<?php

/*----------------------------------********---------------------------------*/
use ProcessMaker\ChangeLog\ChangeLog;

if (isset($_GET['BROWSER_TIME_ZONE_OFFSET'])) {
    if (PMLicensedFeatures::getSingleton()->verifyfeature('zLhSk5TeEQrNFI2RXFEVktyUGpnczV1WEJNWVp6cjYxbTU3R29mVXVZNWhZQT0=')) {
        // since all the request parameters using this script are encrypted
        // using the URL_KEY the probability of injecting any kind of code using
        // this entry point are only possible knowing the aforementioned key.
        switch (G::decrypt(urldecode(utf8_encode($_REQUEST['ACTION'])), URL_KEY)) {
            case 'processABE' :
                $G_PUBLISH = new Publisher();

                try {

                    //Validations
                    if (!isset($_REQUEST['APP_UID'])) {
                        $_REQUEST['APP_UID'] = '';
                    }

                    if (!isset($_REQUEST['DEL_INDEX'])) {
                        $_REQUEST['DEL_INDEX'] = '';
                    }

                    if ($_REQUEST['APP_UID'] == '') {
                        throw new Exception('The parameter APP_UID is empty.');
                    }

                    if ($_REQUEST['DEL_INDEX'] == '') {
                        throw new Exception('The parameter DEL_INDEX is empty.');
                    }

                    $_REQUEST['APP_UID'] = G::decrypt(urldecode(utf8_encode($_REQUEST['APP_UID'])), URL_KEY, true);
                    $_REQUEST['DEL_INDEX'] = G::decrypt(urldecode(utf8_encode($_REQUEST['DEL_INDEX'])), URL_KEY, true);
                    $_REQUEST['FIELD'] = G::decrypt(urldecode(utf8_encode($_REQUEST['FIELD'])), URL_KEY, true);
                    $_REQUEST['VALUE'] = G::decrypt(urldecode(utf8_encode($_REQUEST['VALUE'])), URL_KEY, true);
                    $_REQUEST['ABER'] = G::decrypt(urldecode(utf8_encode($_REQUEST['ABER'])), URL_KEY, true);

                    $case = new Cases();
                    $actionsByEmail = new \ProcessMaker\BusinessModel\ActionsByEmail();

                    $actionsByEmail->verifyLogin($_REQUEST['APP_UID'], $_REQUEST['DEL_INDEX']);

                    $caseFieldsABE = $case->loadCase($_REQUEST['APP_UID'], $_REQUEST['DEL_INDEX']);

                    if (is_null($caseFieldsABE['DEL_FINISH_DATE'])) {
                        $dataField = [];
                        $dataField[$_REQUEST['FIELD']] = $_REQUEST['VALUE'];
                        $caseFieldsABE ['APP_DATA'] = array_merge($caseFieldsABE ['APP_DATA'], $dataField);

                        $dataResponses = [];
                        $dataResponses['ABE_REQ_UID'] = $_REQUEST['ABER'];
                        $dataResponses['ABE_RES_CLIENT_IP'] = $_SERVER['REMOTE_ADDR'];
                        $dataResponses['ABE_RES_DATA'] = serialize($_REQUEST['VALUE']);
                        $dataResponses['ABE_RES_STATUS'] = 'PENDING';
                        $dataResponses['ABE_RES_MESSAGE'] = '';

                        try {
                            $abeAbeResponsesInstance = new AbeResponses();
                            $dataResponses['ABE_RES_UID'] = $abeAbeResponsesInstance->createOrUpdate($dataResponses);
                        } catch (Exception $e) {
                            throw $e;
                        }

                        ChangeLog::getChangeLog()
                                ->getUsrIdByUsrUid($caseFieldsABE['CURRENT_USER_UID'], true)
                                ->setSourceId(ChangeLog::FromABE);

                        $caseFieldsABE['CURRENT_DYNAFORM'] = '';
                        $caseFieldsABE['USER_UID'] = $caseFieldsABE['CURRENT_USER_UID'];
                        $caseFieldsABE['OBJECT_TYPE'] = '';

                        $case->updateCase($_REQUEST['APP_UID'], $caseFieldsABE);

                        $ws = new WsBase();

                        $result = $ws->derivateCase(
                            $caseFieldsABE['CURRENT_USER_UID'],
                            $_REQUEST['APP_UID'],
                            $_REQUEST['DEL_INDEX'],
                            true
                        );

                        $code = (is_array($result))? $result['status_code'] : $result->status_code;

                        if ($code != 0) {
                            throw new Exception(
                                'An error occurred while the application was being processed.<br /><br />
                                Error code: ' . $result->status_code . '<br />
                                Error message: ' . $result->message . '<br /><br />'
                            );
                        }

                        //Update
                        $dataResponses['ABE_RES_STATUS'] = ($code == 0)? 'SENT' : 'ERROR';
                        $dataResponses['ABE_RES_MESSAGE'] = ($code == 0)? '-' : $result->message;

                        try {
                            $abeAbeResponsesInstance = new AbeResponses();
                            $abeAbeResponsesInstance->createOrUpdate($dataResponses);
                        } catch (Exception $e) {
                            throw $e;
                        }

                        $message = '<strong>' . G::loadTranslation('ID_ABE_ANSWER_SUBMITTED') . '</strong>';

                        //Save Cases Notes

                        $dataAbeRequests = loadAbeRequest($_REQUEST['ABER']);
                        $dataAbeConfiguration = loadAbeConfiguration($dataAbeRequests['ABE_UID']);

                        if ($dataAbeConfiguration['ABE_CASE_NOTE_IN_RESPONSE'] == 1) {
                            $response = new stdClass();
                            $response->usrUid = $caseFieldsABE['APP_DATA']['USER_LOGGED'];
                            $response->appUid = $_REQUEST['APP_UID'];
                            $response->delIndex = $_REQUEST['DEL_INDEX'];
                            $response->noteText = 'Check the information that was sent for the receiver: ' .
                                $dataAbeRequests['ABE_REQ_SENT_TO'];
                            postNote($response);
                        }

                        $dataAbeRequests['ABE_REQ_ANSWERED'] = 1;
                        $code == 0 ? uploadAbeRequest($dataAbeRequests) : '';
                    } else {
                        $message = '<strong>' . G::loadTranslation('ID_ABE_RESPONSE_SENT') . '</strong>';
                    }

                    $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showInfo', '', array('MESSAGE' => $message));
                } catch (Exception $e) {
                    $G_PUBLISH->AddContent(
                        'xmlform',
                        'xmlform',
                        'login/showMessage',
                        '',
                        ['MESSAGE' => $e->getMessage() . 'Please contact to your system administrator.']
                    );
                }

                G::RenderPage('publish', 'blank');
                break;
        }
    }
} else {
?>
<html>
<head>
    <title></title>
    <script type="text/javascript" src="/js/maborak/core/maborak.js"></script>
</head>
<body>
    <script type="text/javascript">
    location.assign(location.href + "&BROWSER_TIME_ZONE_OFFSET=" + getBrowserTimeZoneOffset());
    </script>
</body>
</html>
<?php
}
/*----------------------------------********---------------------------------*/