<?php
  require 'app.php';

  function check_captcha($response) {
    $url = 'https://www.google.com/recaptcha/api/siteverify';
    $data = array('secret' => '6Ldd1SUTAAAAAClOiQ45MFW7j6FxUjmdG57a9Aqk', 'response' => $response);

    // use key 'http' even if you send the request to https://...
    $options = array(
        'http' => array(
            'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
            'method'  => 'POST',
            'content' => http_build_query($data)
        )
    );
    $context  = stream_context_create($options);
    $result = file_get_contents($url, false, $context);
    if ($result === FALSE) {
      /* Handle error */
      queue_message(new Message("Error checking recaptcha.", "danger"));
      return false;
    }

    $json_result = json_decode($result);

    return $json_result->{'success'};
  }

  function create_user() {
    global $conn;

    $fields = array('g-recaptcha-response', 'user', 'pass', 'mail');

    foreach ($fields as $field)
      if (!(isset($field))) {
        queue_message(new Message("Missing field: $field", "danger"));
        return;
      }

    // Handle captcha
    if (!check_captcha($_POST['g-recaptcha-response'])) {
      queue_message(new Message("Incorrect recaptcha answer, try again!", "warning"));
      return;
    }

    // Hash password
    $pass_hashed = password_hash($_POST['pass'], PASSWORD_DEFAULT);
    $user = $_POST['user'];
    $mail = $_POST['mail'];

    // Create user
    $sql = "INSERT INTO Users (User, Password) VALUES ('$user', '$pass_hashed')";

    if ($conn->query($sql)) {
      // Send activation e-mail
      new_activation($user, "Email", $mail);
      queue_message(new Message("User created successfully.", "success"));
      header("Location: ../index.php");
    } else {
      queue_message(new Message("Error inserting into database, please contact site administrator.<br /> " . $conn->error, "danger"));
    }
  }
  create_user();
?>