<?php

class Security extends Admin_Controller {

	const COUNT_SQL = "SELECT COUNT(*) as total FROM block_ip;

INSERT INTO block_ip (ip, reason) VALUES ('176.117.172.40','something 20 chars');

";

	public function index() {
		return $this->blockedIpData();
	}

	protected function renderSecurityPage($page_name, $data) {
		$this->load->view('admin/view_admin_header', $data);
		$this->load->view('points/' . $page_name, $data);
		$this->load->view('admin/view_admin_footer', $data);
	}

	public function blockedIpData() {
		$this->load->model('block_ip_model');

		$data   = array();
		$data["page_title"] = "Security";

		$params = [];
        $params = $this->input->get();
        
        $this->load->library('table');
        $this->table->set_heading(
			array( 'data'  => 'ID','style' => 'width:50px'),
			'IP Address',
			'Reason',
			'Blocked',
			array( 'data'  => 'ACT', 'style' => 'width:40px; text-align: center;')
		);

        $query = $this->block_ip_model->getBlockIpQuery($params);
        $tableData = $this->returnAdminTable(
            [
                'count_query' => $query,
                'query' => $query,
            ],
            '/security/blockedIpData', 
            [
                'per_page' => 20,
                'reuse_query_string' => TRUE,
            ]
        );

        $data['filterData'] = $params;
        $data['links'] = $tableData['links'];
		$data['blocked_ip_table'] = $tableData['output_table'];
		
		$this->renderAdminPage("view_blocked_ip", $data);
	}

	public function blockMember() {
		if ($this->input->post()) {
			$memberId = $this->input->post('member_id');
			$sql = "UPDATE members SET login_failures=5, status=0 WHERE id=".$memberId;
			$this->db->query( $sql );
			$result = json_encode(["status"=>"ok"]);
			echo $result;
		}
	}

	public function unblockMember() {
		if ($this->input->post()) {
			$memberId = $this->input->post('member_id');
			$sql = "UPDATE members SET login_failures=0, status=1 WHERE id=".$memberId;
			$this->db->query( $sql );
			$result = json_encode(["status"=>"ok"]);
			echo $result;
		}
	}

	public function blockIp() {
		if ($this->input->post()) {
			$ipAddress = $this->input->post('ip_address');
			$reason = $this->input->post('reason');
			$sql = "INSERT INTO block_ip (ip, reason) VALUES ('{$ipAddress}','{$reason}')";
			$this->db->query( $sql );
			$result = json_encode(["status"=>"ok"]);
			echo $result;
		}
	}

	public function unblockIp() {
		if ($this->input->post()) {
			$ipAddress = $this->input->post('ip_address');

			if(stripos($ipAddress, "*")) {
				$ipAddress = str_replace("*", "%", $ipAddress);
				$sql = "DELETE FROM block_ip WHERE ip::text LIKE '{$ipAddress}'";
			} else {
				$sql = "DELETE FROM block_ip WHERE ip = '{$ipAddress}'::inet";
			}

			$this->db->query( $sql );
			$result = json_encode(["status"=>"ok"]);
			echo $result;
		}
	}

}