<?php
/*引入檔案（初始設定）*/
require_once 'header.php';
$page_title = '活動報名系統';

/*執行流程*/
try
{
    $action_id = isset($_REQUEST['action_id']) ? intval($_REQUEST['action_id']) : '';
    switch ($op) {
        //登入
        case 'login':
            login();
            header("location: index.php");
            exit;

        case 'logout':
            logout();
            header("location: index.php");
            exit;

        case "regist":
            break;

        case "insert_user":
            insert_user();
            header("location: index.php");
            exit;

        case "signup":
            signup($action_id);
            header("location: index.php?action_id=$action_id");
            exit;

        //預設動作
        default:
            if ($action_id) {
                $op = 'show_action';
                show_action($action_id);
                list_signups($action_id);
            } else {
                $op = 'list_actions';
                list_actions();
            }
            break;
    }
} catch (exception $e) {
    $error = $e->getMessage();
}

/*輸出結果*/
require_once "footer.php";

/*自訂函數區*/

//登出
function logout()
{
    unset($_SESSION['group']);
    unset($_SESSION['name']);
    unset($_SESSION['uid']);
    unset($_SESSION['email']);
    // session_destroy();
    // unset($_SESSION);
}

//登入
function login()
{
    global $db;

    $email = clean_var('email', 'email', FILTER_VALIDATE_EMAIL);

    // 連線資料庫
    $sql = "select * from `users` where email='{$email}'";
    if (!$result = $db->query($sql)) {
        throw new Exception($db->error);
    }

    $data = $result->fetch_assoc();

    if (password_verify($_POST['pass'], $data['pass'])) {
        $_SESSION['group'] = $data['group'];
        $_SESSION['name']  = filter_var($data['name'], FILTER_SANITIZE_SPECIAL_CHARS);
        $_SESSION['uid']   = $data['uid'];
        $_SESSION['email'] = filter_var($data['email'], FILTER_SANITIZE_SPECIAL_CHARS);
    } else {
        throw new Exception("登入失敗！");
    }
}

//新增使用者
function insert_user()
{
    global $db, $admin_id;

    // 過濾變數
    $name  = clean_var('name', '姓名');
    $pass  = clean_var('pass', '密碼');
    $pass  = password_hash($pass, PASSWORD_DEFAULT);
    $email = clean_var('email', 'email', FILTER_VALIDATE_EMAIL);
    $group = ($email == $admin_id) ? 'admin' : 'user';

    // 連線資料庫
    $sql = "insert into `users` (`name`, `pass`, `email`, `group`) values('$name', '$pass','$email','$group')";
    if (!$db->query($sql)) {
        throw new Exception($db->error);
    }

    // $uid = $db->insert_id;
    // return $uid;
}

//列出所有活動
function list_actions()
{
    global $db, $smarty;

    $sql = "select * from `actions` where enable='1' order by action_date desc";
    if (!$result = $db->query($sql)) {
        throw new Exception($db->error);
    }

    $actions = [];
    while ($data = $result->fetch_assoc()) {
        $actions[] = $data;
    }
    $smarty->assign('actions', $actions);
    // die(var_export($actions));
}

function show_action($action_id)
{
    global $db, $smarty;

    $sql = "select * from `actions` where action_id='{$action_id}'";
    if (!$result = $db->query($sql)) {
        throw new Exception($db->error);
    }

    $data = $result->fetch_assoc();

    $smarty->assign('action', $data);
}

//新增報名
function signup($action_id)
{
    global $db;

    $uid = $_SESSION['uid'];

    $sql = "INSERT INTO `signups` ( `uid`, `action_id`, `signup_date`)
    VALUES ('{$uid}', '{$action_id}', now())";
    if (!$db->query($sql)) {
        throw new Exception($db->error);
    }
}

//列出所有活動報名者
function list_signups($action_id)
{
    global $db, $smarty;

    $sql = "select a.*, b.* from `signups` as a
    join `users` as b on a.`uid`=b.`uid`
    where a.action_id='{$action_id}'";

    if (!$result = $db->query($sql)) {
        throw new Exception($db->error);
    }

    $signups = [];
    while ($data = $result->fetch_assoc()) {
        $signups[] = $data;
    }
    $smarty->assign('signups', $signups);
}