<?php
error_reporting(E_ALL ^ E_NOTICE);
session_start();
$startTime = microtime(true);
date_default_timezone_set('UTC');
// Data subdirectory
$GLOBALS['config']['DATADIR'] = 'data';
// Video subdirectory
$GLOBALS['config']['VIDEODIR'] = 'videos';
// Video subdirectory before renaming
$GLOBALS['config']['TMPDIR'] = 'tmp';
// Configuration file (user login/password)
$GLOBALS['config']['LISTDIR'] = $GLOBALS['config']['DATADIR'].'/listDir.php';
// Configuration file (user login/password)
$GLOBALS['config']['LISTFILE'] = $GLOBALS['config']['DATADIR'].'/listFile.php';
// Configuration file (user login/password)
$GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php';
// File storage for failures and bans.
$GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php';
// Ban IP after this many failures.
$GLOBALS['config']['BAN_AFTER'] = 4;
// Ban duration for IP address after login failures (in seconds) (1800 sec. = 30 minutes)
$GLOBALS['config']['BAN_DURATION'] = 1800;
// Page cache directory.
$GLOBALS['config']['PAGECACHE'] = 'pagecache';

if (get_magic_quotes_gpc()) {
  function stripslashes_deep($value) {
    $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
    return $value;
  }

  $_POST = array_map('stripslashes_deep', $_POST);
  $_GET = array_map('stripslashes_deep', $_GET);
  $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}

$ci = array_map('htmlentities', array_merge($_POST, $_GET));
$_SESSION['bc'] = $ci['bc'];

if (!file_exists($GLOBALS['config']['CONFIG_FILE']) || strlen(file_get_contents($GLOBALS['config']['CONFIG_FILE'])) == 0) {
  $page = install($ci);
}

require $GLOBALS['config']['CONFIG_FILE'];
require $GLOBALS['config']['LISTDIR'];
require $GLOBALS['config']['LISTFILE'];

function install($ci) {
  if (!is_dir($GLOBALS['config']['DATADIR']) && !mkdir($GLOBALS['config']['DATADIR'], 0755)) {
    die('Error on create dir "DATADIR".');
  }
  if (!is_dir($GLOBALS['config']['VIDEODIR']) && !mkdir($GLOBALS['config']['VIDEODIR'], 0755)) {
    die('Error on create dir "VIDEODIR".');
  }
  if (!is_dir($GLOBALS['config']['PAGECACHE']) && !mkdir($GLOBALS['config']['PAGECACHE'], 0755)) {
    die('Error on create dir "PAGECACHE".');
  }
  if (!is_dir($GLOBALS['config']['TMPDIR']) && !mkdir($GLOBALS['config']['TMPDIR'], 0755)) {
    die('Error on create dir "TMPDIR".');
  }
  if (!copy('inc/.htaccess', $GLOBALS['config']['DATADIR'].'/.htaccess')) {
    die('Error on create .httaccess in dir "'.$GLOBALS['config']['DATADIR'].'"');
  }
  if (!copy('inc/.htaccess', $GLOBALS['config']['TMPDIR'].'/.htaccess')) {
    die('Error on create .httaccess in dir "'.$GLOBALS['config']['TMPDIR'].'"');
  }
  if (!is_file($GLOBALS['config']['CONFIG_FILE'])) {
    touch($GLOBALS['config']['CONFIG_FILE']);
  }
  if (!is_file($GLOBALS['config']['IPBANS_FILENAME'])) {
    touch($GLOBALS['config']['IPBANS_FILENAME']);
  }
  if (!is_file($GLOBALS['config']['LISTDIR'])) {
    touch($GLOBALS['config']['LISTDIR']);
  }
  if (!is_file($GLOBALS['config']['LISTFILE'])) {
    touch($GLOBALS['config']['LISTFILE']);
  }
  $page = 'install';

  if ($ci['install'] == 'install') {
    verifToken($ci['token']);
    $GLOBALS['loginName']['salt'] = hash('sha256', uniqid(rand(), true).'_'.mt_rand());
    $GLOBALS['loginName']['loginName'] = hash('sha256', $ci['loginName'].$GLOBALS['loginName']['salt']);
    $GLOBALS['loginName']['password'] = hash('sha256', $ci['loginPass'].$GLOBALS['loginName']['salt']);
    $data = '<?php
$GLOBALS[\'loginName\'][\'salt\'] = \''.$GLOBALS['loginName']['salt'].'\';
$GLOBALS[\'loginName\'][\'loginName\'] = \''.$GLOBALS['loginName']['loginName'].'\';
$GLOBALS[\'loginName\'][\'password\'] = \''.$GLOBALS['loginName']['password'].'\';
?>
';
    file_put_contents($GLOBALS['config']['CONFIG_FILE'], $data);
    $page = 'content';
  }
  return $page;
}

function checkSecure() {
}

function logout() {
}

function getCurrentDir($bc) {
  $currentDir = end(str_split($bc, 8));
  return $currentDir;
}

function genToken() {
  $token = sha1(uniqid(rand(), true).'_'.mt_rand());
  $_SESSION['token'] = $token;
  $_SESSION['tokenTime'] = time();
  return $token;
}

function verifToken($token) {
  if ($token !== $_SESSION['token'] || $_SESSION['tokenTime'] <= time() - 24000) {
    ban();
    die('So Long, and Thanks for All the Fish.');
  }
}

function checkIfBan() {
  require 'cache/logs/banUser.php';
  $userIp = $_SERVER['REMOTE_ADDR'];
  if (isset($banList[$userIp]) && $banList[$userIp]['nbBan'] >= $GLOBALS['config']['maxErrorBeforeBan'] && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] > time()) {
    return true;
  } elseif (isset($banList[$userIp]) && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] < time()) {
    unban();
    return false;
  } else {
    return false;
  }
}

function ban() {
  require $GLOBALS['config']['IPBANS_FILENAME'];
  $userIp = $_SERVER['REMOTE_ADDR'];
  if (isset($banList[$userIp])) {
    $banList[$userIp]['lastBan'] = time();
    $banList[$userIp]['nbBan']++;
  } else {
    $banList[$userIp]['lastBan'] = time();
    $banList[$userIp]['nbBan'] = 1;
  }
  file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$banList=".var_export($banList, true).";\n?>");
}

function unBan() {
  require $GLOBALS['config']['IPBANS_FILENAME'];
  $userIp = $_SERVER['REMOTE_ADDR'];
  unset($banList[$userIp]);
  file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$banList=".var_export($banList, true).";\n?>");
}

function n_print($data, $name = '') {
  $aBackTrace = debug_backtrace();
  echo '<h2>', $name, '</h2>';
  echo '
<fieldset style="border: 1px solid orange; padding: 5px;color:#1E1915; background-color: #fff;">';
  echo '
  <legend style="border:1px solid orange;padding: 1px;background-color:#eee;color:orange;">
    ',      basename($aBackTrace[0]['file']), ' ligne => ', $aBackTrace[0]['line'], '
  </legend>';
  echo '<pre style="color:#1E1915;">',   htmlentities(print_r($data, 1)), '</pre>';
  echo '
</fieldset>
<br />';
}

function addDir($dir, $breadcrumb, $fullListDir) {
  if (empty($dir)) {
    return 'error';
  }
  $dirHash = substr(sha1($dir.microtime(true)), 0, 8);
  $fullListDir[$dirHash] = $dir;
  $path = chunk_split($breadcrumb, 8, '/');
  file_put_contents($GLOBALS['config']['LISTDIR'], "<?php\n\$fullListDir=".var_export($fullListDir, true).";\n?>");
  if (mkdir('videos/'.$path.'/'.$dirHash)) {
    return array(
      'result' => 'success',
      'fullListDir' => $fullListDir
    );
  } else {
    return 'error';
  }
}

function renDir($dir, $breadcrumb, $fullListDir) {
  if (empty($dir)) {
    return;
  }
  $currentDir = getCurrentDir($breadcrumb);
  $dirHash = substr(sha1($dir.microtime(true)), 0, 8);
  $fullListDir[$dirHash] = $dir;
  $path = chunk_split($breadcrumb, 8, '/');

  if (rename('videos/'.$path, 'videos/'.substr($path, 0, -9).'/'.$dirHash)) {
    unset($fullListDir[$currentDir]);
    file_put_contents($GLOBALS['config']['LISTDIR'], "<?php\n\$fullListDir=".var_export($fullListDir, true).";\n?>");
    $breadcrumb = substr($path, 0, -9).$dirHash;
    return array(
      'result' => 'success',
      'bc' => str_replace('/', '', $breadcrumb),
      'fullListDir' => $fullListDir
    );
  } else {
    return 'error';
  }
}

function addVideo($ci, $fullListFile) {
  $nameHash = substr(sha1($ci['name'].$ci['url']), 0, 10);
  $url = escapeshellcmd($ci['url']);
  $path = chunk_split($ci['bc'], 8, '/');
  $data = $nameHash.' '.$url.' '.$path."\n";
  file_put_contents($GLOBALS['config']['TMPDIR'].'/'.$nameHash.'.hash', $data);
  $fullListFile[$nameHash] = array(
    'title' => $ci['name'],
    'url' => $ci['url'],
    'desc' => $ci['desc'],
    'via' => $ci['via'],
    'licence' => $ci['licence']
  );
  file_put_contents($GLOBALS['config']['LISTFILE'], "<?php\n\$fullListFile=".var_export($fullListFile, true).";\n?>");
}

function deleteVideo($bc, $file) {
  $path = $GLOBALS['config']['VIDEODIR'].'/'.chunk_split($bc, 8, '/');
  $pathAndFile = $path.$file;
  if (file_exists($pathAndFile) && !is_dir($pathAndFile) && $file === $_SESSION['video'].'.jpg') {
    $listFile = (glob($path.$_SESSION['video']."*"));
    foreach ($listFile as $value) {
      unlink($value);
    }
  } else {
    return 'Error, cannot delete this file.';
  }
}

function updateFileTitle($hash, $title) {
  global $fullListFile;
  $fullListFile[$hash]['title'] = $title;
  chdir($_SERVER['DOCUMENT_ROOT']);
  file_put_contents($GLOBALS['config']['LISTFILE'], "<?php\n\$fullListFile=".var_export($fullListFile, true).";\n?>");
}

function listCurrentDir($breadcrumb) {
  chdir($breadcrumb);
  return glob("*", GLOB_ONLYDIR);
}

function makeBreadcrumb($bc, $fullListDir) {
  $bcToArray = str_split($bc, 8);
  $nbBc = count($bcToArray);
  for ($i = 0; $i < $nbBc; $i++) {
    $hrefBc .= $bcToArray[$i];
    $breadcrumb[$hrefBc] = $fullListDir[$bcToArray[$i]];
  }
  return $breadcrumb;
}

function listVideo($breadcrumb) {
  return glob("*.jpg");
}

function parseVideoDescription($file, $fullInfo = false) {
  $value = json_decode(file_get_contents($file));
}

function getVideoInfo($file, $dir, $fullListFile) {
  $file = substr($file, 0, 10);
  $postInfo = $fullListFile[$file];
  $path = chunk_split($dir, 8, '/');
  $descFile = glob("videos/".$path.$file."*.json");
  $jsonInfo = json_decode(file_get_contents($descFile[0]));

  $time = gmdate('H\hi\ms\s', $jsonInfo -> duration);

  $info = array(
    'hash' => $file,
    'title' => $postInfo['title'],
    'originalTitle' => htmlentities($jsonInfo -> stitle),
    'url' => $postInfo['url'],
    'desc' => $postInfo['desc'],
    'originalDesc' => htmlentities($jsonInfo -> description),
    'uploadDate' => htmlentities($jsonInfo -> upload_date),
    'format' => htmlentities($jsonInfo -> format),
    'ext' => htmlentities($jsonInfo -> ext),
    'duration' => htmlentities($time),
    'via' => $postInfo['via'],
    'licence' => $postInfo['licence']
  );
  return $info;
}

function editVideoDescription() {
}

function testCache() {
}

function makeCache() {
}

function getThumbnail($path, $value) {
  if (file_exists(getcwd().'/'.$value.'/thumb.jpg')) {
    return $path.$value.'/thumb.jpg';
  } else {
    return;
  }
}

function login($ci) {
  if (hash('sha256', $ci['loginName'].$GLOBALS['loginName']['salt']) === $GLOBALS['loginName']['loginName'] && $GLOBALS['loginName']['password'] === hash('sha256', $ci['loginPass'].$GLOBALS['loginName']['salt'])) {
    $_SESSION['log'] = true;
    return true;
  } else {
    return false;
  }
}

function defineThumb($bc, $file) {
  $path = chunk_split($bc, 8, '/');
  if (file_exists($GLOBALS['config']['VIDEODIR'].'/'.$path.$file)) {
    copy($GLOBALS['config']['VIDEODIR'].'/'.$path.$file, $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb.jpg');
  }
}

function addThumbnail($bc) {
  if (!is_uploaded_file($_FILES['file']['tmp_name'])) {
    echo 'Error on upload file.';
  }
  if ($_FILES['file']['error'] > 0) {
    $msgError = array(
      '1' => 'Le fichier excède le poids autorisé par la directive upload_max_filesize de php.ini',
      '2' => 'Le fichier excède le poids autorisé par le champ MAX_FILE_SIZE s\'il a été donné',
      '3' => 'Thumbnail are partially upload',
      '4' => 'Thumbnail are not upload'
    );
    echo $msgError[$_FILES["file"]["error"]];
  }
  $tmpName = $_FILES["file"]["tmp_name"];
  if ((int) extension_loaded('fileinfo') === 1) {
    $finfo = finfo_open(FILEINFO_MIME_TYPE);
    $type = finfo_file($finfo, $tmpName);
    finfo_close($finfo);
  } else {
    echo 'Please active fileinfo extension';
  }
  $permitImage = array(
    'image/gif',
    'image/jpg',
    'image/jpeg',
    'image/pjpeg',
    'image/png'
  );
  if (!in_array($type, $permitImage)) {
    echo 'This type '.$type.' file is not permit. Convert it and retry.';
  }
  $path = chunk_split($bc, 8, '/');
  if (!move_uploaded_file($_FILES['file']['tmp_name'], $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.tmp')) {
    echo 'Error on move file to final destination.';
  } else {
    convertToJpeg($path, $type);
  }
}

function convertToJpeg($path, $type) {
  $pathAndNameFile = $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.tmp';
  if ($type == 'image/jpeg') {
    $image = imagecreatefromjpeg($pathAndNameFile);
  }
  if ($type == 'image/png') {
    $image = imagecreatefrompng($pathAndNameFile);
  }
  if ($type == 'image/gif') {
    $image = imagecreatefromgif($pathAndNameFile);
  }
  imagejpeg($image, $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.jpg', 100);
  imagedestroy($image);
  unlink($pathAndNameFile);
}

if (!empty($ci['ac']) && $ci['ac'] === 'login' && !empty($ci['op']) && (int)$ci['op'] === 2) {
  verifToken($ci['token']);
  if (login($ci) === true) {
    unset($ci['op'], $ci['ac']);
  }
}

if (isset($ci['ac']) && !empty($ci['ac'])) {
  if ($ci['ac'] === 'renDir' && !empty($ci['op']) && (int)$ci['op'] === 1) {
    verifToken($ci['token']);
    $renDir = renDir($ci['renDir'], $ci['bc'], $fullListDir);
    $ci['bc'] = $renDir['bc'];
    $fullListDir = $renDir['fullListDir'];
  }

  if ($ci['ac'] === 'newDir' && !empty($ci['op']) && (int)$ci['op'] === 1) {
    verifToken($ci['token']);
    $addDir = addDir($ci['newDir'], $ci['bc'], $fullListDir);
    $fullListDir = $addDir['fullListDir'];
  }

  if ($ci['ac'] === 'addVideo' && !empty($ci['op']) && (int)$ci['op'] === 1) {
    verifToken($ci['token']);
    $addVideo = addVideo($ci, $fullListFile);
  }
  if ($ci['ac'] === 'addThumbnail' && !empty($ci['op']) && (int)$ci['op'] === 1) {
    verifToken($ci['token']);
    $addThumbnail = addThumbnail($ci['bc']);
  }
  if ($ci['ac'] === 'view' && !empty($ci['op']) && (int)$ci['op'] === 4) {
    verifToken($ci['token']);
    if ($_SESSION['log'] !== true) {
      die('Tinker say : You can keep your magic, I have laser beams! ');
    }
    $deleteVideo = deleteVideo($ci['bc'], $ci['file']);
  }
  if ($ci['ac'] === 'view' && !empty($ci['op']) && (int)$ci['op'] === 3) {
    verifToken($ci['token']);
    if ($_SESSION['log'] !== true) {
      die('Tinker say : Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew');
    }
    $defineThumb = defineThumb($ci['bc'], $ci['file']);
  }
}
?>
<!doctype html>
<html lang="fr">
  <head>
    <meta charset="utf-8">
    <title>SoViGall - Personal Video Gallery</title>
    <link rel="stylesheet" href="style.css">
  </head>
  <body>
    <?php
    if (!isset($page) && empty($page)) {
      require 'inc/content.php';
    } else {
      require 'inc/'.$page.'.php';
    }
    echo '<p id="time">Exec time : '.round((microtime(TRUE) - $startTime), 5).'</p>';
    ?>
  </body>
</html>