#!/usr/bin/perl
#------------------------------------------------------------------------------
# Copyright (C) 2001 Thomax Kaulmann
# 
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

use DBI;
use CGI;
use OMA;
use XSQL;


local %in, @row, $trans;
undef %in;
undef @row;
undef($trans);


                  ##    ######                                     ###
                  ##     ##  ##                                     ##
  #####   ####   #####   ##  ##  ####     ####    ####  ##   ##  #####
 ##  ##  ##  ##   ##     #####      ##   ##      ##     ## # ## ##  ##
 ##  ##  ######   ##     ##      #####    ####    ####  ## # ## ##  ##
  #####  ##       ## ##  ##     ##  ##       ##      ## ####### ##  ##
     ##   ####     ###  ####     ### ##  #####   #####   ## ##   ### ##
 #####
sub getPasswd
{
	my($passwd) = shift;

	if(length($in{'passwd'}) == 13) {
		return $passwd;
	}
    else
	{
		return crypt($passwd,"OMA");
	}
}


   ###                                     ##     ##
    ##                                            ##
 #####    ####            ####  ##   ##   ###    #####
##  ##   ##  ##          ##  ##  ## ##     ##     ##
##  ##   ##  ##          ######   ###      ##     ##
##  ##   ##  ##          ##      ## ##     ##     ## ##
 ### ##   ####            ####  ##   ##   ####     ###
                ########
sub do_exit
{
	print $_[0];
	exit;
}



##   ##            ##            ######         ##   ##
### ###           ####             ##           ###  ##
#######          ##  ##            ##           #### ##
#######          ##  ##            ##           ## ####
## # ##          ######            ##           ##  ###
##   ##          ##  ##            ##           ##   ##
##   ##          ##  ##          ######         ##   ##


print "Content-type: text/html

<html>
<head></head>
<body  bgcolor=\"#dfdfdf\" link=\"#007700\" vlink=\"#770000\">
";

CGI::ReadParse();
$db = OMA::opendb();


if($in{'update'})
{
	$in{'passwd'} = getPasswd($in{'passwd'});

	XSQL::transopen();
	XSQL::transact("UPDATE user SET passwd='$in{'passwd'}', email='$in{'email'}', name='$in{'label'}', street='$in{'street'}', postal='$in{'postal'}', city='$in{'city'}', country='$in{'country'}', url='$in{'url'}' where user='$in{'user'}'");
	XSQL::transclose();
	print "fine.\n</html>";
	exit;
}
			
if($in{'new'})
{
	$in{'passwd'} = getPasswd($in{'passwd'});

	$query = $db->prepare("SELECT * from user where user='$in{'user'}'");
	$query->execute();
	@row = $query->fetchrow();
	$query->finish();
	if($#row > 0) {
		print "User exist.\n</html>";
		exit;
	}

	XSQL::transopen();
	XSQL::transact("INSERT INTO user VALUES ('$in{'user'}', '$in{'passwd'}', '$in{'email'}', '$in{'label'}', '$in{'street'}', '$in{'postal'}', '$in{'city'}', '$in{'country'}', '$in{'url'}')");
	print "fine.\n";
	XSQL::transclose();
	exit;
}

if($in{'delete'})
{
	XSQL::transopen();
	XSQL::transact("DELETE from user where user='$in{'user'}'");
	print "fine.\n</html>";
	XSQL::transclose();
	exit;
}

if($in{'user'} eq $ENV{'REMOTE_USER'})
{

	$query = $db->prepare("SELECT * from user where user='$in{'user'}'");
	$query->execute();
	@row = $query->fetchrow();
	$query->finish();
	
	print "
		<table>
		<form method=post>
		<tr><td>Username:</td><td>$in{'user'}</td></tr>
		<tr><td>Password:</td><td><input name=passwd value=\"$row[$OVA::U_PASSWD]\"></td></tr>
		<tr><td>E-Mail:</td><td><input name=email value=\"$row[$OVA::U_EMAIL]\"></td></tr>
		<tr><td>Name/Org/Label:</td><td><input name=label value=\"$row[$OVA::U_NAME]\"></td></tr>
		<tr><td>Street:</td><td><input name=street value=\"$row[$OVA::U_STREET]\"></td></tr>
		<tr><td>Postal:</td><td><input name=postal value=\"$row[$OVA::U_POSTAL]\"></td></tr>
		<tr><td>City:</td><td><input name=city value=\"$row[$OVA::U_CITY]\"></td></tr>
		<tr><td>Country:</td><td><input name=country value=\"$row[$OVA::U_COUNTRY]\"></td></tr>
		<tr><td>URL:</td><td><input name=url value=\"$row[$OVA::U_URL]\"></td></tr>
		<input type=hidden value=$in{'user'} name=user>
		<input type=submit value=update name=update>
		</form>
		</table>
	</html>";
	exit;
}

if($ENV{'REMOTE_USER'} eq "admin")
{
	if($in{'user'})
	{
		$query = $db->prepare("SELECT * from user where user='$in{'user'}'");
		$query->execute();
		@row = $query->fetchrow();
		$query->finish();
	}
	else {
		print "<form method=post><select name=user>";
		$query = $db->prepare("SELECT * from user");
		$query->execute();
		print "<option>new user";
		while(@row = $query->fetchrow()) {
			print "<option>$row[0]";
		}
		$query->finish();
		print "</select><input type=submit value=\"change user\"></form>";

		$query = $db->prepare("SELECT * from user where user='admin'");
		$query->execute();
		@row = $query->fetchrow();
		$query->finish();
		$in{'user'} = $row[0];
	}
	
	print "
		<form method=post>
		<table cellspacing=0 cellpadding=0>
		<tr><td>
	";
	if($row[0]) {
		print "<input type=submit value=update name=update>
		<input type=submit value=delete name=delete>";
	} else {
		print "<input type=submit value=new name=new>";
	}
	print "
		</td></tr>
		<tr><td>Username:</td><td><input name=user value=\"$row[0]\"></td></tr>
		<tr><td>Password:</td><td><input name=passwd value=\"$row[1]\"></td></tr>
		<tr><td>E-Mail:</td><td><input name=email value=\"$row[2]\"></td></tr>
		<tr><td>Name/Org/Label:</td><td><input name=label value=\"$row[3]\"></td></tr>
		<tr><td>Street:</td><td><input name=street value=\"$row[4]\"></td></tr>
		<tr><td>Postal:</td><td><input name=postal value=\"$row[5]\"></td></tr>
		<tr><td>City:</td><td><input name=city value=\"$row[6]\"></td></tr>
		<tr><td>Country:</td><td><input name=country value=\"$row[7]\"></td></tr>
		<tr><td>URL:</td><td><input name=url value=\"$row[8]\"></td></tr>

	";
	print "
		</table>
		</form>
	</html>";
	exit;
}

print "sorry, but i don't know you.</html>";
