#!/usr/bin/env php
<?php
/**
 * The Strangecode Codebase - a general application development framework for PHP
 * For details visit the project site: <http://trac.strangecode.com/codebase/>
 * Copyright 2001-2012 Strangecode, LLC
 *
 * This file is part of The Strangecode Codebase.
 *
 * The Strangecode Codebase is free software: you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your option)
 * any later version.
 *
 * The Strangecode Codebase is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with
 * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
 */

/*
* user.cli.php
*
* @author   Quinn Comendant <quinn@strangecode.com>
* @version  1.0
* @since    02 May 2019 14:21:12
*/

/********************************************************************
* CONFIG
********************************************************************/

// Find a _config.inc.php file and load it.
$_config_file = false;
$rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator('.'));
$rii->setMaxDepth(1);
foreach ($rii as $filename => $file) {
    if (mb_strpos($filename, '/_config.inc.php') !== false
    && preg_match('/^\$auth = new Auth/m', file_get_contents($filename))
    && preg_match('/^\$(db|pdo) =/m', file_get_contents($filename))) {
        $_config_file = $filename;
        echo "Loading $_config_file\n";
        break;
    }
}
if (!$_config_file) {
    echo "Error: could not find a satisfactory _config.inc.php in current directory or subdirectories.\n";
    exit(1);
}
define('_CLI', true);
require_once $_config_file;

/********************************************************************
* MAIN
********************************************************************/

if (isset($CFG) && is_object($CFG)) {
    echo "user.cli.php is not compatible with codebase v1.\n";
    exit(1);
}

if (!isset($db) || !($db instanceof \DB)) {
    echo "This project doesn't have a \$db object.\n";
    exit(1);
}

if (!isset($auth) || !($auth instanceof \Auth_SQL)) {
    echo "This project doesn't have an \$auth object.\n";
    exit(1);
}

if (!$auth->getParam('db_table') ||
    !$auth->getParam('db_primary_key') ||
    !$auth->getParam('db_username_column')) {
    echo "This project's \$auth object does not have the required db_* parameters.\n";
    exit(1);
}

// COMMAND
$command = User_CLI::getArg(1, 'command');
switch ($command) {
case 'help':
    User_CLI::usage();
    exit(1);

case 'list':
    $users = User_CLI::getList();
    $positions = "%-3s  %-15s  %-30s  %-11s  %-15s\n";
    printf($positions,
        'ID',
        'USERNAME',
        'EMAIL',
        'LAST_ACCESS',
        'LAST_IP'
    );
    foreach ($users as $u) {
        printf($positions,
            $u[$auth->getParam('db_primary_key')],
            $u['username'],
            $u['email'],
            date($app->getParam('date_format'), strtotime($u['last_access_datetime'])),
            $u['last_login_ip']
        );
    }
    break;

case 'create':
    $username = User_CLI::getArg(2, 'username');
    $password = User_CLI::getArg(3, 'password', $auth->generatePassword());
    $email = User_CLI::getArg(4, 'email', '');
    $user_id = $auth->getUserID($username);
    if (false !== $auth->getUserID($username)) {
        printf("User `%s` already exists. Use `update` instead.\n", $username);
        exit(1);
    }
    $user_id = User_CLI::create($username, $password, $email);
    printf("Created user `%s` with password `%s` (user_id %s).\n", $username, $password, $user_id);
    break;

case 'update':
    $username = User_CLI::getArg(2, 'username');
    $password = User_CLI::getArg(3, 'password', $auth->generatePassword());
    if (!$user_id = $auth->getUserID($username)) {
        printf("User `%s` not found. Use `create` first.\n", $username);
        exit(1);
    }
    $auth->setPassword($user_id, $password);
    printf("Updated user `%s` with password `%s` (user_id %s).\n", $username, $password, $user_id);
    break;

case 'remove':
    $username = User_CLI::getArg(2, 'username');
    if (!$user_id = $auth->getUserID($username)) {
        printf("User `%s` not found.\n", $username);
        exit(1);
    }
    User_CLI::remove($username);
    printf("Removed user `%s` (user_id %s).\n", $username, $user_id);
    break;

default:
    printf("Unknown command: %s\n", $command);
    break;
}

// End of script.
exit(0);


/********************************************************************
* FUNCTIONS
********************************************************************/

/*
* Static methods for this script only.
*/
class User_CLI
{
    public static function getArg($pos, $name, $default=null)
    {
        if (isset($_SERVER['argv'][$pos]) && $_SERVER['argv'][$pos] != '') {
            return $_SERVER['argv'][$pos];
        }

        if (null === $default) {
            printf("Required argument %s is missing. Lost? Try `%s help`.\n", strtoupper($name), basename($_SERVER['argv'][0]));
            exit(1);
        }

        return $default;
    }

    public static function getList()
    {
        global $auth, $db;

        $qid = $db->query("
            SELECT *
            FROM `" . $auth->getParam('db_table') . "`
            LIMIT 1000
        ");
        $results = array();
        while ($row = mysql_fetch_assoc($qid)) {
            $results[] = $row;
        }

        return $results;
    }

    public static function create($username, $password, $email)
    {
        global $auth, $db;

        $qid = $db->query("DESCRIBE " . $auth->getParam('db_table'));
        $cols = array();
        while ($row = mysql_fetch_row($qid)) {
            $cols[] = $row[0];
        }
        $addtl_cols = array();
        $addtl_vals = array();
        if (in_array('account_id', $cols)) {
            $addtl_cols[] = ", account_id";
            $addtl_vals[] = ", '1'";
        }
        if (in_array('email', $cols) && '' != $email) {
            $addtl_cols[] = ", email";
            $addtl_vals[] = sprintf(", '%s'", $db->escapeString($email));
        }
        $db->query("
            INSERT INTO `" . $auth->getParam('db_table') . "` (
                `" . $auth->getParam('db_primary_key') . "`,
                " . $auth->getParam('db_username_column') . join("\n", $addtl_cols) . "
            ) VALUES (
                NULL,
                '" . $db->escapeString($username) . "'" . join("\n", $addtl_vals) . "
            )
        ");
        $user_id = mysql_insert_id($db->getDBH());
        $auth->setPassword($user_id, $password);

        return $user_id;
    }

    public static function remove($username)
    {
        global $auth, $db;

        $qid = $db->query("
            DELETE FROM `" . $auth->getParam('db_table') . "`
            WHERE `" . $auth->getParam('db_username_column') . "` = '" . $db->escapeString($username) . "'
        ");
    }

    public static function usage()
    {
        ?>
Manage codebase (Auth_SQL) user accounts.

Usage: <?php echo basename($_SERVER['argv'][0]); ?> COMMAND […]

COMMANDS

    help                                Display this help
    list                                List all users.
    create USERNAME [PASSWORD] [EMAIL]  Create a user USERNAME authenticated by PASSWORD.
    update USERNAME [PASSWORD]          Update the password for user USERNAME to PASSWORD.

If PASSWORD is not given, a random password will be generated and printed to the screen.

This script must be run in a common site directory configured with a DB auth file,
e.g., `lib/db_auth.json`, readable by the user executing this script.
<?php
    }
}