<?php
/**
 * Ajax handler.
 *
 * @category   Ajax handler.
 * @package    Pandora FMS.
 * @subpackage OpenSource.
 * @version    1.0.0
 * @license    See below
 *
 *    ______                 ___                    _______ _______ ________
 *   |   __ \.-----.--.--.--|  |.-----.----.-----. |    ___|   |   |     __|
 *  |    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
 * |___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
 *
 * ============================================================================
 * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
 * Please see http://pandorafms.org for full contribution list
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation for version 2.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * ============================================================================
 */

// Begin.
require 'vendor/autoload.php';

define('AJAX', true);

if (defined('__PAN_XHPROF__') === false) {
    define('__PAN_XHPROF__', 0);
}

if (__PAN_XHPROF__ === 1) {
    if (function_exists('tideways_xhprof_enable') === true) {
        tideways_xhprof_enable();
    }
}

if (file_exists('include/config.php') === false
    || is_readable('include/config.php') === false
) {
    exit;
}

// Don't start a session before this import.
// The session is configured and started inside the config process.
require_once 'include/config.php';
require_once 'include/functions.php';
require_once 'include/functions_db.php';
require_once 'include/auth/mysql.php';

if (isset($config['console_log_enabled']) === true
    && $config['console_log_enabled'] == 1
) {
    ini_set('log_errors', true);
    ini_set('error_log', $config['homedir'].'/log/console.log');
} else {
    ini_set('log_errors', false);
    ini_set('error_log', '');
}

// Sometimes input is badly retrieved from caller...
if (empty($_REQUEST) === true) {
    $data = explode('&', urldecode(file_get_contents('php://input')));
    foreach ($data as $d) {
        $r = explode('=', $d, 2);
        $_POST[$r[0]] = $r[1];
        $_GET[$r[0]] = $r[1];
    }
}

// Hash login process.
if (isset($_GET['loginhash']) === true) {
    $loginhash_data = get_parameter('loginhash_data', '');
    $loginhash_user = str_rot13(get_parameter('loginhash_user', ''));

    if ($config['loginhash_pwd'] != ''
        && $loginhash_data == md5(
            $loginhash_user.io_output_password($config['loginhash_pwd'])
        )
    ) {
        db_logon($loginhash_user, $_SERVER['REMOTE_ADDR']);
        $_SESSION['id_usuario'] = $loginhash_user;
        $config['id_user'] = $loginhash_user;
    } else {
        include_once 'general/login_page.php';
        db_pandora_audit(
            AUDIT_LOG_USER_REGISTRATION,
            'Loginhash failed',
            'system'
        );
        while (ob_get_length() > 0) {
            ob_end_flush();
        }

        exit('</html>');
    }
}

// Another auth class example: PandoraFMS\Dashboard\Manager.
$auth_class = io_safe_output(
    get_parameter('auth_class', 'PandoraFMS\User')
);

$page = (string) get_parameter('page');
$page = safe_url_extraclean($page);
$page .= '.php';
$page = realpath($page);
$public_hash = get_parameter('auth_hash', false);
$public_login = false;


if (false === ((bool) get_parameter('doLogin', false) === true
    && $page === realpath('include/rest-api/index.php'))
) {
    // Check user.
    if (class_exists($auth_class) === false || $public_hash === false) {
        check_login();
    } else {
        if ($auth_class::validatePublicHash($public_hash) === false) {
            db_pandora_audit(
                AUDIT_LOG_USER_REGISTRATION,
                'Trying to access public dashboard (Invalid public hash)'
            );
            include 'general/noaccess.php';
            exit;
        }

        // OK. Simulated user log in. If you want to use your own auth_class
        // remember to set $config['force_instant_logout'] to true to avoid
        // persistent user login.
    }
}

ob_start();

// Enterprise support.
if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true) {
    include_once ENTERPRISE_DIR.'/load_enterprise.php';
}

$config['remote_addr'] = $_SERVER['REMOTE_ADDR'];

$config['id_user'] = $_SESSION['id_usuario'];
$isFunctionSkins = enterprise_include_once('include/functions_skins.php');
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
    $config['relative_path'] = enterprise_hook(
        'skins_set_image_skin_path',
        [$config['id_user']]
    );
}

if (is_metaconsole() === true) {
    // Backward compatibility.
    define('METACONSOLE', true);
}

if (file_exists($page) === true) {
    include_once $page;
} else {
    echo '<br /><b class="error">Sorry! I can\'t find the page '.$page.'!</b>';
}

if (__PAN_XHPROF__ === 1) {
    pandora_xhprof_display_result('ajax', 'console');
}


if (isset($config['force_instant_logout']) === true
    && $config['force_instant_logout'] === true
) {
    // Force user logout.
    if (session_status() !== PHP_SESSION_ACTIVE) {
        session_start();
    }

    $iduser = $_SESSION['id_usuario'];
    $_SESSION = [];
    session_destroy();
    header_remove('Set-Cookie');
    setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');

    if ($config['auth'] === 'saml' && empty($public_hash) === true) {
        include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
        $as = new SimpleSAML_Auth_Simple('PandoraFMS');
        $as->logout();
    }
}


while (ob_get_length() > 0) {
    ob_end_flush();
}