<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');

session_start();

include ("../inc/helper.php");
include ("../inc/konfigurasi.php");
include ("../inc/db.pdo.class.php");


$db=new dB($dbsetting);
if($_POST){

	switch ($_POST['act']) {
		case 'login':
			
			$username=$_POST['username'];
			$password=$_POST['password'];
			
			$check="SELECT tm.nim,tm.idmhs,tm.password,tm.nmLengkap,tm.idProdi,tp.nmProdi,tm.status FROM tbmhs tm LEFT JOIN tbprodi tp ON (tm.idProdi=tp.idProdi) WHERE tm.nim='$username' AND tm.status IN ('A','P') LIMIT 1";
			$db->runQuery($check);
			
			if($db->dbRows()>0){
				$log=$db->dbFetch();
				if($log['password']==md5($password)){
					$sesilogin=array(
						"nim"=>$log['nim'],
						"prodi"=>$log['idProdi'],
						"nmprodi"=>$log['nmProdi'],
						"nama_lengkap"=>$log['nmLengkap'],
						"id"=>$log['idmhs'],
						"status"=>$log['status']
					);
									
					$_SESSION['login-mhs']=$sesilogin; 
					echo json_encode(
						array(
						"result" =>TRUE,
						"msg" =>"Login Sukses."
						));
				}else{
					//password salah
					echo json_encode(
						array(
						"result" =>FALSE,
						"msg" =>"Gagal Login, Password anda tidak sesuai/salah."
						));
				}
			}else{
				//username tidak terdaftar
				echo json_encode(array(
					"result" =>FALSE,
					"msg" =>"Gagal Login, Username Anda tidak terdaftar."
					));
			}
		break;
		
		
		case 'loginnew':
			
			$username=$_POST['username'];
			$password=$_POST['password'];
			
			$usernameSiakad = rawurlencode($username);
            $passwordSiakad = rawurlencode($password);
            
            $passwordMD5 = md5($password);
            
            //$url = "http://servicedosen.siakad.untan.ac.id/Datasnap/Rest/Tservermethods1/loginmhs/$usernameSiakad/x$passwordSiakad";
             //$url = "http://203.24.50.140/API/forward-login-siakad-mhs.php?nim=$usernameSiakad&pass=$passwordSiakad";
             
             //$url = "https://informatika.untan.ac.id/API/public/forward-login-siakad-mhs.php?nim=$usernameSiakad&pass=$passwordSiakad";
             /**
             $url = "http://203.24.50.140/API/login-siakad-mhs.php?username=$usernameSiakad&password=$passwordSiakad";
            $context = stream_context_create(['http' => ['ignore_errors' => true]]);
            $result = @file_get_contents($url, false, $context);
            
            if ($http_response_header[0] == 'HTTP/1.1 200 OK') {
                $decodedResult = json_decode($result, true);
                //echo $result;
                if (isset($decodedResult['result'][0]['idmhs'])) {
                    if ($decodedResult['result'][0]['idmhs'] == '0') {
                           echo json_encode(array(
        					"result" =>FALSE,
        					"msg" => "Username atau password tidak cocok."
        				));
                        exit();
                    } else {
                        $dataMahasiswa = $decodedResult['result'][0];
                        $namaMahasiswa = $dataMahasiswa['nama'];
                        $idProdiMahasiswa = $dataMahasiswa['idprogdi'];
                    }
                } else {
                    $dom = new DOMDocument();
                    @$dom->loadHTML($result);
                    $x = new DOMXPath($dom);
        
                    $pesanSiakad = null;
                    foreach ($x->query("//div[contains(@class, 'kotak')]") as $node) {
                        $pesanSiakad = $node->nodeValue;
                    }
        
                    if ($pesanSiakad != null) {
                        $namaMahasiswa = trim(get_string_between($pesanSiakad, 'Sdr/i.', ', Anda Terkena'));
                        $idProdiMahasiswa = "-1";
                 
                    } else {
                        echo json_encode(array(
    					    "result" =>FALSE,
    					    "msg" =>"Tidak dapat terhubung dengan service SIAKAD."
    					));
                        exit();
                    }
        
                    //print_r($data);
                }
            } else {
                echo json_encode(array(
					"result" =>FALSE,
					"msg" =>"Tidak dapat terhubung dengan service SIAKAD."
					));
                exit();
            }
            */
            
            /** login presensi */
            
           $usernamePost = urlencode($username);
           $passwordPost = urlencode($password);
           //$url = "http://bkd.untan.ac.id/API/steven/login-siakad-mhs.php?username=$usernamePost&password=$passwordPost";
           $url = "http://203.24.50.140/API/login-siakad-mhs.php?get&username=$usernamePost&password=$passwordPost";
           //$result = file_get_contents($url);


            //$decodedData = json_decode($result, 1);
            
            $payload = [
                'nim' => $username,
                'password' => $password,
            ];
            
            $postData = json_encode($payload);
            $opts = ['http' =>
                        [
                            'method'  => 'POST',
                            'ignore_errors' => true,
                            'header'  => 'Content-Type: application/json',
                            'content' => $postData,
                            
                        ],
                        "ssl"=>[
                                "verify_peer"=>false,
                                "verify_peer_name"=>false,
                            ],
                    ];
                    
            $context  = stream_context_create($opts);
            $response = file_get_contents($url, false, $context);
            
            /**
            $decoded = json_decode($response, 1);
            
            
            if (!isset($decoded['CODE'])) {
                echo json_encode([
                    'result' => FALSE,
                    'msg' => 'Tidak dapat terhubung dengan Service SIAKAD.',
                ]);
                exit();
            }
            
            $responseCode = $decoded['CODE'];
            
            if ($responseCode == '502') {
                echo json_encode([
                    'status' => FALSE,
                    'msg' => 'Tidak dapat terhubung dengan Service SIAKAD.',
                ]);
                exit();
            }
            
            if ($responseCode == '401') {
                echo json_encode([
                    'status' => FALSE,
                    'msg' => 'NIM atau password tidak cocok.',
                ]);
                exit();
            }
            
            if ($responseCode == '200') {
                $dataMahasiswa = $decoded['USER'];
                $namaMahasiswa = $dataMahasiswa['nama'];
                $namaMahasiswa = str_replace('"', "", $namaMahasiswa);
                $namaMahasiswa = str_replace("'", "", $namaMahasiswa);
                
            }
            */
            
            
            $decodedData = json_decode($response, 1);

            $decoded = $decodedData['result'];
            if (!isset($decoded)) {
                echo json_encode([
                    'status' => FALSE,
                    'msg' => 'Tidak dapat terhubung dengan Service SIAKAD.',
                ]);
                exit();
            }
            
            $dataMahasiswa = $decoded['0'];

            if (!isset($dataMahasiswa['iden'])) {
                echo json_encode([
                    'status' => FALSE,
                    'msg' => 'NIM atau password tidak cocok.',
                ]);
                exit();
            }
            
                $namaMahasiswa = $dataMahasiswa['nama'];
                  $namaMahasiswa = str_replace('"', "", $namaMahasiswa);
                $namaMahasiswa = str_replace("'", "", $namaMahasiswa);
            
            
            /** end login presensi */
			
			$check="SELECT tm.nim,tm.idmhs,tm.password,tm.nmLengkap,tm.idProdi,tp.nmProdi,tm.status FROM tbmhs tm LEFT JOIN tbprodi tp ON (tm.idProdi=tp.idProdi) WHERE tm.nim='$username' LIMIT 1";
			$db->runQuery($check);
			
			if($db->dbRows()>0){
				$log=$db->dbFetch();
				$sesilogin=array(
					"nim"=>$log['nim'],
					"prodi"=>$log['idProdi'],
					"nmprodi"=>$log['nmProdi'],
					"nama_lengkap"=>$log['nmLengkap'],
					"id"=>$log['idmhs'],
					"status"=>$log['status']
				);
								
				$_SESSION['login-mhs']=$sesilogin;
				
				$update = "UPDATE tbmhs SET password = '{$passwordMD5}' WHERE idmhs = {$log['idmhs']}";
			    $db->runQuery($update);
			    
				echo json_encode(
					array(
					"result" =>TRUE,
					"msg" =>"Login Sukses."
					));
			}else{
				//username tidak terdaftar
                $thnMasuk = '20'.substr($username, 5, 2);
				$insert = "INSERT INTO tbmhs(nim, password, nmLengkap, idProdi, thnmasuk, status, bolehUploadDraft) VALUES ('{$username}', '{$passwordMD5}', '{$namaMahasiswa}', '2', '{$thnMasuk}', 'A', '0')";
			    $db->runQuery($insert);
			    
			    $check="SELECT tm.nim,tm.idmhs,tm.password,tm.nmLengkap,tm.idProdi,tp.nmProdi,tm.status FROM tbmhs tm LEFT JOIN tbprodi tp ON (tm.idProdi=tp.idProdi) WHERE tm.nim='$username' LIMIT 1";
		    	$db->runQuery($check);
		    	    
		    	$log=$db->dbFetch();
				$sesilogin=array(
					"nim"=>$log['nim'],
					"prodi"=>$log['idProdi'],
					"nmprodi"=>$log['nmProdi'],
					"nama_lengkap"=>$log['nmLengkap'],
					"id"=>$log['idmhs'],
					"status"=>$log['status']
				);
				
				$_SESSION['login-mhs']=$sesilogin; 
				echo json_encode(
					array(
					"result" =>TRUE,
					"msg" =>"Login Sukses."
					));
			    
			}
		break;
		
		case 'logout':
			unset($_SESSION['login-mhs']);
			echo json_encode(array("result"=>true));
		break;

		case 'recoverpass' : // coming soon
			$email=$_POST['email'];
			$query="SELECT * FROM tbmhs WHERE email='$email' limit 1";
			$db->runQuery($query);
			if($db->dbRows()>0){
				$r=$db->dbFetch();
				$idmh=$r['idmhs'];
				$username=$r['nim'];
				$password=$r['password'];
				$date=date('Y-m-d H:i:s');
				$recoverkey=md5($password.$username.$date);
				$recover="INSERT INTO temp_resetpass SET tglrecover='$date', iduser='$idmh', jenis='M', rkey='$recoverkey'";
				//echo $recover;
				$db->runQuery($recover);

				//$linkreset="/~project/spota/request.php?key=$recoverkey";
				//script kirim email
				echo json_encode(array(
					"result" =>TRUE,
					"msg" =>"Terima Kasih, \nSilakan Cek Email Anda untuk reset password"
					));
			}else{
				echo json_encode(array(
					"result" =>FALSE,
					"msg" =>"Email tidak terdaftar."
					));
			}
		break;
		
		/*default:
		break;*/
	}

	
}

?>