<?php

/**
 * Copyright (C) 2015-2019 FeatherBB
 * based on code by (C) 2008-2015 FluxBB
 * and Rickard Andersson (C) 2002-2008 PunBB
 * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
 */

namespace FeatherBB\Model\Admin;

use FeatherBB\Core\Database as DB;
use FeatherBB\Core\Email;
use FeatherBB\Core\Error;
use FeatherBB\Core\Interfaces\Cache as CacheInterface;
use FeatherBB\Core\Interfaces\Container;
use FeatherBB\Core\Interfaces\ForumEnv;
use FeatherBB\Core\Interfaces\Hooks;
use FeatherBB\Core\Interfaces\Input;
use FeatherBB\Core\Interfaces\Perms;
use FeatherBB\Core\Interfaces\Router;
use FeatherBB\Core\Interfaces\User;
use FeatherBB\Core\Utils;
use FeatherBB\Model\Cache;

class Bans
{
    public function addBanInfo($id = null)
    {
        $ban = [];

        $id = Hooks::fire('model.admin.bans.add_ban_info_start', $id);

        // If the ID of the user to ban was provided through GET (a link from profile.php)
        if (is_numeric($id)) {
            $ban['user_id'] = $id;
            if ($ban['user_id'] < 2) {
                throw new Error(__('Bad request'), 404);
            }

            $selectAddBanInfo = ['group_id', 'username', 'email'];
            $result = DB::table('users')->selectMany($selectAddBanInfo)
                        ->where('id', $ban['user_id']);

            $result = Hooks::fireDB('model.admin.bans.add_ban_info_query', $result);
            $result = $result->findOne();

            if ($result) {
                $groupId = $result['group_id'];
                $ban['ban_user'] = $result['username'];
                $ban['email'] = $result['email'];
            } else {
                throw new Error(__('No user ID message'), 404);
            }
        } else {
            // Otherwise the username is in POST

            $ban['ban_user'] = Utils::trim(Input::post('new_ban_user'));

            if ($ban['ban_user'] != '') {
                $selectAddBanInfo = ['id', 'group_id', 'username', 'email'];
                $result = DB::table('users')->selectMany($selectAddBanInfo)
                    ->where('username', $ban['ban_user'])
                    ->whereGt('id', 1);

                $result = Hooks::fireDB('model.admin.bans.add_ban_info_query', $result);
                $result = $result->findOne();

                if ($result) {
                    $ban['user_id'] = $result['id'];
                    $groupId = $result['group_id'];
                    $ban['ban_user'] = $result['username'];
                    $ban['email'] = $result['email'];
                } else {
                    throw new Error(__('No user message'), 404);
                }
            }
        }

        // Make sure we're not banning an admin or moderator
        if (isset($groupId)) {
            if ($groupId == ForumEnv::get('FEATHER_ADMIN')) {
                throw new Error(sprintf(__('User is admin message'), Utils::escape($ban['ban_user'])), 403);
            }

            $isModeratorGroup = Perms::getGroupPermissions($groupId, 'mod.is_mod');

            if ($isModeratorGroup) {
                throw new Error(sprintf(__('User is mod message'), Utils::escape($ban['ban_user'])), 403);
            }
        }

        // If we have a $ban['user_id'], we can try to find the last known IP of that user
        if (isset($ban['user_id'])) {
            $ban['ip'] = DB::table('posts')->where('poster_id', $ban['user_id'])
                            ->orderByDesc('posted')
                            ->findOneCol('poster_ip');

            if (!$ban['ip']) {
                $ban['ip'] = DB::table('users')->where('id', $ban['user_id'])
                                 ->findOneCol('registration_ip');
            }
        }

        $ban['mode'] = 'add';

        $ban = Hooks::fire('model.admin.bans.add_ban_info', $ban);

        return $ban;
    }

    public function editBanInfo($id)
    {
        $ban = [];

        $id = Hooks::fire('model.admin.bans.edit_ban_info_start', $id);

        $ban['id'] = $id;

        $selectEditBanInfo = ['username', 'ip', 'email', 'message', 'expire'];
        $result = DB::table('bans')->selectMany($selectEditBanInfo)
            ->where('id', $ban['id']);

        $result = Hooks::fireDB('model.admin.bans.edit_ban_info_query', $result);
        $result = $result->findOne();

        if ($result) {
            $ban['ban_user'] = $result['username'];
            $ban['ip'] = $result['ip'];
            $ban['email'] = $result['email'];
            $ban['message'] = $result['message'];
            $ban['expire'] = $result['expire'];
        } else {
            throw new Error(__('Bad request'), 404);
        }

        $diff = (User::getPref('timezone') + User::getPref('dst')) * 3600;
        $ban['expire'] = ($ban['expire'] != '') ? gmdate('Y-m-d', $ban['expire'] + $diff) : '';

        $ban['mode'] = 'edit';

        $ban = Hooks::fire('model.admin.bans.edit_ban_info', $ban);

        return $ban;
    }

    public function insertBan()
    {
        $banUser = Utils::trim(Input::post('ban_user'));
        $banIp = Utils::trim(Input::post('ban_ip'));
        $banEmail = strtolower(Utils::trim(Input::post('ban_email')));
        $banMessage = Utils::trim(Input::post('ban_message'));
        $banExpire = Utils::trim(Input::post('ban_expire'));

        Hooks::fire('model.admin.bans.insert_ban_start', $banUser, $banIp, $banEmail, $banMessage, $banExpire);

        if ($banUser == '' && $banIp == '' && $banEmail == '') {
            throw new Error(__('Must enter message'), 400);
        } elseif (strtolower($banUser) == 'guest') {
            throw new Error(__('Cannot ban guest message'), 400);
        }

        // Make sure we're not banning an admin or moderator
        if (!empty($banUser)) {
            $groupId = DB::table('users')->where('username', $banUser)
                            ->whereGt('id', 1)
                            ->findOneCol('group_id');

            if ($groupId) {
                if ($groupId == ForumEnv::get('FEATHER_ADMIN')) {
                    throw new Error(sprintf(__('User is admin message'), Utils::escape($banUser)), 403);
                }

                $isModeratorGroup = Perms::getGroupPermissions($groupId, 'mod.is_mod');

                if ($isModeratorGroup) {
                    throw new Error(sprintf(__('User is mod message'), Utils::escape($banUser)), 403);
                }
            }
        }

        // Validate IP/IP range (it's overkill, I know)
        if ($banIp != '') {
            $banIp = preg_replace('%\s{2,}%S', ' ', $banIp);
            $addresses = explode(' ', $banIp);
            $addresses = array_map('trim', $addresses);

            for ($i = 0; $i < count($addresses); ++$i) {
                if (strpos($addresses[$i], ':') !== false) {
                    $octets = explode(':', $addresses[$i]);

                    for ($c = 0; $c < count($octets); ++$c) {
                        $octets[$c] = ltrim($octets[$c], "0");

                        if ($c > 7 || (!empty($octets[$c]) && !ctype_xdigit($octets[$c])) || intval($octets[$c], 16) > 65535) {
                            throw new Error(__('Invalid IP message'), 400);
                        }
                    }

                    $curAddress = implode(':', $octets);
                    $addresses[$i] = $curAddress;
                } else {
                    $octets = explode('.', $addresses[$i]);

                    for ($c = 0; $c < count($octets); ++$c) {
                        $octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c];

                        if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255) {
                            throw new Error(__('Invalid IP message'), 400);
                        }
                    }

                    $curAddress = implode('.', $octets);
                    $addresses[$i] = $curAddress;
                }
            }

            $banIp = implode(' ', $addresses);
        }

        if ($banEmail != '' && !Email::isValidEmail($banEmail)) {
            if (!preg_match('%^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,63})$%', $banEmail)) {
                throw new Error(__('Invalid e-mail message'), 400);
            }
        }

        if ($banExpire != '' && $banExpire != 'Never') {
            $banExpire = strtotime($banExpire.' GMT');

            if ($banExpire == -1 || !$banExpire) {
                throw new Error(__('Invalid date message').' '.__('Invalid date reasons'), 400);
            }

            $diff = (User::getPref('timezone') + User::getPref('dst')) * 3600;
            $banExpire -= $diff;

            if ($banExpire <= time()) {
                throw new Error(__('Invalid date message').' '.__('Invalid date reasons'), 400);
            }
        } else {
            $banExpire = 'NULL';
        }

        $banUser = ($banUser != '') ? $banUser : 'NULL';
        $banIp = ($banIp != '') ? $banIp : 'NULL';
        $banEmail = ($banEmail != '') ? $banEmail : 'NULL';
        $banMessage = ($banMessage != '') ? $banMessage : 'NULL';

        $insertUpdateBan = [
            'username'  =>  $banUser,
            'ip'        =>  $banIp,
            'email'     =>  $banEmail,
            'message'   =>  $banMessage,
            'expire'    =>  $banExpire,
        ];

        $insertUpdateBan = Hooks::fire('model.admin.bans.insert_ban_data', $insertUpdateBan);

        if (Input::post('mode') == 'add') {
            $insertUpdateBan['ban_creator'] = User::get()->id;

            $result = DB::table('bans')
                ->create()
                ->set($insertUpdateBan)
                ->save();
        } else {
            $result = DB::table('bans')
                ->where('id', Input::post('ban_id'))
                ->findOne()
                ->set($insertUpdateBan)
                ->save();
        }

        // Regenerate the bans cache
        CacheInterface::store('bans', Cache::getBans());

        return Router::redirect(Router::pathFor('adminBans'), __('Ban edited redirect'));
    }

    public function removeBan($banId)
    {
        $banId = Hooks::fire('model.admin.bans.remove_ban', $banId);

        $result = DB::table('bans')->where('id', $banId)
                    ->findOne();
        $result = Hooks::fireDB('model.admin.bans.remove_ban_query', $result);
        $result = $result->delete();

        // Regenerate the bans cache
        CacheInterface::store('bans', Cache::getBans());

        return Router::redirect(Router::pathFor('adminBans'), __('Ban removed redirect'));
    }

    public function findBan($startFrom = false)
    {
        $banInfo = [];

        Hooks::fire('model.admin.bans.find_ban_start');

        // trim() all elements in $form
        $banInfo['conditions'] = $banInfo['query_str'] = [];

        $expireAfter = Input::query('expire_after') ? Utils::trim(Input::query('expire_after')) : '';
        $expireBefore = Input::query('expire_before') ? Utils::trim(Input::query('expire_before')) : '';
        $banInfo['order_by'] = Input::query('order_by') && in_array(Input::query('order_by'), ['username', 'ip', 'email', 'expire']) ? 'b.'.Input::query('order_by') : 'b.username';
        $banInfo['direction'] = Input::query('direction') && Input::query('direction') == 'DESC' ? 'DESC' : 'ASC';

        $banInfo['query_str'][] = 'order_by='.$banInfo['order_by'];
        $banInfo['query_str'][] = 'direction='.$banInfo['direction'];

        // Build the query
        $result = DB::table('bans')->tableAlias('b')
                        ->whereGt('b.id', 0);

        // Try to convert date/time to timestamps
        if ($expireAfter != '') {
            $banInfo['query_str'][] = 'expire_after='.$expireAfter;

            $expireAfter = strtotime($expireAfter);
            if ($expireAfter === false || $expireAfter == -1) {
                throw new Error(__('Invalid date message'), 400);
            }

            $result = $result->whereGt('b.expire', $expireAfter);
        }
        if ($expireBefore != '') {
            $banInfo['query_str'][] = 'expire_before='.$expireBefore;

            $expireBefore = strtotime($expireBefore);
            if ($expireBefore === false || $expireBefore == -1) {
                throw new Error(__('Invalid date message'), 400);
            }

            $result = $result->whereLt('b.expire', $expireBefore);
        }

        if (Input::query('username')) {
            $result = $result->whereLike('b.username', str_replace('*', '%', Input::query('username')));
            $banInfo['query_str'][] = 'username=' . urlencode(Input::query('username'));
        }

        if (Input::query('ip')) {
            $result = $result->whereLike('b.ip', str_replace('*', '%', Input::query('ip')));
            $banInfo['query_str'][] = 'ip=' . urlencode(Input::query('ip'));
        }

        if (Input::query('email')) {
            $result = $result->whereLike('b.email', str_replace('*', '%', Input::query('email')));
            $banInfo['query_str'][] = 'email=' . urlencode(Input::query('email'));
        }

        if (Input::query('message')) {
            $result = $result->whereLike('b.message', str_replace('*', '%', Input::query('message')));
            $banInfo['query_str'][] = 'message=' . urlencode(Input::query('message'));
        }

        // Fetch ban count
        if (is_numeric($startFrom)) {
            $banInfo['data'] = [];
            $selectBans = ['b.id', 'b.username', 'b.ip', 'b.email', 'b.message', 'b.expire', 'b.ban_creator', 'ban_creator_username' => 'u.username'];

            $result = $result->selectMany($selectBans)
                             ->leftOuterJoin('users', ['b.ban_creator', '=', 'u.id'], 'u')
                             ->orderBy($banInfo['order_by'], $banInfo['direction'])
                             ->offset($startFrom)
                             ->limit(50)
                             ->findMany();

            foreach ($result as $curBan) {
                $banInfo['data'][] = $curBan;
            }
        } else {
            $banInfo['num_bans'] = $result->count('id');
        }

        Hooks::fire('model.admin.bans.find_ban', $banInfo);

        return $banInfo;
    }
}