<?php
/* Copyright (C) 2026  Eduard Wisch  <data@data-it-solution.de>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 */

/**
 * \file    bankimport/pdfstatements.php
 * \ingroup bankimport
 * \brief   Page to upload and manage PDF bank statements
 */

// Load Dolibarr environment
$res = 0;
if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) {
	$res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
}
$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME'];
$tmp2 = realpath(__FILE__);
$i = strlen($tmp) - 1;
$j = strlen($tmp2) - 1;
while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) {
	$i--;
	$j--;
}
if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) {
	$res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
}
if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) {
	$res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
}
if (!$res && file_exists("../main.inc.php")) {
	$res = @include "../main.inc.php";
}
if (!$res && file_exists("../../main.inc.php")) {
	$res = @include "../../main.inc.php";
}
if (!$res) {
	die("Include of main fails");
}

require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
dol_include_once('/bankimport/class/bankstatement.class.php');
dol_include_once('/bankimport/lib/bankimport.lib.php');

/**
 * @var Conf $conf
 * @var DoliDB $db
 * @var Translate $langs
 * @var User $user
 */

$langs->loadLangs(array("bankimport@bankimport", "banks", "other"));

$action = GETPOST('action', 'aZ09');
$confirm = GETPOST('confirm', 'alpha');
$year = GETPOSTINT('year') ?: (int) date('Y');

// Security check
if (empty($user->rights->bankimport->statement->read)) {
	accessforbidden();
}

/*
 * Actions
 */

$statement = new BankImportStatement($db);

// Upload PDF
if ($action == 'upload' && !empty($_FILES['pdffile']['name'])) {
	$error = 0;

	// Validate required fields
	$statementNumber = GETPOST('statement_number', 'alpha');
	$statementYear = GETPOSTINT('statement_year');
	$statementDate = dol_mktime(0, 0, 0, GETPOSTINT('statement_datemonth'), GETPOSTINT('statement_dateday'), GETPOSTINT('statement_dateyear'));
	$dateFrom = dol_mktime(0, 0, 0, GETPOSTINT('date_frommonth'), GETPOSTINT('date_fromday'), GETPOSTINT('date_fromyear'));
	$dateTo = dol_mktime(0, 0, 0, GETPOSTINT('date_tomonth'), GETPOSTINT('date_today'), GETPOSTINT('date_toyear'));

	if (empty($statementNumber)) {
		setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesaliases("StatementNumber")), null, 'errors');
		$error++;
	}
	if (empty($statementYear)) {
		setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesaliases("Year")), null, 'errors');
		$error++;
	}

	if (!$error) {
		$statement->iban = GETPOST('iban', 'alpha');
		$statement->statement_number = $statementNumber;
		$statement->statement_year = $statementYear;
		$statement->statement_date = $statementDate ?: null;
		$statement->date_from = $dateFrom ?: null;
		$statement->date_to = $dateTo ?: null;
		$statement->opening_balance = GETPOST('opening_balance', 'alpha') !== '' ? (float) price2num(GETPOST('opening_balance', 'alpha')) : null;
		$statement->closing_balance = GETPOST('closing_balance', 'alpha') !== '' ? (float) price2num(GETPOST('closing_balance', 'alpha')) : null;
		$statement->import_key = date('YmdHis').'_'.$user->id;

		// Check duplicate
		if ($statement->exists()) {
			setEventMessages($langs->trans("StatementAlreadyExists"), null, 'errors');
			$error++;
		}
	}

	if (!$error) {
		// Save uploaded file
		$uploadResult = $statement->saveUploadedPDF($_FILES['pdffile']);

		if ($uploadResult < 0) {
			setEventMessages($statement->error, null, 'errors');
			$error++;
		}
	}

	if (!$error) {
		// Save to database
		$result = $statement->create($user);

		if ($result > 0) {
			setEventMessages($langs->trans("StatementUploaded"), null, 'mesgs');
			header("Location: ".$_SERVER['PHP_SELF']."?year=".$statementYear);
			exit;
		} else {
			setEventMessages($statement->error, null, 'errors');
		}
	}
}

// Download PDF
if ($action == 'download') {
	$id = GETPOSTINT('id');

	if ($statement->fetch($id) > 0) {
		$filepath = $statement->getFilePath();

		if ($filepath && file_exists($filepath)) {
			header('Content-Type: application/pdf');
			header('Content-Disposition: attachment; filename="'.basename($statement->filename).'"');
			header('Content-Length: '.filesize($filepath));
			header('Cache-Control: private');
			readfile($filepath);
			exit;
		} else {
			setEventMessages($langs->trans("FileNotFound"), null, 'errors');
		}
	} else {
		setEventMessages($langs->trans("RecordNotFound"), null, 'errors');
	}
}

// View PDF (inline)
if ($action == 'view') {
	$id = GETPOSTINT('id');

	if ($statement->fetch($id) > 0) {
		$filepath = $statement->getFilePath();

		if ($filepath && file_exists($filepath)) {
			header('Content-Type: application/pdf');
			header('Content-Disposition: inline; filename="'.basename($statement->filename).'"');
			header('Content-Length: '.filesize($filepath));
			header('Cache-Control: private');
			readfile($filepath);
			exit;
		} else {
			setEventMessages($langs->trans("FileNotFound"), null, 'errors');
		}
	} else {
		setEventMessages($langs->trans("RecordNotFound"), null, 'errors');
	}
}

// Delete confirmation
if ($action == 'delete' && $confirm == 'yes') {
	$id = GETPOSTINT('id');

	if ($statement->fetch($id) > 0) {
		$result = $statement->delete($user);

		if ($result > 0) {
			setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs');
		} else {
			setEventMessages($statement->error, null, 'errors');
		}
	}
	$action = '';
}

/*
 * View
 */

$form = new Form($db);

$title = $langs->trans("PDFStatements");
llxHeader('', $title, '', '', 0, 0, '', '', '', 'mod-bankimport page-pdfstatements');

print load_fiche_titre($title, '', 'bank');

// Info box
print '<div class="info" style="margin-bottom: 15px;">';
print '<strong>'.$langs->trans("PDFStatementsInfo").'</strong><br>';
print $langs->trans("PDFStatementsInfoDesc");
print '</div>';

// Delete confirmation dialog
if ($action == 'delete') {
	$id = GETPOSTINT('id');
	$stmt = new BankImportStatement($db);
	$stmt->fetch($id);

	$formconfirm = $form->formconfirm(
		$_SERVER["PHP_SELF"].'?id='.$id.'&year='.$year,
		$langs->trans('DeleteStatement'),
		$langs->trans('ConfirmDeleteStatement', $stmt->statement_number.'/'.$stmt->statement_year),
		'delete',
		'',
		0,
		1
	);
	print $formconfirm;
}

// Upload form
print '<div class="fichecenter">';
print '<div class="fichehalfleft">';

print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="upload">';

print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("UploadPDFStatement").'</td>';
print '</tr>';

// PDF file
print '<tr class="oddeven">';
print '<td class="titlefield fieldrequired">'.$langs->trans("File").'</td>';
print '<td>';
print '<input type="file" name="pdffile" accept=".pdf,application/pdf" required>';
print '</td>';
print '</tr>';

// IBAN (optional)
print '<tr class="oddeven">';
print '<td>'.$langs->trans("IBAN").'</td>';
print '<td>';
print '<input type="text" class="flat minwidth200" name="iban" value="'.dol_escape_htmltag(GETPOST('iban', 'alpha')).'" placeholder="DE89 3704 0044 0532 0130 00">';
print '</td>';
print '</tr>';

// Year
print '<tr class="oddeven">';
print '<td class="fieldrequired">'.$langs->trans("Year").'</td>';
print '<td>';
$years = array();
for ($y = (int) date('Y'); $y >= ((int) date('Y') - 10); $y--) {
	$years[$y] = $y;
}
print $form->selectarray('statement_year', $years, GETPOSTISSET('statement_year') ? GETPOSTINT('statement_year') : $year, 0, 0, 0, '', 0, 0, 0, '', 'minwidth100');
print '</td>';
print '</tr>';

// Statement number
print '<tr class="oddeven">';
print '<td class="fieldrequired">'.$langs->trans("StatementNumber").'</td>';
print '<td>';
$nextNum = $statement->getNextStatementNumber($year);
print '<input type="text" class="flat width75" name="statement_number" value="'.dol_escape_htmltag(GETPOSTISSET('statement_number') ? GETPOST('statement_number', 'alpha') : $nextNum).'" required>';
print '</td>';
print '</tr>';

// Statement date
print '<tr class="oddeven">';
print '<td>'.$langs->trans("StatementDate").'</td>';
print '<td>';
print $form->selectDate(GETPOSTISSET('statement_dateday') ? dol_mktime(0, 0, 0, GETPOSTINT('statement_datemonth'), GETPOSTINT('statement_dateday'), GETPOSTINT('statement_dateyear')) : -1, 'statement_date', 0, 0, 1, '', 1, 0);
print '</td>';
print '</tr>';

// Period from
print '<tr class="oddeven">';
print '<td>'.$langs->trans("DateFrom").'</td>';
print '<td>';
print $form->selectDate(GETPOSTISSET('date_fromday') ? dol_mktime(0, 0, 0, GETPOSTINT('date_frommonth'), GETPOSTINT('date_fromday'), GETPOSTINT('date_fromyear')) : -1, 'date_from', 0, 0, 1, '', 1, 0);
print '</td>';
print '</tr>';

// Period to
print '<tr class="oddeven">';
print '<td>'.$langs->trans("DateTo").'</td>';
print '<td>';
print $form->selectDate(GETPOSTISSET('date_today') ? dol_mktime(0, 0, 0, GETPOSTINT('date_tomonth'), GETPOSTINT('date_today'), GETPOSTINT('date_toyear')) : -1, 'date_to', 0, 0, 1, '', 1, 0);
print '</td>';
print '</tr>';

// Opening balance
print '<tr class="oddeven">';
print '<td>'.$langs->trans("OpeningBalance").'</td>';
print '<td>';
print '<input type="text" class="flat width100" name="opening_balance" value="'.dol_escape_htmltag(GETPOST('opening_balance', 'alpha')).'" placeholder="1.234,56">';
print ' EUR';
print '</td>';
print '</tr>';

// Closing balance
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ClosingBalance").'</td>';
print '<td>';
print '<input type="text" class="flat width100" name="closing_balance" value="'.dol_escape_htmltag(GETPOST('closing_balance', 'alpha')).'" placeholder="1.345,67">';
print ' EUR';
print '</td>';
print '</tr>';

print '</table>';

print '<div class="center" style="margin-top: 10px;">';
print '<input type="submit" class="button button-save" value="'.$langs->trans("Upload").'">';
print '</div>';

print '</form>';

print '</div>'; // fichehalfleft
print '</div>'; // fichecenter

print '<div class="clearboth"></div><br>';

// Year filter for list
print '<form method="GET" action="'.$_SERVER["PHP_SELF"].'">';
print '<div class="center" style="margin-bottom: 15px;">';
print '<strong>'.$langs->trans("Year").':</strong> ';
print $form->selectarray('year', $years, $year, 0, 0, 0, '', 0, 0, 0, '', 'minwidth100');
print ' <input type="submit" class="button smallpaddingimp" value="'.$langs->trans("Filter").'">';
print '</div>';
print '</form>';

// List of existing PDF statements
print '<div class="div-table-responsive">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<th class="center" width="80">'.$langs->trans("StatementNumber").'</th>';
print '<th>'.$langs->trans("IBAN").'</th>';
print '<th class="center">'.$langs->trans("StatementDate").'</th>';
print '<th class="center">'.$langs->trans("Period").'</th>';
print '<th class="right">'.$langs->trans("OpeningBalance").'</th>';
print '<th class="right">'.$langs->trans("ClosingBalance").'</th>';
print '<th class="right">'.$langs->trans("Size").'</th>';
print '<th class="center">'.$langs->trans("DateCreation").'</th>';
print '<th class="center" width="150">'.$langs->trans("Actions").'</th>';
print '</tr>';

$filter = array('year' => $year);
$records = $statement->fetchAll('statement_number', 'ASC', 100, 0, $filter);

if (is_array($records) && count($records) > 0) {
	foreach ($records as $obj) {
		print '<tr class="oddeven">';

		// Statement number
		print '<td class="center nowraponall">';
		print '<strong>'.dol_escape_htmltag($obj->statement_number).'</strong>/'.$obj->statement_year;
		print '</td>';

		// IBAN
		print '<td>';
		if ($obj->iban) {
			print dol_escape_htmltag($obj->iban);
		} else {
			print '<span class="opacitymedium">-</span>';
		}
		print '</td>';

		// Statement date
		print '<td class="center">';
		if ($obj->statement_date) {
			print dol_print_date($obj->statement_date, 'day');
		} else {
			print '<span class="opacitymedium">-</span>';
		}
		print '</td>';

		// Period
		print '<td class="center nowraponall">';
		if ($obj->date_from && $obj->date_to) {
			print dol_print_date($obj->date_from, 'day').' - '.dol_print_date($obj->date_to, 'day');
		} elseif ($obj->date_from) {
			print $langs->trans("From").' '.dol_print_date($obj->date_from, 'day');
		} elseif ($obj->date_to) {
			print $langs->trans("To").' '.dol_print_date($obj->date_to, 'day');
		} else {
			print '<span class="opacitymedium">-</span>';
		}
		print '</td>';

		// Opening balance
		print '<td class="right nowraponall">';
		if ($obj->opening_balance !== null) {
			$color = $obj->opening_balance >= 0 ? '' : 'color: red;';
			print '<span style="'.$color.'">'.price($obj->opening_balance, 0, $langs, 1, -1, 2, 'EUR').'</span>';
		} else {
			print '<span class="opacitymedium">-</span>';
		}
		print '</td>';

		// Closing balance
		print '<td class="right nowraponall">';
		if ($obj->closing_balance !== null) {
			$color = $obj->closing_balance >= 0 ? '' : 'color: red;';
			print '<span style="'.$color.'">'.price($obj->closing_balance, 0, $langs, 1, -1, 2, 'EUR').'</span>';
		} else {
			print '<span class="opacitymedium">-</span>';
		}
		print '</td>';

		// Size
		print '<td class="right">';
		if ($obj->filesize) {
			print dol_print_size($obj->filesize, 1);
		} else {
			print '-';
		}
		print '</td>';

		// Creation date
		print '<td class="center nowraponall">';
		print dol_print_date($obj->datec, 'day');
		print '</td>';

		// Actions
		print '<td class="center nowraponall">';
		if ($obj->filepath && file_exists($obj->filepath)) {
			// View (inline)
			print '<a class="paddingright" href="'.$_SERVER["PHP_SELF"].'?action=view&id='.$obj->id.'&token='.newToken().'" target="_blank" title="'.$langs->trans("View").'">';
			print img_picto($langs->trans("View"), 'eye');
			print '</a>';

			// Download
			print '<a class="paddingright" href="'.$_SERVER["PHP_SELF"].'?action=download&id='.$obj->id.'&token='.newToken().'" title="'.$langs->trans("Download").'">';
			print img_picto($langs->trans("Download"), 'download');
			print '</a>';
		}

		// Delete
		print '<a class="paddingright" href="'.$_SERVER["PHP_SELF"].'?action=delete&id='.$obj->id.'&year='.$year.'&token='.newToken().'" title="'.$langs->trans("Delete").'">';
		print img_picto($langs->trans("Delete"), 'delete');
		print '</a>';

		print '</td>';

		print '</tr>';
	}
} else {
	print '<tr class="oddeven"><td colspan="9" class="opacitymedium center">';
	print $langs->trans("NoPDFStatementsFound");
	print '</td></tr>';
}

print '</table>';
print '</div>';

// Statistics
$totalCount = $statement->fetchAll('', '', 0, 0, array(), 'count');
$yearCount = is_array($records) ? count($records) : 0;

print '<div class="opacitymedium" style="margin-top: 10px;">';
print $langs->trans("Total").': <strong>'.$yearCount.'</strong> '.$langs->trans("StatementsInYear", $year);
print ' | '.$langs->trans("AllStatements").': <strong>'.$totalCount.'</strong>';
print '</div>';

llxFooter();
$db->close();