<?php
// ============================================================================
// constants.php — Central Configuration File (Modernized & Safe)
// ============================================================================

// ----------------------------------------------------------------------------
// SECURITY HEADERS & INITIALIZATION
// ----------------------------------------------------------------------------
header('X-Content-Type-Options: nosniff');
header('X-Frame-Options: SAMEORIGIN');
header('X-XSS-Protection: 1; mode=block');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');

// Start secure session
if (session_status() === PHP_SESSION_NONE) {
    session_set_cookie_params([
        'lifetime' => 3600,
        'path' => '/',
        'domain' => $_SERVER['HTTP_HOST'],
        'secure' => true,
        'httponly' => true,
        'samesite' => 'Strict'
    ]);
    session_start();
}

// ----------------------------------------------------------------------------
// ENVIRONMENT LOADING
// ----------------------------------------------------------------------------
require_once __DIR__ . '/load_env.php';

// Try to load .env from secure locations
$envLoaded = false;
$envPaths = [
    dirname(__DIR__) . '/.env',          // Outside web root (most secure)
    __DIR__ . '/../.env',                // Parent directory
    __DIR__ . '/.env',                   // Current directory (less secure)
];

foreach ($envPaths as $envPath) {
    if (file_exists($envPath)) {
        load_env($envPath);
        $envLoaded = true;
        break;
    }
}

if (!$envLoaded) {
    error_log('Warning: No .env file found. Using default values.');
}

// ----------------------------------------------------------------------------
// DATABASE CONNECTION CONSTANTS (With Fallbacks)
// ----------------------------------------------------------------------------
$host = $_ENV['DB_HOST'] ?? 'localhost';
$user = $_ENV['DB_USER'] ?? 'root';
$pass = $_ENV['DB_PASS'] ?? '';
$db   = $_ENV['DB_NAME'] ?? '';

// ----------------------------------------------------------------------------
// SECURE DATABASE CONNECTION
// ----------------------------------------------------------------------------
require_once __DIR__ . '/database.php';
$pdo = db();
// ----------------------------------------------------------------------------
// CURRENCY & PAYMENT CONFIGURATION
// ----------------------------------------------------------------------------
$default_currency_code = $_ENV['DEFAULT_CURRENCY_CODE'] ?? 'USD';
if (!defined('DEFAULT_CURRENCY_CODE')) {
    define('DEFAULT_CURRENCY_CODE', $default_currency_code);
}

if (!defined('GET_CURRENCY_RATES_FROM_XE')) {
    define('GET_CURRENCY_RATES_FROM_XE', 1);
}

// Only declare function if not already declared
if (!function_exists('loadCurrencySettings')) {
    function loadCurrencySettings()
    {
        switch (DEFAULT_CURRENCY_CODE) {
            case 'EUR': return '€';
            case 'GBP': return '£';
            case 'USD':
            default: return '$';
        }
    }
}

// ----------------------------------------------------------------------------
// FRAUD PROTECTION SETTINGS
// ----------------------------------------------------------------------------
if (!defined('FRAUD_RECENT_CLICK')) define('FRAUD_RECENT_CLICK', 0);
if (!defined('FRAUD_CLICK_SECONDS')) define('FRAUD_CLICK_SECONDS', 12);
if (!defined('FRAUD_CLICK_ACTION')) define('FRAUD_CLICK_ACTION', 'do not save');

if (!defined('FRAUD_RECENT_SALE')) define('FRAUD_RECENT_SALE', 0);
if (!defined('FRAUD_SALE_SECONDS')) define('FRAUD_SALE_SECONDS', 10);
if (!defined('FRAUD_SALE_ACTION')) define('FRAUD_SALE_ACTION', 'decline');

if (!defined('FRAUD_DECLINE_RECENT_SALE')) define('FRAUD_DECLINE_RECENT_SALE', 1);
if (!defined('FRAUD_LOGIN_RETRY_LIMIT')) define('FRAUD_LOGIN_RETRY_LIMIT', 2);
if (!defined('FRAUD_LOGIN_DELAY_SECONDS')) define('FRAUD_LOGIN_DELAY_SECONDS', 10);

// ----------------------------------------------------------------------------
// IMPRESSION & PROGRAM CONFIGURATION
// ----------------------------------------------------------------------------
if (!defined('IMPRESSION_RATE')) define('IMPRESSION_RATE', 1);

if (!defined('NORMAL_USER_ID')) define('NORMAL_USER_ID', 300);
if (!defined('ADVANCED_USER_ID')) define('ADVANCED_USER_ID', 502);

if (!defined('ADMIN_CLICK_RATE')) define('ADMIN_CLICK_RATE', 1);
if (!defined('ADMIN_SALE_RATE')) define('ADMIN_SALE_RATE', 5);
if (!defined('ADMIN_LEAD_RATE')) define('ADMIN_LEAD_RATE', 4);

if (!defined('MINIMUM_AMOUNT')) define('MINIMUM_AMOUNT', 500);
if (!defined('MINIMUM_WITHDRAW')) define('MINIMUM_WITHDRAW', 20);

if (!defined('PROGRAM_FEE')) define('PROGRAM_FEE', 50);
if (!defined('PROGRAM_TYPE')) define('PROGRAM_TYPE', 2);
if (!defined('PROGRAM_VALUE')) define('PROGRAM_VALUE', '7 month');

if (!defined('MEMBERSHIP_TYPE')) define('MEMBERSHIP_TYPE', 2);
if (!defined('MEMBERSHIP_VALUE')) define('MEMBERSHIP_VALUE', '2 month');

// ----------------------------------------------------------------------------
// PAYOUT & ROLE LIMITS
// ----------------------------------------------------------------------------
if (!defined('MERCHANT_MAX_AMOUNT')) define('MERCHANT_MAX_AMOUNT', 5000);
if (!defined('AFFILIATE_MAX_AMOUNT')) define('AFFILIATE_MAX_AMOUNT', PHP_INT_MAX);
if (!defined('ADMIN_MAX_AMOUNT')) define('ADMIN_MAX_AMOUNT', 40000);

// ----------------------------------------------------------------------------
// COMMISSION TYPES
// ----------------------------------------------------------------------------
if (!defined('ADMIN_CLICKRATE_TYPE')) define('ADMIN_CLICKRATE_TYPE', 'percentage');
if (!defined('ADMIN_LEADRATE_TYPE')) define('ADMIN_LEADRATE_TYPE', 'flatrate');
if (!defined('ADMIN_SALERATE_TYPE')) define('ADMIN_SALERATE_TYPE', 'flatrate');

// ----------------------------------------------------------------------------
// UI SETTINGS
// ----------------------------------------------------------------------------
if (!defined('ICON_HEIGHT')) define('ICON_HEIGHT', 16);
if (!defined('ICON_WIDTH')) define('ICON_WIDTH', 16);

// ----------------------------------------------------------------------------
// TIME ZONES — USING PHP'S BUILT-IN LIST
// ----------------------------------------------------------------------------
$TIME_ZONES = DateTimeZone::listIdentifiers();

// ----------------------------------------------------------------------------
// SITE SETTINGS
// ----------------------------------------------------------------------------
if (!defined('SITE_TITLE')) define('SITE_TITLE', 'Affiliate Interactive');
if (!defined('DEFAULT_RECORDS_PER_PAGE')) define('DEFAULT_RECORDS_PER_PAGE', 10);

if (!defined('SECURED_SITE_URL')) define('SECURED_SITE_URL', 'https://network.affinteractive.com/affiliate/partnerssecured');
if (!defined('TRACKING_SITE_URL')) define('TRACKING_SITE_URL', 'https://www.afflinktrk.com');

// ----------------------------------------------------------------------------
// SYSTEM MESSAGES (LEGACY VARIABLES)
// ----------------------------------------------------------------------------
$norec      = "No Records of this type";
$blank      = "Invalid Entry. Please fill in all required fields";
$emailerr   = "Please Enter a valid E-mail Id";
$emailexist = "E-mail Id already Exists";

// ----------------------------------------------------------------------------
// SYSTEM MESSAGES (MODERN CONSTANTS)
// ----------------------------------------------------------------------------
if (!defined('MSG_NO_RECORDS'))    define('MSG_NO_RECORDS', $norec);
if (!defined('MSG_INVALID_ENTRY')) define('MSG_INVALID_ENTRY', $blank);
if (!defined('MSG_EMAIL_INVALID')) define('MSG_EMAIL_INVALID', $emailerr);
if (!defined('MSG_EMAIL_EXISTS'))  define('MSG_EMAIL_EXISTS', $emailexist);

// ----------------------------------------------------------------------------
// CURRENCY SYMBOLS FOR DISPLAY
// ----------------------------------------------------------------------------
$CURRENCY_SYMBOLS = [
    'Yen'          => '&yen;',
    'Pound'        => '&pound;',
    'Swiss Francs' => 'CHF',
    'Euro'         => '&euro;'
];

// =====================================================================================
// PAYPAL CONFIGURATION
// =====================================================================================
define('PAYPAL_RECEIVER_EMAIL', 'payments@affinteractive.com');
define('PAYPAL_ACCEPT_UNVERIFIED', false);
define('PAYPAL_ACCEPT_UNCONFIRMED', true);
define('PAYPAL_SUCCESS_URL', 'https://www.affinteractive.com/payment_success.php');
define('PAYPAL_FAIL_URL', 'https://www.affinteractive.com/payment_failed.php');

// ----------------------------------------------------------------------------
// INPUT SANITIZATION FUNCTION
// ----------------------------------------------------------------------------
if (!function_exists('sanitize_input')) {
    function sanitize_input($data) {
        if (is_array($data)) {
            return array_map('sanitize_input', $data);
        }
        
        $data = trim($data);
        $data = stripslashes($data);
        $data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
        
        return $data;
    }
}

// ----------------------------------------------------------------------------
// SECURITY: SANITIZE USER INPUT
// ----------------------------------------------------------------------------
if (!empty($_GET)) {
    $_GET = sanitize_input($_GET);
}

if (!empty($_POST)) {
    $_POST = sanitize_input($_POST);
    
    // Extract POST variables safely
    foreach ($_POST as $key => $value) {
        if (!in_array($key, ['password', 'pass', 'pwd'])) {
            $$key = $value;
        } else {
            $$key = $value; // Passwords will be hashed later
        }
    }
}

// ----------------------------------------------------------------------------
// ERROR HANDLING CONFIGURATION
// ----------------------------------------------------------------------------
ini_set('display_errors', 0);
ini_set('log_errors', 1);

// Try to create logs directory if it doesn't exist
$log_dir = dirname(__DIR__) . '/logs';
if (!file_exists($log_dir)) {
    @mkdir($log_dir, 0755, true);
}
ini_set('error_log', $log_dir . '/php_errors.log');

// ----------------------------------------------------------------------------
// TIMEZONE SETTING
// ----------------------------------------------------------------------------
date_default_timezone_set('UTC');

// ----------------------------------------------------------------------------
// NEW FEATURE CONSTANTS (FOR FUTURE IMPLEMENTATION)
// ----------------------------------------------------------------------------
if (!defined('STEALTH_REDIRECT_ENABLED')) define('STEALTH_REDIRECT_ENABLED', false);
if (!defined('FRAUD_DETECTION_ENABLED')) define('FRAUD_DETECTION_ENABLED', false);
if (!defined('API_IMPORT_ENABLED')) define('API_IMPORT_ENABLED', false);

?>