#!/usr/bin/perl -w
 
 #  Copyright (c) 2002 by Martin 'm3'Leyrer
 #
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 
 use strict; # We want more Errors! ;)
 use DBI;    # Database Interface
 use CGI;    # CGI-Tools
 use CGI::Carp qw(fatalsToBrowser);  # Fatal error messages are now sent to browser
 use Time::Piece::MySQL; # Convert Unix-Timestamps to MySQL format and vice versa
 require URI::Find::Schemeless;      # Validate a URL
 use Mail::RFC822::Address qw(valid);    # Validates email addresses against the grammar described in RFC 822 using regular expressions. 
 
 
 
 # create new CGI object
 use CGI qw/:cgi/;
 my $query = new CGI;
 print $query->header;   # print HTTP headers
 
 # read possible POST-values into array
 my @fields = qw { name mail web comment };
 my @para;
 foreach (@fields) {
     push(@para, $query->param($_));
 }
 
 # print HTML-Form 
 print << '__UND_AUS__';
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>
 <head>
 <title>Projekt5: GB</title>
 </head>
 
 <body>
 <form name="gbform" method="post" action="guestbook.pl">
   <table width="40%" border="0" cellspacing="0" cellpadding="0">
     <tr> 
       <td>Name</td>
       <td><input type="text" name="name"></td>
     </tr>
     <tr> 
       <td>eMail</td>
       <td><input type="text" name="mail"></td>
     </tr>
     <tr> 
       <td>web</td>
       <td><input type="text" name="web"></td>
     </tr>
     <tr> 
       <td>comment</td>
       <td><textarea name="comment"></textarea></td>
     </tr>
     <tr>
       <td>&nbsp;</td>
       <td><input type="submit" name="submit" value="eintragen"></td>
     </tr>
   </table>
 </form>
 __UND_AUS__
 
 # Connect to DB
 my $dbh = DBI->connect("DBI:mysql:cargal_guestbook", 'cargal', 'THINK! DISOBEY! CREATE!', { RaiseError => 1, AutoCommit => 1 } ) or die "Fehler $DBI::errstr";
 
 # put posted data (if any) into db
 if (request_method() eq "POST") {
     my $erg = add_data(@para);
     if( $erg > 0) {
          die "Error with writing Parameter '$fields[$erg]'. Value: '$para[$erg]'<p>n";
     }
 }
 
 # read & print old entries
 my $sth = $dbh->prepare("SELECT * FROM guestbook ORDER BY timestamp DESC");
 $sth->execute();
 while ( my @row = $sth->fetchrow_array ) {
     print "$row[0] (<a href="mailto:$row[1]">$row[1]</a> <b> || </b>";
     print "<a href="$row[2]">$row[2]</a>) schrieb am ";
     print mysqltime2human($row[4]) . ":<br>n";
     print "<pre>$row[3]</pre>n<br><br>n";
 }
 
 print "</body>n</html>n";
 
 # close connection to db
 $dbh->disconnect;
 
 
 # verify data and insert it into the db
 sub add_data {
     my $para = shift @_;
 
     $para[0] = $para[0];
     return(1) if($para[0] eq '');
     $para[1] = check_email($para[1]);
     return(2) if($para[1] eq '');
     $para[2] = check_url($para[2]);
     return(3) if($para[2] eq '');
     $para[3] = $para[3];
     return(4) if($para[3] eq '');
             
     # Prepare Insert
     my $sth = $dbh->prepare('INSERT INTO guestbook (name, email, web, eintrag, timestamp) VALUES (?,?,?,?,?)');
 
     # Timestamp generieren
     my $time = localtime;
     push(@$para, $time->mysql_datetime);
     
     # Execute Insert
     my $rv = $sth->execute(@$para)  or die $sth->errstr;
     if ($rv < 0) {
         die $sth->errstr;
     }
     return(0);
 }
 
 # Convert MySQL Timestamp into human redable format
 sub mysqltime2human {
     my $m = shift @_;
     my $t = Time::Piece->from_mysql_datetime( $m );
     my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($t);
     my $s = sprintf( "%2.2d.%2.2d.%4.4d um %2.2d:%2.2d Uhr", $mday+1, $mon, 1900+$year, $hour, $min);
     return($s);
 }
 
 sub check_url {
     my $url = shift @_;
     my $uri = '';
     
     my $finder = URI::Find::Schemeless->new(
         sub {
             $uri = shift @_;
             return $uri;
     });
     if ( $finder->find($url) ) {
         return($uri);
     } else {
         return('');
     }
 }
 
 sub check_email {
     my $mail = shift @_;
     if (valid($mail)) {
         return($mail);
     } else {
         return('');
     }
 }