<?php
/***
 *  TABS Asterisk Billing System
 *  Copyright (C) 2008  Thusa Business Support (Pty) Ltd.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 * 
 ***/

/**
* Edit User form 
*
* Edit a user in the database
* @author Tristan Coetzee
* @version 0.1.0
*/

//{{{ includes
  require_once 'include/initialisation.inc.php';
//}}}

//{{{ custom initialisation
  $tpl->setTPL("user_form.tpl");
//}}}

function process_data($args)  {
/**
* Process Data 
*
* This is the callback function to handle the processing of the QF
* @author Tristan Coetzee
* @param $args Contains the form variables supplied by HTML_QF
* @version 0.1.0
*/
  global $LUA;
  global $LU;
  global $ini;
  global $SIPconf;
  
//{{{ define and set liveuser default user type
//    $user_type = LIVEUSER_ANONYMOUS_TYPE_ID;   // lowest user level: anonymous
  $user_type = LIVEUSER_USER_TYPE_ID;        // highest user level
//    $user_type = LIVEUSER_ADMIN_TYPE_ID;       // lowest admin level
//    $user_type = LIVEUSER_AREAADMIN_TYPE_ID;   // area admin level (lookup area admin)
//    $user_type = LIVEUSER_SUPERADMIN_TYPE_ID;  // all rights granted
//    $user_type = LIVEUSER_MASTERADMIN_TYPE_ID; // highest admin level
//}}}
  if('Change Password!'==$args['btnAddEdit']) {
    $user_data = array(
      'passwd'=>$args['lu_passwd'],
      'perm_type'=>$user_type
    );
  
    $update_res = $LUA->updateUser($user_data,$args['lu_perm_user_id']);
    if ($update_res===false)  {
      //print_r($LUA->getErrors());
      return "Error updating password";
    } else {
      return "Password changed successfully";
    }
  }
  if('Edit User!'==$args['btnAddEdit'])  {
    //submit button was pressed
    $user_data = array(
      'auth_user_id'=>$args['lu_auth_user_id'],
      'handle'=>$args['lu_handle'],
      'is_active'=>$args['sel_isActive'],
      'user_alias'=>$args['txtUserAlias'],
      'user_email'=>$args['txtUserEmail'],
      'user_phone'=>$args['txtUserPhone'],
      'user_cost_multiplier'=>$args['txtUserCostMult'],
      'perm_type'=>$user_type
    );
  
    $update_res = $LUA->updateUser($user_data,$args['lu_perm_user_id']);
    if ($update_res===false)  {
      print_r($LUA->getErrors());
      return ("Error updating user");
    } else {
      if(isset($args['sipconf'])&&!empty($args['sipconf'])) {
        $fp = fopen($ini['Asterisk']['conf_path'] . $ini['Asterisk']['conf_filename'], "wb");
        if($fp) {
          $contentStr = '';
          foreach($SIPconf as $phone=>$items) {
            if($phone != $args['txtUserPhone'])  {
              $contentStr .= "\n[$phone]\n";
              foreach($items as $key=>$val) {
                $contentStr .= "$key = $val \n";
              }
            }
          }
          $contentStr .= "\n[{$args['txtUserPhone']}]\n".$args['sipconf']."\n\n";
          fwrite($fp,$contentStr);
          fclose($fp);
        }
      }
        
      if(isset($args['sel_priv_id'])&&!empty($args['sel_priv_id'])) {
        $group_id = $args['sel_priv_id'];
      } else {
        $group_id = 0;
      }
      if($group_id != $args['lu_group_id'] && $LU->checkRight(ADMIN)) {
        //create permissions in usergroups table using new perm_user_id
        
        //will have to remove user from group first
        $old_user_perm = array(
          'perm_user_id'=>$args['lu_perm_user_id'],
          'group_id'=>$args['lu_group_id']
        );
        if(!$LUA->perm->removeUserFromGroup($old_user_perm)) {
          print_r($LUA->getErrors());
          return ("Error removing user from group");
        }
        $new_user_perm = array(
          'perm_user_id'=>$args['lu_perm_user_id'],
          'group_id'=>$group_id
        );
        if(!$LUA->perm->addUserToGroup($new_user_perm))  {
          print_r($LUA->getErrors());
          return ("Error adding user to group");
        } else {
          if('true'==$args['change_own']) {
            return "Your Profile was Edited Successfully";
          } else {
            return "User Profile Edited Successfully!";
          }
        }
      } else {
        if('true'==$args['change_own']) {
          return "Your Profile was Edited Successfully";
        } else {
          return "User Edited Successfully!";
        }
      }
      
    }
  }
} //end of process_data callback function


if(isset($_POST['change_own'])) {
  $tpl->assign('changeOwn',$_POST['change_own']);
}
//{{{ do some basic validation on the posted id
  if(isset($_POST['lu_auth_user_id']))  {
    $auth_user_id=$_POST['lu_auth_user_id'];
    $tpl->assign('auth_user_id',$auth_user_id);
    $perm_user_id=$_POST['lu_perm_user_id'];
    $tpl->assign('perm_user_id',$perm_user_id);
  } else {
    if($LU->checkRight(EDIT_PROFILE)||'changepwd'==$_GET['action'])  {
      $auth_user_id = $LU->getProperty('auth_user_id');
      $tpl->assign('auth_user_id',$auth_user_id);
      $filters= array('container'=>'auth','filters'=>array('auth_user_id'=>$auth_user_id));
      $user = $LUA->getUsers($filters);
      $perm_user_id = $user[0]['perm_user_id'];
      $tpl->assign('perm_user_id',$perm_user_id);
      $tpl->assign('changeOwn','true');
    } else {
      $tpl->setTPL('access_denied.tpl.html');
      $tpl->display();
      die();
    }
  }
//}}}



  if(!isset($_GET['action']))  {
    $_GET['action'] = 'normal operation';
  }
  if('changepwd'==$_GET['action'])  {
    $form = new HTML_QuickForm("NewForm",'POST',"user_edit.php?action=changepwd");
    $form->addElement('header',"hdrTop","Change User Password"); 
    //$form->addElement('password','lu_old_passwd',"Old Password: ",array('maxlength'=>'100'));
    $form->addElement('password','lu_passwd',"Password: ",array('maxlength'=>'100'));
    $form->addElement('password','lu_confirm_pwd',"Confirm Password: ",array('maxlength'=>'20'));
    $form->addElement('submit','btnAddEdit','Change Password!');
    
    //add password specific rules
    //rule password function
    function old_pswd_ok($passwd) {
      global $LUA;
      global $auth_user_id;
      $filters= array('container'=>'auth','filters'=>array('auth_user_id'=>$auth_user_id));
      $user = $LUA->getUsers($filters);
      $oldPW = $user[0]['passwd'];
      $attackPW = $LUA->auth->encryptPW($passwd);
      //echo "OLD: $oldPW<br>";
      //echo "ATTACK: $attackPW<br>";
      
      if ($oldPW == $attackPW)  {
        return true;
      } else  {
        return false;
      }
    }
    $form->addRule('lu_passwd',"This is a required value",'required');
    $form->addRule('lu_confirm_pwd',"This is a required value",'required');
    $form->addRule(array('lu_passwd','lu_confirm_pwd'),"The passwords must match",'compare');
  } else {
    
    //{{{ retrieve details from db
      $filters = array('container'=>'auth','filters'=>array('auth_user_id'=>$auth_user_id));
      $user_data = $LUA->getUsers($filters);
      //var_dump($user_data);
      $group_query = "SELECT `liveuser_groups`.`group_id` FROM `liveuser_groups`,`liveuser_groupusers` WHERE `liveuser_groups`.`group_id` = `liveuser_groupusers`.`group_id` AND `liveuser_groupusers`.`perm_user_id` = '$perm_user_id'";
      $group_res = $db->query($group_query);
      if(handleError($group_res)) {
        $group_res->fetchInto($group_row);
        $tpl->assign('group_id',$group_row['group_id']);
      }
    //}}}
    $form = new HTML_QuickForm("NewForm");
    $form->addElement('header',"hdrTop","Edit User");
    $authElem = $form->addElement('text','lu_auth_user_id',"User ID: ",array('maxlength'=>'100'));
    $handleElem = $form->addElement('text','lu_handle',"Handle: ",array('maxlength'=>'100'));
    $form->addElement('text','txtUserAlias',"User Name: ",array('maxlength'=>'100'));
    $form->addElement('text','txtUserEmail',"Email: ",array('maxlength'=>'100'));
    $form->addElement('text','txtUserPhone',"Phone: ",array('maxlength'=>'20'));
    $form->addElement('text','txtUserCostMult',"Cost Multiplier: ",array('maxlength'=>'20'));
    $form->addElement('submit','btnAddEdit','Edit User!');
    $authElem->freeze();
    //{{{ add select elements
      //enable certain options if user is an administrator
      if($LU->checkRight(ADMIN))  {  
      //{{{ create select privilege element
        $pr_query = "SELECT `group_id`,`group_define_name` FROM `liveuser_groups`";
        $pr_res = $db->query($pr_query);  
        if(handleError($pr_res))  {
          $privileges = array();
          while($pr_res->fetchInto($pr_rec))  {
            $privileges[$pr_rec['group_id']] = $pr_rec['group_define_name'];  
          }
          $sel_priv = $form->addElement('select','sel_priv_id','Select System Privileges: ',$privileges);
        }
      //}}}
      $sel_priv->setSelected($group_row['group_id']); 
      } else {
        //{{{ freeze certain elements
          $handleElem->freeze();
        //}}}
      }
      //{{{ create select isActive element
        $active = array("0"=>'Inactive',"1"=>'Active');
        $sel_active = $form->addElement('select','sel_isActive',"Active",$active);
      //}}}
    //}}}



    //{{{ set defaults according to values from db
      $tpl->assign('edit','true');
      $sel_active->setSelected($user_data[0]['is_active']);
  
      $defaults=array(
        'lu_auth_user_id'=>$auth_user_id,
        'lu_handle'=>$user_data[0]['handle'],
        'txtUserAlias'=>$user_data[0]['user_alias'],
        'txtUserEmail'=>$user_data[0]['user_email'],
        'txtUserPhone'=>$user_data[0]['user_phone'],
        'txtUserCostMult'=>$user_data[0]['user_cost_multiplier']
      );
      if(isset($ini['Asterisk']['synch_users'])&&$ini['Asterisk']['synch_users']==true)  {
        $SIPconf = getSIPConfig($ini);
        if($SIPconf) {
          $chkSIP = true;
          if(isset($SIPconf[$user_data[0]['user_phone']]))  {
            $content_str = '';
            foreach($SIPconf[$user_data[0]['user_phone']] as $key=>$val)  {
              $content_str .= "$key = $val\n";
            }
          } else {
            $content_str = "disallow=all\nallow=g729\nallowguest=yes\ntype=friend\ncallerid=\nmailbox= @post-office\n;restrictcid=no\nusername=\nhost=dynamic\n;nat=yes\ncanreinvite=no\nqualify=5000\ndtmfmode=rfc2833\n;callgroup=3\n;pickupgroup=3,31\n;outgoinglimit=1\n\n";
          }
          $defaults['sipconf'] = $content_str;
          $conf_area = $form->addElement('textarea','sipconf','Asterisk Configuration',array('rows'=>20,'cols'=>50));
          //$form->setDefaults(array('sipconf'=>"disallow=all\nallow=g729\nallowguest=yes\ntype=friend\ncallerid=\nmailbox= @post-office\n;restrictcid=no\nusername=\nhost=dynamic\n;nat=yes\ncanreinvite=no\nqualify=5000\ndtmfmode=rfc2833\n;callgroup=3\n;pickupgroup=3,31\n;outgoinglimit=1\n\n"));
          $tpl->assign('sip_conf_found',true);
        } else {
          $chkSIP = false;
        } 
        //var_dump($SIPconf);
      } else {
        $chkSIP = false;
      }
    
      $form->setDefaults($defaults);
      $tpl->assign('timestamp',$user_data[0]['lastlogin']);
    //}}}
    
    //{{{ create rules
      //$form->addRule('lu_auth_user_id',"This is a required value",'required');
      $form->addRule('lu_handle',"This is a required value",'required');
      $form->addRule('txtUserCostMult',"This is a numeric value",'numeric');
      $form->addRule('sel_group_id',"This is a required value",'required');
    //}}}
    
    
  }




//{{{ create filters
  $form->applyFilter('all','trim');
//}}}

//{{{ validate form
  if($form->validate()) {
    $result = $form->process('process_data','false');
    $form->addElement('text','txtResult',$result);
  } else {
    
  }
//}}}

//{{{ assign form to tpl and display form
  $tpl->display($form);
//}}}
?>