<?php
/*
#  Copyright (c) 2012, Gjøvik University College
#  All rights reserved.

#  Redistribution and use in source and binary forms, with or without
#  modification, are permitted provided that the following conditions are met:
#      * Redistributions of source code must retain the above copyright
#        notice, this list of conditions and the following disclaimer.
#      * Redistributions in binary form must reproduce the above copyright
#        notice, this list of conditions and the following disclaimer in the
#        documentation and/or other materials provided with the distribution.
#      * Neither the name of the Gjøvik University College nor the
#        names of its contributors may be used to endorse or promote products
#        derived from this software without specific prior written permission.
#  
#  THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
#  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
#  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
#  DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
#  DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
#  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
#  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
#  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
#  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('config.php');
require_once('lib/common_functions.php');
require_once('lib/db_functions.php');

$config = get_config();

function generate_password( $length = null )
{
	global $config;
	if ( ! $length ) $length = $config['standard_password_length'];

	$string = "";
	 while ( strlen( $string ) < $length )
	 {
		$string .= crypt(substr(md5(rand().rand()), 0, $length+1));
		$string = preg_replace( '/\W/', '', $string);
	 }
	return substr( $string, 1, $length );

}


function is_kamailio_subscriber ( $user, $domain )
{
	global $config;
	$query = sprintf("SELECT username FROM %s WHERE username = '%s' AND domain = '%s'",
		$config['kamailio_subscriber_table'],
		sql_clean( $user ),
		sql_clean( $domain )
	);
	return sql_dbtest_numrows( $config['kamailio_db'], $query, 1);
}

function is_provision_user ( $user, $domain )
{
	global $config;
	$query = sprintf("SELECT username FROM %s WHERE username = '%s' AND domain = '%s'",
		$config['hermes_users_table'],
		sql_clean( $user ),
		sql_clean( $domain )
	);
	return sql_dbtest_numrows( $config['hermes_db'], $query, 1);
}

function add_kamailio_subscriber( $username, $domain, $password, $email )
{

	global $config;

	$ha1  = md5( $username . ":" . $domain . ":" . $password );
	$ha1b = md5( $username . "@" . $domain . ":" . $domain . ":" . $password );

	$query = sprintf( "INSERT INTO %s (username, domain, password, email_address, ha1, ha1b) VALUES ('%s','%s','%s', '%s', '%s', '%s')",
		$config['kamailio_subscriber_table'],
		sql_clean($username),
		sql_clean($domain),
		sql_clean($password),
		sql_clean($email),
		$ha1,
		$ha1b
	);
	if ( ! sql_dbexec( $config['kamailio_db'], $query ) ) return false;
	return true;
}

function delete_kamailio_subscriber( $username, $domain )
{
	global $config;


	$query = sprintf("SELECT id FROM %s WHERE username = '%s' AND domain = '%s'",
		$config['kamailio_subscriber_table'],
		sql_clean($username),
		sql_clean($domain)
	);
	$row = sql_dbquery_single( $config['kamailio_db'], $query );
	if  (!$row) return false;
	$user_rowid = $row['id'];
	if ( !$user_rowid ) return false;

	$query = sprintf( "DELETE FROM  %s WHERE id = %d AND username = '%s' AND domain = '%s'",
		$config['kamailio_subscriber_table'],
		$user_rowid,
		sql_clean($username),
		sql_clean($domain)
	);
	if ( sql_dbexec_rows( $config['kamailio_db'], $query) != 1 ) return false;
	return true;
}


function update_kamailio_pw ( $username, $domain, $password )
{
	global $config;

	if ( ! ($username && $domain && $password))
		return false;

	$query = sprintf("UPDATE %s SET password = '%s' WHERE username = '%s' AND domain = '%s'",
		$config['kamailio_subscriber_table'],
		sql_clean($password),
		sql_clean($username),
		sql_clean($domain)
	
	);
	if ( sql_dbexec_rows( $config['kamailio_db'], $query) != 1 ) return false;
	return true;
}

function update_kamailio_email ( $username, $domain, $email )
{
	global $config;

	if ( ! ($username && $domain && $email))
		return false;

	$query = sprintf("UPDATE %s SET email_address = '%s' WHERE username = '%s' AND domain = '%s'",
		$config['kamailio_subscriber_table'],
		sql_clean($email),
		sql_clean($username),
		sql_clean($domain)
	
	);
	if ( sql_dbexec_rows( $config['kamailio_db'], $query) != 1 ) return false;
	return true;
}


function add_provision_user( $username, $password, $domain, $authid, $registrar, $r_port, $proxy, $p_port, $displayname, $dialplan, $linetext )
{	global $config;

	if ( is_provision_user( $username, $password ) ) return false;
	$query = sprintf ("INSERT INTO %s ( username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext )
		VALUES ('%s', '%s', '%s', '%s', '%s', %d, '%s', %d, '%s', '%s', '%s')",
		$config['hermes_users_table'],
		sql_clean($username), 
		sql_clean($password), 
		sql_clean($displayname), 
		sql_clean($domain), 
		sql_clean($registrar), 
		$r_port, 
		sql_clean($proxy), 
		$p_port, 
		sql_clean($dialplan), 
		sql_clean($authid), 
		sql_clean($linetext)
	);
	if ( ! sql_dbexec( $config['hermes_db'], $query ) ) return false;
	return true;
}
function get_provision_userid ( $username, $domain )
{
	global $config;

	$query = sprintf("SELECT id FROM %s WHERE username = '%s' AND domain = '%s'",
		$config['hermes_users_table'],
		sql_clean($username),
		sql_clean($domain)
	);

	$row = sql_dbquery_single( $config['hermes_db'], $query );
	if  (!$row) return false;
	$user_rowid = $row['id'];
	return $user_rowid;
}

function delete_provision_user( $username, $domain )
{
	global $config;

	$user_rowid = get_provision_userid( $username, $domain );
	if ( !$user_rowid ) return false;

	$query = sprintf( "DELETE FROM  %s WHERE id = %d AND username = '%s' AND domain = '%s'",
		$config['hermes_users_table'],
		$user_rowid,
		sql_clean($username),
		sql_clean($domain)
	);
	if ( sql_dbexec_rows( $config['hermes_db'], $query) != 1 ) return false;
	return true;
}

function update_provision_data ( $param, $username, $domain, $data )
{
	global $config;

	if (! (
		$param == "displayname" ||
		$param == "dialplan" ||
		$param == "linetext" ||
		$param == "registrar" ||
		$param == "r_port" ||
		$param == "proxy" ||
		$param == "p_port"
		) ) return -1;


	if ( ! ($username && $domain))
		return -1;

	if ( ! is_provision_user( $username, $domain ) )
		return -2;

	$query = sprintf("UPDATE %s SET %s = '%s' WHERE username = '%s' AND domain = '%s'",
		$config['hermes_users_table'],
		sql_clean($param),
		sql_clean($data),
		sql_clean($username),
		sql_clean($domain)
	
	);
	$res = sql_dbexec_rows( $config['hermes_db'], $query);

	if ( $res < 0 ) return -2;
	if ( $res > 1 ) return -2;
	return  $res;
}

function update_provision_pw ( $username, $domain, $password )
{
	global $config;

	if ( ! ($username && $domain && $password))
		return false;

	$query = sprintf("UPDATE %s SET password = '%s' WHERE username = '%s' AND domain = '%s'",
		$config['hermes_users_table'],
		sql_clean($password),
		sql_clean($username),
		sql_clean($domain)
	
	);
	if ( sql_dbexec_rows( $config['hermes_db'], $query) != 1 ) return false;
	return true;
}

function list_users ( $search = null )
{
	global $config;
	$query = sprintf("SELECT CONCAT(username, '@', domain), displayname FROM %s ORDER BY username,domain", $config['hermes_users_table'] );

	if ( array_key_exists ( 'search', $_POST ) )
	{
		$search = $_POST['search']; // TODO: Add some sanitation and input validation!
		$query = sprintf("SELECT CONCAT(username, '@', domain) FROM %s WHERE CONCAT(username, '@', domain) LIKE '%%%s%%' ORDER BY username,domain", $config['hermes_users_table'], sql_clean( $search ) );
	}

	$result = sql_dbquery( $config['hermes_db'], $query );
	if ( !$result ) return null;
	$list = array();
	while ( $row = @mysql_fetch_row( $result ) )
	{
		array_push( $list, array( "user" => $row[0], "displayname" => $row[1] ) );
	}
	return $list;
	print json_encode( array( 'response' => 'ok', 'list' => $list ));


}
function get_userdata( $username, $domain )
{
	global $config;
	if ( is_kamailio_subscriber( $username, $domain ) // User must be present in both!
		&& is_provision_user( $username, $domain ) ) $type = 'local';
	else if ( is_provision_user( $username, $domain ) ) $type = 'remote';
	else return null;

	$provision_data = null;
	$kamailio_data = null;

	$query_provision = sprintf ("SELECT id, username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext FROM %s WHERE username = '%s' AND domain = '%s'",
		$config['hermes_users_table'],
		sql_clean($username),
		sql_clean($domain));

	$provision_data = sql_dbquery_single( $config['hermes_db'] , $query_provision );
	if ( ! $provision_data ) return false;

	if ( $type == 'local' )
	{
		// WARNING: Note the typo in the name of the 'permittedcalls' column!
		$query_kamailio = sprintf ("SELECT id, username, domain, password, email_address, ha1, ha1b, rpid, permittedcalls FROM %s WHERE username = '%s' AND domain = '%s'",
			$config['kamailio_subscriber_table'],
			sql_clean($username),
			sql_clean($domain));
		$kamailio_data = sql_dbquery_single( $config['kamailio_db'] , $query_kamailio );
		if ( ! $kamailio_data ) return false;
	}
	$user['type'] = $type;
	$user['username']    = $provision_data['username'];
	$user['password']    = $provision_data['password'];
	$user['domain']      = $provision_data['domain'];
	$user['authid']      = $provision_data['authid'];
	$user['registrar']   = $provision_data['registrar'];
	$user['r_port']      = $provision_data['r_port'];
	$user['proxy']       = $provision_data['proxy'];
	$user['p_port']      = $provision_data['p_port'];
	$user['dialplan']    = $provision_data['dialplan'];
	$user['displayname'] = $provision_data['displayname'];
	$user['linetext']    = $provision_data['linetext'];
	if ( $type == 'local' )
	{
		$user['email'] = $kamailio_data['email_address'];
		$user['ha1']   = $kamailio_data['ha1'];
		$user['ha1b']  = $kamailio_data['ha1b'];
		$user['rpid']  = $kamailio_data['rpid'];
		$user['permittedcalls'] = $kamailio_data['permitedcalls'];
	}

	return $user;
}
	
?>