<?php

require('includes/starthere.php');

if ( isset($_POST['action']) )
{
	switch($_POST['action'])
	{
	case 'change-password':
		try
		{
			// verify old password
			$result = @ldap_bind($_ldapconn, ldap_make_user_dn($_SERVER['REMOTE_USER']), $_POST['old_password']);
			if ( !$result )
				throw new Exception("Your old password was incorrect.");
			
			if ( ($result = test_password($_POST['password'])) !== true )
				throw new Exception("Your new password $result.");
			
			if ( $_POST['password'] !== $_POST['password_confirm'] )
				throw new Exception("The passwords you entered did not match.");
			
			if ( reset_password($_SERVER['REMOTE_USER'], $_POST['password']) )
			{
				// rebind to LDAP as manager, since we did a bind to verify the old password
				ldap_bind($_ldapconn, $ldap_manager['dn'], $ldap_manager['password']);
				queue_message(E_NOTICE, "Your password has been changed.");
				break;
			}
			else
			{
				throw new Exception("Internal error when performing password reset.");
			}
		}
		catch ( Exception $e )
		{
			queue_message(E_ERROR, $e->getMessage());
			
			// rebind to LDAP as manager, since we did a bind to verify the old password
			ldap_bind($_ldapconn, $ldap_manager['dn'], $ldap_manager['password']);
		}
		break;
	case 'profile-update':
		// header('Content-type: text/plain'); print_r(!empty($_POST['sshPublicKey']) ? $_POST['sshPublicKey'] : array()); exit;
		$result = ldap_mod_replace($_ldapconn, ldap_make_user_dn($_SERVER['REMOTE_USER']), array(
				'mail' => array($_POST['mail'])
				, 'sshPublicKey' => !empty($_POST['sshPublicKey']) ? array_unique($_POST['sshPublicKey']) : array()
			));
		
		if ( $result || ldap_error($_ldapconn) === 'Success' )
		{
			queue_message(E_NOTICE, "Your information has been updated.");
			redirect('/');
		}
		else
		{
			queue_message(E_ERROR, ldap_error($_ldapconn));
		}
		break;
	}
}

display_template('index');