<?php
header("Content-Type: text/html; charset=utf-8");
date_default_timezone_set('PRC');
require_once __DIR__ . '/configure.php';

$name = $_GET['name'];
$pwd = $_GET['pwd'];

function encrypt_decrypt($action, $string) {
	$output = false;

	$encrypt_method = "AES-256-CBC";
	$secret_key = 'c4ca4238a0b923820dcc';
	$secret_iv = 'c4ca4238a0b923820dcc';

	// hash
	$key = hash('sha256', $secret_key);

	// iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning
	$iv = substr(hash('sha256', $secret_iv), 0, 16);

	if ( $action == 'encrypt' ) {
		$output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
		$output = base64_encode($output);
	} else if( $action == 'decrypt' ) {
		$output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
	}

	return $output;
}

if(isset($name) && isset($pwd)) {
	$db = new Connect;
	$data = $db->prepare("select * from vpnuser where binary vuser='".$name."' and binary vpass='".$pwd."'");
	$data->execute();
	$row = $data->fetch(PDO::FETCH_ASSOC);

	if (empty($row)){
		echo json_encode([
			"status" => 401,
			"message" => "Email and password are not matched with our record!",
		]);
		return;
	} else {
//		$hyid = $db->prepare("select * from hyid where hynum=".$row['hyid']);
//		$hyid->execute();
//		$hy=$hyid->fetch(PDO::FETCH_ASSOC);
//
//		$groups = $db->prepare("select * from groups where groups='".$row['groups']."'");
//		$groups->execute();
//		$grs=$groups->fetch(PDO::FETCH_ASSOC);
//
//		$setup = $db->prepare("select * from setup where xx=150");
//		$setup->execute();
//		$jx=$setup->fetch(PDO::FETCH_ASSOC);

		$notice_sql = $db->prepare("select * from sv_notice where status = 0 order by id desc");
		$notice_sql->execute();
		$notice=$notice_sql->fetch(PDO::FETCH_ASSOC);

//		switch($row['groups'])
//		{
//			case  'NEW':$ttime=0;break;
//			case  'CS': $ttime=round($row['cash']/60,1).iconv('euc-kr', 'UTF-8',' ����');break;
//			case  'JS': $ttime=round($row['cash']/60,1).iconv('euc-kr', 'UTF-8',' ����');break;
//			case  'BY': $ttime=date('Y-m-d H:i',strtotime($row['lastdate']));break;
//			case  'LL': $ttime=($row['flow']-$row['indate']-$row['outdate'])."M" ;break;
//			case  'ONEIP': $ttime=date('Y-m-d H:i',strtotime($row['lastdate']));break;
//			default:'bads';
//		}
//		$row['klx'] = $grs['klx'];
//		$row['hyname'] = $hy['hyname'];
//		$row['hynum'] = $hy['hynum'];
//		$row['a'] = $jx['a'];
		if(isset($notice))
			$row['notice'] = $notice;

		$row['token'] = encrypt_decrypt('encrypt', $row['vuser']);

		$status = 200;
//		if($row['onlines']==0 || $row['onlines2']==0 ) {
//			$status = 402;
//		} else {
			if(date("Y-m-d H:i:s", strtotime($row['lastdate'])) < date("Y-m-d H:i:s"))
				$status = 404;
			else
				$status = 200;
//		}
		echo json_encode([
			"status" => $status,
			"data" => $row
		]);
		return;
	}
} else {
	echo json_encode([
		"status" => 401,
		"message" => "Email, password are required!",
	]);
	return;
}
?>