<?php

function redirect($url)
{
	header('HTTP/1.1 302 Found');
	header("Location: $url");
	exit;
}

/**
 * Queue a message that will be displayed in a box on the next page load
 * @param int Message type (E_NOTICE, E_WARNING, E_ERROR)
 * @param string Message string
 */

function queue_message($code, $message)
{
	$_SESSION['messages'][] = array(
			'code' => $code
			, 'message' => $message
		);
}

function smarty_function_get_next_uid()
{
	return get_next_available_uid();
}

function load_credentials()
{
	$config = yaml_parse_file("/usr/local/etc/ssoinabox/webcreds.yml");
	$keys = array('LDAP_BASEDN', 'UID_MIN', 'GID_MIN', 'ldap_server', 'ldap_manager', 'ldap_user_basedn', 'ldap_group_basedn', 'kerberos_admin', 'PHONE_EXT_MIN', 'hmac_secret');
	
	foreach ( $keys as $key )
	{
		if ( !isset($config[$key]) )
			die("Config key $key is not set");
		
		if ( preg_match('/^[A-Z_]+$/', $key) )
			define($key, $config[$key]);
		else
			$GLOBALS[$key] = $config[$key];
	}
}

/**
 * Test a password's policy compliance
 * @param string password
 * @return mixed true if compliant, otherwise a string describing why it isn't
 */

function test_password($str)
{
	if ( strlen($str) < 8 )
		return 'must be at least 8 characters in length';
	
	if ( countUniqueChars($str) < 6 )
		return 'must have at least 6 unique characters';
	
	if ( strlen($str) <= 16 )
	{
		if ( !preg_match('/[a-z]/', $str) )
			return 'must contain at least one lowercase letter';
		
		if ( !preg_match('/[A-Z]/', $str) )
			return 'must contain at least one lowercase letter';
		
		if ( !preg_match('/[0-9]/', $str) )
			return 'must contain at least one lowercase letter';
		
		if ( !preg_match('/[^A-Za-z0-9]/', $str) )
			return 'must contain at least one lowercase letter';
	}
	
	return true;
}

function countUniqueChars($str)
{
	$count = 0;
	$uniq = '';
	for ( $i = 0; $i < strlen($str); $i++ )
	{
		if ( strpos($uniq, $str{$i}) === false )
			$uniq .= $str{$i};
	}
	
	return strlen($uniq);
}