<?php
if ( ! isset($_GET["page"]) || $_GET["page"] != "action" ){
	header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
	ob_clean();
	exit;
}

if ( ! isset($_GET["task"]) || $_GET["task"] == "" ){
	header($_SERVER["SERVER_PROTOCOL"] . "400 Wrong Request");
	header("Location: /?page=index");
	ob_clean();
	exit;
}

switch($_GET["task"]){
	case("login"):
		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
			ob_clean();
			echo "Method not allowed";
			exit;
		}
		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["password"]) || $_POST["password"] == "" ){
			print_login("missing");
		} else 	if ( $user->login($_POST["name"], $_POST["password"]) ){
			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
			header("Location: /?page=" . $_GET["goto"]);
			ob_clean();
			exit;
		} else {
			print_login("password");
		}
		break;

	case("register"):
		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
			ob_clean();
			echo "Method not allowed";
			exit;
		}
		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["password"]) || $_POST["password"] == "" || ! isset($_POST["confirm"]) || $_POST["confirm"] == "" || ! isset($_POST["key"])){
			print_login("missing");
		} 
		else if ( $_POST["key"] != INVITEKEY ){
			print_login("key");
		} 
		else if ( $_POST["password"] != $_POST["confirm"]){
			print_login("password");
		} else {
			if ( ! isset($_POST["email"]) || $_POST["email"] == "" ){
				$email = "null";
				$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX . "user WHERE name = %s LIMIT 1;", $_POST["name"]);
			}
			else {
				$email = $_POST["email"];
				$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX . "user WHERE name = %s OR email = %s LIMIT 1", $_POST["name"], $_POST["email"]);	
			}	
			$check_db = $db->doQuery($sql);
			$check_ar = $check_db->fetch_array(MYSQLI_NUM);
			if ( $check_ar[0] == 1) {
				print_login("double");
			} else {
				if ( ! $user->register($_POST["name"], $_POST["password"], $email))
					print_login("database");
				else {
					header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
					header("Location: /?page=" . $_GET["goto"]);
					ob_clean();
					exit;
				}
			}
		} 
		break;

	case("update"):
		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
			ob_clean();
			echo "Method not allowed";
			exit;
		}
		if ( ! isset($_GET["id"]) || $_GET["id"] == 0 || $_GET["id"] == "" ){
			print_list("update");
		} else {
			$sql = $db->prepare("UPDATE " . DBPREFIX . "member SET name = %s, adresse = %s, telefonnummer = %s, handynummer = %s, email = %s, geburtstag = %s WHERE member_id = %d;", 
				$_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"], $_GET["id"]
			);
			if ( ! $sql ){
				ob_clean();
				echo "SQL preparation failed.";
				exit;
			}
			if ( $result = $db->doQuery($sql) ){
				header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
				header("Location: /?page=" . $_GET["goto"]);
				$c->flush();
			}
		}
		break;

	case("add"):
		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
			echo "Method not allowed";
			exit;
		}
		$sql = $db->prepare("INSERT INTO " . DBPREFIX . "member (member_id, name, adresse, telefonnummer, handynummer, email, geburtstag) VALUES (NULL, %s, %s, %s, %s, %s, %s);", 
			 $_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"]
		);
		if ( ! $sql ){
			echo "SQL preparation failed.";
			exit;
		}
		if ( $result = $db->doQuery($sql) ){
			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
			header("Location: /?page=" . $_GET["goto"]);
			$c->flush($_GET["_flush"]);
		}
		break;
	case("account"):
		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
			echo "Method not allowed";
			exit;
		}
		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["confirm"]) || $_POST["confirm"] == ""){
			print_account("info");
		} else if ( ! isset($_POST["email"]) ){
			$_POST["email"] = "";
		} else if ( ! password_verify($_POST["confirm"] . PEPPER , $user->getPassword()) ) {
			print_account("password");
		} else {
			$sql = false;
			$check_ar[0] = 0;
			if ( $_POST["name"] != $_SESSION["username"]){
			
				if ( isset($_POST["email"]) && $_POST["email"] != "" && $_POST["email"] != $user->getEmail() )
					$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX ."user WHERE name = %s OR email = %s ;", $_POST["name"], $_POST["email"]);
				else
					$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX ."user WHERE name = %s ;", $_POST["name"]);

			} else 	if ( isset($_POST["email"]) && $_POST["email"] != "" && $_POST["email"] != $user->getEmail() ){
					$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX ."user WHERE email = %s ;", $_POST["email"]);

			} else if ( $_POST["password"] == "" ){
				redirect("account");
			}
			
			if ( $sql ){
				$check_db = $db->doQuery($sql);
				$check_ar = $check_db->fetch_array(MYSQLI_NUM);
			}
			
			if ( $check_ar[0] == 1){
				print_account("double");
			} else {
				if ( $_POST["password"] != $_POST["confirm"] && $_POST["password"] != "" ){
					$sql = $db->prepare("UPDATE " . DBPREFIX . "user SET name = %s, password = %s, email = %s WHERE id = %d;", $_POST["name"] , password_hash($_POST["password"]. PEPPER, PASSWORD_DEFAULT),  $_POST["email"], $_SESSION["userid"]);
				} else
					$sql = $db->prepare("UPDATE " . DBPREFIX . "user SET name = %s,  email = %s WHERE id = %d;", $_POST["name"], $_POST["email"], $_SESSION["userid"]);
				if ( ! $db->doQuery($sql) ){
				
					echo $sql;
					print_account("database");
				} else
					$_SESSION["username"] = $_POST["name"];
					redirect("account&success=1");
			}
		}
		break;
	case("recover"):
		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
			echo "Method not allowed";
			exit;
		}
		$sql = $db->prepare("SELECT 1, name FROM " . DBPREFIX . "user WHERE email = %s ;", $_POST["email"]);
		$result_db = $db->doQuery($sql);
		$result_ar = $result_db->fetch_array(MYSQLI_NUM);
		if ( $result_ar[0] == 1){
			
			$arr = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "_", "-");
			$password = "";
			$l = count($arr) -1 ;
			for ($i=0;$i<10;$i++){
				$r = mt_rand(0, $l);
				$password.=$arr[$r];
			}

			$hash = password_hash($password . PEPPER, PASSWORD_DEFAULT);
			$sql = $db->prepare("UPDATE " . DBPREFIX . "user SET password = %s WHERE email = %s ;", $hash, $_POST["email"]);
			if ( ! $db->doQuery($sql) )
				redirect("recover&track=0");

			$body = 
"Hello,
someone requested a new password for '".$result_ar[1]."' on https://jungegemeinde.iamfabulous.de.
The new password is '". $password ."'. Remember to change it immediately at https://jungegemeinde.iamfabulous.de/?page=account after successfull login.

Kindly regards,
JG Adlershof";

			// header injection
			mail($_POST["email"], "JG: Passwort Reset", $body, "From: JG Adlershof <noreply@jungegemeinde.iamfabulous.de>\r\n" );
			redirect("recover&track=1");
		} else {
			redirect("recover&track=0");
		}
		break;
}