<?php

$SESSION_COOKIE_NAME = "connection_id";
$MAX_COOKIE_LIFE = time() + 86400 * 30; // 30 days max
$MINIMAL_PASSWORD_LENGTH = 8;

$config_array = json_decode(file_get_contents("config.json", true));

$dsn = $config_array->{"kind"} . ":dbname="
    . $config_array->{"dbname"} . ";host=" . $config_array->{"host"};
$PDO = new PDO($dsn, $config_array->{"user"}, $config_array->{"password"});
$PDO->query('SET CHARSET UTF8');

function is_https()
{
    return (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
}

function generate_random_string()
{
    return substr(str_shuffle(MD5(microtime())), 0, 32);
}

function connect_user($user_id, $long_expiration = true)
{
    global $PDO, $SESSION_COOKIE_NAME, $MAX_COOKIE_LIFE;

    // Set an expiration delay for the cookie
    $delay = 0;
    if ($long_expiration === true) {
        $delay = $MAX_COOKIE_LIFE;
    }

    // The session id is a 32-chars random string
    $session_id = generate_random_string();

    $sql = "INSERT INTO sessions(user_id, connection_eol, session_id) 
        VALUES (:user_id, :connection_eol, :session_id);";
    $query = $PDO->prepare($sql);

    $query->bindValue(":user_id", $user_id);
    if ($long_expiration === true) {
        $query->bindValue(
            ":connection_eol",
            date('Y-m-d H:i:s', strtotime(
                "$MAX_COOKIE_LIFE seconds",
                strtotime(date("Y-m-d H:i:s"))
            ))
        );
    } else {
        $query->bindValue(":connection_eol", null, PDO::PARAM_INT);
    }
    $query->bindValue(":session_id", $session_id);

    if ($query->execute()) {
        return setcookie(
            $SESSION_COOKIE_NAME,
            $session_id,
            $delay,
            $secure = true
        );
    }
    return false;
}

function clean_old_sessions()
{
    global $PDO;

    $sql = "DELETE FROM sessions WHERE connection_eol > CURRENT_TIMESTAMP();";
    $query = $PDO->prepare($sql);
    return $query->execute();
}

function is_connected()
{
    global $PDO, $SESSION_COOKIE_NAME;

    if (isset($_COOKIE[$SESSION_COOKIE_NAME])) {
        if (!clean_old_sessions()) {
            return false;
        }

        $sql = "SELECT * FROM sessions INNER JOIN accounts ON sessions.user_id = accounts.id WHERE session_id = :session_id;";
        $query = $PDO->prepare($sql);

        $query->bindValue(":session_id", $_COOKIE[$SESSION_COOKIE_NAME]);
        if ($query->execute()) {
            if ($query->rowCount() === 1) {
                return true;
            } else {
                return false;
            }
        } else {
            return false;
        }
    }
    return false;
}

function disconnect()
{
    global $PDO, $SESSION_COOKIE_NAME;

    if (isset($_COOKIE[$SESSION_COOKIE_NAME])) {
        $sql = "DELETE FROM sessions WHERE session_id = :session_id;";
        $query = $PDO->prepare($sql);
        $query->bindValue(":session_id", $_COOKIE[$SESSION_COOKIE_NAME]);
        $query->execute();
        setcookie($SESSION_COOKIE_NAME, "", time() - 3600);
    }
}

function get_username_count($email)
{
    global $PDO;

    $sql = "SELECT email FROM accounts WHERE email = :email;";
    $query = $PDO->prepare($sql);
    $query->bindValue(":email", $email);

    if ($query->execute()) {
        return $query->rowCount();
    }
    return false;
}

function correct_email_password($email, $password)
{
    global $PDO;

    $sql = "SELECT email, password FROM accounts WHERE email = :email;";
    $query = $PDO->prepare($sql);
    $query->bindValue(":email", $email);

    if ($query->execute()) {
        foreach ($query as $row) {
            return password_verify($password, $row["password"]);
        }
    }
    return false;
}

function get_user_id_from_email($email)
{
    global $PDO;

    $sql = "SELECT id FROM accounts WHERE email = :email;";
    $query = $PDO->prepare($sql);
    $query->bindValue(":email", $email);

    if ($query->execute()) {
        foreach ($query as $row) {
            return $row["id"];
        }
    }
    return false;
}

function get_user_info_from_session_id($session_id, $info)
{
    global $PDO, $SESSION_COOKIE_NAME;

    if (isset($_COOKIE[$SESSION_COOKIE_NAME])) {
        $sql = "SELECT * FROM accounts 
            INNER JOIN sessions 
            ON sessions.user_id = accounts.id 
            WHERE session_id = :session_id;";
        $query = $PDO->prepare($sql);
        $query->bindValue(":session_id", $session_id);
        if ($query->execute())
            foreach ($query as $row) {
                switch ($info) {
                    case "email":
                    case "first_name":
                    case "last_name":
                    case "public_id":
                        return $row[$info];
                    default;
                        break;
                }
            }
    }
    return false;
}

function add_user($email, $first_name, $last_name, $clear_password)
{
    global $PDO;

    $password_hash = password_hash($clear_password, PASSWORD_DEFAULT);

    $sql = "INSERT INTO accounts(email, first_name, last_name, password, public_id)
    VALUES (:email, :first_name, :last_name, :password, :public_id);";
    $query = $PDO->prepare($sql);
    $query->bindValue(":email", $email);
    $query->bindValue(":first_name", $first_name);
    $query->bindValue(":last_name", $last_name);
    $query->bindValue(":password", $password_hash);
    $query->bindValue(":public_id", generate_random_string());
    return $query->execute();
}