<?php
/**
 *  Copyright (C) 2021  Cover Tower LLC
 *
 *  This file is part of Roundpin, which is licensed under the
 *  GNU Affero General Public License Version 3.0. The license terms
 *  are detailed in the "LICENSE.txt" file located in the root directory.
 */

session_start();

if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

 define('ACCESSCONST', TRUE);

 require('db-connect.php');

    $username = $_POST['username'];

    // Get the configuration data for the current user from the 'app_users' table
    $querysel = $mysqli->query("SELECT userrole, username, wss_server, web_socket_port, server_path, profile_name, sip_username, sip_password, stun_server, audio_output_id, video_src_id,
                                video_height, frame_rate, aspect_ratio, video_orientation, audio_src_id, auto_gain_control, echo_cancellation, noise_suppression, ring_output_id,
                                video_conf_extension, video_conf_window_width, profile_picture, notifications, use_roundcube, rcdomain, rcbasicauthuser, rcbasicauthpass, rcuser, rcpassword, 
                                enabled FROM app_users WHERE BINARY username = '$username' AND enabled = 1");
    $confdatafromdb = $querysel->fetch_assoc();

    // Replace the SIP password, Roundcube password (if any) and Roundcube basic auth password (if any) with placeholders
    $psswdaddedkey = file_get_contents('restr/'.$username.'/pwdkey');

    if ($confdatafromdb['sip_password'] != '' && $confdatafromdb['sip_password'] != null && $confdatafromdb['sip_password'] != 'undefined') {
            $confdatafromdb['sip_password'] = "%20%20%20%20%20%20%20";
    } else { $confdatafromdb['sip_password'] = ''; }

    if ($confdatafromdb['rcbasicauthpass'] != '' && $confdatafromdb['rcbasicauthpass'] != null && $confdatafromdb['rcbasicauthpass'] != 'undefined') {
	    $confdatafromdb['rcbasicauthpass'] = "%20%20%20%20%20%20%20";
    } else { $confdatafromdb['rcbasicauthpass'] = ''; }

    if ($confdatafromdb['rcpassword'] != '' && $confdatafromdb['rcpassword'] != null && $confdatafromdb['rcpassword'] != 'undefined') {
	    $confdatafromdb['rcpassword'] = "%20%20%20%20%20%20%20";
    } else { $confdatafromdb['rcpassword'] = ''; }

    $datafromdb = $confdatafromdb;

    echo json_encode($datafromdb);

} else {
    header("Location: roundpin-login.php");
}

?>