<?php
use function Hestiacp\quoteshellarg\quoteshellarg;

ob_start();
$TAB = "MAIL";

// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";

exec(HESTIA_CMD . "v-list-sys-webmail json", $output, $return_var);
$webmail_clients = json_decode(implode("", $output), true);
unset($output);

if (!empty($_GET["domain"])) {
	$v_domain = $_GET["domain"];
}
if (!empty($v_domain)) {
	// Set webmail alias
	exec(
		HESTIA_CMD . "v-list-mail-domain " . $user . " " . quoteshellarg($v_domain) . " json",
		$output,
		$return_var,
	);
	if ($return_var > 0) {
		check_return_code_redirect($return_var, $output, "/list/mail/");
	}
	$data = json_decode(implode("", $output), true);
	unset($output);
	$v_webmail_alias = $data[$v_domain]["WEBMAIL_ALIAS"];
}

// Check POST request for mail domain
if (!empty($_POST["ok"])) {
	// Check token
	verify_csrf($_POST);

	// Check empty fields
	if (empty($_POST["v_domain"])) {
		$errors[] = _("Domain");
	}
	if (!empty($errors[0])) {
		foreach ($errors as $i => $error) {
			if ($i == 0) {
				$error_msg = $error;
			} else {
				$error_msg = $error_msg . ", " . $error;
			}
		}
		$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
	}

	// Check antispam option
	if (!empty($_POST["v_antispam"])) {
		$v_antispam = "yes";
	} else {
		$v_antispam = "no";
	}

	// Check antivirus option
	if (!empty($_POST["v_antivirus"])) {
		$v_antivirus = "yes";
	} else {
		$v_antivirus = "no";
	}

	// Check dkim option
	if (!empty($_POST["v_dkim"])) {
		$v_dkim = "yes";
	} else {
		$v_dkim = "no";
	}

	// Set domain name to lowercase and remove www prefix
	$v_domain = preg_replace("/^www./i", "", $_POST["v_domain"]);
	$v_domain = quoteshellarg($v_domain);
	$v_domain = strtolower($v_domain);

	// Add mail domain
	if (empty($_SESSION["error_msg"])) {
		exec(
			HESTIA_CMD .
				"v-add-mail-domain " .
				$user .
				" " .
				$v_domain .
				" " .
				$v_antispam .
				" " .
				$v_antivirus .
				" " .
				$v_dkim,
			$output,
			$return_var,
		);
		check_return_code($return_var, $output);
		unset($output);
	}

	if (!empty($_POST["v_reject"]) && $v_antispam == "yes") {
		exec(
			HESTIA_CMD . "v-add-mail-domain-reject " . $user . " " . $v_domain . " yes",
			$output,
			$return_var,
		);
		check_return_code($return_var, $output);
		unset($output);
	}

	if (!empty($_SESSION["IMAP_SYSTEM"]) && !empty($_SESSION["WEBMAIL_SYSTEM"])) {
		if (empty($_SESSION["error_msg"])) {
			if (!empty($_POST["v_webmail"])) {
				$v_webmail = quoteshellarg($_POST["v_webmail"]);
				exec(
					HESTIA_CMD .
						"v-add-mail-domain-webmail " .
						$user .
						" " .
						$v_domain .
						" " .
						$v_webmail .
						" yes",
					$output,
					$return_var,
				);
				check_return_code($return_var, $output);
				unset($output);
			}
		}
	}

	if (!empty($_SESSION["IMAP_SYSTEM"]) && !empty($_SESSION["WEBMAIL_SYSTEM"])) {
		if (empty($_POST["v_webmail"])) {
			if (empty($_SESSION["error_msg"])) {
				exec(
					HESTIA_CMD . "v-delete-mail-domain-webmail " . $user . " " . $v_domain . " yes",
					$output,
					$return_var,
				);
				check_return_code($return_var, $output);
				unset($output);
			}
		}
	}

	// Add SMTP Relay Support
	if (empty($_SESSION["error_msg"])) {
		if (isset($_POST["v_smtp_relay"]) && !empty($_POST["v_smtp_relay_host"])) {
			if (
				$_POST["v_smtp_relay_host"] != $v_smtp_relay_host ||
				$_POST["v_smtp_relay_user"] != $v_smtp_relay_user ||
				$_POST["v_smtp_relay_port"] != $v_smtp_relay_port
			) {
				$v_smtp_relay = true;
				$v_smtp_relay_host = quoteshellarg($_POST["v_smtp_relay_host"]);
				$v_smtp_relay_user = quoteshellarg($_POST["v_smtp_relay_user"]);
				$v_smtp_relay_pass = quoteshellarg($_POST["v_smtp_relay_pass"]);
				if (!empty($_POST["v_smtp_relay_port"])) {
					$v_smtp_relay_port = quoteshellarg($_POST["v_smtp_relay_port"]);
				} else {
					$v_smtp_relay_port = "587";
				}
				exec(
					HESTIA_CMD .
						"v-add-mail-domain-smtp-relay " .
						$user .
						" " .
						$v_domain .
						" " .
						$v_smtp_relay_host .
						" " .
						$v_smtp_relay_user .
						" " .
						$v_smtp_relay_pass .
						" " .
						$v_smtp_relay_port,
					$output,
					$return_var,
				);
				check_return_code($return_var, $output);
				unset($output);
			}
		}
	}

	// Flush field values on success
	if (empty($_SESSION["error_msg"])) {
		$_SESSION["ok_msg"] = htmlify_trans(
			sprintf(
				_("Mail domain {%s} has been created successfully."),
				htmlentities($_POST["v_domain"]),
			),
			"</a>",
			'<a href="/list/mail/?domain=' . htmlentities($_POST["v_domain"]) . '">',
		);
		unset($v_domain, $v_webmail);
	}
}

// Check POST request for mail account
if (!empty($_POST["ok_acc"])) {
	// Check token
	if (!isset($_POST["token"]) || $_SESSION["token"] != $_POST["token"]) {
		header("location: /login/");
		exit();
	}

	// Check antispam option
	if (!empty($_POST["v_blackhole"])) {
		$v_blackhole = "yes";
	} else {
		$v_blackhole = "no";
	}
	// Check empty fields
	if (empty($_POST["v_domain"])) {
		$errors[] = _("Domain");
	}
	if (empty($_POST["v_account"])) {
		$errors[] = _("Account");
	}
	if (empty($_POST["v_fwd_only"]) && empty($_POST["v_password"])) {
		if (empty($_POST["v_password"])) {
			$errors[] = _("Password");
		}
	}
	if (!empty($errors[0])) {
		foreach ($errors as $i => $error) {
			if ($i == 0) {
				$error_msg = $error;
			} else {
				$error_msg = $error_msg . ", " . $error;
			}
		}
		$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
	}

	// Validate email
	if (!empty($_POST["v_send_email"]) && empty($_SESSION["error_msg"])) {
		if (!filter_var($_POST["v_send_email"], FILTER_VALIDATE_EMAIL)) {
			$_SESSION["error_msg"] = _("Please enter a valid email address.");
		}
	}

	// Check password length
	if (empty($_SESSION["error_msg"]) && empty($_POST["v_fwd_only"])) {
		if (!validate_password($_POST["v_password"])) {
			$_SESSION["error_msg"] = _("Password does not match the minimum requirements.");
		}
	}

	// Protect input
	$v_domain = quoteshellarg($_POST["v_domain"]);
	$v_domain = strtolower($v_domain);
	$v_account = quoteshellarg($_POST["v_account"]);
	$v_quota = quoteshellarg($_POST["v_quota"]);
	$v_send_email = $_POST["v_send_email"];
	$v_aliases = $_POST["v_aliases"];
	$v_fwd = $_POST["v_fwd"];
	if (empty($_POST["v_quota"])) {
		$v_quota = 0;
	}
	if (!empty($_POST["v_quota"]) || !empty($_POST["v_aliases"]) || !empty($_POST["v_fwd"])) {
		$v_adv = "yes";
	}

	// Add Mail Account
	if (empty($_SESSION["error_msg"])) {
		$v_password = tempnam("/tmp", "vst");
		$fp = fopen($v_password, "w");
		fwrite($fp, $_POST["v_password"] . "\n");
		fclose($fp);
		exec(
			HESTIA_CMD .
				"v-add-mail-account " .
				$user .
				" " .
				$v_domain .
				" " .
				$v_account .
				" " .
				$v_password .
				" " .
				$v_quota,
			$output,
			$return_var,
		);
		check_return_code($return_var, $output);
		unset($output);
		unlink($v_password);
		$v_password = quoteshellarg($_POST["v_password"]);
	}

	// Add Aliases
	if (!empty($_POST["v_aliases"]) && empty($_SESSION["error_msg"])) {
		$valiases = preg_replace("/\n/", " ", $_POST["v_aliases"]);
		$valiases = preg_replace("/,/", " ", $valiases);
		$valiases = preg_replace("/\s+/", " ", $valiases);
		$valiases = trim($valiases);
		$aliases = explode(" ", $valiases);
		foreach ($aliases as $alias) {
			$alias = quoteshellarg($alias);
			if (empty($_SESSION["error_msg"])) {
				exec(
					HESTIA_CMD .
						"v-add-mail-account-alias " .
						$user .
						" " .
						$v_domain .
						" " .
						$v_account .
						" " .
						$alias,
					$output,
					$return_var,
				);
				check_return_code($return_var, $output);
				unset($output);
			}
		}
	}

	if (!empty($_POST["v_blackhole"]) && empty($_SESSION["error_msg"])) {
		exec(
			HESTIA_CMD .
				"v-add-mail-account-forward " .
				$user .
				" " .
				$v_domain .
				" " .
				$v_account .
				" :blackhole:",
			$output,
			$return_var,
		);
		check_return_code($return_var, $output);
		unset($output);
		//disable any input in v_fwd
		$_POST["v_fwd"] = "";
	}
	// Add Forwarders
	if (!empty($_POST["v_fwd"]) && empty($_SESSION["error_msg"])) {
		$vfwd = preg_replace("/\n/", " ", $_POST["v_fwd"]);
		$vfwd = preg_replace("/,/", " ", $vfwd);
		$vfwd = preg_replace("/\s+/", " ", $vfwd);
		$vfwd = trim($vfwd);
		$fwd = explode(" ", $vfwd);
		foreach ($fwd as $forward) {
			$forward = quoteshellarg($forward);
			if (empty($_SESSION["error_msg"])) {
				exec(
					HESTIA_CMD .
						"v-add-mail-account-forward " .
						$user .
						" " .
						$v_domain .
						" " .
						$v_account .
						" " .
						$forward,
					$output,
					$return_var,
				);
				check_return_code($return_var, $output);
				unset($output);
			}
		}
	}

	// Add fwd_only flag
	if (!empty($_POST["v_fwd_only"]) && empty($_SESSION["error_msg"])) {
		exec(
			HESTIA_CMD .
				"v-add-mail-account-fwd-only " .
				$user .
				" " .
				$v_domain .
				" " .
				$v_account,
			$output,
			$return_var,
		);
		check_return_code($return_var, $output);
		unset($output);
	}

	// Add fwd_only flag
	if (
		!empty($_POST["v_rate"]) &&
		empty($_SESSION["error_msg"]) &&
		$_SESSION["userContext"] == "admin"
	) {
		$v_rate = quoteshellarg($_POST["v_rate"]);
		exec(
			HESTIA_CMD .
				"v-change-mail-account-rate-limit " .
				$user .
				" " .
				$v_domain .
				" " .
				$v_account .
				" " .
				$v_rate,
			$output,
			$return_var,
		);
		check_return_code($return_var, $output);
		unset($output);
	}

	// Get webmail url
	if (empty($_SESSION["error_msg"])) {
		[$hostname, $port] = explode(":", $_SERVER["HTTP_HOST"] . ":");
		$webmail = "http://" . $hostname . "/" . $v_webmail_alias . "/";
		if (!empty($_SESSION["WEBMAIL_ALIAS"])) {
			$webmail = $_SESSION["WEBMAIL_ALIAS"];
		}
	}

	// Email login credentials
	if (!empty($_POST["v_send_email"]) && empty($_SESSION["error_msg"])) {
		$to = $_POST["v_send_email"];
		$template = get_email_template("email_credentials", $_SESSION["language"]);
		if (!empty($template)) {
			preg_match("/<subject>(.*?)<\/subject>/si", $template, $matches);
			$subject = $matches[1];
			$subject = str_replace(
				["{{hostname}}", "{{appname}}", "{{account}}", "{{domain}}"],
				[
					get_hostname(),
					$_SESSION["APP_NAME"],
					htmlentities(strtolower($_POST["v_account"])),
					htmlentities($_POST["v_domain"]),
				],
				$subject,
			);
			$template = str_replace($matches[0], "", $template);
		} else {
			$template = _(
				"Mail account has been created.\n" .
					"\n" .
					"Common Account Settings:\n" .
					"Username: {{account}}@{{domain}}\n" .
					"Password: {{password}}\n" .
					"Webmail: {{webmail}}\n" .
					"Hostname: {{hostname}}\n" .
					"\n" .
					"IMAP Settings\n" .
					"Authentication: Normal Password\n" .
					"SSL/TLS: Port 993\n" .
					"STARTTLS: Port 143\n" .
					"No encryption: Port 143\n" .
					"\n" .
					"POP3 Settings\n" .
					"Authentication: Normal Password\n" .
					"SSL/TLS: Port 995\n" .
					"STARTTLS: Port 110\n" .
					"No encryption: Port 110\n" .
					"\n" .
					"SMTP Settings\n" .
					"Authentication: Normal Password\n" .
					"SSL/TLS: Port 465\n" .
					"STARTTLS: Port 587\n" .
					"No encryption: Port 25\n" .
					"\n" .
					"Best regards,\n" .
					"\n" .
					"--\n" .
					"{{appname}}",
			);
		}
		if (empty($subject)) {
			$subject = str_replace(
				["{{subject}}", "{{hostname}}", "{{appname}}"],
				[
					sprintf(
						_("Email Credentials: %s@%s"),
						htmlentities(strtolower($_POST["v_account"])),
						htmlentities($_POST["v_domain"]),
					),
					get_hostname(),
					$_SESSION["APP_NAME"],
				],
				$_SESSION["SUBJECT_EMAIL"],
			);
		}

		$hostname = get_hostname();
		$from = !empty($_SESSION["FROM_EMAIL"]) ? $_SESSION["FROM_EMAIL"] : "noreply@" . $hostname;
		$from_name = !empty($_SESSION["FROM_NAME"])
			? $_SESSION["FROM_NAME"]
			: $_SESSION["APP_NAME"];

		$mailtext = translate_email($template, [
			"domain" => htmlentities($_POST["v_domain"]),
			"account" => htmlentities(strtolower($_POST["v_account"])),
			"password" => htmlentities($_POST["v_password"]),
			"webmail" => $webmail . "." . htmlentities($_POST["v_domain"]),
			"hostname" => "mail." . htmlentities($_POST["v_domain"]),
			"appname" => $_SESSION["APP_NAME"],
		]);

		send_email($to, $subject, $mailtext, $from, $from_name);
	}

	// Flush field values on success
	if (empty($_SESSION["error_msg"])) {
		$_SESSION["ok_msg"] = htmlify_trans(
			sprintf(
				_("Mail account {%s@%s} has been created successfully."),
				htmlentities(strtolower($_POST["v_account"])),
				htmlentities($_POST["v_domain"]),
			),
			"</a>",
			'<a href="/edit/mail/?account=' .
				htmlentities(strtolower($_POST["v_account"])) .
				"&domain=" .
				htmlentities($_POST["v_domain"]) .
				'">',
		);
		unset($v_account);
		unset($v_password);
		unset($v_aliases);
		unset($v_fwd);
		unset($v_quota);
	}
}

// Render page
if (empty($_GET["domain"])) {
	// Display body for mail domain
	if (!empty($_POST["v_webmail"])) {
		$v_webmail = $_POST["v_webmail"];
	} else {
		//default is always roundcube unless it hasn't been installed. Then picks the first one in order
		$v_webmail = "roundcube";
	}

	if (empty($_GET["accept"])) {
		$_GET["accept"] = false;
	}
	if (empty($v_domain)) {
		$v_domain = "";
	}
	if (empty($v_smtp_relay)) {
		$v_smtp_relay = "";
	}
	if (empty($v_smtp_relay_user)) {
		$v_smtp_relay_user = "";
	}
	if (empty($v_smtp_relay_password)) {
		$v_smtp_relay_password = "";
	}
	if (empty($v_smtp_relay_host)) {
		$v_smtp_relay_host = "";
	}
	if (empty($v_smtp_relay_port)) {
		$v_smtp_relay_port = "";
	}

	$accept = $_GET["accept"] ?? "";
	render_page($user, $TAB, "add_mail");
} else {
	// Display body for mail account
	if (empty($v_account)) {
		$v_account = "";
	}
	if (empty($v_quota)) {
		$v_quota = "";
	}
	if (empty($v_rate)) {
		$v_rate = "";
	}
	if (empty($v_blackhole)) {
		$v_blackhole = "";
	}
	if (empty($v_fwd_only)) {
		$v_fwd_only = "";
	}
	if (empty($v_aliases)) {
		$v_aliases = "";
	}
	if (empty($v_send_email)) {
		$v_send_email = "";
	}
	if (empty($v_fwd)) {
		$v_fwd = "";
	}
	$v_domain = $_GET["domain"];
	render_page($user, $TAB, "add_mail_acc");
}

// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);