<?
require_once 'includes/init.php';

require_once 'classes/PHPMailer/src/Exception.php';
require_once 'classes/PHPMailer/src/PHPMailer.php';
require_once 'classes/PHPMailer/src/SMTP.php';
use PHPMailer\PHPMailer\PHPMailer;

$varnum = 1;
$countries = getCountries();

if ( isset( $_POST[ 'signupform' ] ) ) {
  $_SESSION[ 'first_name' ] = $_POST[ 'first_name' ];
  $_SESSION[ 'last_name' ] = $_POST[ 'last_name' ];
  $_SESSION[ 'countryid' ] = $_POST[ 'countryid' ];
  $_SESSION[ 'stateid' ] = $_POST[ 'stateid' ];
  $_SESSION[ 'email' ] = $_POST[ 'email' ];
  $_SESSION[ 'phone' ] = $_POST[ 'phone' ];
  $_SESSION[ 'address' ] = $_POST[ 'address' ];
  $_SESSION[ 'city' ] = $_POST[ 'city' ];
  $_SESSION[ 'zip' ] = $_POST[ 'zip' ];
}

if ( isset( $_SESSION[ 'cts_flash' ] ) ) {
  require_once $docroot . '/includes/security.php';
  $varnum = 2;
} else {
  $user[ 'first_name' ] = $_SESSION[ 'first_name' ];
  $user[ 'last_name' ] = $_SESSION[ 'last_name' ];
  $user[ 'countryid' ] = $_SESSION[ 'countryid' ];
  $user[ 'stateid' ] = $_SESSION[ 'stateid' ];
  $user[ 'email' ] = $_SESSION[ 'email' ];
  $user[ 'phone' ] = $_SESSION[ 'phone' ];
  $user[ 'address' ] = $_SESSION[ 'address' ];
  $user[ 'city' ] = $_SESSION[ 'city' ];
  $user[ 'zip' ] = $_SESSION[ 'zip' ];
}

if ( isset( $_POST[ 'signupform' ] ) ) {

  $badField = 0;
  // Petit checkup des champs
  if ( $_POST[ 'first_name' ] == "" )$badField = 1;
  if ( $_POST[ 'last_name' ] == "" )$badField = 1;
  if ( ( $_POST[ 'email' ] == "" ) && ( !isset( $_SESSION[ 'cts_flash' ] ) ) )$badField = 1;
  // if ( $_POST[ 'address' ] == "" )$badField = 1;
  // if ( $_POST[ 'city' ] == "" )$badField = 1;
  // if ( $_POST[ 'zip' ] == "" )$badField = 1;

  if ( isset( $_POST[ 'activation_serial' ] ) ) {

    $badserial = 0;
    $badserial = checkSerialExist( $_POST[ 'activation_serial' ], 0 );

    if ( $badserial == 1 ) {
      header( "Location: sign_up.php?badserial=1" );
      exit;
    }
  }

  if ( $badField == 1 ) {
    header( "Location: sign_up.php?badfield=1" );
    exit;
  }

  // Petit checkup de province
  $badState = validateState( $_POST[ 'countryid' ], $_POST[ 'stateid' ] );

  if ( $badState == 1 ) {
    header( "Location: sign_up.php?badstate=1" );
    exit;
  }

  if ( !isset( $_SESSION[ 'cts_flash' ] ) ) {

    $url = 'https://www.google.com/recaptcha/api/siteverify';
    $response = file_get_contents( $url . "?secret=" . $captcha_google_secret . "&response=" . $_POST[ 'g-recaptcha-response' ] . "&remoteip=" . $_SERVER[ 'REMOTE_ADDR' ] );
    $data = json_decode( $response );

    if ( isset( $data->success )AND $data->success == false ) {

      header( "Location: sign_up.php?captcha=1" );
      exit;
    }
  }

  $securitycode = substr( rand(), 0, 12 );

  $pzip_code = make_safe( $_POST[ 'zip' ] );
  $pcountryid = make_safe( $_POST[ 'countryid' ] );

  if ( list( $latitude, $longitude ) = getGeocode( $pzip_code . ", " . $pcountryid ) )

    if ( !isset( $_SESSION[ 'cts_flash' ] ) ) {

      $loginpath = "index.php?newsuccess=1";

      $reqCheck = "SELECT email FROM users ";
      $reqCheck .= "WHERE email = '" . $_POST[ 'email' ] . "' LIMIT 1";

      $check = mysqli_query( $db_website, $reqCheck )or die( mysqli_error( $db_website ) );
      $checkInfo = mysqli_fetch_assoc( $check );
      $checknum = mysqli_num_rows( $check );

      if ( $checknum > 0 ) {

        header( "Location: sign_up.php?exist=1" );
        exit;
      }

      $insertSQL = sprintf( "INSERT INTO users (first_name, last_name, langid, countryid, stateid, email, phone, address, city, zip, password, last_ip, level_id, longitude, latitude, securitycode, creation_date) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, NOW())",
        GetSQLValue( $_POST[ 'first_name' ], "text" ),
        GetSQLValue( $_POST[ 'last_name' ], "text" ),
        GetSQLValue( $langid, "int" ),
        GetSQLValue( $_POST[ 'countryid' ], "text" ),
        GetSQLValue( $_POST[ 'stateid' ], "text" ),
        GetSQLValue( $_POST[ 'email' ], "text" ),
        GetSQLValue( $_POST[ 'phone' ], "text" ),
        GetSQLValue( $_POST[ 'address' ], "text" ),
        GetSQLValue( $_POST[ 'city' ], "text" ),
        GetSQLValue( str_replace( " ", "", strtoupper( $_POST[ 'zip' ] ) ), "text" ),
        GetSQLValue( md5( $_POST[ 'password' ] ), "text" ),
        GetSQLValue( $_SERVER[ 'REMOTE_ADDR' ], "text" ),
        GetSQLValue( 3, "int" ),
        GetSQLValue( $longitude, "text" ),
        GetSQLValue( $latitude, "text" ),
        GetSQLValue( $securitycode, "text" ) );

      mysqli_query( $db_website, $insertSQL )or die( mysqli_error( $db_website ) );

      $userid = mysqli_insert_id( $db_website );
      $msgvar = $a_newemail3 . $clientName;

      if ( isset( $_POST[ 'activation_serial' ] ) ) {

        $insertSQL = sprintf( "INSERT INTO cables (userid, serial, status, origin) VALUES (%s, %s, %s, %s)",
          GetSQLValue( $userid, "int" ),
          GetSQLValue( $_POST[ 'activation_serial' ], "text" ),
          GetSQLValue( 0, "int" ),
          GetSQLValue( 1, "int" ) );

        mysqli_query( $db_website, $insertSQL )or die( mysqli_error( $db_website ) );
      }

      // Email html header inclusion
      require_once $docroot . "/includes/email_header.php";

      // Email content
      $body .= "<h1>" . $msgvar . "</h1><br>\n";

      $body .= "<p><b>" . $a_newemail5 . " :</b> " . $_POST[ 'first_name' ] . " " . $_POST[ 'last_name' ] . "<br>\n";
      // $body .= "<b>" . $cts_email . " :</b> " . $_POST[ 'email' ] . "<br>\n";
      // $body .= "<b>" . $cts_pass . " :</b> " . $_POST[ 'password' ] . "</p>\n";

      $body .= "<b>" . $cts_email . " :</b> " . $_POST[ 'email' ] . "</p>\n";
        
      // $body .= "<p><b>" . $a_newemail1 . "</b></p>\n";
      $body .= "<br><p><a href=\"https://" . $clientUrl . "/scripts/validation.php?id=";
      $body .= $userid . "&code=" . $securitycode . "\" class=\"btn\">" . $a_newemail4 . "</a></p><br>\n";
      $body .= "<p>" . $a_newemail2 . "<br>\n";

      $body .= "<a href=\"https://" . $clientUrl . "/scripts/validation.php?id=";
      $body .= $userid . "&code=" . $securitycode . "\">";
      $body .= "https://" . $clientUrl . "/scripts/validation.php?id=";
      $body .= $userid . "&code=" . $securitycode . "</a></p>\n";

      // Email html footer inclusion
      require_once $docroot . "/includes/email_footer.php";

      $mail = new PHPMailer();

      $mail->IsSMTP();
      $mail->Host = $smtpUrl;
      $mail->SMTPAuth = true;
      $mail->Username = $smtpEmail;
      $mail->Password = $smtpPass;
      $mail->SMTPAutoTLS = false;
      $mail->SMTPSecure = "ssl";
      $mail->Port = 465;

      $mail->ContentType = "text/html";
      $mail->CharSet = "iso-8859-1";
      $mail->SetLanguage( "en", "classes/PHPMailer/language/phpmailer.lang-en.php" );
      $mail->IsHTML( true );
      $mail->From = $smtpEmail;
      $mail->FromName = decodage( $clientName );
      $mail->Subject = decodage( $msgvar );
      $mail->AddAddress( $_POST[ 'email' ] );
      $mail->Body = decodage( $body );
      // $mail->AddEmbeddedImage( "../imgs/design/logo.png", $cID, "logo.png", "base64", "image/png" );

      $return = $mail->Send();

    } else {

      $passwordUpdate = "";
      if ( $_POST[ 'password' ] != "" )$passwordUpdate = md5( $_POST[ 'password' ] );

      $loginpath = "home.php?profile=1";

      $insertSQL = sprintf( "UPDATE users SET first_name=%s, last_name=%s, langid=%s, countryid=%s, stateid=%s, email=IFNULL(%s,email), phone=%s, address=%s, city=%s, zip=%s, password=IFNULL(%s,password), last_ip=%s, longitude=%s, latitude=%s WHERE userid=%s",
        GetSQLValue( $_POST[ 'first_name' ], "text" ),
        GetSQLValue( $_POST[ 'last_name' ], "text" ),
        GetSQLValue( $langid, "int" ),
        GetSQLValue( $_POST[ 'countryid' ], "text" ),
        GetSQLValue( $_POST[ 'stateid' ], "text" ),
        GetSQLValue( $_POST[ 'email' ], "text" ),
        GetSQLValue( $_POST[ 'phone' ], "text" ),
        GetSQLValue( $_POST[ 'address' ], "text" ),
        GetSQLValue( $_POST[ 'city' ], "text" ),
        GetSQLValue( str_replace( " ", "", strtoupper( $_POST[ 'zip' ] ) ), "text" ),
        GetSQLValue( $passwordUpdate, "text" ),
        GetSQLValue( $_SERVER[ 'REMOTE_ADDR' ], "text" ),
        GetSQLValue( $longitude, "text" ),
        GetSQLValue( $latitude, "text" ),
        GetSQLValue( $user[ 'userid' ], "int" ) );

      mysqli_query( $db_website, $insertSQL )or die( mysqli_error( $db_website ) );
      $_SESSION[ 'passreset' ] = 0;
    }

  unset( $_SESSION[ 'first_name' ] );
  unset( $_SESSION[ 'last_name' ] );
  unset( $_SESSION[ 'countryid' ] );
  unset( $_SESSION[ 'stateid' ] );
  unset( $_SESSION[ 'email' ] );
  unset( $_SESSION[ 'phone' ] );
  unset( $_SESSION[ 'address' ] );
  unset( $_SESSION[ 'city' ] );
  unset( $_SESSION[ 'zip' ] );

  header( "Location: " . $loginpath );
  exit;
}
?>
<!doctype html>
<!--[if lt IE 7]><html class="ie6 oldie"><![endif]-->
<!--[if IE 7]><html class="ie7 oldie"><![endif]-->
<!--[if IE 8]><html class="ie8 oldie"><![endif]-->
<!--[if gt IE 8]><!-->
<html class="">
<!--<![endif]-->
<head>
<meta charset="UTF-8">
<title>
</title>
<? include_once 'includes/meta.php'; ?>
<script src="/js/password.js"></script> 
<script>
jQuery(document).ready(function ($) {
$('#email').on('input',function() {
		emailvar = encodeURIComponent( document.getElementById("email").value );
        checkEmail( emailvar,  );
    });
});
</script>
<? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?>
<script src='https://www.google.com/recaptcha/api.js'></script>
<? } else { ?>
<script>
jQuery(document).ready(function ($) {
	changeState( '' );
	checkEmail( '',  );
});
</script>
<? } ?>
</head>
<body<? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?> id="front"<? } ?>>
<div class="wrapper">
  <header>
    <? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?>
    <a href="/"><img src="/imgs/" alt="" id="logo"></a>
    <p>
          </p>
    <? } else { ?>
    <? include_once 'includes/menu.php'; ?>
    <h1>
      <? include_once 'includes/user_info.php'; ?>
      <i class="fa-solid fa-user"></i>     </h1>
    <? } ?>
  </header>
  <? include_once 'includes/alerts.php'; ?>
  <form class="box_shadow" action="/sign_up.php" method="post" id="ctsform" autocomplete="on" data-aos="fade-up">
    <input name="signupform" type="hidden" id="signupform" value="1">
    <? if ( isset( $_GET[ 'activation_serial' ] ) ) { ?>
    <input name="activation_serial" type="hidden" id="activation_serial" value="">
    <input name="modelid" type="hidden" id="modelid" value="">
    <input name="firmwareid" type="hidden" id="firmwareid" value="">
    <? } ?>
    <? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?>
    <a href="/index.php" class="signup_btn">
        </a> <a class="signup_btn selected">
        </a>
    <? } ?>
    <fieldset class="box" style="margin-bottom: 0px; padding-bottom: 0px;">
      <label>
              </label>
      <input name="first_name" type="text" id="first_name" value="" required>
      <label>
              </label>
      <input type="text" name="last_name" id="last_name" value="" required>
    </fieldset>
    <fieldset class="box" style="margin-bottom: 0px; padding-bottom: 0px;">
      <label>
              </label>
      <input type="email" name="email" id="email" style="width: 80%" value=""<? if ( isset( $_SESSION[ 'cts_flash' ] ) ) { ?> disabled<? } ?> required>
      <span id="tcheck"></span>
      <label>
              </label>
      <input type="text" name="phone" id="phone" value="">
    </fieldset>
    <div class="close"></div>
    <hr>
    <fieldset>
      <label>
              </label>
      <input name="password" id="password" type="password" autocomplete="off"<? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?> required<? } ?>>
      <label>
              </label>
      <input name="password2" id="password2" type="password" autocomplete="off"<? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?> required<? } ?>>
    </fieldset>
    <fieldset style="margin-top: 0px;">
      <div id="setPasswordMessage" style="display:none;"></div>
      <input type="checkbox" id="showHide">
      <span class="showPass">
            </span>
    </fieldset>
    <? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?>
    <hr>
    <p><a onclick="showHide('optional')"><i class="fa-regular fa-square-plus"></i>
            </a> </p>
    <hr>
    <? } else { ?>
    <hr>
    <p>
          </p>
    <hr>
    <? } ?>
    <div class="close"></div>
    <fieldset id="optional"<? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?> style="display: none;"<? } ?>>
      <fieldset class="box" style="margin-bottom: 0px; padding-bottom: 0px;">
        <label>
                  </label>
        <input type="text" name="company" id="company" value="">
        <label>
                  </label>
        <input type="text" name="city" id="city" value="">
        <label>
                  </label>
        <select name="countryid" id="countryid" onchange="changeState( '<? if ( isset( $user['stateid'] ) ) { echo $user['stateid']; } else { echo '0'; } ?>' );">
          <option value="0">
                    </option>
          <option disabled>-----------</option>
          <option value="CA"<? if ( $user['countryid'] == 'CA' ) echo " selected"; ?>>Canada</option>
          <option value="US"<? if ( $user['countryid'] == 'US' ) echo " selected"; ?>>United States</option>
          <option value="MX"<? if ( $user['countryid'] == 'MX' ) echo " selected"; ?>>Mexico</option>
          <option disabled>-----------</option>
          <? while ( $country = mysqli_fetch_assoc( $countries ) ) { ?>
          <option value=""<? if ( $user['countryid'] == $country['countryid'] ) echo " selected"; ?>>
                    </option>
          <? } ?>
        </select>
      </fieldset>
      <fieldset class="box" style="margin-bottom: 0px; padding-bottom: 0px;">
        <label>
                  </label>
        <input type="text" name="address" id="address" value="">
        <label>
                  </label>
        <input type="text" name="zip" id="zip" value="">
        <label>
                  </label>
        <select name="stateid" id="stateid">
          <? include_once $docroot . '/ajax/states.php'; ?>
        </select>
      </fieldset>
    </fieldset>
    <div class="close"></div>
    <? if ( !isset( $_SESSION[ 'cts_flash' ] ) ) { ?>
    <fieldset>
      <div id="captcha" class="g-recaptcha" data-sitekey=""></div>
    </fieldset>
    <? } ?>
    <fieldset>
      <br>
      <input type="submit" value="" class="btn bigbtn">
    </fieldset>
    &nbsp;
  </form>
  <footer>
    <? include_once 'includes/footer.php'; ?>
  </footer>
</div>
<? include_once 'includes/cookies.php'; ?>
</body>
</html>