<?php

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/**
 * Make things happen when buttons are pressed and forms submitted.
 */
require_once __DIR__ . "/required.php";

use OTPHP\TOTP;

// If the user presses Sign Out but we're not logged in anymore,
// we don't want to show a nasty error.
if ($VARS['action'] == 'signout' && $_SESSION['loggedin'] != true) {
    session_destroy();
    header('Location: index.php');
    die("Logged out (session was expired anyways).");
}

dieifnotloggedin();

function returnToSender($msg, $arg = "") {
    global $VARS;
    $header = "Location: app.php?page=" . urlencode($VARS['source']) . "&msg=$msg";
    if ($arg != "") {
        $header .= "&arg=$arg";
    }
    header($header);
    die();
}

switch ($VARS['action']) {
    case "signout":
        Log::insert(LogType::LOGOUT, $_SESSION['uid']);
        session_destroy();
        header('Location: index.php?logout=1');
        die("Logged out.");
    case "chpasswd":
        engageRateLimit();
        $error = [];
        $user = new User($_SESSION['uid']);
        try {
            $result = $user->changePassword($VARS['oldpass'], $VARS['newpass'], $VARS['conpass']);

            if ($result === TRUE) {
                returnToSender("password_updated");
            }
        } catch (PasswordMatchException $e) {
            returnToSender("passwords_same");
        } catch (PasswordMismatchException $e) {
            returnToSender("new_password_mismatch");
        } catch (IncorrectPasswordException $e) {
            returnToSender("old_password_mismatch");
        } catch (WeakPasswordException $e) {
            returnToSender("weak_password");
        }
        break;
    case "chpin":
        engageRateLimit();
        $error = [];
        if (!($VARS['newpin'] == "" || (is_numeric($VARS['newpin']) && strlen($VARS['newpin']) >= 1 && strlen($VARS['newpin']) <= 8))) {
            returnToSender("invalid_pin_format");
        }
        if ($VARS['newpin'] == $VARS['conpin']) {
            $database->update('accounts', ['pin' => ($VARS['newpin'] == "" ? null : $VARS['newpin'])], ['uid' => $_SESSION['uid']]);
            returnToSender("pin_updated");
        }
        returnToSender("new_pin_mismatch");
        break;
    case "add2fa":
        if (empty($VARS['secret'])) {
            returnToSender("invalid_parameters");
        }
        $user = new User($_SESSION['uid']);
        $totp = new TOTP(null, $VARS['secret']);
        if (!$totp->verify($VARS["totpcode"])) {
            returnToSender("2fa_wrong_code");
        }
        $user->save2fa($VARS['secret']);
        Log::insert(LogType::ADDED_2FA, $user);
        returnToSender("2fa_enabled");
    case "rm2fa":
        engageRateLimit();
        (new User($_SESSION['uid']))->save2fa("");
        Log::insert(LogType::REMOVED_2FA, $_SESSION['uid']);
        returnToSender("2fa_removed");
        break;
    case "readnotification":
        $user = new User($_SESSION['uid']);

        if (empty($VARS['id'])) {
            returnToSender("invalid_parameters#notifications");
        }
        try {
            Notifications::read($user, $VARS['id']);
            returnToSender("#notifications");
        } catch (Exception $ex) {
            returnToSender("invalid_parameters#notifications");
        }
        break;
    case "deletenotification":
        $user = new User($_SESSION['uid']);

        if (empty($VARS['id'])) {
            returnToSender("invalid_parameters#notifications");
        }
        try {
            Notifications::delete($user, $VARS['id']);
            returnToSender("notification_deleted#notifications");
        } catch (Exception $ex) {
            returnToSender("invalid_parameters#notifications");
        }
        break;
    case "resetfeedkey":
        $database->delete('userkeys', ['AND' => ['uid' => $_SESSION['uid'], 'typeid' => 1]]);
        returnToSender("feed_key_reset");
        break;
}