<?php
/**
 * @package    Joomla.JEDChecker
 *
 * @copyright  Copyright (C) 2021-2022 Open Source Matters, Inc. All rights reserved.
 *
 * @license    GNU General Public License version 2 or later; see LICENSE.txt
 */

defined('_JEXEC') or die('Restricted access');

use Joomla\CMS\Filesystem\Folder;
use Joomla\CMS\Filter\InputFilter;

/**
 * class JedcheckerHelper
 *
 * This is a helper class with a set of static methods used by other JEDChecker classes
 *
 * @since  2.4
 */
abstract class JEDCheckerHelper
{
	const CLEAN_HTML     = 1;
	const CLEAN_COMMENTS = 2;
	const CLEAN_STRINGS  = 4;

	/**
	 * Returns XML manifest files in the package (sorted by depth)
	 *
	 * @param   string $basedir Extension's directory
	 *
	 * @return  string[]
	 * @since  2.4
	 */
	public static function findManifests($basedir)
	{
		// Find all XML files of the extension
		$files = Folder::files($basedir, '\.xml$', true, true);

		$excludeList = array();

		foreach ($files as $file)
		{
			$xml = simplexml_load_file($file);

			if (!$xml || ($xml->getName() !== 'extension' && $xml->getName() !== 'install'))
			{
				// Exclude non-install-manifest XML files
				$excludeList[] = $file;
			}
			elseif ((string) $xml['type'] === 'component' && isset($xml->administration->files['folder']))
			{
				// Exclude possible duplicates of manifest in components
				$excludeList[] = dirname($file) . '/' . trim($xml->administration->files['folder'], ' /') . '/' . basename($file);
			}
			elseif ((string) $xml['type'] === 'file' && isset($xml->fileset->files))
			{
				// Exclude possible duplicates of file-type extension manifest
				foreach ($xml->fileset->files as $child)
				{
					if (isset($child['folder']))
					{
						$excludeList[] = dirname($file) . '/' . trim($child['folder'], ' /') . '/' . basename($file);
					}
				}
			}
		}

		$files = array_diff($files, $excludeList);
		usort($files, array(__CLASS__, 'sortPathsCmp'));

		return $files;
	}

	/**
	 * Sort directories by depth
	 *
	 * @param   string $path1 1st path to compare
	 * @param   string $path2 2nd path to compare
	 *
	 * @return  integer
	 * @since  2.4
	 */
	public static function sortPathsCmp($path1, $path2)
	{
		$depth1 = substr_count($path1, '/');
		$depth2 = substr_count($path2, '/');

		return ($depth1 === $depth2) ? strcmp($path1, $path2) : ($depth1 - $depth2);
	}

	/**
	 * Split text into lines
	 *
	 * @param   string $content Text to split
	 *
	 * @return  string[]
	 * @since  2.4
	 */
	public static function splitLines($content)
	{
		// Split on one of EOL characters (except of EOL at the end of text)
		return preg_split("/(?:\r\n|\n|\r)(?!$)/", $content);
	}

	/**
	 * Get extension name (element)
	 *
	 * @param   SimpleXMLElement $xml XML Manifest
	 *
	 * @return  string
	 * @since  2.4
	 */
	public static function getElementName($xml)
	{
		$type = (string) $xml['type'];

		if (isset($xml->element))
		{
			$extension = (string) $xml->element;
		}
		else
		{
			$extension = (string) $xml->name;

			if (isset($xml->files))
			{
				foreach ($xml->files->children() as $child)
				{
					if (isset($child[$type]))
					{
						$extension = (string) $child[$type];
					}
				}
			}
		}

		$extension = strtolower(InputFilter::getInstance()->clean($extension, 'cmd'));

		if ($type === 'component' && strpos($extension, 'com_') !== 0)
		{
			$extension = 'com_' . $extension;
		}

		return $extension;
	}

	/**
	 * Removes HTML, comments, and/or strings content keeping EOL characters to preserve line numbers
	 *
	 * @param   string $content PHP sources
	 * @param   int    $options Bitwise set of options
	 *
	 * @return  string
	 * @since  2.4
	 */
	public static function cleanPhpCode($content, $options = self::CLEAN_HTML | self::CLEAN_COMMENTS)
	{
		$isCleanHtml     = $options & self::CLEAN_HTML;
		$isCleanComments = $options & self::CLEAN_COMMENTS;
		$isCleanStrings  = $options & self::CLEAN_STRINGS;

		if (!preg_match('/<\?(?:php\s|\s|=)/i', $content, $match, PREG_OFFSET_CAPTURE))
		{
			// No PHP code found
			return $isCleanHtml ? '' : $content;
		}

		$pos = $match[0][1];
		$code = substr($content, 0, $pos);
		$cleanContent = $isCleanHtml ? self::removeContent($code) : $code;

		while (preg_match('/[\'"`]|<<<|\/\*|\/\/|#|\?>/', $content, $match, PREG_OFFSET_CAPTURE, $pos))
		{
			$foundPos = $match[0][1];
			$cleanContent .= substr($content, $pos, $foundPos - $pos);
			$pos = $foundPos;

			switch ($match[0][0])
			{
				case '"':
				case "'":
					$q = $match[0][0];

					if (!preg_match("/$q(?>[^$q\\\\]+|\\\\.)*$q/As", $content, $match, 0, $pos))
					{
						return $cleanContent . ($isCleanStrings ? $q : substr($content, $pos));
					}

					$code = substr($match[0], 1, -1);
					$cleanContent .= $q . ($isCleanStrings ? self::removeContent($code, $q === '"') : $code) . $q;
					$pos += strlen($match[0]);
					break;

				case '`':
					if (!preg_match("/`(?>[^`\\\\]+|\\\\.)*`/As", $content, $match, 0, $pos))
					{
						return $cleanContent . substr($content, $pos);
					}

					$code = $match[0];
					$cleanContent .= $code;
					$pos += strlen($code);
					break;

				case '<<<':
					$cleanContent .= '<<<';
					$pos += 3;

					if (!preg_match('/([a-z_]\w*|\'.*?\'|".*?")\n/iA', $content, $match, 0, $pos))
					{
						break;
					}

					$identifier = $match[1];
					$cleanContent .= $match[0];
					$pos += strlen($match[0]);

					$foundPos = strpos($content, $identifier, $pos);

					if ($foundPos === false)
					{
						return $cleanContent . ($isCleanStrings ? '' : substr($content, $pos));
					}

					$code = substr($content, $pos, $foundPos - $pos);
					$cleanContent .= ($isCleanStrings ? self::removeContent($code, $identifier[0] !== "'") : $code) . $identifier;
					$pos += strlen($code) + strlen($identifier);
					break;

				case '/*':
					$cleanContent .= '/*';
					$pos += 2;

					$endPos = strpos($content, '*/', $pos);

					if ($endPos === false)
					{
						return $isCleanComments ? $cleanContent : $cleanContent . substr($content, $pos);
					}

					$code = substr($content, $pos, $endPos - $pos);
					$cleanContent .= $isCleanComments ? self::removeContent($code) : $code;
					$cleanContent .= '*/';
					$pos = $endPos + 2;

					break;

				case '//':
				case '#':
					$commentLen = strcspn($content, "\r\n", $pos);
					$endPhpPos = strpos($content, '?>', $pos);

					if ($endPhpPos !== false && $endPhpPos < $pos + $commentLen)
					{
						$commentLen = $endPhpPos - $pos;
					}

					if (!$isCleanComments)
					{
						$cleanContent .= substr($content, $pos, $commentLen);
					}

					$pos += $commentLen;

					break;

				case '?>':
					$cleanContent .= '?>';
					$pos += 2;

					if (!preg_match('/<\?(?:php\s|\s|=)/i', $content, $match, PREG_OFFSET_CAPTURE, $pos))
					{
						// No PHP code found (up to the end of the file)
						return $cleanContent . ($isCleanHtml ? '' : substr($content, $pos));
					}

					$foundPos = $match[0][1];
					$code = substr($content, $pos, $foundPos - $pos);
					$cleanContent .= $isCleanHtml ? self::removeContent($code) : $code;

					$phpPreamble = $match[0][0];
					$cleanContent .= $phpPreamble;
					$pos = $foundPos + strlen($phpPreamble);

					break;
			}
		}

		$cleanContent .= substr($content, $pos);

		return $cleanContent;
	}

	/**
	 * Remove all text content by keeping newline characters only (to preserve line numbers)
	 *
	 * @param   string $content Partial content
	 *
	 * @return  string
	 * @since  2.4
	 */
	protected static function removeContent($content, $parse = false)
	{
		if (!$parse)
		{
			return self::cleanLines($content);
		}

		$pos = 0;
		$cleanContent = '';

		while (preg_match('/\n|\\\\|\{\$|\$\{/', $content, $match, PREG_OFFSET_CAPTURE, $pos))
		{
			$foundPos = $match[0][1];
			$cleanContent .= self::cleanLines(substr($content, $pos, $foundPos - $pos));
			$pos = $foundPos;

			switch ($match[0][0])
			{
				case "\n":
					$cleanContent .= "\n";
					$pos++;
					break;

				case '\\':
					$pos++;

					if ($pos < strlen($content) && $content[$pos] === "\n")
					{
						$cleanContent .= "\\\n";
					}

					$pos++;
					break;

				case '{$':
				case '${':
					$posx = $pos + 2;
					$braces = 1;
					$strlen = strlen($content);

					while ($braces > 0 && $posx < $strlen)
					{
						$q = $content[$posx];

						switch ($q)
						{
							case '{':
								$braces++;
								break;

							case '}':
								$braces--;
								break;

							case '"':
							case "'":
								if (!preg_match("/$q(?>[^$q\\\\]+|\\\\.)*$q/As", $content, $match, 0, $posx))
								{
									return $cleanContent . substr($content, $pos);
								}

								$posx += strlen($match[0]);
								break;

							case '`':
								if (!preg_match("/`.*?`/As", $content, $match, 0, $posx))
								{
									return $cleanContent . substr($content, $pos);
								}

								$posx += strlen($match[0]);
								break;
						}

						$posx++;
					}

					$cleanContent .= substr($content, $pos, $posx - $pos);
					$pos = $posx;
					break;
			}
		}

		return $cleanContent;
	}

	/**
	 * Remove all content except of EOLs to preserve line numbers
	 *
	 * @param string $content
	 *
	 * @return string
	 * @since 2.4.2
	 */
	protected static function cleanLines($content)
	{
		return str_repeat("\n", substr_count($content, "\n"));
	}

	/**
	 * Resolve all aliases in the PHP file
	 *
	 * @param string $content
	 *
	 * @return string
	 * @since 2.4.4
	 */
	public static function resolveAliases($content)
	{
		if (preg_match_all('/\buse\s+([\\\\\w]+)(?:\s+as\s+(\w+))?\s*;/i', $content, $matches, PREG_SET_ORDER)) {
			foreach ($matches as $match) {
				$fqn = $match[1];

				if (isset($match[2])) {
					$alias = $match[2];
				} else {
					$path = explode('\\', $fqn);
					$alias = $path[count($path) - 1];
				}

				$content = str_replace($match[0], self::cleanLines($match[0]), $content);
				$content = preg_replace('/\b' . $alias . '\b/', $fqn, $content);
			}
		}

		return $content;
	}
}