<?php
// Universal login fix: replace redirect-after-XHR with credential-caching approach
// The key fix: use Image() with embedded user:pass@host to force browser auth cache

$pages = [
    "/var/www/html/weval-login.html" => "/wevia-ia/wevia-admin.php",
    "/var/www/html/arsenal-login.html" => "/arsenal-proxy/wevads-dashboard.php", 
    "/var/www/html/office-login.html" => "/office365/",
    "/var/www/ethica/public/ethica-login.html" => "/ethica-app-v3.html",
];

$fixed = 0;
$total = 0;

foreach ($pages as $file => $defaultTarget) {
    $total++;
    if (!file_exists($file)) {
        echo basename($file) . ": NOT_FOUND\n";
        continue;
    }
    
    $c = file_get_contents($file);
    $backup = $file . '.GOLD-' . date('Ymd-His') . '-pre-authfix';
    file_put_contents($backup, $c);
    
    // Check if already has the img credential cache fix
    if (strpos($c, 'new Image()') !== false && strpos($c, 'encodeURIComponent') !== false) {
        echo basename($file) . ": ALREADY_FIXED\n";
        $fixed++;
        continue;
    }
    
    // Find and replace the doLogin function
    // Pattern: after successful XHR check, replace simple redirect with credential-caching redirect
    
    // Replace "window.location.href=target;" or "location.href=t;" with credential cache + redirect
    $oldPatterns = [
        // weval-login pattern
        "window.location.href=target;",
        // ethica pattern  
        "location.href=t;",
    ];
    
    $replaced = false;
    foreach ($oldPatterns as $old) {
        if (strpos($c, $old) !== false) {
            // Determine variable names used in this file
            $userVar = (strpos($c, 'var u=') !== false) ? 'u' : 'user';
            $passVar = (strpos($c, 'var p=') !== false) ? 'p' : 'pass';
            $targetVar = (strpos($old, '=target') !== false) ? 'target' : 't';
            
            $newCode = "// Force browser to cache Basic Auth credentials
      var _proto=window.location.protocol;
      var _host=window.location.host;
      var _authUrl=_proto+'//'+encodeURIComponent($userVar)+':'+encodeURIComponent($passVar)+'@'+_host+$targetVar;
      var _img=new Image();
      _img.onload=_img.onerror=function(){window.location.href=$targetVar;};
      _img.src=_authUrl;
      setTimeout(function(){window.location.href=$targetVar;},1200);";
            
            $c = str_replace($old, $newCode, $c);
            $replaced = true;
            break;
        }
    }
    
    if (!$replaced) {
        echo basename($file) . ": PATTERN_NOT_FOUND\n";
        continue;
    }
    
    file_put_contents($file, $c);
    echo basename($file) . ": FIXED (backup: " . basename($backup) . ")\n";
    $fixed++;
}

echo "\n=== RESULT: $fixed/$total fixed ===\n";