package MyApp::Controller::Root;
use Mojo::Base 'Mojolicious::Controller';
use Tools;
use Cwd qw(abs_path getcwd);
use Mojo::File 'path';
use HTML::Entities qw(encode_entities);
use Mojo::Util qw(trim);

sub index {
    my $c = shift;
    my $client_ip  = $c->tx->remote_address;
    my $last_visit = $c->session('last_visit') || time();
    $c->session(last_visit => time());
    $c->stash(
        client_ip  => $client_ip,
        last_visit => $last_visit
    );
    $c->render('index');
}

sub no_permission { shift->render('noperm') }

sub view_source {
    my $c = shift;
    my $base_dir = abs_path(path($c->app->home)->child('.'));
    my $file_param = $c->param('f');
    return $c->render(text => "Invalid file.", status => 400) unless $file_param;

    my $requested_path = path($base_dir, $file_param)->to_string;
    my $real_path = abs_path($requested_path);
    
    return $c->render(text => "File not found.", status => 404) unless $real_path;

    my $public_dir       = abs_path(path($base_dir, 'public'));
    my $templates_dir    = abs_path(path($base_dir, 'templates'));
    my $lib_dir          = abs_path(path($base_dir, 'lib'));
    my $script_path      = abs_path(path($base_dir, 'mojo.pl'));
    
    my $is_allowed = 0;
    if ($real_path) {
        $is_allowed =
             ($real_path eq $script_path)
          || ($real_path =~ m{^\Q$public_dir\E/})
          || ($real_path =~ m{^\Q$templates_dir\E/})
          || ($real_path =~ m{^\Q$lib_dir\E/});
    }

    if ($is_allowed && -f $real_path) {
        my $text = path($real_path)->slurp;
        $c->render(text => $text, format => 'txt');
    }
    else {
        $c->render(text => "Access denied.", format => 'txt', status => 403);
    }
}

sub cwd { shift->render(text => "CWD: " . getcwd()) }

sub age {
    my $c = shift;
    my $dob = $c->db->dob();
    my @andrea = howOld($dob->{andrea}->{dob});
    my @nicky  = howOld($dob->{nicky}->{dob});
    $c->render(
        json => {
            andrea  => $andrea[0],
            andreas => $andrea[1],
            nicky   => $nicky[0],
            nickys  => $nicky[1],
        }
    );
}

sub t_page { shift->render('t') }
sub p_page { shift->render('p') }
sub sus { shift->render('sus') }

sub contact {
    my $c = shift;
    my @qr_images = qw(discord.png email.png line.jpg messenger.png);
    $c->render(template => 'contact', qr_images => \@qr_images);
}

sub copy_get {
    my $c = shift;
    my @msgs       = $c->db->get_pasted();
    my $client_ip  = $c->tx->remote_address;

    $c->stash(
        messages  => \@msgs,
        client_ip => $client_ip,
        is_admin  => $c->is_admin
    );

    $c->render('copy');
}

sub copy_post {
    my $c = shift;
    return $c->redirect_to('/noperm') unless $c->is_logged_in;
    
    my $text = trim($c->param('paste') // '');
    $text = encode_entities($text);

    if ($text =~ m{^https?://}i) {
        unless ($text =~ m{^https?://[\w\-]+(?:\.[\w\-]+)+(?:/[^\s]*)?$}i) {
            return $c->render_error('Invalid URL');
        }
    }

    $c->db->paste($text);
    $c->db->push_gotify($text);
    return $c->redirect_to('/copy');
}

sub remove_message {
    my $c = shift;
    return $c->redirect_to('/noperm') unless $c->is_admin;

    my $id = $c->param('id');
    unless (defined $id && $id =~ /^\d+$/) {
        return $c->render_error('Invalid ID');
    }

    $c->db->delete_message($id);
    $c->redirect_to('/copy');
}

1;