<?php

/**
 * @Page('title' = 'Users management', 'group' = 'prefs', 'roles' = {'manager'})
 * @Mode('mode' = 'view', 'title' = 'View', 'roles' = {'manager'}, 'exclude_from_nav' = true)
 * @MenuItem('title' = 'Users', 'group' = 'prefs', 'roles' = {'manager'}, 'page' = '?pid=UsersManager')
 * */
class UsersManager extends BasePage {
    
    public function getUserData() {
        global $psyhvel, $kdb, $user;
        if ( $user->hasRole("manager") ) {
            $q = "SELECT * FROM psyhvel_users LEFT JOIN psyhvel_userinfo ON psyhvel_users.id = psyhvel_userinfo.userid";
        }
        if ( isset($q)) {
            $ret = $kdb->query($q);
        }
        $userdata = array();
        if ( isset($ret)) {
            while ( $row = mysql_fetch_array($ret)) {
                $userdata []= $row;
            }
        }
        return $userdata;
    }

    /**
     * @Secured('roles' = {'manager'})
     * */
    function actionUsersManagerHandler() {
        global $psyhvel, $kdb;
        // auth[] is locked in UI so convert 1->0 && 0->
        // first handle delete requests
        // then update info
        // finally, reset passwords.
        if ( isset($_POST['delete']) && is_array($_POST['delete']) ) {
            $keys = array_keys($_POST['delete']);
            foreach( $keys as $todel) {
                $q = "DELETE FROM psyhvel_users where id=".$todel;
                $kdb->query($q);
            }
        }

        if ( isset($_POST['email']) && is_array($_POST['email']) ) {
            $keys = array_keys($_POST['email']);
            foreach ( $keys as $uid) {
                $email = $_POST['email'][$uid];
                if ( strlen($email) > 0) {
                    $q = "INSERT INTO psyhvel_userinfo (userid, email) VALUES (".$uid.", '".$email."') ON DUPLICATE KEY UPDATE email='".$email."'";
                    $kdb->query($q);
                }
            }
        }

        if ( isset($_POST['uid']) && is_array($_POST['uid']) ) {
            $keys = array_keys($_POST['uid']);
            foreach ( $keys as $k ) {
                $roles = "000000";
                $authable = "1";
                if ( isset($_POST['auth'][$k])) {
                    $authable = "0";
                }
                $roles[0] = $authable;
                $roles[1] = isset($_POST['member'][$k]) ? $_POST['member'][$k] : "0";
                $roles[2] = isset($_POST['manager'][$k]) ? $_POST['manager'][$k] : "0";

                $q = "UPDATE psyhvel_users SET roles='".$roles."' WHERE id=".$k;
                $kdb->query($q);
            }
        }

        // TODO: reset passwords
        // note: also check if we didn't delete a user before^^

        if ( isset($_POST['approve']) && is_array($_POST['approve']) ) {
            $toappr = array_keys($_POST['approve']);
            $ss = implode(' OR id=', $toappr);
            $kdb->query("UPDATE psyhvel_users SET approved=True WHERE id=".$ss);
        }
        $_SESSION['psyhvel_notice'] = gettext("Changes saved!");
        return array('pid' => 'UsersManager');
    }

    function actionGotoAddUser() {
        return array('pid' => 'UsersManager', 'mode' => 'new_user_form');
    }

    function actionGotoCSV() {
        return array('pid' => 'UsersManager', 'mode' => 'users_csv_upload_page');
    }

    function actionCreateUser() {
        global $kdb, $user, $psyhvel;
        $uid = $_POST['userid'];
        $fullname = $_POST['fullname'];
        $email = $_POST['email'];
        $genre = $_POST['genre'];
        $hp = $_POST['homepage'];
        $pwd = "abrakadabra";
        $roles = "110000";
        $q = "INSERT INTO psyhvel_users (uname, pwd, roles) values ('%s', '%s', '%s')";
        $q = sprintf($q, $uid, $pwd, $roles);
        $kdb->query($q);
        $dbuid = mysql_insert_id();
        $q2 = "INSERT INTO psyhvel_userinfo (userid, fullname, email, sex, homepage) values (%s, '%s', '%s', '%s', '%s')";
        $q2 = sprintf($q2, $dbuid, $fullname, $email, $genre, $hp);
        $kdb->query($q2);
        $_SESSION['psyhvel_notice'] = gettext("User created!");
        return array('pid' => 'UsersManager');
    }
}
?>