<?php
header('Content-Type: application/json');
$mojisizefile = "../server/textsize.txt";

$banurldomainfile = "../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = array_filter(preg_split("/\r\n|\n|\r/", $banurl_info));

require('../db.php');

require("../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);

$pdo = null;
try {
    $option = array(
        PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
        PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
    );
    $pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
    // 接続エラーのときエラー内容を取得する
    $error_message[] = $e->getMessage();
}

if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['abitext'])) && safetext(isset($_POST['userid'])) && safetext(isset($_POST['account_id'])) && safetext(isset($_COOKIE['loginkey']))) {
    $userid = safetext($_POST['userid']);

    $postUniqid = safetext($_POST['uniqid']);
    $abitext = safetext($_POST['abitext']);
    $loginid = safetext($_POST['account_id']);
    $loginkey = safetext($_COOKIE['loginkey']);

    $is_login = uwuzuUserLoginCheck($loginid, $loginkey, "user");
    if ($is_login === false) {
        echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']);
        exit;
    }elseif(is_sameUserid($userid, $is_login["userid"]) === true){
        $abidate = date("Y-m-d H:i:s");

        $query = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1');

        $query->execute(array(':uniqid' => $postUniqid));

        $result = $query->fetch();

        if($result["account"] === $userid){
            $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1');

            $query->execute(array(':userid' => $userid));

            $result2 = $query->fetch();

            if($result2["loginid"] === $loginid){
                if($result["abi"] == "none" && (!($result2["role"] == "ice"))){
                    // 文字数を確認
                    if( (int)safetext(file_get_contents($mojisizefile)) < mb_strlen(str_replace("\r\n", "\n", $abitext), 'UTF-8') ) {
                        $err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters";
                        $response = array(
                            'error_code' => $err,
                        );
                        echo json_encode($response, JSON_UNESCAPED_UNICODE);
                        exit;
                    }
                    // 禁止url確認
                    if(!(empty($banurl))){
                        for($i = 0; $i < count($banurl); $i++) {
                            if (false !== strpos($abitext, 'https://'.$banurl[$i])) {
                                $err = "contains_prohibited_url";
                                $response = array(
                                    'error_code' => $err,
                                );
                                echo json_encode($response, JSON_UNESCAPED_UNICODE);
                                exit;
                            }
                        }
                    }
                    

                    try {
                        $pdo->beginTransaction();

                        $stmt = $pdo->prepare("UPDATE ueuse SET abi = :abi, abidate = :abidate WHERE uniqid = :uniqid AND account = :userid");
                        $stmt->bindValue(':abi', $abitext, PDO::PARAM_STR);
                        $stmt->bindValue(':abidate', $abidate, PDO::PARAM_STR);
                        $stmt->bindValue(':uniqid', $postUniqid, PDO::PARAM_STR);

                        $stmt->bindValue(':userid', $userid, PDO::PARAM_STR);
                        
                        // SQLクエリの実行
                        $res = $stmt->execute();

                        // コミット
                        $pdo->commit();

                        $mentionedUsers = get_mentions_userid($abitext);

                        foreach ($mentionedUsers as $mentionedUser) {
                            $touserid = safetext($mentionedUser);
                            $datetime = date("Y-m-d H:i:s");
                            $msg = safetext("" . $abitext . "");
                            $title = safetext("" . $result2["username"] . "さんにメンションされました！");
                            $url = safetext("/!" . $postUniqid . "~" . $userid . "");
                            $userchk = 'none';
                            $category = 'mention';
                    
                            send_notification($touserid,$userid,$title,$msg,$url,$category);
                        }

                        if ($res) {
                            echo json_encode(['success' => true]);
                            exit;
                        } else {
                            echo json_encode(['success' => false, 'error' => '追加に失敗しました。']);
                            exit;
                        }
                    } catch(PDOException $e) {
                        echo json_encode(['success' => false, 'error' => 'データベースエラー：' . $e->getMessage()]);
                        exit;
                    }
                }else{
                    echo json_encode(['success' => false, 'error' => 'すでに追記済みです。']);
                    exit; 
                }

                
            }
        }
    }else{
        echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']);
        exit;
    }
}
?>