<?php
use function Hestiacp\quoteshellarg\quoteshellarg;

include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";

// Check token
verify_csrf($_GET);

// Check if administrator is viewing system log (currently 'admin' user)
if ($_SESSION["userContext"] === "admin" && isset($_GET["user"])) {
	$user = quoteshellarg($_GET["user"]);
	$token = $_SESSION["token"];
}

// Clear log
exec(HESTIA_CMD . "v-delete-user-auth-log " . $user, $output, $return_var);
check_return_code($return_var, $output);
unset($output);

$ip = $_SERVER["REMOTE_ADDR"];
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
	if (!empty($_SERVER["HTTP_CF_CONNECTING_IP"])) {
		$ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
	}
}
$v_ip = quoteshellarg($ip);
$user_agent = $_SERVER["HTTP_USER_AGENT"];
$v_user_agent = quoteshellarg($user_agent);

$v_session_id = quoteshellarg($_SESSION["token"]);

// Add current user session back to log unless impersonating another user
if (!isset($_SESSION["look"])) {
	exec(
		HESTIA_CMD .
			"v-log-user-login " .
			$user .
			" " .
			$v_ip .
			" success " .
			$v_session_id .
			" " .
			$v_user_agent,
		$output,
		$return_var,
	);
}

// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

// Set correct page reload target
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
	header("Location: /list/log/auth/?user=" . $_GET["user"] . "&token=$token");
} else {
	header("Location: /list/log/auth/");
}

exit();