<?php
namespace App\Controllers;
use CodeIgniter\Cookie\Cookie;
use DateTime;

helper('cookie');
class Auth extends BaseController {
	
	public function login() {
		$data['userid'] = get_cookie('userid');
		$data['password'] = get_cookie('password');
		if ($this->request->getMethod() === 'POST') {
			$userid = $this->request->getVar('userid');
			$password = $this->request->getVar('password');
			$remember = $this->request->getVar('remember');
			
			$data['userid'] = $userid;
			$data['password'] = $password;
		
			$db = \Config\Database::connect();
			$sql = "SELECT u.USERID, u.USERNAME, u1.PASSWORD, ur.USERROLENAME
FROM USERS u
	left join cmod.dbo.CM_USERS u1 on u.USERID=u1.USERID
	left join cmod.dbo.CM_USERROLES ur on u1.USERROLEID=ur.USERROLEID
WHERE u.USERID='$userid'";
			$query = $db->query($sql);
			$result = $query->getResultArray();
			$row = $result[0];
			if(isset($row)) {
				$qpassword = $row['PASSWORD'];
				$userid = $row['USERID'];
				$username = $row['USERNAME'];
				$userrole = $row['USERROLENAME'];
				// if pass empty then first login / reset password
				$data['password']=$password;
				$data['qpassword']=$qpassword;
				if( password_verify($password, $qpassword) || $qpassword == '' ) {
					if($qpassword == '') { session()->setFlashdata('alertmsg', 'Please change your <b>password</b> first...'); }
					if( isset($data['remember']) ) {
						$time = 30*24*60*60;// 30days
						set_cookie ("userid", $data['userid'], $time);  
						set_cookie ("password", $data['password'], $time);
						set_cookie ("remember", $data['remember'], $time);
						//echo "cookie set";
					} else {
						delete_cookie ("userid");
						delete_cookie ("password");
						delete_cookie ("remember");
					}
					$sessiondata = [
						'userid' => $userid,
						'userrole' => $userrole,
						'username' => $username,
					];
					session()->set( $sessiondata );
					return redirect()->to('/');
				} else {
					session()->setFlashdata('error', 'Password not valid');
					return view('auth_login',$data);
				}				
			}
		}
		return view('auth_login',$data);
	}
	
	public function logout() {
		session()->destroy();
        return redirect()->to('/auth/login');
	}
	
	public function redirects() {
		$role = session()->get('userrole');
		return redirect()->to("/$role/");;
	}
	
	public function setpass($userid) {
		if ($this->request->getMethod() === 'POST') {
			$password = $this->request->getPost('password');
			$password = password_hash($password,PASSWORD_DEFAULT);
			$db = \Config\Database::connect();
			$sql = "update cmod.dbo.CM_USERS set PASSWORD='$password' where USERID='$userid'";
			$db->query($sql);
			return redirect()->to("/auth/login");
		} else {
			$data['userid'] = strtoupper($userid);
			return view('auth_setpass', $data);
		}
	}
	
	public function loginTD() {
		$sessiondata = [
			'userid' => 'SYSTEM',
			'userinitials' => 'SYS',
			'fullname' => 'SYSTEM',
		];
		
		session()->set( $sessiondata );
		
		return redirect()->to('/');
	}
	
	public function noAccess() {
		return view('noAccess');
	}
}