#!/bin/bash

echo "🛡️ Fix: Alle Safari Sicherheitswarnungen"
echo "======================================="

# 1. Alle Formulare mit HTTPS-URLs beheben
echo "1. 🔒 Alle Formulare mit HTTPS beheben..."

# Login-Formular
if [ -f resources/views/auth/login.blade.php ]; then
    sed -i 's|action="{{ route('\''login'\'') }}"|action="https://neonail.vogt.de.com/login"|' resources/views/auth/login.blade.php
    echo "   ✅ Login-Formular behoben"
fi

# Create Nail Polish Formular
if [ -f resources/views/user-nail-polishes/create.blade.php ]; then
    sed -i 's|action="{{ route('\''user-nail-polishes.store'\'') }}"|action="https://neonail.vogt.de.com/create-nail-polish"|' resources/views/user-nail-polishes/create.blade.php
    echo "   ✅ Create Nail Polish Formular behoben"
fi

# Remove Nail Polish Formular
if [ -f resources/views/user-nail-polishes/index.blade.php ]; then
    sed -i 's|action="https://neonail.vogt.de.com/user-nail-polishes/|action="https://neonail.vogt.de.com/remove-from-collection/|' resources/views/user-nail-polishes/index.blade.php
    echo "   ✅ Remove Nail Polish Formular behoben"
fi

# Admin Nail Polish Delete Formular
if [ -f resources/views/nail-polishes/index.blade.php ]; then
    sed -i 's|action="{{ route('\''nail-polishes.destroy'\'', $nailPolish) }}"|action="https://neonail.vogt.de.com/nail-polishes/{{ $nailPolish->id }}"|' resources/views/nail-polishes/index.blade.php
    echo "   ✅ Admin Nail Polish Delete Formular behoben"
fi

# Admin User Create Formular
if [ -f resources/views/admin/users/create.blade.php ]; then
    sed -i 's|action="{{ route('\''admin.users.store'\'') }}"|action="https://neonail.vogt.de.com/admin/users"|' resources/views/admin/users/create.blade.php
    echo "   ✅ Admin User Create Formular behoben"
fi

# Admin User Edit Formular
if [ -f resources/views/admin/users/edit.blade.php ]; then
    sed -i 's|action="{{ route('\''admin.users.update'\'', $user) }}"|action="https://neonail.vogt.de.com/admin/users/{{ $user->id }}"|' resources/views/admin/users/edit.blade.php
    echo "   ✅ Admin User Edit Formular behoben"
fi

# Admin User Delete Formular
if [ -f resources/views/admin/users/index.blade.php ]; then
    sed -i 's|action="{{ route('\''admin.users.destroy'\'', $user) }}"|action="https://neonail.vogt.de.com/admin/users/{{ $user->id }}"|' resources/views/admin/users/index.blade.php
    echo "   ✅ Admin User Delete Formular behoben"
fi

# 2. .env HTTPS-Einstellungen
echo "2. 🔒 .env HTTPS-Einstellungen..."
if [ -f .env ]; then
    sed -i 's|APP_URL=.*|APP_URL=https://neonail.vogt.de.com|' .env
    sed -i 's/APP_DEBUG=false/APP_DEBUG=true/' .env
    sed -i 's/APP_ENV=production/APP_ENV=local/' .env
    
    # HTTPS-spezifische Einstellungen
    grep -q "FORCE_HTTPS=true" .env || echo "FORCE_HTTPS=true" >> .env
    grep -q "SECURE_COOKIES=true" .env || echo "SECURE_COOKIES=true" >> .env
    grep -q "SESSION_SECURE_COOKIE=true" .env || echo "SESSION_SECURE_COOKIE=true" >> .env
    grep -q "SESSION_SAME_SITE=lax" .env || echo "SESSION_SAME_SITE=lax" >> .env
    grep -q "SESSION_HTTP_ONLY=true" .env || echo "SESSION_HTTP_ONLY=true" >> .env
    
    echo "   ✅ .env HTTPS-Einstellungen aktualisiert"
else
    echo "   ❌ .env Datei nicht gefunden"
fi

# 3. Session-Konfiguration
echo "3. 🍪 Session-Konfiguration..."
if [ -f config/session.php ]; then
    sed -i "s/'secure' => false/'secure' => true/" config/session.php
    sed -i "s/'http_only' => false/'http_only' => true/" config/session.php
    echo "   ✅ Session-Konfiguration aktualisiert"
else
    echo "   ❌ config/session.php nicht gefunden"
fi

# 4. CSRF-Konfiguration
echo "4. 🔐 CSRF-Konfiguration..."
if [ -f config/csrf.php ]; then
    sed -i "s/'secure' => false/'secure' => true/" config/csrf.php
    echo "   ✅ CSRF-Konfiguration aktualisiert"
else
    echo "   ❌ config/csrf.php nicht gefunden"
fi

# 5. Minimale .htaccess mit HTTPS-Force
echo "5. 🌐 .htaccess HTTPS-Force..."
cat > public/.htaccess << 'EOF'
<IfModule mod_rewrite.c>
    RewriteEngine On
    
    # Force HTTPS
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    
    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    
    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]
    
    # Send Requests To Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

# Protect sensitive files
<Files ".env">
    Order allow,deny
    Deny from all
</Files>

<Files "database.sqlite">
    Order allow,deny
    Deny from all
</Files>

<Files "*.sqlite">
    Order allow,deny
    Deny from all
</Files>
EOF

echo "   ✅ .htaccess HTTPS-Force erstellt"

# 6. Laravel Cache leeren
echo "6. 🧹 Laravel Cache leeren..."
php artisan cache:clear 2>/dev/null || echo "   ⚠️ cache:clear übersprungen"
php artisan config:clear 2>/dev/null || echo "   ⚠️ config:clear übersprungen"
php artisan route:clear 2>/dev/null || echo "   ⚠️ route:clear übersprungen"
php artisan view:clear 2>/dev/null || echo "   ⚠️ view:clear übersprungen"

# 7. Test-Script erstellen
echo "7. 🧪 Test-Script erstellen..."
cat > test-all-forms.php << 'EOF'
<?php
// Test aller Formulare auf HTTPS
echo "🔒 Test aller Formulare auf HTTPS\n";
echo "===============================\n\n";

$forms = [
    'resources/views/auth/login.blade.php' => 'Login-Formular',
    'resources/views/user-nail-polishes/create.blade.php' => 'Create Nail Polish',
    'resources/views/user-nail-polishes/index.blade.php' => 'Remove Nail Polish',
    'resources/views/nail-polishes/index.blade.php' => 'Admin Delete Nail Polish',
    'resources/views/admin/users/create.blade.php' => 'Admin Create User',
    'resources/views/admin/users/edit.blade.php' => 'Admin Edit User',
    'resources/views/admin/users/index.blade.php' => 'Admin Delete User'
];

foreach ($forms as $file => $description) {
    if (file_exists($file)) {
        $content = file_get_contents($file);
        if (strpos($content, 'action="https://neonail.vogt.de.com') !== false) {
            echo "   ✅ $description: HTTPS-URL gefunden\n";
        } else {
            echo "   ❌ $description: Keine HTTPS-URL gefunden\n";
        }
    } else {
        echo "   ❌ $description: Datei nicht gefunden\n";
    }
}

echo "\n✅ Alle Formulare getestet!\n";
echo "🔗 Testen Sie jetzt: https://neonail.vogt.de.com\n";
?>
EOF

echo "   ✅ Test-Script erstellt"

echo ""
echo "✅ Alle Safari Sicherheitswarnungen behoben!"
echo ""
echo "🔗 Testen Sie jetzt:"
echo "1. Login: https://neonail.vogt.de.com/login"
echo "2. Admin-Panel: https://neonail.vogt.de.com/admin/users"
echo "3. Lack erstellen: https://neonail.vogt.de.com/create-nail-polish"
echo ""
echo "📝 Falls Warnungen bestehen:"
echo "- Führen Sie php test-all-forms.php aus"
echo "- Leeren Sie Browser-Cache"
echo "- Prüfen Sie Browser-Entwicklertools (F12)"