<?php

$debug = true;

/*
RewriteEngine On

# Erlaubt den direkten Zugriff auf bestehende Dateien und Verzeichnisse
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Leitet alle anderen Anfragen an index.php weiter
RewriteRule ^(.*)$ index.php [QSA,L]
*/

require_once __DIR__ . '/controllers/BackupController.php';
require_once __DIR__ . '/controllers/GetSSLDaysController.php';
require_once __DIR__ . '/controllers/QuotaController.php';
require_once __DIR__ . '/controllers/AccountController.php';
require_once __DIR__ . '/controllers/SiteController.php';
require_once __DIR__ . '/controllers/ZipController.php';

use application\controllers\BackupController;
use application\controllers\AccountController;
use application\controllers\GetSSLDaysController;
use application\controllers\QuotaController;
use application\controllers\SiteController;
use application\controllers\ZipController;

const API_PASSWORD = 'your-secure-password';

function authenticateRequest() {
    $headers = getallheaders();
    if(isset($_SERVER['PHP_AUTH_PW'])){
        $providedPassword = $_SERVER['PHP_AUTH_PW'];
    } else {
        $providedPassword = $headers['X-Api-Key'] ?? '';
    } 
    if ($providedPassword !== API_PASSWORD) {
        http_response_code(403);
        echo json_encode(['error' => 'Unauthorized']);
        exit;
    }
}

header('Content-Type: application/json');

$requestMethod = $_SERVER['REQUEST_METHOD'];
$requestUri = explode('/', trim($_SERVER['REQUEST_URI'], '/'));
$endpoint = $requestUri[0] ?? '';
$username = $requestUri[1] ?? '';
$domain = $requestUri[2] ?? '';
if(isset($_SERVER['CONTENT_TYPE'])) {
    $content_type = $_SERVER['CONTENT_TYPE'];
}
if ( $GLOBALS['debug'] == true) {
    error_log("ContentType: " . $content_type);
}
$phpData = file_get_contents("php://input");
if ($GLOBALS['debug'] == true) {
    error_log("phpData: " . $phpData);
}
$inputData = json_decode($phpData) ?? [];
$parameters = array();
if($inputData) {
    foreach($inputData as $param_name => $param_value) {
        $parameters[$param_name] = $param_value;
    }
}
authenticateRequest();

error_log("endpoint: " . $endpoint);
error_log("domain: " . $domain);
error_log("username: " . $username);

switch ($endpoint) {

    case 'init':
        error_log("Request init from " . get_client_ip());
        if ($GLOBALS['debug'] == true) {
            error_log("POST");
            error_log("POST: " . print_r($_POST, true));
            error_log("Admin-Name: \"" . $parameters["admin_name"] . "\"");
        }
        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
            SiteController::init(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'deploy':
        error_log("Request deploy from " . get_client_ip());
        if ($requestMethod == 'POST' && !empty($username) && !empty($domain)) {
            if ($GLOBALS['debug'] == true) {
                error_log("POST: " . print_r($_POST, true));
            }
            $error = null;
            $id = md5($domain.time());
            header('Content-Type: application/json; charset=utf-8', true);
            echo json_encode(array('result' => array('id' => $id, 'error' => $error)));
            SiteController::deploy(['zip' => $_POST['zip'], 'username' => $username, 'domain' => $domain]);
//            $deployment = new ZipController();
//            $deployment->extractZip(['zip' => $_POST['zip'], 'username' => $username, 'domain' => $domain]);
        }
        if ($requestMethod == 'GET' && !empty($username) && !empty($domain)) {
            if ($GLOBALS['debug'] == true) {
                error_log("GET: " . print_r($_GET, true));
            }
            $uri = $_SERVER['REQUEST_URI'];
            $parts = explode('/', $uri);
            $id = $parts[count($parts) - 1];
            $status = 'FINISHED';
            $error = null;
            header('Content-Type: application/json; charset=utf-8', true);
            echo json_encode(array('result' => array('id' => $id, 'error' => $error)));
        }
        break;
    case 'revert':
        error_log("Request revert from " . get_client_ip());
        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
            SiteController::revert(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'undeploy':
        error_log("Request undeploy from " . get_client_ip());
        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
            SiteController::undeploy(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'migrate':
        error_log("Request migrate from " . get_client_ip());
        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
            SiteController::migrate(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'disable':
        error_log("Request disableprod from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
            SiteController::disable(array_merge($_POST, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'enable':
        error_log("Request enable from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
            SiteController::enable(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'isenabled':
        error_log("Request isenabled from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
            SiteController::isenabled(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'getssldays':
        error_log("Request getssldays from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
            GetSSLDaysController::getSSLDays(['username' => $username, 'domain' => $domain]);
        }
        break;
    case 'listbackups':
        error_log("Request listbackups from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username)) {
            BackupController::listBackups(['username' => $username, 'domain' => $domain]);
        }
        break;
    case 'restorebackup':
        error_log("Request restorebackup from " . get_client_ip());
        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
            BackupController::restoreBackup(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'create':
        error_log("Request user create from " . get_client_ip());
        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
            AccountController::create(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'terminate':
        error_log("Request terminate from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username)) {
            AccountController::terminate(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
        }
        break;
    case 'ping':
        error_log("Request ping from " . get_client_ip());
        echo json_encode(['answer' => 'pong']);
        break;
    case 'getQuota':
        error_log("Request getquota from " . get_client_ip());
        if ($requestMethod === 'GET' && !empty($username)) {
            QuotaController::getQuota(['username' => $username]);
        }
        break;
    case 'getStats':
        error_log("Request getstats from " . get_client_ip());
        if ($requestMethod === 'GET') {
            QuotaController::getStats();
        }
        break;
    case 'setQuota':
        error_log("Request setquota from " . get_client_ip());
        if ($requestMethod === 'POST' && !empty($username)) {
            QuotaController::setQuota(array_merge($parameters, ['username' => $username]));
        }
        break;
    default:
        error_log("Error Request: " . $endpoint . " / " . $username ." / " . $domain);
        http_response_code(404);
        echo json_encode(['error' => 'Endpoint not found']);
        break;
}


function get_client_ip():string {
    $ipaddress = '';
    if (getenv('HTTP_CLIENT_IP'))
        $ipaddress = getenv('HTTP_CLIENT_IP');
    else if(getenv('HTTP_X_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
    else if(getenv('HTTP_X_FORWARDED'))
        $ipaddress = getenv('HTTP_X_FORWARDED');
    else if(getenv('HTTP_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_FORWARDED_FOR');
    else if(getenv('HTTP_FORWARDED'))
        $ipaddress = getenv('HTTP_FORWARDED');
    else if(getenv('REMOTE_ADDR'))
        $ipaddress = getenv('REMOTE_ADDR');
    else
        $ipaddress = 'UNKNOWN';
    return $ipaddress;
}