<?php
// 
// OpenSMTPD Admin 
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: create-admin.php
//
// Template File: admin_create-admin.tpl
//
//
// Template Variables:
//
// tMessage
// tUsername
// tDomains
//
// Form POST \ GET Variables:
//
// fUsername
// fPassword
// fPassword2
// fDomains
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");

$list_domains = list_domains();
$list_admins = list_admins();

if ($_SERVER['REQUEST_METHOD'] == "POST") {
	$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
	$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
	$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
	$domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));

	if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
		$message = $PALANG['pAdminCreate_admin_username_error'];
	}

	if (empty($password1) or ($password1 != $password2)) {
		$message = $PALANG['pAdminCreate_admin_password_error'];
	}

	if (empty($domains['domains'])) {
		$message = $PALANG['pAdminCreate_admin_domain_error'];
	}

	if (empty($message)) {
		$hashed = bcrypt($password1);
		try {
			$dbh = connect_db();
			$sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
			$sth->bindParam(1, $username, PDO::PARAM_STR);
			$sth->bindParam(2, $hashed, PDO::PARAM_STR);
			$sth->execute();
			foreach ($domains['domains'] as $row) {
				$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
				$sth->bindParam(1, $username, PDO::PARAM_STR);
				$sth->bindParam(2, $row, PDO::PARAM_STR);
				$sth->execute();
			}
			$message = $PALANG['pAdminCreate_admin_result_succes'] . "<br />($username)</br />";
		} catch(PDOException $e)  {
			$message = $PALANG['pAdminCreate_admin_result_error'] . "<br />($username)<br />";
		}	
	}

}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_create-admin.tpl");
include("../templates/footer.tpl");
?>