<?php
/**
 *  Copyright (C) 2021  Double Bastion LLC
 *
 *  This file is part of Roundpin, which is licensed under the
 *  GNU Affero General Public License Version 3.0. The license terms
 *  are detailed in the "LICENSE.txt" file located in the root directory.
 */

session_start();

 // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');

if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

 define('ACCESSCONST', TRUE);

 require('db-connect.php');

    $callerExt = $_POST['clrextension'];
    $callerExtMod = substr($callerExt, 0, -5);

    if ($callerExt != null && $callerExt != 'undefined' && $callerExt != '') {

	$query2 = $mysqli->prepare("SELECT id, wss_server, profile_name, sip_username, display_vconf_user FROM app_users WHERE sip_username = ?");
	$query2->bind_param("s", $callerExtMod);
	$query2->execute();
	$userpref = $query2->get_result()->fetch_assoc();

	if ($userpref) {

            $userDesc = $userpref['profile_name'];
	    $nameDisplay = $userpref['display_vconf_user'];
	    $messagetosend = 'success';

	} else {

	    $query3 = $mysqli->prepare("SELECT id, profile_name, exten_for_external, display_vconf_user FROM external_users WHERE exten_for_external = ?");
	    $query3->bind_param("s", $callerExt);
	    $query3->execute();
	    $userdisplay = $query3->get_result()->fetch_assoc();

	    if ($userdisplay) {

                $userDesc = $userdisplay['profile_name'];
	        $nameDisplay = $userdisplay['display_vconf_user'];
	        $messagetosend = 'success';

	    } else { $userDesc = null; $nameDisplay = null; $messagetosend = "An error occurred while getting the user data!"; }
	}
    }

    $response = ['result' => $messagetosend, 'userdescription' => $userDesc, 'namedisplay' => $nameDisplay];

    echo json_encode($response);

} else { header("Location: ../login.php"); }

?>