<?

// for uniquify_array
require_once("engine/mysql_utils.inc");

require_once("includes/misc_utils.inc");


function save_bucket() {
  global $boysession;

  if ( $boysession->login == "" ) {
    return;
  }

  $serialbucket = serialize($boysession->bucket);

  $q = mysql_query("UPDATE useraccounts SET lastdate=NOW(), bucket='$serialbucket' WHERE email='$boysession->login';");
  if ( (! $q) || (mysql_affected_rows() != 1 ) ) {
    error_log(__FILE__.": in save_bucket, update failed. " . mysql_error(), 0); 
  }
}


// I reformatted the code here to use correct tab indenting and spacing. What a mess.
// 04 March 2005 Jeff Hunt info@pdxi.net
function open_existing_account($email, $pw, $auto_login = FALSE)
{
	global $errmsg;
	global $boysession;

	// 04 March 2005
	// I noticed that there was a semicolon in the SQL query. Perhaps this is why it wasn't working?
	// Jeff Hunt info@pdxi.net
	
	$q = mysql_query("SELECT password,bucket FROM useraccounts WHERE email='$email'");
  	if(!$q)
	{
    	error_log(__FILE__ . ": mysql error in open_existing_account(): " . mysql_error(), 0);
    	$errmsg = "Sorry, an internal database error occurred.";
    	return FALSE;
	}

	if(mysql_num_rows($q) == 0)
	{
		$errmsg = "We couldn't find an account by that name.";
	}
	else
	{
		$acctresult = mysql_fetch_object($q);
	    if(($auto_login == TRUE ) || ($acctresult->password == $pw))
		{
      		// success
			$boysession->login = $email;
			$savedbucket = unserialize($acctresult->bucket);
			
			if(!is_object($savedbucket))
			{
				// shouldn't usually happen...
      			// !!!
				$savedbucket = new Nameboy_Domain_Bucket;
			}

			// maybe check bucket->version here?

			if (is_object($boysession->bucket))
			{
				$boysession->bucket = merge_buckets($savedbucket, $boysession->bucket);
			}
			else
			{
				$boysession->bucket = $savedbucket;
			}
			
			save_bucket();

			return TRUE;
		}
		else
		{
			$errmsg = "You entered an incorrect password.";
		}
	}

	return FALSE;
} // open_existing_account


function create_new_account($email, $password) {
  global $errmsg;
  global $boysession;

  if ( ! validate_email($email) ) {
    $errmsg = "Please enter a valid email address.";
    return FALSE;
  }

  if ( ! mysql_query("LOCK TABLES useraccounts WRITE;") ) {
    error_log(__FILE__ . ": failed to lock useraccounts table. MySQL error: " . mysql_error(), 0);
    $errmsg = "An internal error occurred.";
    @mysql_query("UNLOCK TABLES;");
    return FALSE;
  }

  $qr = mysql_query("SELECT COUNT(*) FROM useraccounts WHERE email='$email';");
  if ( ! $qr ) {
    error_log(__FILE__ . ": failed select on useraccounts table. MySQL error: " . mysql_error(), 0);
    $errmsg = "An internal error occurred.";
    @mysql_query("UNLOCK TABLES;");
    return FALSE;
  }

  $countarr = mysql_fetch_array($qr);
  if ( $countarr[0] > 0 ) {
    $errmsg = "An account by that name already exists. Maybe you should log in?";
    @mysql_query("UNLOCK TABLES;");
    return FALSE;
  }

  if ( ! mysql_query("INSERT INTO useraccounts (email, password, createdate) VALUES('$email','$password', NOW());") ) {
    error_log(__FILE__ . ": failed insert on useraccounts table. MySQL error: " . mysql_error(), 0);
    $errmsg = "An internal error occurred.";
    @mysql_query("UNLOCK TABLES;");
    return FALSE;    
  }

  @mysql_query("UNLOCK TABLES;");

  // record created; now "open" the account to get it all loaded in right
  return open_existing_account($email, $password);
} // create_new_account


function set_login_cookie($email, $password) {
  $encrypted = md5($password);
  
  $cookieval = "$email,$encrypted";
  setcookie("boylogin", $cookieval, time() + 60*60*24*365, "", "", 0);
}

function merge_buckets($b1, $b2) {
  $newbucket = new Nameboy_Domain_Bucket;

  $newbucket->available = uniquify_array(array_merge($b1->available, $b2->available));
  $newbucket->taken = uniquify_array(array_merge($b1->taken, $b2->taken));
  $newbucket->forsale = uniquify_array(array_merge($b1->forsale, $b2->forsale));
  $newbucket->owned = uniquify_array(array_merge($b1->owned, $b2->owned));
  $newbucket->unknown = uniquify_array(array_merge($b1->unknown, $b2->unknown));

  return $newbucket;
}


function delete_cookie($cookiename) {
  // Blow away bad cookies
  setcookie($cookiename, " ", time() + 1, "", "", 0);
}


function do_automatic_userlogin($cookiedata) {
  list($email, $encrypted) = explode(",", $cookiedata);

  if ( ! $email || ! $encrypted || 
      (!validate_email($email)) ) {
    // Mangled cookie value
    delete_cookie("boylogin");
    return FALSE;
  }

  $qr = mysql_query("SELECT password FROM useraccounts WHERE email='$email';");
  if ( ! $qr ) {
    error_log(__FILE__.": Error in select on useraccounts: " . mysql_error(), 0);
    return FALSE;
  }
  $rarr = mysql_fetch_array($qr);
  if ( $rarr ) {
    $db_encrypt = md5($rarr["password"]);
    if ( $rarr && ($encrypted == $db_encrypt) ) {
      // Success
      return $email;
    }
    else {
      // Bad password
      delete_cookie("boylogin");
      return FALSE;
    }
  }
  else {
    // bad email address
    delete_cookie("boylogin");
    return FALSE;
  }
}


?>