execute with parameters to prevent SQL Injection
cursor.execute(sql, params)
# ---------------------------------------------------------

sqlPlaces = cursor.fetchall()

table = []
for place2 in sqlPlaces:
    record = {}
    record['CAMPUS'] = place2[0]
    record['PLACE'] = place2[1]
    record['CUISINE'] = place2[2]
    table.append(record)

msg = sql
err = 0

ret_json = {'msg': msg, 'error': err, 'campus': campus, 'cuisine': cuisine, 'place': place, 'places': table}

import json

ret = json.dumps(ret_json)

print("Content-Type: application/json\n") # Added header for proper CGI response
print(ret)