<?php

namespace Blog\Model;

use Blog\Model\Database;
use PDOException;
use Random\RandomException;

class UserModel extends Database
{
    /**
     * @throws RandomException
     */
    public function createUser($values){

        $salt = bin2hex(random_bytes(16));

        $hash = hash('sha256', $values["password"] . $salt);

        $guid = $this->createUUID();

        $pdo = $this->linkDB();

        $sql = "INSERT INTO user (`id`, `name`,`vorname`,`email`,`passwort`,`salt`,`role`) 
                VALUES (:guid, :name, :firstname, :email, :password, :salt, :role)";

        try {
            $sth = $pdo->prepare($sql);
            $sth->execute([
                ":guid" => $guid,
                ":name" => $values["lastname"],
                ":firstname" => $values["name"],
                ":email" => $values["email"],
                ":password" => $hash,
                ":salt" => $salt,
                ":role" => $values["role"]
            ]);
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
            die;
        }

        return true;
    }

    public function getUserByEmail($email){
        $pdo = $this->linkDB();
        $sql = "SELECT * FROM user WHERE email = :email";
        $sth = $pdo->prepare($sql);
        $sth->execute([":email" => $email]);
        return $sth->fetch();
    }

    public function getUserById($id){
        $pdo = $this->linkDB();
        $sql = "SELECT * FROM user WHERE id = :id";
        $sth = $pdo->prepare($sql);
        $sth->execute([":id" => $id]);
        return $sth->fetch();
    }

    public function deleteUser($id){
        $pdo = $this->linkDB();
        $sql = "DELETE FROM user WHERE id = :id";
        $sth = $pdo->prepare($sql);
        $sth->bindParam(":id", $id);
        $sth->execute();
    }

    public function updateUserData($id, $values){
        $pdo = $this->linkDB();
        $fields = [];
        $params = [':id' => $id];

        if(!empty($values["password"])){
            $salt = bin2hex(random_bytes(16));
            $hash = hash('sha256', $values["password"] . $salt);
            $fields["password"] = "´passwort´ = :password";
            $fields["salt"] = "´salt´ = :salt";
            $params[":password"] = $hash;
            $params[":salt"] = $salt;
        }

        foreach (['name','vorname','email'] as $col) {
            if (isset($values[$col])) {
                $fields[]           = "`{$col}` = :{$col}";
                $params[":{$col}"]  = $values[$col];
            }
        }

        $sql = "UPDATE user 
        SET " . implode(", ", $fields) . "
        where id = :id";

        try {
            $sth = $pdo->prepare($sql);
            $sth->execute($params);
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
            die;
        }

    }

    private function writeNewAddress($values) {
        $guid = $this->createUUID();

        $sql = "INSERT INTO ort (`id`, `stadt`, `strasse`, `plz`) VALUES (
            :guid, :stadt, :strasse, :plz);";

        $pdo = $this->linkDB();

        try {
            $sth = $pdo->prepare($sql);
            $sth->execute(array(":guid" => $guid,
                ":stadt" => $values["stadt"],
                ":strasse" => $values["strasse"],
                ":plz" => $values["plz"],
            ));
            return $guid;
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); 
            die;
        }
    }

    public function writeNewCourse($values, $kursleiterId)
    {
        // Bleibt übrig wenn Adresse erstellt wird aber Kurs nicht weil Error
        $addressId = $this->writeNewAddress($values);

        $guid = $this->createUUID();

        $sql = "INSERT INTO kurs (`id`, `name`, `preis`, `dauer`, `rabatt`, `kategorie`, `beschreibung`, `kurseleiter`, `ort_id`) VALUES (
            :guid, :name, :preis, :dauer, :rabatt, :kategorie, :beschreibung, :kurseleiter, :ort_id);";

        $pdo = $this->linkDB();

        try {
            $sth = $pdo->prepare($sql);
            $sth->execute(array(":guid" => $guid,
                ":name" => $values["name"],
                ":preis" => $values["preis"],
                ":dauer" => $values["dauer"],
                ":rabatt" => $values["rabatt"],
                ":kategorie" => $values["kategorie"],
                ":beschreibung" => $values["beschreibung"],
                ":kurseleiter" => $kursleiterId,
                "ort_id" => $addressId
            ));
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); 
            die;
        }
                
        return true;
    }

    public function getMyCourses() {
        $sql = "SELECT k.id, k.name, k.preis, k.dauer, k.rabatt, k.kategorie, k.beschreibung, o.stadt, o.strasse, o.plz, b.note, b.kommentar
                FROM kurs AS k
                JOIN ort AS o ON o.id = k.ort_id
                LEFT JOIN bewertungen AS b ON b.kurs_id = k.id
                ORDER BY k.name;";

        $pdo = $this->linkDB();

        try {
            $sth = $pdo->prepare($sql);
            $sth->execute();
            return $sth->fetchAll(\PDO::FETCH_ASSOC);
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Lesen der Daten.", $e); 
            die;
        }
    }
}