<?php
use function Hestiacp\quoteshellarg\quoteshellarg;

ob_start();
$TAB = 'USER';

// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check user
if ($_SESSION['userContext'] != 'admin') {
    header("Location: /list/user");
    exit;
}

// Check POST request
if (!empty($_POST['ok'])) {

    // Check token
    verify_csrf($_POST);

    // Check empty fields
    if (empty($_POST['v_username'])) {
        $errors[] = _('user');
    }
    if (empty($_POST['v_password'])) {
        $errors[] = _('password');
    }
    if (empty($_POST['v_package'])) {
        $errrors[] = _('package');
    }
    if (empty($_POST['v_email'])) {
        $errors[] = _('email');
    }
    if (empty($_POST['v_name'])) {
        $errors[] = _('name');
    }
    if (!empty($errors)) {
        foreach ($errors as $i => $error) {
            if ($i == 0) {
                $error_msg = $error;
            } else {
                $error_msg = $error_msg.", ".$error;
            }
        }
        $_SESSION['error_msg'] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
    }

    // Validate email
    if ((empty($_SESSION['error_msg'])) && (!filter_var($_POST['v_email'], FILTER_VALIDATE_EMAIL))) {
        $_SESSION['error_msg'] = _('Please enter valid email address.');
    }

    // Check password length
    if (empty($_SESSION['error_msg'])) {
        if (!validate_password($_POST['v_password'])) {
            $_SESSION['error_msg'] = _('Password does not match the minimum requirements');
        }
    }

    // Protect input
    $v_username = quoteshellarg($_POST['v_username']);
    $v_email = quoteshellarg($_POST['v_email']);
    $v_package = quoteshellarg($_POST['v_package']);
    $v_language = quoteshellarg($_POST['v_language']);
    $v_name = quoteshellarg($_POST['v_name']);
    $v_notify = $_POST['v_notify'];


    // Add user
    if (empty($_SESSION['error_msg'])) {
        $v_password = tempnam("/tmp", "vst");
        $fp = fopen($v_password, "w");
        fwrite($fp, $_POST['v_password']."\n");
        fclose($fp);
        exec(HESTIA_CMD."v-add-user ".$v_username." ".$v_password." ".$v_email." ".$v_package." ".$v_name, $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
        unlink($v_password);
        $v_password = quoteshellarg($_POST['v_password']);
    }

    // Set language
    if (empty($_SESSION['error_msg'])) {
        exec(HESTIA_CMD."v-change-user-language ".$v_username." ".$v_language, $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
    }

    // Set Role
    if (empty($_SESSION['error_msg'])) {
        $v_role = quoteshellarg($_POST['v_role']);
        exec(HESTIA_CMD."v-change-user-role ".$v_username." ".$v_role, $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
    }

    // Set login restriction
    if (empty($_SESSION['error_msg'])) {
        if (!empty($_POST['v_login_disabled'])) {
            $_POST['v_login_disabled'] = 'yes';
            exec(HESTIA_CMD."v-change-user-config-value ".$v_username." LOGIN_DISABLED ".quoteshellarg($_POST['v_login_disabled']), $output, $return_var);
            check_return_code($return_var, $output);
            unset($output);
        }
    }

    // Send email to the new user
    if ((empty($_SESSION['error_msg'])) && (!empty($v_notify))) {
        $to = $_POST['v_notify'];
        // send email in "users" language
        putenv("LANGUAGE=".$_POST['v_language']);

        $subject = _("Welcome to Hestia Control Panel");
        $hostname = get_hostname();
        unset($output);
        $from = "noreply@".$hostname;
        $from_name = _('Hestia Control Panel');

        if (!empty($_POST['v_name'])) {
            $mailtext = sprintf(_('GREETINGS_GORDON'), $_POST['v_name'])."\r\n";
        } else {
            $mailtext = _('GREETINGS')."\r\n";
        }

        $mailtext .= sprintf(_('ACCOUNT_READY'), $_SERVER['HTTP_HOST'], $_POST['v_username'], $_POST['v_password']);
        send_email($to, $subject, $mailtext, $from, $from_name, $_POST['name']);
        putenv("LANGUAGE=".detect_user_language());
    }

    // Flush field values on success
    if (empty($_SESSION['error_msg'])) {
        $_SESSION['ok_msg'] = sprintf(_('USER_CREATED_OK'), htmlentities($_POST['v_username']), htmlentities($_POST['v_username']));
        $_SESSION['ok_msg'] .= " / <a href=/login/?loginas=".htmlentities($_POST['v_username'])."&token=".htmlentities($_SESSION['token']).">" . _('login as') ." ".htmlentities($_POST['v_username']). "</a>";
        unset($v_username);
        unset($v_password);
        unset($v_email);
        unset($v_name);
        unset($v_notify);
    }
}


// List hosting packages
exec(HESTIA_CMD."v-list-user-packages json", $output, $return_var);
check_error($return_var);
$data = json_decode(implode('', $output), true);
unset($output);

// List languages
exec(HESTIA_CMD."v-list-sys-languages json", $output, $return_var);
$language = json_decode(implode('', $output), true);
foreach ($language as $lang) {
    $languages[$lang] = translate_json($lang);
}
asort($languages);

if (empty($v_username)) {
    $v_username = '';
}
if (empty($v_name)) {
    $v_name = '';
}
if (empty($v_email)) {
    $v_email = '';
}
if (empty($v_password)) {
    $v_password = '';
}
if (empty($v_login_disabled)) {
    $v_login_disabled = '';
}
if (empty($v_role)) {
    $v_role = '';
}
if (empty($v_notify)) {
    $v_notify = '';
}
// Render page
render_page($user, $TAB, 'add_user');

// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);