<?php

/**
 * Name: Ğ1 Wallet
 * Description: Ğ1 address registration and balance display for SASE-verified participants.
 * Version: 0.3.0
 * MinVersion: 11.0
 * MaxVersion: 12.0
 */

use Zotlabs\Extend\Widget;

require_once 'addon/g1wallet/g1wallet_renderer.php';
require_once 'addon/g1wallet/g1wallet_spool.php';

function g1wallet_module() {}

function g1wallet_load() {
    register_hook('load_pdl', 'addon/g1wallet/g1wallet.php', 'g1wallet_load_pdl');
    Widget::register('addon/g1wallet/Widget/G1wallet.php', 'g1wallet');
}

function g1wallet_unload() {
    unregister_hook('load_pdl', 'addon/g1wallet/g1wallet.php', 'g1wallet_load_pdl');
    Widget::unregister('addon/g1wallet/Widget/G1wallet.php', 'g1wallet');
}

function g1wallet_load_pdl(&$b) {
    if (!is_array($b) || empty($b['module']) || $b['module'] !== 'g1wallet') {
        return;
    }
    $layout = @file_get_contents('addon/g1wallet/mod_g1wallet.pdl');
    if ($layout !== false) {
        $b['layout'] = $layout;
    }
}

// -----------------------------------------------------------------------------
// HELPERS
// -----------------------------------------------------------------------------

function g1wallet_h($value) {
    return htmlspecialchars((string) $value, ENT_QUOTES, 'UTF-8');
}

function g1wallet_load_config() {
    $raw = @file_get_contents('addon/g1wallet/config.json');
    if ($raw === false) return [];
    $cfg = json_decode($raw, true);
    return (json_last_error() === JSON_ERROR_NONE) ? $cfg : [];
}

// -----------------------------------------------------------------------------
// ACCESS
// -----------------------------------------------------------------------------

function g1wallet_access_state() {
    // Returns operator, participant, or public.
    // Direct pggrp_member query — safe for guest tokens.
    if (local_channel()) {
        $channel = App::get_channel();
        if (local_channel() === intval($channel['channel_id'])) {
            return 'operator';
        }
    }

    $observer = get_observer_hash();
    if (!$observer) return 'public';

    $raw = @file_get_contents('addon/vs01/config.json');
    if ($raw === false) return 'public';
    $cfg = json_decode($raw, true);
    if (json_last_error() !== JSON_ERROR_NONE) return 'public';

    $associations = $cfg['associations'] ?? [];
    if (empty($associations)) return 'public';

    foreach ($associations as $slug => $assoc) {
        $groups = $assoc['groups'] ?? [];
        foreach (['corpus_builder', 'sase_participant', 'civic_professional'] as $group_key) {
            $gid = intval($groups[$group_key] ?? 0);
            if ($gid) {
                $r = q("SELECT xchan FROM pggrp_member WHERE gid = %d AND xchan = '%s' LIMIT 1",
                    intval($gid),
                    dbesc($observer)
                );
                if ($r) return 'participant';
            }
        }
    }

    return 'public';
}

// -----------------------------------------------------------------------------
// CONTENT ROUTER
// -----------------------------------------------------------------------------

function g1wallet_content() {
    if (function_exists('head_add_css')) {
        head_add_css('/addon/g1wallet/view/css/g1wallet.css');
    }

    $access    = g1wallet_access_state();
    $sub_route = strtolower(argv(1) ?? '');

    if ($access === 'public') {
        return g1wallet_render_access_wall();
    }

    // POST: store g1 address
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && $sub_route === 'address') {
        if (!g1wallet_verify_csrf()) {
            return g1wallet_render_error('Invalid form token. Please reload and try again.');
        }
        return g1wallet_handle_address_post($access);
    }

    // Default: wallet landing page
    return g1wallet_render_landing($access);
}

// -----------------------------------------------------------------------------
// CSRF
// -----------------------------------------------------------------------------

function g1wallet_csrf_token() {
    if (empty($_SESSION['g1wallet_csrf'])) {
        $_SESSION['g1wallet_csrf'] = bin2hex(random_bytes(16));
    }
    return '<input type="hidden" name="g1wallet_csrf" value="'
         . g1wallet_h($_SESSION['g1wallet_csrf']) . '">';
}

function g1wallet_verify_csrf() {
    return isset($_POST['g1wallet_csrf'], $_SESSION['g1wallet_csrf'])
        && hash_equals($_SESSION['g1wallet_csrf'], $_POST['g1wallet_csrf']);
}