<?php

function processPostData($db, $post, $redirectLocation = '.')
{
	sleep(1);
	if ($post['action']) {
		// if there is a redirectlocation, set it
		if ($post['redirectLocation']) {
			$redirectLocation = $post['redirectLocation'];
		}

		// change a users password
		if ($post['action'] == 'changePassword') {
			$success = changePassword(
				$db,
				$post['changerId'],
				$post['changeeId'],
				$post['changerPassword'],
				$post['newPassword'],
				$post['newPasswordAgain']
			);
			// append success to the redirectlocation
			if ($success) {
				$redirectLocation .= '?changePasswordSuccess=true';
			} else {
				$redirectLocation .= '?changePasswordSuccess=false';
			}
		}// end changePassword

		// redirect to the redirectlocation
		header('Location: ' . $redirectLocation);
	}// end processing action
	return;
}

function sendEmail($toEmail, $emailText, $emailSubject)
{
	try {
		$date = new DateTime();
		mail(
			$toEmail,
			$emailSubject,
			$emailText
		);
	} catch(Exception $e) {
		echo 'Message: ' . $e->getMessage();
	}
}

function attendancesAssocArray2text($attendancesAssocArray)
{
	$ret = '';
	foreach ($attendancesAssocArray as $date => $attendees) {
		$ret .= $date . "\n";
		foreach ($attendees as $a) {
			$ret .= "\n";
			$ret .= 'Name: ' . $a['name'] . ', ' . $a['vorname'] . "\n";
			$ret .= 'PLZ: ' . $a['corona_PLZ'] . "\n";
			$ret .= 'Tel.: ' . $a['corona_telephon'] . "\n";
			$ret .= 'eMail: ' . $a['corona_eMail'] . "\n";
		}
		$ret .= "\n";
	}
	return $ret;
}

function attendancesAssocArray2mdList($attendancesAssocArray, $date = null)
{
	if ($date == null) {
		$date = new DateTime();
	}
	$ret = '# Anwesenheitsliste zur Corona-Kontaktverfolgung der Abteilung Judo des CWSV vom ' . $date->format('Y-m-d') . "\n\n";
	foreach ($attendancesAssocArray as $d => $attendees) {
		$ret .= '## ' . $d . "\n";
		$i = 0;
		foreach ($attendees as $a) {
			$i += 1;
			$ret .= "\n";
			$ret .= $i . ' ' . $a['name'] . ', ' . $a['vorname'] . "\n";
			$ret .= '    - PLZ: ' . $a['corona_PLZ'] . "\n";
			$ret .= '    - Tel.: ' . $a['corona_telephon'] . "\n";
			$ret .= '    - eMail: ' . $a['corona_eMail'] . "\n";
		}
		$ret .= "\n";
	}
	return $ret;
}

//! Checks if multiple keys exist in an array
//!
//! @param array $array array to check for key
//! @param array|string $keys keys to check for
//!
//! @return bool true, if *all* keys are set in the array
function array_keys_exist(array $array, $keys)
{
	if (!is_array($keys)) {
		$keys = func_get_args();
		array_shift($keys);
	}
	$count = 0;
	foreach ($keys as $key) {
		if (isset($array[$key]) || array_key_exists($key, $array)) {
			$count++;
		}
	}

	return count($keys) === $count;
}

/// updates users password without checking any rights
/// params:
/// - $db : pdoDbConnection to use
/// - $userId : id of the user with the password to change
/// - $password : the password to set
function updateUserPassword($db, $userId, $password)
{
	// we don't save the actual password but it's hash
	if ($password != '') {
		$password = password_hash($password, PASSWORD_DEFAULT);
	} else {
		$password = null;
	}

	$query = 'UPDATE `cwsvjudo`.`wkParticipo_Users` SET `pwHash`=:val WHERE `id`=:id;';
	$params = [
		':val' => ['value' => $password, 'data_type' => PDO::PARAM_STR],
		':id' => ['value' => $userId,   'data_type' => PDO::PARAM_INT]
	];
	dbConnector::query($query, $params);

	return;
}

/// Change a users password (apiFunction)
/// params:
/// - $db: dbConnection to use
/// - $changerId: userId who changes the password
/// - $changeeId: userId whose password should be changed
/// - $ownPassword: password of the user who changes the password
/// - $newPassword: the new password
/// - $newPasswordAgain: controllInput of the new password
function changePassword($db, $changerId, $changeeId, $changerPassword, $newPassword, $newPasswordAgain)
{
	// we need a dbConnection
	if (!$db) {
//		echo("No DB!");
		return false;
	}

	$changerInfo = getUserData($db, $changerId);

	// check the password of the changer
	if (!password_verify($changerPassword, $changerInfo['pwHash'])) {
//		echo("Wrong changerPasswod");
		return false;
	}

	// check if the changer is allowed to change the changees password
	if ($changerId != $changeeId) {
		$changersKidsIds = getUsersKidsIds($db, $changerId);

//		if( !in_array($changeeId, $changersKidsIds) ){
		if (!isUserInKidIds($changeeId, $changersKidsIds)) {
			// echo("not your child: ".$changeeId." not in ");
			// var_dump($changersKidsIds);
			return false;
		}
	}

	// check if the two inputs are the same
	if ($newPassword != $newPasswordAgain) {
//		echo("new pw missmatch");
		return false;
	}

	updateUserPassword($db, $changeeId, $newPassword);

	return true;
}