<?php
////
// Author: Sean Colombo
// Date: 20061010
//
// This file helps manage all things relating to authentication.
// This includes logging in/out, registration, email confirmation,
// and reminders to users who haven't either confirmed their email
// or added any friends after a certain amount of time.
//
// Please note that some functions such as login and logout are part of the
// user class.
//
// Since all of these operations would be static, this is not a
// class (which would be considerably slower and wouldn't make sense as
// far as being an object.
// Functions:
//	requireLogin()
//	processRegistration()
//	afterRegistration()
// BELOW ARE NOT DONE YET:
// TODO: CHECK TO SEE WHICH OF THESE ARE ALREADY DONE
//	sending confirmation emails - WORKS BUT NOT ALL EMAILS GET SENT OUT! (issues w/mail server... possibly being spam-blocked?)
//	sending a message after a week if you aren't confirmed or have no friends
//	sending a messge after a month if you aren't confirmed or have no friends
////

include_once 'includes/global.php';
include_once 'page.php';
include_once 'tools.php';
include_once 'user.php';

// TODO: PORT - FINISH PORTING THIS FILE... NEED TO BE ABLE TO DO REGISTRATIONS AND LOGINS/LOGOUTS TO KNOW THAT THIS IS WORKING.
// TODO: PORT - FINISH PORTING THIS FILE... NEED TO BE ABLE TO DO REGISTRATIONS AND LOGINS/LOGOUTS TO KNOW THAT THIS IS WORKING.
define('STR_LOGIN', 'login');
define('STR_TITLE_LOGIN_FAILED', 'Login failed');

// Check for login/logout requests upon inclusion of this file.
if(getVal($_GET,'logout') == 'true'){$user = getUser();$user->logout();} // Do logout before checking if logged in.
$formName = getPost('formName');
if($formName == 'dil_login'){
	$username = getPost('dil_username');
	$password = getPost('dil_password');
	$user = getUser();
	$user->login($username, $password, getPost('dil_verify_code'));
	if(!$user->isLoggedIn()){
		$page = new Page(STR_TITLE_LOGIN_FAILED);
		$page->requireLogin(true); // true indicates that it already failed once.
	}
} else if($formName == 'dil_register'){
	if(processRegistration()){
		afterRegistration();
	}
}

////
// Requires that the user is logged in for execution to continue.  If they are
// not logged in, this displays a login page instead and then exits.
//
// If this is a re-prompt after a failed login attempt, pass in true for 'failed'.
// If this is a re-prompt after a failed registration attempt, pass in the error.
//
// If confirmName and confirmHash are specified, then the main purpose of this
// login is to confirm an email address.
////
function requireLogin($failed=false, $regError='', $longError='', $confirmName='', $confirmHash='', $page=""){
	if(($confirmHash == '') && (getPost('dil_verify_code'))){$confirmHash = getPost('dil_verify_code');}
	if(($confirmName== '') && (getPost('dil_verify_username'))){$confirmName = getPost('dil_verify_username');}
	$isConfirmation = (($confirmName!='') && ($confirmHash != ''));
	$user = getUser();

	// If there was a registration error... short-circuiting prevents infinite loop.
	if((!$isConfirmation) && ($regError=='') && processRegistration()){
		// NOTE: This version of the code probably won't get called unless there was already a failed attempt.
		afterRegistration($page);
	} else if(!$user->isLoggedIn()){
		// If a page was passed in, use it for output, otherwise make a page from scratch.
		if((!isset($page)) || (get_class($page) != "Page")){
			$page = new Page(ucfirst(STR_LOGIN));
		}
		if($isConfirmation){
			include_once 'mod/loginModule.php';
			$page->addModule(new LoginModule($isConfirmation, $confirmName, $confirmHash, $failed), 0);
		} else {
			include_once 'mod/loginModule.php';
			include_once 'mod/registrationModule.php';
			include_once 'mod/adModule.php';
			$page->setColumns(array(35,65));
			$page->addModule(new LoginModule($isConfirmation, $confirmName, $confirmHash, $failed, $_SERVER['REQUEST_URI']), 0);
			$page->addModule(new AdModule(), 0);
			$page->addModule(new RegistrationModule($isConfirmation, $regError, $longError), 1);
		}

		$page->display();
		exit;
	}
} // end requireLogin()

////
// Processes a registration attempt and re-displays the login/registration forms
// if there is an error.
//
// Returns true if a successful registration was made, false if there was no
// successful registration.
////
function processRegistration(){
	$retVal = false;
	if(getPost('formName') == "dil_register"){
		$email = getPost('dil_signUp_email');
		$pass1 = getPost('dil_signUp_pass1');
		$pass2 = getPost('dil_signUp_pass2');
		$code = getPost('dil_signUp_code');
		$username = getPost('dil_signUp_username');

		$mon = getPost('dil_signUp_month');
		$day = getPost('dil_signUp_day');
		$year = getPost('dil_signUp_year');
		$dateOfBirth = "$year-$mon-$day 00:00:00";

		include_once "apiTools.php";
		$response = api_createUser($dateOfBirth, $username, $email, $pass1, $pass2, $code);
		if($response === true){
			$retVal = true;
		} else {
			$retVal = false;
			$longError = "";
			requireLogin(false, $response, $longError);
		}
	}
	return $retVal;
} // end processRegistration()

////
// Handles the flow of control after a SUCCESSFUL registration.
////
function afterRegistration($page=""){
	include_once 'homeTools.php';
	include_once 'mod/welcomeModule.php';

	if((!isset($page)) || (get_class($page) != "Page")){
		$page = home_getHomePage(true);
	}

	$page->display();
	
	exit; // need this, otherwise the form could get processed twice, and the page would display as if it were a normal page-load.
} // end afterRegistration()

?>