<?php

$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);

header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");



$pdo = null;
try {
    $option = array(
        PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
        PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
    );
    $pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
    // 接続エラーのときエラー内容を取得する
    $error_message[] = $e->getMessage();
}

$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
    // トークン取得
    $token = getAPIToken();
    if($token == "_ERR:INPUT_NOT_FOUND"){
        $err = "input_not_found";
        $response = array(
            'error_code' => $err,
            'success' => false
        );
        http_response_code(401);
        echo json_encode($response, JSON_UNESCAPED_UNICODE);
        exit;
    }
    if($token == "_ERR:FORMAT_FIFFERENT"){
        $err = "token_invalid";
        $response = array(
            'error_code' => $err,
            'success' => false
        );
        http_response_code(403);
        echo json_encode($response, JSON_UNESCAPED_UNICODE);
        exit;
    }

    session_start();
    
    if( !empty($pdo) ) {
        $tokenQuery = $pdo->prepare("SELECT userid, scope FROM api WHERE token = :token");
        $tokenQuery->bindValue(':token', $token);
        $tokenQuery->execute();
        $tokenData = $tokenQuery->fetch();
        
        if(!(empty($tokenData["userid"]))){
            $allow_scope = array_unique(array_map('trim', explode(",", $tokenData["scope"])));
            $userdata = getUserData($pdo, $tokenData["userid"]);
            
            $response = array(
                'allow_scopes' => $allow_scope,
                'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
                'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
                'success' => true
            );
            echo json_encode($response, JSON_UNESCAPED_UNICODE);
        }else{
            $userQuery = $pdo->prepare("SELECT * FROM account WHERE token = :token");
            $userQuery->bindValue(':token', $token);
            $userQuery->execute();
            $userData = $userQuery->fetch();
    
            if(empty($userData["userid"])){
                $response = array(
                    'error_code' => 'token_invalid',
                    'success' => false
                );
                http_response_code(403);
                echo json_encode($response, JSON_UNESCAPED_UNICODE);
            }elseif($userData["role"] === "ice"){
                $response = array(
                    'error_code' => 'this_account_has_been_frozen',
                    'success' => false
                );
                http_response_code(400);
                echo json_encode($response, JSON_UNESCAPED_UNICODE);
            }else{
                $response = array(
                    'error_code' => 'could_not_complete',
                    'success' => false
                );
                http_response_code(500);
                echo json_encode($response, JSON_UNESCAPED_UNICODE);
            }
        }
    }
}else{
    $err = "input_not_found";
    $response = array(
        'error_code' => $err,
        'success' => false
    );
    http_response_code(401);
    echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>