<?php

if ( ! class_exists( 'PPW_Entire_Site_Services' ) ) {
	class PPW_Entire_Site_Services {
		/**
		 * Auth cookie
		 *
		 * @return bool
		 */
		function validate_auth_cookie_entire_site() {
			$cookie_elements = $this->parse_cookie_entire_site();
			if ( false === $cookie_elements ) {
				return false;
			}

			if ( (int) $cookie_elements[1] < time() ) {
				return false;
			}

			$password = ppw_core_get_setting_entire_site_type_string( PPW_Constants::PASSWORD_ENTIRE_SITE );
			$hash     = hash_hmac( 'md5', PPW_Constants::ENTIRE_SITE_COOKIE_NAME, $password );

			return $cookie_elements[0] === $hash;
		}

		/**
		 * Parse cookie
		 *
		 * @return array|bool
		 */
		function parse_cookie_entire_site() {
			$_cookie     = wp_unslash( $_COOKIE );
			$cookie_name = PPW_Constants::ENTIRE_SITE_COOKIE_NAME;
			if ( empty( $_cookie[ $cookie_name ] ) ) {
				return false;
			}

			$cookie          = $_cookie[ $cookie_name ];
			$cookie_elements = explode( '|', $cookie );
			if ( count( $cookie_elements ) !== 2 ) {
				return false;
			}

			return $cookie_elements;
		}

		/**
		 * Check is valid password
		 *
		 * @param $password
		 *
		 * @return bool
		 */
		public function entire_site_is_valid_password( $password ) {
			$_request = wp_unslash( $_REQUEST ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Processing form data without nonce verification. - Not verify nonce for password validate.
			if ( ! isset( $_request['input_wp_protect_password'] ) ) {
				return false;
			}

			$password_input = $_request['input_wp_protect_password'];

			$validated = md5( $password_input ) === $password;

			return apply_filters( 'ppw_sitewide_valid_password', $validated );
		}

		/**
		 * Set password to cookie
		 *
		 * @param string $password Password.
		 */
		public function entire_site_set_password_to_cookie( $password ) {
			$expiration     = time() + 7 * DAY_IN_SECONDS;
			$cookie_expired = ppw_core_get_setting_type_string( PPW_Constants::COOKIE_EXPIRED );
			if ( ! empty( $cookie_expired ) ) {
				$time = explode( ' ', $cookie_expired )[0];
				$unit = ppw_core_get_unit_time( $cookie_expired );
				if ( 0 !== $unit ) {
					$expiration = time() + (int) $time * $unit;
				}
			}

			$hash       = hash_hmac( 'md5', PPW_Constants::ENTIRE_SITE_COOKIE_NAME, $password );
			$cookie     = $hash . '|' . $expiration;
			$expiration = apply_filters( 'ppw_sitewide_cookie_expiration', $expiration, $password );
			ppw_free_bypass_cache_with_cookie_for_pro_version( $cookie, $expiration );
			setcookie( PPW_Constants::ENTIRE_SITE_COOKIE_NAME, $cookie, $expiration, COOKIEPATH, COOKIE_DOMAIN );
		}

		/**
		 * Redirect after enter password
		 */
		public function entire_site_redirect_after_enter_password() {
			// Can get the HTTP_REFERER first as the redirect URL that:
			// Fixes the private link redirection belonged to PPP Pro.
			$_server = wp_unslash( $_SERVER );
			if ( ! empty( $_server['HTTP_REFERER'] ) ) {
				$current_url = $_server['HTTP_REFERER'];
			} else {
				global $wp;
				$current_url = add_query_arg( $wp->query_string, '', home_url( $wp->request ) );
			}

			// TODO: consider to user wp_safe_redirect.
			wp_redirect( $current_url );
		}

		/**
		 * Handle before update settings for entire site
		 *
		 * @param $data_settings
		 *
		 * @return bool
		 */
		public function handle_before_update_settings( $data_settings ) {
			// Clear cache Super Cache plugin
//			$free_cache = new PPW_Cache_Services();
//			$free_cache->clear_cache_super_cache();

			if ( array_key_exists( PPW_Constants::IS_PROTECT_ENTIRE_SITE, $data_settings ) && $data_settings[ PPW_Constants::IS_PROTECT_ENTIRE_SITE ] === "true" ) {
				// Create new password
				if ( ! array_key_exists( PPW_Constants::SET_NEW_PASSWORD_ENTIRE_SITE, $data_settings ) ) {
					return $this->create_new_password( $data_settings );
				}

				// Change password
				if ( array_key_exists( PPW_Constants::SET_NEW_PASSWORD_ENTIRE_SITE, $data_settings ) && $data_settings[ PPW_Constants::SET_NEW_PASSWORD_ENTIRE_SITE ] === "true" ) {
					return $this->change_password( $data_settings );
				}

				// Don't change password
				return true;
			}

			// Unprotect entire site
			return delete_option( PPW_Constants::ENTIRE_SITE_OPTIONS );
		}

		/**
		 * Create new password entire site
		 *
		 * @param $data_settings
		 *
		 * @return bool
		 */
		public function create_new_password( $data_settings ) {
			$data_settings[ PPW_Constants::PASSWORD_ENTIRE_SITE ] = md5( $data_settings[ PPW_Constants::PASSWORD_ENTIRE_SITE ] );
			update_option( PPW_Constants::ENTIRE_SITE_OPTIONS, $data_settings );

			return true;
		}

		/**
		 * Change password entire site
		 *
		 * @param $data_settings
		 *
		 * @return bool
		 */
		public function change_password( $data_settings ) {
			$data_settings[ PPW_Constants::PASSWORD_ENTIRE_SITE ] = md5( $data_settings[ PPW_Constants::PASSWORD_ENTIRE_SITE ] );
			unset( $data_settings[ PPW_Constants::SET_NEW_PASSWORD_ENTIRE_SITE ] );
			update_option( PPW_Constants::ENTIRE_SITE_OPTIONS, $data_settings );

			return true;
		}
	}
}