<?php
/*!
 * Bootstrap v3.3.7 (http://getbootstrap.com)
 * Copyright 2019 Multi-Tech, Inc.
 * Licensed under MIT
 */
$cmd = "/usr/sbin/mts-io-sysfs show product-id";
$handle = popen($cmd, 'r');
$product = fread($handle,4192);
pclose($handle);
$cmd = "/usr/sbin/mts-io-sysfs show device-id";
$handle = popen($cmd, 'r');
$device = fread($handle,4192);
pclose($handle);
$conftxt = "Password";
$finished = "";
$pwdscore = "";
$status = 0;
$save_password = "";
$reset = "";

// Define variables and initialize with empty values
$username = $password = $save_password = "";
$username_err = $password_err = $confirm_password_err = "";

openlog("Commission:", LOG_PID | LOG_PERROR, LOG_LOCAL0);
 
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
    $mismatch = 1; // We have two different passwords

    $reset = trim($_POST["reset"]);
    syslog(LOG_ALERT, "Reset: $reset");
    if ($reset === "Reset") {
        $save_password = "";
        $reset = "";
        $username = $password = $save_password = "";
        $username_err = $password_err = $confirm_password_err = "";
    } else {
        $save_password = trim($_POST["save_password"]);

        syslog(LOG_ALERT, "Enter post: save_password = $save_password");

        // Validate username
        if(empty(trim($_POST["username"]))){
            $username_err = "Please enter a username.";
        } else
            $username = trim($_POST["username"]);
        // Validate password
        if(empty(trim($_POST["password"]))){
            $password_err = "Please enter a password.";
            $mismatch = 0;
        } else {
            $password = trim($_POST["password"]);
            if (empty($save_password)) {
                $mismatch = 0;
                $cmd = "echo '" . $password . "' | /usr/bin/pwscore 2>&1";
                $handle = popen($cmd, 'r');
                $result = fread($handle,4192);
                if (pclose($handle) === 0) {
                    $pwdscore = "Password score: " . $result;
                    $save_password = $password;
                    $password = "";
                    $conftxt = "Re-Enter";
                } else {
                    $conftxt = "Re-Enter";
                    $password_err = $result .
                        ". Confirm password if you really want this." .
                        " Click reset to start again";
                    $save_password = $password;
                    $password = "";
                    syslog(LOG_ALERT, "Need password confirmation");
                }
                syslog(LOG_ALERT, "pwscore: score: $pwdscore msg = $password_err");
            }
        }

        if (!empty($password) && ($password === $save_password) && ! empty($username)) {
            syslog(LOG_ALERT, "Have password: $password username: $password");
            if(empty($username_err) && empty($password_err) && empty($confirm_password_err)){
                // Create user in sudo group
                $cmd = "/usr/sbin/useradd -U -m -G sudo,dialout,disk -s /bin/bash " . $username . " 2>&1";
                syslog(LOG_ALERT, "useradd cmd: $cmd");
                $handle = popen($cmd, 'r');
                $result = trim(fread($handle, 4192));
                $status = pclose($handle);
                syslog(LOG_ALERT, "useradd: status: $status result: $result");
                $tmpfile = tempnam("/var/volatile/tmp","commission");
                $cmd = "/usr/bin/passwd " . $username . " 2>&1 >$tmpfile";
                $handle = popen($cmd, 'w');
                $pwdtxt = $password . "\n" . $password;
                fwrite($handle, $pwdtxt);
                $status = pclose($handle);
                $cmd = "/bin/cat $tmpfile";
                $handle = popen($cmd, 'r');
                $result2 = trim(fread($handle, 4192));
                $status2 = pclose($handle);
                syslog(LOG_ALERT, "passwd: status: $status result: $result");
                if ($status === 0) {
                    $finished = "Commissioning Complete";
                    $password_err = $result2;
                    $username_err = $result;
                } else {
                    $finished = "Errors: " . $result;
                    $save_password = "";
                    $password = "";
                    $password_err = $result2;
                    $username_err = $result;
                }
            }
        } else if ($mismatch === 1) {
            $save_password = "";
            $password = "";
            $password_err = "Mismatch";
        }
        syslog(LOG_ALERT, "Leave post: save_password = $save_password");
    }
}
?>
 
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Commission Multi-Tech mLinux</title>
    <link rel="stylesheet" href="http://127.0.0.1/css/bootstrap.css">
    <style type="text/css">
        body{ font: 14px sans-serif; }
        .wrapper{ width: 350px; padding: 20px; }
    </style>
</head>
<body>
    <div class="wrapper">
        <h2>Commission Multi-Tech mLinux</h2>
        
        <p><label><?php echo $finished; ?></label></p>
	Product-ID:
	<?php
	echo $product;
	?>
	<br>
	Device-ID:
	<?php
	echo $device;
	?>
	</h3>
	<br>

        <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
        <input type="hidden" name="save_password"  value="<?php echo $save_password; ?>">
            <div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
                <label>Username</label>
                <input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
                <span class="help-block"><?php echo $username_err; ?></span>
            </div>
            <div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
                <label><?php echo $conftxt; ?></label>
                <input type="password" name="password" class="form-control" value="<?php echo $password; ?>">
                <span class="help-block"><?php echo $password_err; ?></span>
            </div>
            <p><label><?php echo $pwdscore; ?></label></p>
            <div class="form-group">
                <input type="submit" class="btn btn-primary" value="Submit">
                <input type="submit" name = "reset" class="btn btn-default" value="Reset">
            </div>
        </form>
    </div>    
</body>
</html>