<?php

/**
* welcome.TU.code Anmeldesystem.
* by Jan Vales <jan@jvales.net> (aka. Someone <someone@somenet.org>)
*/

require_once('./settings.php');

function db_get_uinfo($user, $pass){
  $lvl = -1;
  $prep = $GLOBALS['dbc']->prepare('SELECT uname,lvl FROM users WHERE lower(uname)=lower(?) and pwd=encode(digest(?, \'sha512\'),\'hex\')');
  $prep->execute(array($user, $pass));
  $row = $prep->fetch();
  if(isset($row['uname'])){
    return $row;
  }else{
    return NULL;
  }
}

function db_list_anmeldungen(){
  $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE lower(uname)=lower(?)');
  $prep->execute(array($GLOBALS['uname'],));
  if($GLOBALS['lvl'] >= 2){
    $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen');
    $prep->execute();
  }
  return $prep->fetchAll();
}

function db_get_person($id){
  $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE id = ?');
  $prep->execute(array($id,));
  return $prep->fetch();
}

function db_delete_person($id){
  if($GLOBALS['lvl'] >= 2){
    $prep = $GLOBALS['dbc']->prepare('DELETE FROM anmeldungen WHERE id = ?');
    $prep->execute(array($id,));
  }else{
    $prep = $GLOBALS['dbc']->prepare('DELETE FROM anmeldungen WHERE id = ? and lower(uname) = ?');
    $prep->execute(array($id,$GLOBALS['uname']));
  }
  return $prep->rowCount();
}

function db_store_person($id, $pdata){
  $p = db_get_person($id);

  if($p !== FALSE && $p['id'] == $id){
    // found, we do updating, if uname == uname.
    if($p['uname'] == $GLOBALS['uname'] || $GLOBALS['lvl'] >= 2){
      if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
      if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0;
      if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
      if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
      if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
      $prep = $GLOBALS['dbc']->prepare('UPDATE anmeldungen SET nname=?, vname=?, gebdatum=?, nationaliaet=?, sprachen=?, analphabet=?, bemerkungen=?, vorwissen=?, fotoerlaubnis=?, videoerlaubnis=? WHERE id=?');
      $prep->execute(array($pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $p['id']));
      return $prep->rowCount();
	}
  }else{
    // inserting a new person.
    if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
    if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0;
    if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
    if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
    if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
    $prep = $GLOBALS['dbc']->prepare('INSERT INTO anmeldungen(uname, nname, vname, gebdatum, nationaliaet, sprachen, analphabet, bemerkungen, vorwissen, fotoerlaubnis, videoerlaubnis) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) returning id;');
    $prep->execute(array($GLOBALS['uname'], $pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis']));
    $r = $prep->fetchColumn(); 
	return -$r;
  }
}