<?php

require_once('config.php');

$username = 'kamar';
$password = 'kamar1234';
$authcheck = "Basic " . base64_encode($username . ':' . $password);

$outpath = '/srv/online.mhjc.school.nz/public/';

$xmlstring = "<?xml version = '1.0' encoding = 'UTF-8'?>\n";
$xmlstring .= "<SMSDirectoryData>\n";
$xmlstring .= "\t<error>0</error>\n";
$xmlstring .= "\t<result>OK</result>\n";
$xmlstring .= "\t<service>All</service>\n";
$xmlstring .= "\t<version>1.0</version>\n";
$xmlstring .= "\t<status>Ready</status>\n";
$xmlstring .= "\t<infourl>https://online.mhjc.school.nz/</infourl>";
$xmlstring .= "\t<privacystatement>Our privacy policy is captured on our website. Please email us if you have any queries.</privacystatement>";
$xmlstring .= "\t<options>\n";
$xmlstring .= "\t\t<ics>true</ics>\n";
$xmlstring .= "\t\t<students>\n";
$xmlstring .= "\t\t\t<details>true</details>\n";
$xmlstring .= "\t\t\t<passwords>true</passwords>\n";
$xmlstring .= "\t\t\t<photos>true</photos>\n";
$xmlstring .= "\t\t\t<awards>true</awards>\n";
$xmlstring .= "\t\t\t<timetables>true</timetables>\n";
$xmlstring .= "\t\t\t<attendance>true</attendance>\n";
$xmlstring .= "\t\t\t<assessments>true</assessments>\n";
$xmlstring .= "\t\t\t<pastoral>true</pastoral>\n";
$xmlstring .= "\t\t\t<learningsupport>true</learningsupport>\n";
$xmlstring .= "\t\t\t<fields>\n";
$xmlstring .= "\t\t\t\t<required>uniqueid;nsn;firstname;lastname;gender;whanau;datebirth;yearlevel;tutor</required>";
$xmlstring .= "\t\t\t\t<optional>forenames;username;password;languagespoken;startingdate;startschooldate;leavingdate;leavingreason;leavingschool;caregivers;caregivers1;caregivers2;caregivers3;caregivers4;caregiver.email;ethnicity;ethnicityL1;ethnicityL2;ethnicityL3;accountdisabled</optional>\n";
$xmlstring .= "\t\t\t</fields>\n";
$xmlstring .= "\t\t</students>\n";
$xmlstring .= "\t\t<staff>\n";
$xmlstring .= "\t\t\t<details>true</details>\n";
$xmlstring .= "\t\t\t<passwords>true</passwords>\n";
$xmlstring .= "\t\t\t<photos>true</photos>\n";
$xmlstring .= "\t\t\t<timetables>true</timetables>\n";
$xmlstring .= "\t\t\t<fields>\n";
$xmlstring .= "\t\t\t\t<required>uniqueid;firstname;lastname</required>";
$xmlstring .= "\t\t\t</fields>\n";
$xmlstring .= "\t\t</staff>\n";
$xmlstring .= "\t\t<common>\n";
$xmlstring .= "\t\t\t<subjects>true</subjects>\n";
$xmlstring .= "\t\t\t<notices>true</notices>\n";
$xmlstring .= "\t\t\t<calendar>true</calendar>\n";
$xmlstring .= "\t\t\t<bookings>true</bookings>\n";
$xmlstring .= "\t\t</common>\n";
$xmlstring .= "\t</options>\n";
$xmlstring .= "</SMSDirectoryData>";

ob_start();
$serverProtocole = filter_input(INPUT_SERVER, 'SERVER_PROTOCOL', FILTER_SANITIZE_SPECIAL_CHARS);
//header($serverProtocole.' 200 OK');
header("Content-type: application/xml");
header("Content-Encoding: none");

//Get Data
$data = @file_get_contents('php://input', false, stream_context_create(['http' => ['ignore_errors' => true]]));

//output data to a temporary file for debugging
//$tfile = fopen("/tmp/kamarxml".time().".xml", "w") or die ("unable to open file for writing!");
//fwrite($tfile, $data);
//fclose($tfile);

$auth = $_SERVER['HTTP_AUTHORIZATION'];

if ($auth != $authcheck) {
	$xmlstring = "<?xml version = '1.0' encoding = 'UTF-8'?>\n";
	$xmlstring .= "<SMSDirectoryData>\n";
	$xmlstring .= "\t<error>403</error>\n";
	$xmlstring .= "\t<result>Authentication Failed</result>\n";
	$xmlstring .= "</SMSDirectoryData>";

	$xml = new SimpleXMLElement($xmlstring);
	echo $xml->asXML();
} elseif (!isset($data)) {
	$xmlstring = "<?xml version = '1.0' encoding = 'UTF-8'?>\n";
	$xmlstring .= "<SMSDirectoryData>\n";
	$xmlstring .= "\t<error>401</error>";
	$xmlstring .= "\t<result>No Data</result>";
	$xmlstring .= "\t<service>All</service>";
	$xmlstring .= "\t<version>1.0</version>";
	$xmlstring .= "</SMSDirectoryData>";

	$xml = new SimpleXMLElement($xmlstring);
	echo $xml->asXML();
}

//Check for data
elseif (stripos($data, 'sync="check"') > 0) {
	$xml = new SimpleXMLElement($xmlstring);
	echo $xml->asXML();
} else {

	$find = [];
	$find[] = "\x0D";
	$find[] = "&";

	$replace = [];
	$replace[] = "\n";
	$replace[] = "&amp;";

	$outdata = str_replace($find, $replace, $data);

	$dom = new DOMDocument;
	$dom->preserveWhiteSpace = true;
	$dom->loadXML($outdata);

	//$tempfile = fopen("/srv/online.mhjc.school.nz/enrolmentsmhjc/" .time().".tmp", "a") or die("unable to open file for writing!");
	//foreach($dom->getElementsByTagName('user') as $tmpoutput) {
	//	fwrite($tempfile, $dom->saveXML($tmpoutput));
	//}
	//fclose($tempfile);
	$calfind = [];
	$calfind[] = "CREATED:";
	$calfind[] = "END:VEVENT";
	$calfind[] = "&amp;";
	$calfind[] = "&#257;";
	$calfind[] = "&apos;";
	$calfind[] = "&quot;";

	$calreplace = [];
	$calreplace[] = "DTSTAMP:";
	$calreplace[] = "ORGANIZER:\r\nEND:VEVENT";
	$calreplace[] = "and";
	$calreplace[] = "a";
	$calreplace[] = "'";
	$calreplace[] = "\"";

	$calendar = "";
	//$calendar = $dom->getElementsByTagName('calendars')->item(0)->getElementsByTagName('all')->item(0)->nodeValue;
	foreach($dom->getElementsByTagName('calendars') as $calendardom) {
		if(! is_null($calendardom)) {
			$calendar .= $calendardom->getElementsByTagName('all')->item(0)->nodeValue;
		}
	}
	//$dom->save('/tmp/teachercal'.time().'.ics');
	$calendarout = str_replace($calfind, $calreplace, $calendar);
	$calendarrn = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\r\n", $calendarout);

	$calendarwrap = "";
	foreach (explode("\r\n", $calendarrn) as $calendarexploded) {
		if (strlen($calendarexploded) > 75) {
			$calendarwrap .= wordwrap($calendarexploded, 74, "\r\n ", TRUE) . "\r\n";
		} else {
			$calendarwrap .= $calendarexploded . "\r\n";
		}
	}

	$tcfile = fopen($outpath . "Teacher_Calendar.ics", "w");
	if ($tcfile) {
		fwrite($tcfile, $calendarwrap);
		fclose($tcfile);
	} else {
		error_log("Could not write calendar file in: " . $outpath . "\n");
	}

	$mysqli = new mysqli($CFG->dbhost, $CFG->dbuser, $CFG->dbpass);

	//$dom->save('/tmp/studentxml'.time().'.xml');

	foreach ($dom->getElementsByTagName('user') as $student) {
		$record = [];
		$record['id'] = $student->getAttribute('id');
		if (!is_null($student->getElementsByTagName('nsn')->item(0)->nodeValue)) {
			$record['nsn'] = $student->getElementsByTagName('nsn')->item(0)->nodeValue;
		} else {
			$record['nsn'] = 'NULL';
		}
		$record['firstname'] = $student->getElementsByTagName('firstname')->item(0)->nodeValue;
		$record['lastname'] = $student->getElementsByTagName('lastname')->item(0)->nodeValue;
		$dob = \DateTime::createFromFormat('Ymd|', $student->getElementsByTagName('datebirth')->item(0)->nodeValue);
		$record['dob'] = ($dob !== false) ? $dob->format("d/m/Y") : "01/01/1970";
		$record['year'] = $student->getElementsByTagName('yearlevel')->item(0)->nodeValue;
		$record['class'] = $student->getElementsByTagName('tutor')->item(0)->nodeValue;
		switch (substr($record['class'], -2, 1)) {
			case "C":
				$record['whanau'] = "Coast";
				break;
			case "F":
				$record['whanau'] = "Forest";
				break;
			case "W":
				$record['whanau'] = "Water";
				break;
			case "M":
				$record['whanau'] = "Mountains";
				break;
			default:
				$record['whanau'] = "invalid";
		}
		if (!is_null($student->getElementsByTagName('caregiver')->item(0))) {
			$record['parent_email_1'] = $student->getElementsByTagName('caregiver')->item(0)->getElementsByTagName('email')->item(0)->nodeValue;
			$record['parent_password_1'] = base64_decode($student->getElementsByTagName('caregiver')->item(0)->getElementsByTagName('password')->item(0)->nodeValue);
		} else {
			$record['parent_email_1'] = "";
			$record['parent_password_1'] = "";
		}
		if (!is_null($student->getElementsByTagName('caregiver')->item(1))) {
			$record['parent_email_2'] = $student->getElementsByTagName('caregiver')->item(1)->getElementsByTagName('email')->item(0)->nodeValue;
			$record['parent_password_2'] = base64_decode($student->getElementsByTagName('caregiver')->item(1)->getElementsByTagName('password')->item(0)->nodeValue);
		} else {
			$record['parent_email_2'] = "";
			$record['parent_password_2'] = "";
		}
		if (!is_null($student->getElementsByTagName('caregiver')->item(2))) {
			$record['parent_email_3'] = $student->getElementsByTagName('caregiver')->item(2)->getElementsByTagName('email')->item(0)->nodeValue;
			$record['parent_password_3'] = base64_decode($student->getElementsByTagName('caregiver')->item(2)->getElementsByTagName('password')->item(0)->nodeValue);
		} else {
			$record['parent_email_3'] = "";
			$record['parent_password_3'] = "";
		}
		if (!is_null($student->getElementsByTagName('caregiver')->item(3))) {
			$record['parent_email_4'] = $student->getElementsByTagName('caregiver')->item(3)->getElementsByTagName('email')->item(0)->nodeValue;
			$record['parent_password_4'] = base64_decode($student->getElementsByTagName('caregiver')->item(3)->getElementsByTagName('password')->item(0)->nodeValue);
		} else {
			$record['parent_email_4'] = "";
			$record['parent_password_4'] = "";
		}
		$record['ethnicity'] = $student->getElementsByTagName('ethnicityL1')->item(0)->nodeValue;
		//$record['ethnicitycode'] = $student->getElementsByTagName('ethnicity')->item(0)->getElementsByTagName('code')->item(0)->nodeValue;
		$record['ethnicitycode'] = (!is_null($student->getElementsByTagName('ethnicity')->item(0))) ? $student->getElementsByTagName('ethnicity')->item(0)->getElementsByTagName('code')->item(0)->nodeValue : 61118;
		$record['gender'] = $student->getElementsByTagName('gender')->item(0)->nodeValue;
		$fat = \DateTime::createFromFormat('Ymd|', $student->getElementsByTagName('startingdate')->item(0)->nodeValue);
		$record['first_attendance'] = ($fat !== false) ? $fat->format('d/m/Y') : "01/01/1970";

		if (!is_null($student->getElementsByTagName('leavingschool')->item(0))) {
			$record['lschool'] = "'" . $student->getElementsByTagName('leavingschool')->item(0)->nodeValue . "'";
		} else {
			$record['lschool'] = 'NULL';
		}

		if (!is_null($student->getElementsByTagName('leavingdate')->item(0))) {
			$dleft = \DateTime::createFromFormat('Ymd|', $student->getElementsByTagName('leavingdate')->item(0)->nodeValue);
			$record['dateleft'] = "'" . $dleft->format('d/m/Y') . "'";
		} else {
			$record['dateleft'] = 'NULL';
		}

		if (strtolower($record['whanau']) != "invalid") {
			$sql = "INSERT INTO stuinfo (id, lastname, firstname, dob, year, class, whanau, parent_email_1, parent_email_2, parent_email_3, parent_email_4, parent_password_1, parent_password_2, parent_password_3, parent_password_4, gender, ethnicity, ethnicitycode, first_attendance, newflag, nsn, dateleft, lschool) VALUES (" . $record['id'] . ", '" . $record['lastname'] . "', '" . $record['firstname'] . "', '" . $record['dob'] . "', " . $record['year'] . ", '" . $record['class'] . "', '" . $record['whanau'] . "', '" . $record['parent_email_1'] . "', '" . $record['parent_email_2'] . "', '" . $record['parent_email_3'] . "', '" . $record['parent_email_4'] . "', '" . $record['parent_password_1'] . "', '" . $record['parent_password_2'] . "', '" . $record['parent_password_3'] . "', '" . $record['parent_password_4'] . "', '" . $record['gender'] . "', '" . $record['ethnicity'] . "', '" . $record['ethnicitycode'] . "', '" . $record['first_attendance'] . "', 1, " . $record['nsn'] . ", " . $record['dateleft'] . ", " . $record['lschool'] . ") ";
			$sql .= "ON DUPLICATE KEY UPDATE lastname='" . $record['lastname'] . "', firstname='" . $record['firstname'] . "', dob='" . $record['dob'] . "', year=" . $record['year'] . ", class='" . $record['class'] . "', whanau='" . $record['whanau'] . "', parent_email_1='" . $record['parent_email_1'] . "', parent_password_1='" . $record['parent_password_1'] . "', parent_email_2='" . $record['parent_email_2'] . "', parent_password_2='" . $record['parent_password_2'] . "', parent_email_3='" . $record['parent_email_3'] . "', parent_password_3='" . $record['parent_password_3'] . "', parent_email_4='" . $record['parent_email_4'] . "', parent_password_4='" . $record['parent_password_4'] . "', gender='" . $record['gender'] . "', ethnicity='" . $record['ethnicity'] . "', ethnicitycode='" . $record['ethnicitycode'] . "', first_attendance='" . $record['first_attendance'] . "', nsn=" . $record['nsn'] . ", dateleft=" . $record['dateleft'] .
				", lschool=" . $record['lschool'] . ";";

			$result = do_sql($sql, FALSE);
			if ($result == FALSE) {
				error_log("Error in database query: " . $sql . "\n");
				echo "Error performing query: " . $sql;
				echo "<br />\n";
			}
		}
		unset($record);
	}

	$resultsout = [];

	foreach ($dom->getElementsByTagName('studentresult') as $res) {
		// we are only exporting unit standards at this stage
		if($res->getElementsByTagName('type')->item(0)->nodeValue == "U") {
			// export all results just in case an enrolled has changed to not enrolled
			// standard number (int), enrolled (true|false), published (true|false), date (int|null), subject (string), result (string)
			// date code is in yyyymmdd format, adding hours, minutes and seconds so that they all have the same time
			$outdate = (empty($res->getElementsByTagName('date')->item(0)->nodeValue)) ? "19700101101010" : $res->getElementsByTagName('date')->item(0)->nodeValue."101010";
			$outarr = [
				$res->getElementsByTagName('number')->item(0)->nodeValue,
				$res->getElementsByTagName('enrolled')->item(0)->nodeValue,
				$res->getElementsByTagName('published')->item(0)->nodeValue,
				date_format(DateTime::createFromFormat('YmdHis', $outdate), 'U'),
				$res->getElementsByTagName('subject')->item(0)->nodeValue,
				$res->getElementsByTagName('result')->item(0)->nodeValue
			];
			$resultsout[$res->getAttribute('id')][] = $outarr;
		}
	}

	foreach($resultsout as $stuid => $ass) {
		$resultsfile = fopen("/srv/online.mhjc.school.nz/enrolmentsmhjc/" . $stuid . ".res", "a") or die("Unable to open attendance file for writing.");
		//foreach($ass as $assno => $enrolled) {
		foreach($ass as $enrolled) {
			//fwrite($resultsfile, $assno. "," . $enrolled . PHP_EOL);
			fputcsv($resultsfile, $enrolled);
		}
		fclose($resultsfile);
	}


	$attout = [];

	foreach ($dom->getElementsByTagName('studentattendance') as $att) {
		foreach ($att->getElementsByTagName('date') as $days) {
			$attout[$att->getAttribute('id')][$days->getAttribute('value')] = substr($days->getElementsByTagName('codes')->item(0)->nodeValue, 0, 5);
		}
	}

	foreach ($attout as $stuid => $attrec) {
		$attfile = fopen("/srv/online.mhjc.school.nz/enrolmentsmhjc/" . $stuid . ".att", "a") or die("Unable to open attendance file for writing.");
		foreach ($attrec as $attdate => $dayrec) {
			fwrite($attfile, $attdate . "," . $dayrec . PHP_EOL);
		}
		fclose($attfile);
	}


	// generate usernames and passwords for new students;
	$newstudents = do_sql("SELECT id, lastname, firstname FROM stuinfo WHERE newflag=1;", FALSE);
	//echo "Found " . count($newstudents) . " new students to set usernames and passwords.";
	foreach ($newstudents->results as $student) {
		$password = generate_pw($student['id'], 0);
		$ppassword = generate_ppw($student['id'], 0);

		$unoffset = 0;
		$username = generate_un($student['id'], $student['firstname'], $student['lastname'], $unoffset);
		$pusername = generate_pun($student['id'], $student['firstname'], $student['lastname'], $unoffset);

		$result = do_sql("UPDATE stuinfo SET username='" . $username . "', password='" . $password . "', parent_username='" . $pusername . "', parent_password='" . $ppassword . "' WHERE id=" . $student['id'], FALSE);

		//check for duplicate usernames and keep increasing until a unique one is found
		while($result->error == 1062 || $result->error == 1586 || $result->error == 1859 || $result->error == 3026) {
			$unoffset++;
			$username = generate_un($student['id'], $student['firstname'], $student['lastname'], $unoffset);
			$pusername = generate_pun($student['id'], $student['firstname'], $student['lastname'], $unoffset);

			$result = do_sql("UPDATE stuinfo SET username='" . $username . "', password='" . $password . "', parent_username='" . $pusername . "', parent_password='" . $ppassword . "' WHERE id=" . $student['id'], FALSE);
		}
	}

	//student timetable handler
	//$file = fopen("/tmp/studentxml".time().".xml", "w") or die ("unable to open file for writing!");
	//fwrite($file, $dom->saveXML());
	//fclose($file);

	foreach ($dom->getElementsByTagName('student') as $stimetable) {
		$calendarrn = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\r\n", str_replace($calfind, $calreplace, $stimetable->nodeValue));
		$stfile = fopen("/srv/online.mhjc.school.nz/enrolmentsmhjc/" . $stimetable->getAttribute('id') . ".ics", "w") or die("unable to open file for writing!");
		fwrite($stfile, $calendarrn);
		//fwrite($file, $dom->saveXML());
		fclose($stfile);
	}

	//staff timetable handler
	//$tempfile = fopen("/srv/online.mhjc.school.nz/enrolmentsmhjc/" . time() . ".tmp", "w") or die("Unable to open file for writing!");
	//fwrite($tempfile, $dom->saveXML());
	//fclose($tempfile);

	foreach ($dom->getElementsByTagName('teacher') as $ttimetable) {
		$calendarrn = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\r\n", str_replace($calfind, $calreplace, $ttimetable->nodeValue));
		$ttfile = fopen("/srv/online.mhjc.school.nz/enrolmentsmhjc/" . $ttimetable->getAttribute('id') . ".tics", "w") or die("Unable to open file for writing!");
		fwrite($ttfile, $calendarrn);
		fclose($ttfile);
	}

	//Generate Response
	$rstring = "<?xml version='1.0' encoding='UTF-8'?>\n";
	$rstring .= "<SMSDirectoryData>\n";
	//error_log("httpresponse: ".print_r($http_response_header, true));
	//error_log($data);
	$rstring .= "\t<error>0</error>\n";
	$rstring .= "\t<result>OK</result>\n";
	$rstring .= "</SMSDirectoryData>";

	//Display Response
	$xml = new SimpleXMLElement($rstring);
	echo $xml->asXML();
}

header('Connection: close');
header('Content-Length: ' . ob_get_length());
ob_end_flush();
ob_flush();
flush();