<?php

ini_set( 'serialize_precision', -1 );

$_POST = json_decode(file_get_contents('php://input'), true);

if (isset($_POST)) {
    $params=$_POST['params'];
    $flag=$params['flag'];
    if (method_exists($api, $flag)) {
         call_user_func(array($api, $flag), $params);
    } else {
        header('Content-Type:text/html; charset=UTF-8', true, 301);
        exit;
    }
}

function exception_error_handler($severity, $message, $file, $line)
{
    if (!(error_reporting() & $severity)) {
        return;
    }
    throw new ErrorException($message, 0, $severity, $file, $line);
}
set_error_handler("exception_error_handler");
$sql = array();
function insert($query)
{
    global $sql;
    array_push($sql, array(
        'insert' => $query,
    ));
};
function select($query)
{
    global $sql;
    array_push($sql, array(
        'select' => $query,
    ));
};
function update($query)
{
    global $sql;
    array_push($sql, array(
        'update' => $query,
    ));
};
function delete($query)
{
    global $sql;
    array_push($sql, array(
        'delete' => $query,
    ));
};

function querySelect($sql_query)
{
    global $conn;
    global $response;
    global $multiSelect;
    $result = sqlsrv_query($conn, $sql_query);
    $items=array();
    while ($row = sqlsrv_fetch_object($result)) {
        foreach ($row as &$value) {
            //if (gettype($value)=="string") {  //Бодавский, не удалять!!!
            if (is_string($value)) {  //added samofalov
                $value = iconv('windows-1251', 'UTF-8', $value);
            }
            if (is_numeric($value)) {  //added samofalov
                $value =round($value, 3);
            }
        }
        unset($value);
        $items[] = $row;
    }
    if ($multiSelect==true) {
        array_push($response, $items);
    } else {
        echo json_encode($items);
       // $test=json_encode($items);
    }
    
    if ($result === false) {
        if (($errors = sqlsrv_errors()) != null) {
            header('Content-Type:text/html; charset=UTF-8', true, 301);
        }
    }
};

function queryOther($sql_query)
{
    global $conn;
    $result = sqlsrv_query($conn, $sql_query);
    $rows_affected = sqlsrv_rows_affected($result);
    if ($rows_affected === false) {
        if ($rows_affected >= 1) {
            header('Content-Type:text/html; charset=UTF-8', true, 200);
        } else {
            header('Content-Type:text/html; charset=UTF-8', true, 301);
        }
    }
}


include("libs/hs256.php");
include("libs/JWT.php");
use \Firebase\JWT\JWT;

try {
    $JWTdecoded = JWT::decode($jwtToken, $secret, array('HS256'));
} catch (\Throwable $th) {

}


include("connection.php");

include("api.php");


$multiSelect=false;
if (isset($params['multiSelect'])) {
    $multiSelect=$params['multiSelect'];
    if ($multiSelect==true) {
        $response=array();
    }
}


try {
    $query="SELECT id FROM [dbo].[users] where id=$JWTdecoded->id AND is_logged=1";
    $params = array();
    $options =  array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
    $stmt = sqlsrv_query($conn, $query, $params, $options);
    $row_count = sqlsrv_num_rows($stmt);
   
    if ($row_count === false || $row_count ===0) {
        header('HTTP/1.0 401 Unauthorized');
        exit;
    } else {
        $verify = verifyJWT('sha256', $jwtToken, $secret);
        if ($verify) {
            foreach ($sql as $key => $value) {
                $sql_key=array_keys(array_filter($value))[0];
                $sql_query=array_values(array_filter($value))[0];
                if ($sql_key==='select') {
                    querySelect($sql_query);
                } else {
                    if ($JWTdecoded->role===1) {
                        queryOther($sql_query);
                    }
                }
            }
        } else {
            header('HTTP/1.0 401 Unauthorized');
        }
    }
} catch (Throwable $t) {
    header($t);
}

if ($multiSelect==true) {
    echo json_encode($response);
}