<?php
class Data{
	function __construct(){
                $this->link_database();
                $this->em_check_database();
                $this->read_variables();
                date_default_timezone_set($this->settings['timezone']);
        }
	
	function read_variables() {
	//reads all GET and POST variables into the object, addslashing both
		if (count($_POST)) {
			foreach ($_POST as $key => $val){
				$key=addslashes("r_".$key);
				if (is_array($val)) {
					for ($z=0;$z<count($val);$z++) {
						$val[$z]=addslashes($val[$z]);
					}
				}
				else {
					$val=addslashes($val);
				}
				$this->$key=$val;
			}
		}
		if (count($_GET)) {
			foreach ($_GET as $key => $val){
				$key=addslashes("r_".$key);
				if (is_array($val)) {
					for ($z=0;$z<count($val);$z++) {
						$val[$z]=addslashes($val[$z]);
					}
				}
				else {
					$val=addslashes($val);
				}

				$this->$key=$val;
			}
		}
	}//end of function read variables


	function link_database() {
		$this->databaselink = new mysqli(DB_HOST,DB_USER,DB_PW,DB_DATABASE);
		$this->databaselink->set_charset('utf8');
		if ($this->databaselink->connect_errno) {
			return "Datenbank nicht erreichbar: (" . $this->databaselink->connect_errno . ") " . $this->databaselink->connect_error;
		}
		else{
			$this->databasename=DB_DATABASE;
			$this->databaselink->query("SET SQL_MODE = '';");
			return True;
		}
	}
	
	function store_data($sTable,$aFields,$sKey_ID,$mID) {
     	//updates or inserts data
      	//returns ID or -1 if fails
		$i=0; $returnID = 0;

		if(($mID>0) or ($mID!="") or ($mID != null)) {
		      //search for it
		 $aCheckFields=array($sKey_ID=>$mID);
		 $aRow=$this->select_row($sTable,$aCheckFields);
		 $returnID=$aRow[$sKey_ID];
	      }
	      if(($returnID>0) or ($returnID!="")) {
		 $sQuery="update ".$sTable." set ";
		 foreach($aFields as $key=>$value) {
		    $sQuery.=$key."='".$value."'";
		    $i++;
		    if($i<count($aFields)) {
		       $sQuery.=",";
		    }
		 }
		 $sQuery.=" where ".$sKey_ID."='".$mID."'";
		 $mDataset_ID=$returnID;
	      }
	      else {
		 $sKeys = "";  $sValues = "";
		 $sQuery="insert into ".$sTable." (";
		 foreach($aFields as $sKey=>$value) {
		    $sKeys.=$sKey;
		    $sValues.="'".$value."'";
		    $i++;
		    if($i<count($aFields)) {
		       $sKeys.=",";
		       $sValues.=",";
		    }
		 }
		 $sQuery.=$sKeys.") values (".$sValues.")";
	      }
	      $this->last_query[]=$sQuery;
	      if ($pResult = $this->databaselink->query($sQuery)) {
		 if(($returnID>0) or ($returnID!="")) {
		    return $returnID;
		 }
		 else {
		    return $this->databaselink->insert_id;
		 }
	      }
	      else {
		 return -1;
	      }
	}

	function save_user($aUser){
                /*
                args:
                        Array $aUser
                                Array of user information which will be saved.
                                e.g.    array(
                                                'forename' => String $forname,
                                                'surname' => String $surname,
                                                'email' => String $email,
                                                'UID' => String $UID,
                                                'language' => String $language,
                                                'admin' => Bool $admin,
                                                'password' => String md5(str_rev($password)), #deprecated, do not use!
                                                'password_hash' => password_hash(String $password, PASSWORD_DEFAULT)
                                        );

                returns:
                        None
                Function will save user Information given in $aUser. If user exists it will
                overwrite existing data but not delete not-specified data
                */
                $aFields = $aUser;
                if ((isset($this->r_user_ID))and ($this->r_user_ID != "")){
                        $this->ID=$this->store_data(TABLE_USER, $aFields, 'user_ID' , $this->r_user_ID);
                }
                else{
                        $this->ID=$this->store_data(TABLE_USER, $aFields, NULL , NULL);
                }
	}
}

//end of class

session_start();


include ("config/config.inc.php");


$oObject = new Data;

$oObject->output = "";

switch ($oObject->r_ac){
	case 'save'
		$aUser = array();
		if(isset($oObject->r_user_ID)){
			$aUser['user_ID'] = $oObject->r_user_ID;
		}
		if(isset($oObject->r_name)){
			$aUser['name'] = $oObject->r_forename;
		}
		if(isset($oObject->r_email)){
			$aUser['email'] = $oObject->r_email;
		}
		if(isset($oObject->r_email)){
			$aUser['signal'] = $oObject->r_email;
		}
		if(isset($oObject->r_email)){
			$aUser['sms'] = $oObject->r_email;
		}
		if(isset($oObject->r_email)){
			$aUser['telegram'] = $oObject->r_email;
		}
		if(isset($oObject->r_email)){
			$aUser['threema'] = $oObject->r_email;
		}
		$oObject->save_user($aUser);
		$oObject->output += "Erfolgreich gespeichert";
		break;
	default:
		$oObject->get_view("views/user_form.php");
}
function output($oObject){
		echo $oObject->get_view("views/head.php");
		echo $oObject->get_view("views/body.php");
}
output($oObject);

}


?>