<?php
	$cURL = curl_init();
	$_csrf = '';
	
	//Curl Optionen setzen
	function diveraWebCURL($_url,$_post=''){
		global $cURL;
		curl_setopt($cURL, CURLOPT_URL, $_url);
		curl_setopt($cURL, CURLOPT_VERBOSE, 0);
		curl_setopt($cURL, CURLOPT_SSL_VERIFYPEER, 1);
		curl_setopt($cURL, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($cURL, CURLOPT_COOKIESESSION, true );
		if($_post!=''){
			curl_setopt($cURL, CURLOPT_POST, true);
			curl_setopt($cURL, CURLOPT_POSTFIELDS,$_post);
		}else{
			curl_setopt($cURL, CURLOPT_POST, false);
		}
		curl_setopt($cURL, CURLOPT_COOKIEFILE, NULL);
		curl_setopt($cURL, CURLINFO_HEADER_OUT, true);
		
	}
	
	//Login
	function diveraWebLogin(){
		global $cURL,$_csrf,$userMail,$userPassword;
		
		//_csrf der Session ermitteln
		$url = 'https://app.divera247.com/login.html';
		diveraWebCURL($url);
		$data = curl_exec($cURL);
		if(!curl_errno($cURL)){
			$dom = new DomDocument();
			@$dom->loadHTML($data);
			$xp = new DOMXpath($dom);
			$nodes = $xp->query('//input[@name="_csrf"]');
			$_csrf = $nodes->item(0);
			$_csrf = $_csrf->getAttribute('value');
			
			//eigentlicher Login
			$url = 'https://app.divera247.com/login.html?step=1&msg=&referrer=';
			$post = '_csrf='.htmlentities($_csrf).'&Login%5Busername%5D='.htmlentities($userMail).'&Login%5Bpassword%5D='.htmlentities($userPassword).'&Login%5Bcookie%5D=0&Login%5Bcookie%5D=1&Login%5Bremember%5D=0';
			diveraWebCURL($url,$post);
			$data = curl_exec($cURL);
			
			//Login abschließen
			$url = 'https://app.divera247.com/login.html?step=3&msg=&referrer=';
			diveraWebCURL($url);
			$data = curl_exec($cURL);
			
			//Passwort prüfung Verwaltung
			$url = 'https://app.divera247.com/api/v2/auth/2fa/set-jwt';
			$post = 'user_password='.htmlentities($userPassword).'';
			diveraWebCURL($url,$post);
			$data = curl_exec($cURL);
			if($data != '{"success":true}')
				return false;
			return true;
		}else{
			$now = new DateTime();
			file_put_contents(__DIR__.'/diveraWebConnectError.log',$now->format('Ymd\THis').' || Curl error: ' . curl_error($cURL).print_r($cURL,true),FILE_APPEND);
			return false;
		}
	}

	//logout
	function diveraWebLogout(){
		global $cURL,$_csrf;
		$url = 'https://app.divera247.com/logout.html';
		$post = '_csrf='.htmlentities($_csrf);
		diveraWebCURL($url,$post);
		$data = curl_exec($cURL);
		curl_close($cURL);
	}

	//Benutzer CSV Export mit Mail,Telefon, Quali und Berechtigungen
	function diveraWebExportCSV(){
		global $cURL,$_csrf;
		
		if(diveraWebLogin()){
			$url = 'https://app.divera247.com/api/v2/management/export-users?type=csv&emails=1&phonenumbers=1&qualifications=1&access=1';
			diveraWebCURL($url);
			$data = curl_exec($cURL);
			diveraWebLogout();
			return $data;
		}
		if($_csrf != '')
			diveraWebLogout();
		return false;
	}
?>