<?php


class UserProfileController extends mfBaseController
{
    protected $falseVerification = false;

    protected function init()
    {
        $this->needlogin = true;
        $me = new User();
        $me->loadMe();
        $this->me = $me;
        $this->layout()->set("me", $me);


    }

    protected function indexAction()
    {
        $this->layout()->setTemplate("UserProfile/Index");
        $this->layout()->set("userprofile", $this->me);
    }

    protected function addAction()
    {

    }

    protected function apiAction()
    {
        $do = $this->request->do;
        $codetype = $this->request->twofactor;
        switch ($do) {
            case "sendcode":
                $return = $this->sendCode($codetype);
                break;
            case "checkverfication":
                $return = $this->checkverfication();
                break;
            default:
                $return = false;
        }


    }

    private function checkverfication()
    {
        $id = $this->me->id;
        $User = new User($id);
        if ($User) {
            $response['data']['verficationtype'] = $User->twofactor;
            $response['success'] = "true";
        } else {
            $response['success'] = "false";
        }
        echo json_encode($response);
        exit;
    }

    private function sendCode($codetype)
    {

        $r = $this->request;
        $code = rand(0, 99999);
        $code = str_pad($code, 5, 0, STR_PAD_LEFT);
        $id = $this->me->id;
        $emailaddress = $this->me->email;
        $mobile = str_replace('+', '', $this->me->mobile);
        $mobile = str_replace(' ', '', $mobile);
        $verification = $r->twofactor;

        $User = new User($id);
        $data = [];
        $data['twofactorcode'] = $code;
        $data['twofactortimestamp'] = time();
        $User->update($data);
        $User->save();
        if ($verification == 1) {
            $email = new Emailnotification();
            $email->setSubject('Authentifizierungscode');
            $email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
            $email->setBody($code);
            $email->setTo($emailaddress);
            $response = $email->send();
        } else if ($verification == 2) {
            if (!$this->me->mobile) {
                $this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
                $this->redirect("UserProfile");
            }
            $sms = new SmsNotification();
            $sms->setBody('Xinon 2FA Code: ' . $code);
            $sms->setRecipient($mobile);
            $response = $sms->send();
        }
        $response['success'] = "true";
        echo json_encode($response);
        exit;
    }

    protected function editAction()
    {
        $this->layout()->setTemplate("UserProfile/Form");
        $this->layout()->set("userprofile", $this->me);
    }

    protected function saveAction()
    {
        $r = $this->request;
        $id = $this->me->id;
        $User = new User($id);
        $data = [];
        if ($User->twofactor != 0) {
            $requestcode2fa = $r->code;
            $userCode2fa = $User->twofactorcode;
            if (!trim($requestcode2fa)) {
                $this->layout()->setFlash("Verifizierungscode ", "error");
                $this->redirect("UserProfile/edit");
            } else if ($requestcode2fa != $userCode2fa) {
                $this->layout()->setFlash("Verifizierungscode ungültig", "error");
                $this->redirect("UserProfile/edit");
            }
            $data['twofactorcode'] = NULL;
            $data['twofactortimestamp'] = NULL;
        }


        $data['name'] = trim($r->name);
        if ($User->twofactor != 1) {
            $data['email'] = trim($r->email);
            if (!$data['email']) {
                $this->layout()->setFlash("Email darf nicht leer sein", "error");
                $this->redirect("UserProfile/edit");
            }
        }
        if ($User->twofactor != 2) {
            $data['mobile'] = trim($r->mobile);
        }
        if (!$data['name']) {
            $this->layout()->setFlash("Name darf nicht leer sein", "error");
            $this->redirect("UserProfile/edit");
        }

        if ($data['mobile'] && substr($data['mobile'], 0, 1) != "+") {
            $this->layout()->setFlash("Telefonnummer im Format +436641122334455 eingeben", "error");
            $this->redirect("UserProfile/edit");
        }

        $User->update($data);
        $User->save();
        $this->layout()->setFlash("Benutzerprofil erfolgreich geändert", "success");

        $this->redirect("UserProfile");
    }

    protected function changepwdAction()
    {
        $r = $this->request;
        $id = $this->me->id;
        $pwd = $this->me->password;
        $oldpwd = trim($r->oldpwd);
        $newpwd = trim($r->newpwd);
        $checkpwd = trim($r->checkpwd);
        $User = new User($id);
        $data = [];


        $salt = substr($pwd, 0, 16);
        $passhash = mfLoginController::generatePasswordHash($oldpwd, $salt);
        if (!$oldpwd) {
            $this->layout()->setFlash("altes Passwort darf nicht leer sein", "error");
            $this->redirect("UserProfile");
        }
        if (!$newpwd) {
            $this->layout()->setFlash("neues Passwort darf nicht leer sein", "error");
            $this->redirect("UserProfile");
        }

        if ($pwd != $passhash) {
            $this->layout()->setFlash("altes Passwort falsch", "error");
            $this->redirect("UserProfile");
        }
        if (strlen($newpwd) < 8) {
            $this->layout()->setFlash("neues Passwort muss min. 8 Zeichen haben", "error");
            $this->redirect("UserProfile");
        }
        if ($newpwd != $checkpwd) {
            $this->layout()->setFlash("Passwörter stimmen nicht überein", "error");
            $this->redirect("UserProfile");
        }

        $newpasshash = mfLoginController::generatePasswordHash($newpwd);
        $data['password'] = $newpasshash;
        $User->update($data);
        $User->save();
        $this->layout()->setFlash("Passwort erfolgreich geändert", "success");
        $this->redirect("UserProfile");


    }

    protected function code2faaction()
    {
        $r = $this->request;
        $code = rand(0, 99999);
        $code = str_pad($code, 5, 0, STR_PAD_LEFT);
        $id = $this->me->id;
        $emailaddress = $this->me->email;
        $mobile = str_replace('+', '', $this->me->mobile);
        $mobile = str_replace(' ', '', $mobile);
        $verification = $r->twofactor;

        $User = new User($id);
        $data = [];
        $data['twofactorcode'] = $code;
        $data['twofactortimestamp'] = time();
        $User->update($data);
        $User->save();
        if ($verification == 1) {
            $email = new Emailnotification();
            $email->setSubject('Authentifizierungscode');
            $email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
            $email->setBody($code);
            $email->setTo($emailaddress);
            $email->send();
        } else if ($verification == 2) {
            if (!$this->me->mobile) {
                $this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
                $this->redirect("UserProfile");
            }
            $sms = new SmsNotification();
            $sms->setBody('Xinon 2FA Code: ' . $code);
            $sms->setRecipient($mobile);
            $sms->send();
        }
        $this->layout()->setTemplate("UserProfile/Index");
        $this->layout()->set("verification", $verification);
        $this->layout()->set("userprofile", $this->me);
    }

    protected function activate2faaction()
    {
        $r = $this->request;
        $reqCode = $r->code;
        $twofactorcode = $this->me->twofactorcode;
        $twofactortimestamp = $this->me->twofactortimestamp;
        $timeSecond = time() - $twofactortimestamp;

        if ($timeSecond <= 300 && $reqCode == $twofactorcode) {
            $id = $this->me->id;
            $User = new User($id);
            $data['twofactor'] = $r->twofactor;
            $data['twofactorcode'] = NULL;
            $data['twofactortimestamp'] = NULL;

            $User->update($data);
            $User->save();
            $this->layout()->setFlash("Zwei-Faktor-Authentifizierung aktiv", "success");
            $this->redirect("UserProfile");
        } else {
            $verification = $r->twofactor;
            $this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
            $this->layout()->setTemplate("UserProfile/Index");
            $this->layout()->set("verification", $verification);
            $this->layout()->set("userprofile", $this->me);
        }
    }

    protected function change2faaction()
    {
        if ($this->request->twofactor == 2) {
            if (!$this->me->mobile) {
                $this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
                $this->redirect("UserProfile");
            }
        }
        $this->code2faaction();
    }
}