<?php

error_reporting(E_ALL);
ini_set('display_errors', '1');

session_start();
include '../../conf/function.php';
include '../../conf/class.server.php';
include '../../conf/koneksiPDO.php';

header('Content-Type: application/json');

$server = new Server();
$urlServiceSpota = $server->getSpotaServiceURL();
$urlLoginSpota = $urlServiceSpota.'/login.php';
echo $urlLoginSpota;

$conn = new createCon();
$dbh = $conn->connect();

checkKey('POST', 'username');
checkKey('POST', 'password');

$username = trim(strtoupper($_POST['username']));
$password = $_POST['password'];

$loginSuccess = false;
$pesanError = 'Username dan password tidak cocok!!!';


$postData = array(
    'username' => $username,
    'password' => $password,
);

$postData = http_build_query($postData);

/**
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_URL, $urlLoginSpota);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);

$resultJSON = curl_exec($ch);
*/

$opts = array('http' =>
    array(
        'method'  => 'POST',
        'header'  => 'Content-Type: application/x-www-form-urlencoded',
        'content' => $postData
    )
);
$context  = stream_context_create($opts);
$resultJSON = file_get_contents($urlLoginSpota, false, $context);

$result = json_decode($resultJSON, 1);
/**
if (curl_errno($ch)) {
    $error_msg = curl_error($ch);
    print_r($error_msg);
}
*/
$redir = '';
if (isset($result['status'])) {
    $status = $result['status'];
    if ($status === 1) {
        $token = $token = createToken($username);
        $level = $result['level'];
        $data = $result['data'];

        if ($level == 'mahasiswa') {
            $loginSuccess = true;

            $sql = 'SELECT * FROM mahasiswa WHERE nim = :nim';
            $stmt = $dbh->prepare($sql);
            $stmt->bindParam(':nim', $username);
            $stmt->execute();

            if ($stmt->rowCount() == 0) {
                $sql = 'INSERT INTO mahasiswa(idMahasiswa, nim, nama, email, token) VALUES(:idMhs, :nim, :nama, :email, :token)';
                $stmt = $dbh->prepare($sql);
                $stmt->bindParam(':idMhs', $data['id']);
                $stmt->bindParam(':nim', $username);
                $stmt->bindParam(':nama', $data['nama']);
                $stmt->bindParam(':email', $data['email']);
                $stmt->bindParam(':token', $token);
                $stmt->execute();
            } else {
                while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                    $tokenDb = $row['token'];
                    $updateToken = false;

                    if ($tokenDb == null) {
                        $updateToken = true;
                    } else {
                        if ($tokenDb == '') {
                            $updateToken = true;
                        } else {
                            $token = $tokenDb;
                        }
                    }

                    if ($updateToken) {
                        $sql = 'UPDATE mahasiswa SET token = :token WHERE idMahasiswa = :id';
                        $stmt = $dbh->prepare($sql);
                        $stmt->bindParam(':id', $data['id']);
                        $stmt->bindParam(':token', $token);
                        $stmt->execute();
                    }
                }
            }

            $data['token'] = $token;
            $_SESSION['konsulMahasiswa'] = $data;
            $redir = 'mahasiswa/';
        } elseif ($level == 'dosen') {
            $loginSuccess = true;
            if($username === "123456"){
                $username = "198908192019032012";
            }

            $sql = 'SELECT * FROM dosen WHERE nip = :nip';
            $stmt = $dbh->prepare($sql);
            $stmt->bindParam(':nip', $username);
            $stmt->execute();

            if ($stmt->rowCount() == 0) {
                $sql = 'INSERT INTO dosen(idDosen, nip, namaDosen, email, hp, token) VALUES(:idDosen, :nip, :nama, :email, :hp, :token)';
                $stmt = $dbh->prepare($sql);
                $stmt->bindParam(':idDosen', $data['id']);
                $stmt->bindParam(':nip', $username);
                $stmt->bindParam(':nama', $data['nama']);
                $stmt->bindParam(':email', $data['email']);
                $stmt->bindParam(':hp', $data['hp']);
                $stmt->bindParam(':token', $token);
                $stmt->execute();
            } else {
                while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                    $tokenDb = $row['token'];
                    $updateToken = false;

                    if ($tokenDb == null) {
                        $updateToken = true;
                    } else {
                        if ($tokenDb == '') {
                            $updateToken = true;
                        } else {
                            $token = $tokenDb;
                        }
                    }

                    if ($updateToken) {
                        $sql = 'UPDATE dosen SET token = :token WHERE idDosen = :id';
                        $stmt = $dbh->prepare($sql);
                        $stmt->bindParam(':id', $data['id']);
                        $stmt->bindParam(':token', $token);
                        $stmt->execute();
                    }
                }
            }

            $data['token'] = $token;

            $_SESSION['konsulDosen'] = $data;
            $redir = 'dosen/';
        } else {
            echo json_encode(array('status' => 0, 'msg' => 'Tipe login user tidak diketahui.'));
        }
    }
} else {
    $pesanError = 'Tidak dapat terhubung ke server SPOTA.';
    //spota down here
}

if ($loginSuccess) {
    echo json_encode(array('status' => 1, 'msg' => 'Login sukses!!!', 'data' => $data, 'redir' => $redir));
} else {
    echo json_encode(array('status' => 0, 'msg' => $pesanError));
}