<?php
/**
 *  Copyright (C) 2022, 2024  Double Bastion LLC
 *
 *  This file is part of Roundpin, which is licensed under the
 *  GNU Affero General Public License Version 3.0. The license terms
 *  are detailed in the "LICENSE.txt" file located in the root directory.
 */

session_start();

if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

    define('ACCESSCONST', TRUE);

    require('db-connect.php');

    $username = $_POST['username'];
    $grouptoremove = $_POST['grouptoremove'];
    $groupwithdelimiter = $grouptoremove . "|";
    $groupinsqlguery = "%" . $groupwithdelimiter . "%";

    // Get the id and role of the user who performs the update, from the 'app_users' table
    $queryprm = $mysqli->prepare("SELECT id, userrole, username FROM app_users WHERE username = ?");
    $queryprm->bind_param("s", $username);
    $queryprm->execute();
    $queryprmres = $queryprm->get_result()->fetch_assoc();
    $cruserid = $queryprmres["id"];
    $cruserrole = $queryprmres["userrole"];

    if ($cruserrole == 'admin' || $cruserrole == 'superadmin') {

        // Get the userid of the group from the 'groups' table
        $queryuid = $mysqli->prepare("SELECT id, userid, group_name FROM groups WHERE group_name = ?");
        $queryuid->bind_param("s", $grouptoremove);
        $queryuid->execute();
        $queryuidres = $queryuid->get_result()->fetch_assoc();
        $userid = $queryuidres["userid"];

        if ($cruserrole == 'superadmin' || $userid == $cruserid) {

            // Remove the given group from the 'groups' table
	    $removequery = $mysqli->prepare("DELETE FROM groups WHERE group_name = ?");
	    $removequery->bind_param("s", $grouptoremove);

	    if ($removequery->execute()) { $messagetosendgroups = 'success'; } else { $messagetosendgroups = 'failure'; }
	    $removequery->close();

            $dateModified = date("Y-m-d H:i:s");

            // Remove the given group from the 'user_groups' column of the 'app_users' table, in all the rows where it is present
            $updatequery = $mysqli->prepare("UPDATE app_users SET user_groups = REPLACE(user_groups, ?, ''), date_modified = ? WHERE user_groups like ?");
	    $updatequery->bind_param("sss", $groupwithdelimiter, $dateModified, $groupinsqlguery);
	    if ($updatequery->execute()) { $message1 = 'success'; } else { $message1 = 'failure'; }

            $updatequerysec = $mysqli->prepare("UPDATE app_users SET user_groups = REPLACE(user_groups, '|', NULL) WHERE user_groups like '|'");
	    if ($updatequerysec->execute()) { $message2 = 'success'; } else { $message2 = 'failure'; }

            // Remove the given group from the 'groups' column of the 'contacts' table, in all the rows where it is present
            $updatequery2 = $mysqli->prepare("UPDATE contacts SET groups = REPLACE(groups, ?, ''), date_modified = ? WHERE groups like ?");
	    $updatequery2->bind_param("sss", $groupwithdelimiter, $dateModified, $groupinsqlguery);
	    if ($updatequery2->execute()) { $message3 = 'success'; } else { $message3 = 'failure'; }

            $updatequery2sec = $mysqli->prepare("UPDATE contacts SET groups = REPLACE(groups, '|', NULL) WHERE groups like '|'");
	    if ($updatequery2sec->execute()) { $message4 = 'success'; } else { $message4 = 'failure'; }

            // Remove the given group from the 'limit_to_groups' column of the 'conferences_text' table, in all the rows where it is present
            $updatequery3 = $mysqli->prepare("UPDATE conferences_text SET limit_to_groups = REPLACE(limit_to_groups, ?, '') WHERE limit_to_groups like ?");
	    $updatequery3->bind_param("ss", $groupwithdelimiter, $groupinsqlguery);
	    if ($updatequery3->execute()) { $message5 = 'success'; } else { $message5 = 'failure'; }

            $updatequery3sec = $mysqli->prepare("UPDATE conferences_text SET limit_to_groups = REPLACE(limit_to_groups, '|', NULL) WHERE limit_to_groups like '|'");
	    if ($updatequery3sec->execute()) { $message6 = 'success'; } else { $message6 = 'failure'; }

            // Remove the given group from the 'limit_to_groups' column of the 'conferences_audio' table, in all the rows where it is present
            $updatequery4 = $mysqli->prepare("UPDATE conferences_audio SET limit_to_groups = REPLACE(limit_to_groups, ?, '') WHERE limit_to_groups like ?");
	    $updatequery4->bind_param("ss", $groupwithdelimiter, $groupinsqlguery);
	    if ($updatequery4->execute()) { $message7 = 'success'; } else { $message7 = 'failure'; }

            $updatequery4sec = $mysqli->prepare("UPDATE conferences_audio SET limit_to_groups = REPLACE(limit_to_groups, '|', NULL) WHERE limit_to_groups like '|'");
	    if ($updatequery4sec->execute()) { $message8 = 'success'; } else { $message8 = 'failure'; }

            // Remove the given group from the 'limit_to_groups' column of the 'conferences_video' table, in all the rows where it is present
            $updatequery5 = $mysqli->prepare("UPDATE conferences_video SET limit_to_groups = REPLACE(limit_to_groups, ?, '') WHERE limit_to_groups like ?");
	    $updatequery5->bind_param("ss", $groupwithdelimiter, $groupinsqlguery);
	    if ($updatequery5->execute()) { $message9 = 'success'; } else { $message9 = 'failure'; }

            $updatequery5sec = $mysqli->prepare("UPDATE conferences_video SET limit_to_groups = REPLACE(limit_to_groups, '|', NULL) WHERE limit_to_groups like '|'");
	    if ($updatequery5sec->execute()) { $message10 = 'success'; } else { $message10 = 'failure'; }

            if (in_array('failure', [$message1, $message2, $message3, $message4, $message5, $message6, $message7, $message8, $message9, $message10], true)) {
                $messagetosend = 'Error while attempting to remove the group from some of the records.';
            } else { $messagetosend = "success"; }

        } else { $messagetosend = 'Admins can remove only the groups created by them.'; }

    } else { $messagetosend = 'Only Admins and Superadmins can remove groups.'; }

    $response = array('result' => $messagetosend);
    echo json_encode($response);

} else {
    header("Location: ../login.php");
}

?>