<?php
	// namespace
	namespace sven\sys\sven;

	/**
	 * web
	 *
	 * Handling all requests
	 *
	 * @package sven\sys\sven
	 * @copyright 2018 Ruben Meyer
	 * @author Ruben Meyer <contact@rxbn.de>
	 * @version 0.1.0
	 * @TODO Documentation
	 */
	class web {

		public static $API = FALSE;

		private $api_pattern = '%index_dir%/%file%';
		private $file_pattern = '%index_dir%/pages/%file%';

		public function __construct($index_dir) {
			$file = "";
			if(isset($_GET['file'])) $file = $_GET['file'];
			else $file = 'index';

			// check if it is a API request
			if(utilities::startsWith($file, 'api') || utilities::startsWith($file, '/api')) self::$API = TRUE;

			$file_pattern = str_replace('%index_dir%', $index_dir, (self::$API) ? $this->api_pattern : $this->file_pattern);

			$auth = new \sven\sys\security\auth();

			// if length of filename <= 255
			if(strlen($file) <= 255) {
				// if string ends with '/', remove it
				if(utilities::endsWith($file, '/')) $file = substr($file, 0, -1);

				// if string ends with '.html' OR with '.htm', remove it
				if(utilities::endsWith($file, '.html')) $file = substr($file, 0, -5);
				else if(utilities::endsWith($file, '.htm')) $file = substr($file, 0, -4);
				else if(utilities::endsWith($file, '.php')) $file = substr($file, 0, -4);
			} else {
				if(!self::$API) $file = "errors/404";
				else $file = "api/error/404";
			}

			$path = str_replace('%file%', $file, $file_pattern);

			if(!self::$API) {
				/**
				 *  //////  //  //      //////  //////
				 *  //      //  //      //      //
				 *  //////  //  //      //////  //////
				 *  //      //  //      //          //
				 *  //      //  //////  //////  //////
				 */

				 // path checking
 				if(file_exists($path.'.php')) $path .= '.php';
 				elseif(is_dir($path.'/') && file_exists($path.'/index.php')) $path .= '/index.php';
 				else $path = str_replace('%file%', './errors/404.php', $file_pattern);

				require_once($path);

				$this->loadTemplates($index_dir);

				// setting login / logout text and links
				if($auth->loggedIn()) {
					\sven\sys\core::addReplacement('all', 'logInOutText', "Logout");
					\sven\sys\core::addReplacement('all', 'logInOutLink', "/sven/logout");
				} else {
					\sven\sys\core::addReplacement('all', 'logInOutText', "Login");
					\sven\sys\core::addReplacement('all', 'logInOutLink', "/sven/login");
				}
			} else {
				/**
				 *     //////  ///////  //  //////
				 *    //  //  //   //  //  //
				 *   //////  //////   //  //////
				 *  //  //  //       //      //
				 * //  //  //       //  //////
				 */

				// path checking
				if(file_exists($path.'.php')) $path .= '.php';
				else $path = str_replace('%file%', 'api/error/404.php', $file_pattern);

				require_once($path);

				$arr = \sven\sys\core::rawApiOutput();
				$arr->access = ($auth->loggedIn()) ? "granted" : "denied";
				\sven\sys\core::replaceApiOutput($arr);
			}
		}

		public function loadTemplates($index_dir) {
			$file_pattern = str_replace('%index_dir%/pages', $index_dir.'/templates', $this->file_pattern);

			foreach (glob(str_replace('%file%', '/*.php', $file_pattern)) as $path) {
				require_once($path);
			}
		}

		public static function setSecurityHeaders() {
			$headers = [
				//"key" => "value"
				"X-Content-Type-Options" => "nosniff",
				"X-Frame-Options" => "DENY",
				"X-Powered-By" => false
			];
			//header(key: value, true);
			foreach ($headers as $key => $value) {
				if($value !== false)
					header($key.": ".$value, true);
				else
					header_remove($key);
			}
		}

		public static function getRequestBody($type = "json") {
			if($type === "json") {
				return json_decode(file_get_contents('php://input'));
			}
		}

	};

?>