#!/usr/bin/perl

#use DBI;
use CGI;
use Digest::MD5 qw(md5_hex);
use strict;
#use constant DBI_SOURCE => 'dbi:SQLite:zombiebot.db';
use constant PASSWORD => '63292e049dfb27c550fa1cb143be510d';

print "Content-Type: application/xhtml+xml; charset=UTF-8\n\n";

my $query=new CGI;
my $task=$query->param("task");
my $password=$query->param("pass");

if(!$task)
{
  show_quotes();
  exit 0;
}

if(md5_hex($password) ne PASSWORD) {
  message("Clave incorrecta.");
  exit 0;
}

if($task eq "post")
{
  my $id = $query->param("id");
  my $quote = $query->param("quote");
  my $by=$query->param("by");
  my $time=$query->param("time");
  if($id and $quote and $by and $time)
  {
    post_quote($id, $quote, $by, $time);
  }
  else
  {
    message("Ingrese ID y quote.");
  }
}
elsif($task eq "remove")
{
  my $id = $query->param("id");
  if($id)
  {
    remove_quote($id);
  }
  else
  {
    message("Ingrese ID.");
  }
}
else
{
  message("Tarea inválida.");
}


#sub post_quote($$$$) {
#  my ($id, $quote, $by, $time) = @_;
#  my $dbh = DBI->connect(DBI_SOURCE, "", "") || die "$DBI::errstr";
#  $dbh->do("INSERT INTO quotes VALUES (".$dbh->quote($id).", ".$dbh->quote($quote).", ".$dbh->quote($by).", ".$dbh->quote($time).")");
#  message("Listo.");
#}

#sub remove_quote($) {
#  my ($id) = @_;
#  my $dbh = DBI->connect(DBI_SOURCE, "", "") || die "$DBI::errstr";
#  $dbh->do("DELETE FROM quotes WHERE qid = ".$dbh->quote($id));
#  message("Listo.");
#}

sub message($) {
  my ($errstr) = @_;
  print q{<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Zombiebot@B.a.I.</title>
<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=UTF-8" />
</head><body><p>};
  print "$errstr";
  print q{</p></body></html>};
}

sub show_quotes() {
  print q{<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Zombiebot@B.a.I.</title>
<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=UTF-8" />
<style type="text/css">
a, a:visited{text-decoration:none;}
a:hover{text-decoration:underline;}
body{font-family:Arial,sans-serif;align:center;background-color:#fff;color:#000;}
#k{width:90%;}
#top{font-size:26pt;padding-top:15pt;padding-bottom:20pt;margin-bottom:15pt;border-bottom:1px solid #aaa;}
#text{padding-top:4pt;text-align:left;font-size:small;}
#search{margin-top:1em;padding-top:4pt;padding-bottom:4pt;background-color:#eee;border:1px solid #aaa;}
#foot{padding-top:2em;font-size:8pt;}#foot a{color:#999;}
.important{background-color:#EEE;border:1px dotted #999;}
</style>
</head><body>
<center>
<div id="k">
<div id="top">

Bienvenido a Internet BBS/IB<br />
<small>Quotes de Zombiebot</small>
</div>
<div id="text">
};

  #my $dbh = DBI->connect(DBI_SOURCE, "", "") || die "$DBI::errstr";

  #$dbh->do("INSERT INTO test VALUES (NULL, 'Holi')");

  print "<center><table border=\"1\"><tr><th>ID</th><th>Tiempo</th><th>Quote</th></tr>";

  #my $cur = $dbh->selectall_arrayref("SELECT qid, qtext, qby, qtime FROM quotes ORDER BY qid DESC");
  #foreach my $row (@$cur) {
  #  my ($id, $quote, $by, $time) = @$row;
  #  print "<tr><td>$id</td><td>$time</td><td>$quote</td></tr>\n";
  #}
  
  open FILE, "<quote.db" or die $!;
  my @lines = reverse <FILE>;
  foreach my $li (@lines) {
    my ($f, $user, $quote) = split(/,/, $li, 3);
    my ($id, $time) = split(/:/, $f);
    $time = scalar localtime($time);
    $id =~ s/^0*//;
    $quote =~ s/^"?'//;
    $quote =~ s/'"?$//;
    $quote =~ s/\&/\&amp;/g;
    $quote =~ s/\</\&lt;/g;
    $quote =~ s/\>/\&gt;/g;
    
    print "<tr><td>$id</td><td>$time</td><td>$quote</td></tr>\n";
  }
  close FILE;
  print "</table></center>";
  print q{</div>
<br />

<div id="foot">
B.a.I. - 2010 · Contacto: <a href="mailto:burocracia@bienvenidoainternet.org">burocracia@bienvenidoainternet.org</a>

</div>
</div>
</center>
</body></html>};
  #$dbh->disconnect();
}