<?php

/* @var $u User */

use Core\Config;
use User\Email;
use User\Password;

if (!defined('GAME')) {
    die();
}

$password = new Password($u->info);
$email = new Email($u->info);
$status = null;

if ($_POST['oldpsw2']) { // remove psw2
    if (password_verify((int)$_POST['oldpsw2'], $u->info['pass2'])) {
        $u->info['pass2'] = $password->changeSecond(null)['pass2'];
        $status = "<b style='color: darkolivegreen'>Âòîðîé ïàðîëü âûêëþ÷åí.</b><br>";
    } else {
        $status = "<b style='color: red'>Ââåäåí íå âåðíûé âòîðîé ïàðîëü!</b><br>";
    }
}

if ($_POST['num_count']) { //add psw2
    $arr = $password->changeSecond((int)$_POST['num_count']);
    $status = "<b style='color: red'>Âòîðîé ïàðîëü: {$arr['pass2']}.<br>
                Çàïîìíèòå èëè çàïèøèòå, ò.ê. îí íå âûñûëàåòñÿ íà email è åãî íåëüçÿ êàê-ëèáî óçíàòü.
                Ïîòåðÿâ âòîðîé ïàðîëü, âû ïîòåðÿåòå ïåðñîíàæà!<br>
                Ýòîò ïàðîëü âûñëàí íà âàø email.<br>
                </b><br>";
    $u->info['pass2'] = $arr['hash'];
}

if (
    (
        $_POST['oldpass'] && $_POST['npass'] && $_POST['npass2'] ||
        $_POST['oldpsw'] && $_POST['oldemail'] && $_POST['newemail']
    ) &&
    $u->info['securetime'] > time()
) {
    $status = "<span style='color: red'>Äîëæíî ïðîéòè íå ìåíåå òðåõ ñóòîê ìåæäó ñìåíîé ïîäòâåðæäåíèÿ, ïàðîëÿ èëè email.</span><br>";
} else {
    if ($_POST['oldpass'] && $_POST['npass'] && $_POST['npass2']) { /*-------Ñìåíà ïàðîëÿ--------*/
        if (!password_verify($_POST['oldpass'], $u->info['pass'])) {
            $status = "<span style='color: red;'>Íåâåðíûé ñòàðûé ïàðîëü.</span><br>";
        } elseif ($_POST['npass'] !== $_POST['npass2']) {
            $status = "<span style='color: red;'>Íå ñîâïàäàþò íîâûå ïàðîëè.</span><br>";
        } else {
            $u->info['pass'] = $password->changeFirst($_POST['oldpass'], $_POST['npass']);
            $status = "<span style='color: darkolivegreen;'>Ïàðîëü óäà÷íî ñìåíåí.</span><br>";
        }
    }

    if ($_POST['oldpsw'] && $_POST['oldemail'] && $_POST['newemail']) { /*-----Ñìåíà e-mail------*/
        if (password_verify($_POST['oldpsw'], $u->info['pass'])) {
            $status = "<span style='color: red'>Íåâåðíûé ïàðîëü.</span><br>";
        } elseif ($u->info['mail'] !== $_POST['oldemail']) {
            $status = "<span style='color: red'>Íåâåðíûé ñòàðûé E-Mail.</span><br>";
        } else {
            $u->info['mail'] = $email->change($_POST['oldemail'], $_POST['newemail']);
            $status = "<span style='color: darkolivegreen;'>Email óäà÷íî ñìåíåí.</span><br>";
        }
    }
}
?>

<form action="main.php?security" method="post" id="security"></form>

<div>
    <h3>Íàñòðîéêè áåçîïàñíîñòè</h3>
    <div style="text-align: right">
        <input type="button" value="Âåðíóòüñÿ" onClick="location.href='main.php';">
    </div>
    <div><?= $status ?></div>
    <div>
        ×åì âûøå óðîâåíü âàøåãî ïåðñîíàæà, òåì áîëüøå ê íåìó âíèìàíèÿ ñî ñòîðîíû çëîóìûøëåííèêîâ.
        ×òîáû âàø ïåðñîíàæ íåáûë ïîäâåðæåí âçëîìó, íåîáõîäèìî ñîáëþäàòü ýëåìåíòàðíûå ìåðû ïðåäîñòîðîæíîñòè.
        <br> À èìåííî:
        <ol>
            <li>
                Íèêîãäà, íè ïîä êàêèì ïðåäëîãîì, íèêîìó íå ãîâîðèòå ñâîé ïàðîëü.
                Íè ïàëàäèíàì, íè àäìèíèñòðàöèè íå íóæíî çíàòü âàø ïàðîëü.
            </li>
            <li>
                Ââîäèòå ëîãèí è ïàðîëü òîëüêî íà òèòóëüíîé ñòðàíèöå
                <a href="<?= Config::get('https') ?>" target="_blank"><?= Config::get('https') ?></a>
                Íè íà êàêèõ äðóãèõ ñàéòàõ, êîòîðûå áóäóò êàê äâå êàïëè ïîõîæèå íà íàø,
                è êóäà âàñ çàçûâàþò îáåùàÿ íà õàëÿâó ïðåäìåòû èëè åâðîêðåäèòû, íå ââîäèòå ñâîé ïàðîëü!
                Èíà÷å Âàø ïåðñîíàæ ñ âåðîÿòíîñòüþ 95% áóäåò âçëîìàí.
            </li>
        </ol>
        Íàñòîÿòåëüíî ðåêîìåíäóåì ïðî÷åñòü çàìåòêó
        <a href="<?= Config::get('https') ?>forum/?r=48&rnd=1" target=_blank>Êàê îáåçîïàñèòü ñâîåãî ïåðñîíàæà?</a>.
        <br><br>
        Åñëè âû èãðàåòå èç èíòåðíåò êàôå èëè êîìïüþòåðíîãî êëóáà, ãäå øàíñ áûòü âçëîìàííûì î÷åíü âûñîêèé,
        ðåêîìåíäóåì âêëþ÷èòü âòîðîé óðîâåíü çàùèòû (ñì. íèæå)
        <br><br>
        <fieldset>
            <legend><b>Ñìåíà ïàðîëÿ</b></legend>
            <table>
                <tr>
                    <td style="text-align: right">
                        Ñòàðûé ïàðîëü:
                    </td>
                    <td>
                        <label>
                            <input form="security" type=password name="oldpass">
                        </label>
                    </td>
                </tr>
                <tr>
                    <td style="text-align: right">
                        Íîâûé ïàðîëü:
                    </td>
                    <td>
                        <label>
                            <input form="security" type=password name="npass">
                        </label>
                    </td>
                </tr>
                <tr>
                    <td style="text-align: right">
                        Íîâûé ïàðîëü (åùå ðàç):
                    </td>
                    <td>
                        <label>
                            <input form="security" type=password name="npass2">
                        </label>
                    </td>
                </tr>
                <tr>
                    <td colspan="2" style="text-align: right">
                        <input form="security" type=submit value="Ñìåíèòü ïàðîëü" name="changepsw">
                    </td>
                    <td></td>
                </tr>
            </table>
        </fieldset>

        <FIELDSET>
            <LEGEND><B> Ñìåíà email </B></LEGEND>
            <TABLE>
                <TR>
                    <TD style="text-align: right">
                        Âàø èãðîâîé ïàðîëü:
                    </TD>
                    <TD>
                        <label>
                            <INPUT form="security" TYPE=password NAME=oldpsw size=15 maxlength=31>
                        </label>
                    </TD>
                </TR>
                <TR>
                    <TD style="text-align: right">
                        Ïðåæíèé email:
                    </TD>
                    <TD>
                        <label>
                            <INPUT form="security" TYPE=text NAME=oldemail size=20 maxlength=50>
                        </label>
                    </TD>
                </TR>
                <TR>
                    <TD style="text-align: right">
                        Íîâûé email:
                    </TD>
                    <TD>
                        <label>
                            <INPUT form="security" TYPE=text NAME=newemail size=20 maxlength=50>
                        </label>
                    </TD>
                </TR>
                <TR>
                    <TD style="text-align: center" colspan=2>
                        <INPUT form="security" TYPE=submit value="Ñìåíèòü email" name=changeemail>
                    </TD>
                </TR>
            </TABLE>
        </FIELDSET>
        <FIELDSET>
            <LEGEND><B> Âòîðîé óðîâåíü çàùèòû </B></LEGEND>
            Íàñòîÿòåëüíî ðåêîìåíäóåì âêëþ÷èòü âòîðîé óðîâåíü çàùèòû.<BR>
            Íà êîìïüþòåðå ìîæåò áûòü óñòàíîâëåí êëàâèàòóðíûé øïèîí, êîòîðûé çàïèñûâàåò âñå íàæàòèÿ êëàâèø, òàêèì
            îáðàçîì,
            ìîãóò óçíàòü âàø ïàðîëü.<BR>
            Âîçìîæíî, â ñåòè êîìïüþòåðîâ óñòàíîâëåí "ñåòåâîé ñíèôåð", ïåðåõâàòûâàþùèé âñå èíòåðíåò ïàêåòû, êîòîðûé ëåãêî
            ïîêàæåò âñå ïàðîëè. ×òîáû îáåçîïàñèòü ñåáÿ, âû ìîæåòå óñòàíîâèòü ñâîåìó ïåðñîíàæó âòîðîé ïàðîëü, êîòîðûé
            ìîæíî
            ââîäèòü ïðè ïîìîùè ìûøêè (êëàâèàòóðíûì øïèîíîì íå ïåðåõâàòèòü) è êîòîðûé ïåðåäàåòñÿ íà èãðîâîé ñåðâåð â
            çàøèôðîâàííîì âèäå, íå ïîääàþùèìñÿ ðàñøèôðîâêå ("ñåòåâîé ñíèôåð" íå ñìîæåò ïåðåõâàòèòü åãî).<BR>
            <U>Áóäüòå âíèìàòåëüíû!</U> Âòîðîé ïàðîëü îòïðàâëÿåòñÿ íà email îäèí ðàç,ïðè óñòàíîâêå âòîðîãî óðîâíÿ çàùèòû!<BR>

            <?php
            if (!empty($u->info['pass2'])) {
                echo "<BR><B>Âòîðîé ïàðîëü óñòàíîâëåí.</B><BR><BR>
                    Ââåäèòå âòîðîé ïàðîëü <INPUT TYPE=password NAME=oldpsw2 size=10 maxlength=8>
                    <INPUT form='security' TYPE=submit name=changepsw value=\"Âûêëþ÷èòü âòîðîé ïàðîëü\" onclick=\"return confirm('Âûêëþ÷èòü çàïðîñ âòîðîãî ïàðîëÿ ïðè âõîäå â Áîéöîâñêèé Êëóá?')\">";
            } else {
                ?>
                Äëèíà ïàðîëÿ:<BR>
                <label>
                    <INPUT form="security" TYPE=radio NAME="num_count" value=4> 4 çíàêà<BR>
                </label>
                <label>
                    <INPUT form="security" TYPE=radio NAME="num_count" checked value=6> 6 çíàêîâ<BR>
                </label>
                <label>
                    <INPUT form="security" TYPE=radio NAME="num_count" value=8> 8 çíàêîâ<BR>
                </label>
                <INPUT form="security" TYPE=submit name=changepsw value="Óñòàíîâèòü âòîðîé ïàðîëü"
                       onclick="return confirm('Ñèñòåìà ñàìà ïðèäóìàåò âàì âòîðîé ïàðîëü, îí áóäåò ïîêàçàí íà ýòîé ñòðàíèöå, ïîñëå òîãî, êàê âû íàæìåòå OK è ïðîäóáëèðîâàí íà email, óêàçàííûé ïðè ðåãèñòðàöèè. Áóäüòå âíèìàòåëüíû.\nÓñòàíîâèòü âòîðîé ïàðîëü?')">
                <BR>
                <?php
            }
            ?>
        </FIELDSET>
    </div>
</div>

<script>
    let elem = document.getElementById('se-pre-con');
    elem.parentNode.removeChild(elem);
</script>