<?php

class FlexyBugs extends HTML_FlexyFramework_Page 
{
    //var $template = 'index.html';
    var $masterTemplate = 'index.xul';
    
    var  $spamprotect = array(
        'ourkey' => '',
        'ourhash' => '',
        'keygenerated' => ''
    );
    var $isAuth = false;
    var  $spamkey = '';
    var $viewBug = '';
    
    function getAuth() {
        // fire up the session if correctly configured..
        $dev = DB_DataObject::factory('bugdb_developers');
        if (isset($_GET['logout'])) {
            $dev->logout();
        }
        $this->authenticated = $dev->isLoggedIn();
        if (!$this->authenticated) {
            HTML_FlexyFramework::run('Login');
            exit;
        }
        return true; // everyone allowed in
    }
    
    function isAuth() {
        $dev = DB_DataObject::factory('bugdb_developers');
        return $dev->isLoggedIn();
    }
    
    
    function getAuthId()
    {
        $dev = DB_DataObject::factory('bugdb_developers');
        $dev->loadLoggedInUser();
        return $dev->id;
       }
    
    function isDeveloper()
    {
        $dev = DB_DataObject::factory('bugdb_developers');
        $dev->loadLoggedInUser();
        if ($dev->group_id > 0) {
           return true;
        }
    }
    
    function isAdmin()
    {
        $dev = DB_DataObject::factory('bugdb_developers');
        $dev->loadLoggedInUser();
        if ($dev->group_id > 1) {
           return true;
        }
       
    }
    
    function canSeeProject($id) 
    {
        if ($this->isAdmin) {
            return true;
        }
        $prj = DB_DataObject::factory('bugdb_projects');
        if (!$prj->get($id)) {
            return false;
        }
        if ($prj->is_public) {
            return true;
        }
        $dev = DB_DataObject::factory('bugdb_developers');
        $dev->loadLoggedInUser();
        $up = DB_DataObject::factory('UserProjects');
        $up->user_id = $dev->id;
        $up->project_id = $id;
        if ($up->find()) {
            return true;
        }
        return false;
    }
    function getUserProjects() // array or true for all projects.
    {
        if ($this->isAdmin()) {
            return true;
        }
        
        $dev = DB_DataObject::factory('bugdb_developers');
        $dev->loadLoggedInUser();
        $up = DB_DataObject::factory('UserProjects');
        $up->user_id = $dev->id;
        $ret = array();
        $up->find();
        while($up->fetch()) {
            $ret[] = $up->project_id;
        }
        return $ret;
    }
    
    function get($id) {
        //print_r($_SESSION);
        if ($id == 'blank') {
            $this->masterTemplate = 'blank.html';
        }
        if ($id == 'AccessDenied') {
            $this->masterTemplate = 'access_denied.html';
           return;
        }
        
        if (preg_match('/^[0-9]+$/',$id) && $id) {
            $this->viewBug = (int) $id;
            //return HTML_FlexyFramework::run('View/'.((int)$id));
        }
        
        $this->isAuth = $this->isAuth();
        if (!empty($id) && !$this->viewBug) {
            echo "UNKNOWN get request!";
            exit;
        }
        
    }
     
    function generateSpamProtect()
    {
        if (!empty($spamkey)) {
            return;
        }
        $file = ini_get('session.save_path').'/spamkey.txt';
        // spamkey old or doesnt exist....
        if (!file_exists($file) || filemtime($file) < (time() - 100000))  {
            //echo '<font color="red">generating key?</font>'.$file;
            $this->spamkey = md5(rand());
            $fh = fopen($file,'w');
            fwrite($fh,$this->spamkey);
            fclose($fh);
            clearstatcache();
        } else {
            $this->spamkey = trim(file_get_contents($file));
        }
        if (empty($this->spamkey)) {
            unlink($file);
            clearstatcache();
            return $this->generateSpamProtect(); // this could cause problems
        }
        $this->spamprotect['ourkey'] = md5(rand()); // a random string.
        $this->spamprotect['keygenerated'] = time();
        //print_R(array($this->ourkey , $this->spamkey , $this->keygenerated));
        
        $this->spamprotect['ourhash'] = md5($this->spamprotect['ourkey'] . $this->spamkey.  $this->spamprotect['keygenerated']);
       // fb7ae7bd7c79bfe79de13eae589b0cdd [1] => 2343f5279a6ffe93355fd051fc3ef842 [2] => 1129637936
    }
    function validatedSpamKey()
    {
        $this->generateSpamProtect(); // may give us a different number very occasionally.
        if (empty($_POST['spamprotect'])) {
            return false;
        }
        if ($_POST['spamprotect']['ourhash'] != md5($_POST['spamprotect']['ourkey'] . $this->spamkey.  $_POST['spamprotect']['keygenerated'])) {
            return false;
        }
            
        // is the time within reasonable limits...
        $diff = time() -  $_POST['spamprotect']['keygenerated'];  // this should be posative, and > 360 seconds.
        //print_r($diff);
        if ($diff > 0 & $diff < 360) {
            return true;
        }
          
        return false;
    }
    
    function output()
    {
        
        if (preg_match('/\.xul$/',$this->masterTemplate)) {
            header('Content-Type: application/vnd.mozilla.xul+xml');    
        }
       
        
        parent::output();
    }
    
}