<?php

function isLoggedIn(){
    return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]);
}

function doLogin(){
    global $mysqli;
    if(!empty($_POST["email"]) && !empty($_POST["password"])){
        $email = $_POST["email"];
        $pass = $_POST["password"];
        /* prepare statement */
        $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1");
        $stmt->bind_param("s", $email);
        $stmt->execute();
        $idcko = 0;
        $fname = "";
        $lname = "";
        $nickname = "";
        $pwdhash = "";
        $mcnick = "";
        /* bind variables to prepared statement */
        $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, false);

        /* fetch values */
        $found = false;
        if($stmt->num_rows() > 0){
            $stmt->fetch();
            if (password_verify($pass, $pwdhash)){
                $_SESSION["ID"] = $idcko;
                $_SESSION["first_name"] = $fname;
                $_SESSION["last_name"] = $lname;
                $_SESSION["nickname"] = $nickname;
                $_SESSION["email"] = $email;
                $_SESSION["mcnick"] = $mcnick;
                $_SESSION["isadmin"] = false;
                $found = true;
            }
        }
        $stmt->close();
        if($found){
            $status = ["status" => "success"];
        }
        else{
            $status = ["status" => "fail"];
        }
        echo json_encode($status);
    }
}

function doLogout(){
    if(isLoggedIn()){
        session_destroy();
        $status = ["status" => "success"];
    }
    else{
        $status = ["status" => "fail"];
    }
    echo json_encode($status);
}

function doRegister(){
    $status = ["status" => "fail"];
    if (!empty($_POST["activationtoken"])){
        global $mysqli;

        $firstName = $_POST["firstname"];
        $lastName = $_POST["lastname"];
        $nickname = $_POST["nickname"];
        $email = $_POST["email"];
        $password = $_POST["password"];
        $minecraftNick = $_POST["minecraftnick"];
        $activationToken = $_POST["activationtoken"];
        if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password)) {
            $passwordHash = password_hash($password, PASSWORD_DEFAULT);

            $stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?");
            $stmt->bind_param("ssssss", $firstName, $lastName, $nickname, $email, $passwordHash, $minecraftNick, $activationToken);
            $stmt->execute();
            if ($stmt->affected_rows > 0) {
                $status["status"] = "success";
            }
            $stmt->close();
        }
    }
    echo json_encode($status);
}