<?php
// === HTTP 头部设置 ===
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Authorization");
header('Content-Type: application/json'); 
// 处理浏览器的预检请求 (OPTIONS)
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    exit(0);
}

// 引入依赖文件
require_once __DIR__ . '/model/DB.php';
require_once __DIR__ . '/service/AuthService.php';
require_once __DIR__ . '/service/SocketClinet.php';

// 获取请求参数
// action: 决定调用哪个功能 (如 login, send_mail)
$action = $_GET['action'] ?? '';
// input: 获取 POST 请求的 JSON Body
$input  = json_decode(file_get_contents('php://input'), true) ?? [];

// 获取当前操作的用户名（由前端传过来，用于标识身份）
$currentUser = $input['username'] ?? ($_GET['username'] ?? '');

try {
    // === 路由分发 (Routing) ===
    switch ($action) {

        /* ================== 基础认证模块 ================== */

        case 'login':
            $username = $input['username'] ?? '';
            $password = $input['password'] ?? '';

            if (!$username || !$password) {
                echo json_encode(['code' => 400, 'msg' => '请输入账号密码']);
                break;
            }

            // 调用 AuthService 进行校验
            $data = AuthService::login($username, $password);
            if (!$data) {
                echo json_encode(['code' => 401, 'msg' => '账号或密码错误']);
            } else {
                // 登录成功
                echo json_encode(['code' => 200, 'data' => $data]);
            }
            break;

        case 'register':
            // 简单的注册逻辑：查重 -> 插入
            $username = $input['username'] ?? '';
            $password = $input['password'] ?? '';

            if (!$username || !$password) {
                echo json_encode(['code' => 400, 'msg' => '参数不完整']);
                break;
            }

            $pdo = DB::get();
            // 检查用户名是否重复
            $stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
            $stmt->execute([$username]);

            if ($stmt->fetch()) {
                echo json_encode(['code' => 400, 'msg' => '用户已存在']);
                break;
            }

            // 插入新用户，密码使用 MD5 加密
            $stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
            $stmt->execute([$username, md5($password)]);

            echo json_encode(['code' => 200, 'msg' => '注册成功']);
            break;

        /* ================== 邮件业务模块 ================== */

        case 'list_mails':
            // 它实际上是在调用 SocketClient 去爬取 POP3 服务器的数据返回给前端。
            if (!$currentUser) {
                echo json_encode(['code' => 400, 'msg' => '缺少 username']);
                break;
            }
            
            $pwdForPop3 = $input['password'] ?? ''; 
            if (!$pwdForPop3) {
                echo json_encode(['code'=>401,'msg'=>'缺少密码']);
                break;
            }

            try {
                // 调用 Socket 客户端去收信
                $rows = SocketClient::fetchByPOP3($currentUser, $pwdForPop3);
                
                // 数据清洗：为列表页生成简略预览 (Preview)
                foreach ($rows as &$r) {
                    $body = $r['content'];
                    // 如果有双换行，通常双换行后面是正文
                    if(strpos($body, "\r\n\r\n") !== false) {
                        $body = explode("\r\n\r\n", $body, 2)[1];
                    }
                    // 截取前50个字符作为摘要
                    $r['preview'] = mb_substr(strip_tags($body), 0, 50) . '...';
                }
                
                echo json_encode(['code' => 200, 'data' => $rows]);
            } catch (Exception $e) {
                echo json_encode(['code' => 500, 'msg' => 'POP3错误: ' . $e->getMessage()]);
            }
            break;

        case 'send_mail':
            if (!$currentUser) {
                echo json_encode(['code' => 400, 'msg' => '未登录']);
                break;
            }

            $to      = $input['to'] ?? '';
            $subject = $input['subject'] ?? '';
            $body    = $input['content'] ?? '';

            try {
                // 调用 Socket 客户端投递邮件
                SocketClient::sendBySMTP($currentUser, $to, $subject, $body);
                echo json_encode(['code' => 200, 'msg' => 'SMTP投递成功']);
            } catch (Exception $e) {
                echo json_encode(['code' => 500, 'msg' => 'SMTP错误: ' . $e->getMessage()]);
            }
            break;

        case 'delete_mail':
            // 调用 POP3 DELE 命令
            $pwdForPop3 = $input['password'] ?? '';
            $id = $input['id'] ?? 0;
            
            try {
                SocketClient::deleteByPOP3($currentUser, $pwdForPop3, $id);
                echo json_encode(['code' => 200, 'msg' => 'POP3删除成功']);
            } catch (Exception $e) {
                echo json_encode(['code' => 500, 'msg' => $e->getMessage()]);
            }
            break;

        case 'mark_read':
            $pdo = DB::get();
            $stmt = $pdo->prepare("UPDATE mails SET is_read = 1 WHERE id = ?");
            $stmt->execute([$input['id'] ?? 0]);
            echo json_encode(['code' => 200, 'msg' => '已标记已读']);
            break;

        case 'toggle_star':           
            $pdo = DB::get();
            $stmt = $pdo->prepare("UPDATE mails SET is_starred = NOT is_starred WHERE id = ?");
            $stmt->execute([$input['id'] ?? 0]);
            echo json_encode(['code' => 200, 'msg' => '星标已更新']);
            break;

        /* ================== 管理员模块 ================== */

        case 'list_users':
            // 获取用户列表，用于管理面板
            $pdo = DB::get();
            $stmt = $pdo->query("SELECT id, username, is_admin, is_disabled, used_size, quota_size FROM users");
            echo json_encode(['code' => 200, 'data' => $stmt->fetchAll(PDO::FETCH_ASSOC)]);
            break;

        case 'add_user':
            // 管理员添加新用户
            $pdo = DB::get();
            // 查重
            $check = $pdo->prepare("SELECT id FROM users WHERE username=?");
            $check->execute([$input['target_username']]); 
            if($check->fetch()) {
                 echo json_encode(['code' => 400, 'msg' => '用户已存在']);
                 break;
            }
            
            $stmt = $pdo->prepare("INSERT INTO users (username, password, is_admin) VALUES (?, ?, ?)");
            $stmt->execute([
                $input['target_username'], 
                md5($input['target_password']),
                $input['is_admin'] ?? 0
            ]);
            echo json_encode(['code' => 200, 'msg' => '用户已添加']);
            break;

        case 'del_user':
            // 管理员删除用户
            $pdo = DB::get();
            $stmt = $pdo->prepare("DELETE FROM users WHERE id = ?");
            $stmt->execute([$input['uid'] ?? 0]);
            echo json_encode(['code' => 200, 'msg' => '用户已删除']);
            break;

        case 'broadcast':
            // 逻辑：遍历所有用户，通过 SocketClient 循环发送 SMTP 邮件
            $pdo = DB::get();
            $users = $pdo
                ->query("SELECT username FROM users")
                ->fetchAll(PDO::FETCH_COLUMN);

            $subject = $input['subject'] ?? '系统通知';
            $body    = $input['content'] ?? 'System Broadcast';
            $from = 'admin@system';

            foreach ($users as $u) {
                try {
                    if ($u === $from) continue; // 不发给自己

                    // 复用 sendBySMTP 方法
                    SocketClient::sendBySMTP(
                        $from,
                        $u,
                        $subject,
                        $body
                    );
                } catch (Exception $e) {
                    error_log("Broadcast to {$u} failed: " . $e->getMessage());
                }
            }

            echo json_encode([
                'code' => 200,
                'msg'  => '广播完成'
            ]);
            break;


        case 'get_logs':
            // 获取服务器日志
            $pdo = DB::get();
            $stmt = $pdo->query("SELECT * FROM server_logs ORDER BY id DESC LIMIT 50");
            echo json_encode(['code' => 200, 'data' => $stmt->fetchAll(PDO::FETCH_ASSOC)]);
            break;

        case 'change_password':
            // 修改密码
            if (!$currentUser) { echo json_encode(['code'=>401,'msg'=>'未登录']); break; }
            
            $newPass = $input['new_pass'] ?? '';
            if (!$newPass) { echo json_encode(['code'=>400,'msg'=>'密码不能为空']); break; }

            $pdo = DB::get();
            $stmt = $pdo->prepare("UPDATE users SET password = ? WHERE username = ?");
            $stmt->execute([md5($newPass), $currentUser]);
            echo json_encode(['code' => 200, 'msg' => '密码已修改']);
            break;

        case 'toggle_status':
            // 禁用/解封用户
            $uid = $input['uid'] ?? 0;
            $pdo = DB::get();
            $stmt = $pdo->prepare("UPDATE users SET is_disabled = NOT is_disabled WHERE id = ?");
            $stmt->execute([$uid]);
            echo json_encode(['code' => 200, 'msg' => '状态已更新']);
            break;
        
        case 'list_ip_filters':
            // 列出封禁的ip
            $pdo = DB::get();

            $stmt = $pdo->query("
                SELECT 
                    id,
                    ip_address,
                    action,
                    created_at
                FROM ip_filters
                ORDER BY id DESC
            ");

            echo json_encode([
                'code' => 200,
                'data' => $stmt->fetchAll(PDO::FETCH_ASSOC)
            ]);
            break; 
        
        case 'add_ip_filter':
            // 添加封禁ip
            $ip = trim($input['ip_address'] ?? '');

            if (!$ip) {
                echo json_encode(['code' => 400, 'msg' => 'IP 不能为空']);
                break;
            }

            // 简单 IP 格式校验（IPv4 / IPv6 都支持）
            if (!filter_var($ip, FILTER_VALIDATE_IP)) {
                echo json_encode(['code' => 400, 'msg' => 'IP 格式不合法']);
                break;
            }

            $pdo = DB::get();

            // 防止重复封禁
            $check = $pdo->prepare("
                SELECT id 
                FROM ip_filters 
                WHERE ip_address = ? AND action = 'BLOCK'
            ");
            $check->execute([$ip]);

            if ($check->fetch()) {
                echo json_encode(['code' => 400, 'msg' => '该 IP 已被封禁']);
                break;
            }

            $stmt = $pdo->prepare("
                INSERT INTO ip_filters (ip_address, action)
                VALUES (?, 'BLOCK')
            ");
            $stmt->execute([$ip]);

            echo json_encode([
                'code' => 200,
                'msg'  => 'IP 已成功封禁'
            ]);
            break;

            
        case 'del_ip_filter':
            // 删除被封禁的ip
            $id = intval($input['id'] ?? 0);

            if (!$id) {
                echo json_encode(['code' => 400, 'msg' => '参数错误']);
                break;
            }

            $pdo = DB::get();
            $stmt = $pdo->prepare("DELETE FROM ip_filters WHERE id = ?");
            $stmt->execute([$id]);

            echo json_encode([
                'code' => 200,
                'msg'  => 'IP 已解封'
            ]);
            break;


        default:
            echo json_encode(['code' => 404, 'msg' => '接口不存在']);
    }

} catch (Exception $e) {
    // 全局异常捕获：确保无论发生什么错误，都返回 JSON 格式，防止前端解析崩溃
    echo json_encode(['code' => 500, 'msg' => $e->getMessage()]);
}