function cp_sessions_page_safe() {
    if (!current_user_can(cp_caps_safe())) return;

    echo '<div class="wrap"><h1>Sessions</h1>';

    // ✅ Handle form submission
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['cp_action']) && $_POST['cp_action'] === 'save_session' && check_admin_referer('cp_save_session_safe')) {
        $date = $_POST['session_date'] ?? date('Y-m-d');
        $time = $_POST['started_at'] ?? '09:00';
        $started_at = $date . ' ' . $time;

        $data = [
            'client_id'             => (int) $_POST['client_id'],
            'coach_user_id'         => (int) $_POST['coach_user_id'],
            'started_at'            => $started_at,
            'duration_minutes'      => (int) $_POST['duration_minutes'],
            'session_type'          => sanitize_text_field($_POST['session_type']),
            'goals_enc'             => cp_encrypt_safe($_POST['goals']),
            'challenges_enc'        => cp_encrypt_safe($_POST['challenges']),
            'insights_enc'          => cp_encrypt_safe($_POST['insights']),
            'assignments_enc'       => cp_encrypt_safe($_POST['assignments']),
            'commitments_enc'       => cp_encrypt_safe($_POST['commitments']),
            'accountability_enc'    => cp_encrypt_safe($_POST['accountability']),
            'coach_reflections_enc' => cp_encrypt_safe($_POST['coach_reflections']),
            'emotional_start'       => sanitize_text_field($_POST['emotional_start']),
            'emotional_end'         => sanitize_text_field($_POST['emotional_end']),
            'next_session_date'     => $_POST['next_session_date'] ?? null,
            'resources_shared_enc'  => cp_encrypt_safe($_POST['resources_shared']),
        ];
        cp_upsert_session_safe(0, $data);
        echo '<div class="updated"><p>Session created.</p></div>';
    }

    $clients = cp_get_clients_safe();
    $coaches = cp_get_coaches_safe();

    echo '<h2>Create New Session</h2>';
    echo '<form method="post">';
    wp_nonce_field('cp_save_session_safe');
    echo '<input type="hidden" name="cp_action" value="save_session">';

    echo '<table class="form-table">';
    echo '<tr><th>Client</th><td><select name="client_id" required><option value="">Select a client</option>';
    foreach ($clients as $c) {
        echo '<option value="' . (int)$c->id . '">' . esc_html($c->first_name . ' ' . $c->last_name) . '</option>';
    }
    echo '</select></td></tr>';

    echo '<tr><th>Coach</th><td><select name="coach_user_id" required><option value="">Select a coach</option>';
    foreach ($coaches as $coach) {
        echo '<option value="' . (int)$coach['ID'] . '">' . esc_html($coach['display_name']) . '</option>';
    }
    echo '</select></td></tr>';

    echo '<tr><th>Date</th><td><input name="session_date" type="date" value="' . esc_attr(date('Y-m-d')) . '" required></td></tr>';
    echo '<tr><th>Start Time</th><td><input name="started_at" type="time" value="09:00" required></td></tr>';

    echo '<tr><th>Duration</th><td><select name="duration_minutes">';
    foreach ([30, 60, 90] as $d) {
        $selected = $d === 60 ? ' selected' : '';
        echo '<option value="' . $d . '"' . $selected . '>' . $d . ' minutes</option>';
    }
    echo '</select></td></tr>';

    echo '<tr><th>Session Type</th><td><select name="session_type">';
    foreach (['Regis', 'Parasite', 'Special'] as $type) {
        $selected = $type === 'Parasite' ? ' selected' : '';
        echo '<option value="' . esc_attr($type) . '"' . $selected . '>' . esc_html($type) . '</option>';
    }
    echo '</select></td></tr>';

    echo '<tr><th>Goals</th><td><textarea name="goals" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Challenges</th><td><textarea name="challenges" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Insights</th><td><textarea name="insights" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Assignments</th><td><textarea name="assignments" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Commitments</th><td><textarea name="commitments" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Accountability</th><td><textarea name="accountability" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Coach Reflections</th><td><textarea name="coach_reflections" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '<tr><th>Emotions at Start</th><td><input name="emotional_start" style="width:100%;"></td></tr>';
    echo '<tr><th>Emotions at End</th><td><input name="emotional_end" style="width:100%;"></td></tr>';
    echo '<tr><th>Next Session Date</th><td><input name="next_session_date" type="date"></td></tr>';
    echo '<tr><th>Resources Shared</th><td><textarea name="resources_shared" rows="3" style="width:100%;"></textarea></td></tr>';
    echo '</table>';

    submit_button('Create Session');
    echo '</form>';
    echo '</div>';
}<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="https://neilthrussell.com/wp-sitemap-index.xsl" ?>
<sitemapindex xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"><sitemap><loc>https://neilthrussell.com/wp-sitemap-posts-post-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-posts-page-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-posts-e-landing-page-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-posts-mailpoet_page-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-taxonomies-category-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-taxonomies-post_tag-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-taxonomies-post_format-1.xml</loc></sitemap><sitemap><loc>https://neilthrussell.com/wp-sitemap-users-1.xml</loc></sitemap></sitemapindex>