#! /usr/pkg/bin/perl

#####
#
# postcard.pl
#
# (c) 1997 Marcio Luis Teixeira.
# All rights reserved worldwide.
#
# Last modified: February 3, 1997
#
# Modification History:
#
#   Sept 24, 2000 - Added support for copyright line
#
# This file may not be sold or bundled with other products without
# the written permission of the author. You may reach me at 
# "marciot@aol.com". Thank you!
#
####

################################################################################
#     You do not need to edit anything past this point. Please change the
#                     autorization configuration file instead.
################################################################################

umask( 077 );

#use English;
require cgilib;

# Make sure the user isn't trying to do anything funny

&reject_special( $ENV{'QUERY_STRING'} );
                 
# Read configuration file specified in QUERY_STRING and decode
# the cgi content from stdin

&cgi_decode_query( \@QUERY );
&cgi_decode_content( \%FORM );
&read_config( "postcard.con", \%CONFIG );

# Load up the card database

open( FILE, "$CONFIG{'HTML_PATH'}/cards.lst" ) or &html_die("Can't open card list");
while( <FILE> ) {
   ($cardname,$gifname,$orientation,$tagline,$copyright) = split( ':', $_ );
   $CARD_GIF{$cardname}=$gifname;
   $CARD_TAG{$cardname}=$tagline;
   $CARD_ORIENTATION{$cardname}=$orientation;
   $CARD_COPYRIGHT{$cardname}=$copyright;
}
close( FILE );

# Predefined fields

$FIELDS{'SCRIPT_NAME'} = $ENV{'SCRIPT_NAME'};
$FIELDS{'HTML_URL'}    = $CONFIG{'HTML_URL'};
$FIELDS{'HOME_URL'}    = $CONFIG{'HOME_URL'};
$FIELDS{'CGI_URL'}     = $CONFIG{'CGI_URL'};

# Figure out what we are supposed to be doing

$action = $QUERY[0];

if ( $action =~ /index/i ) {
   output_html_with_variables( "$CONFIG{'HTML_PATH'}/index.html", \%FIELDS );
   exit;
}

if ( $action =~ /compose/i ) {
   $cardname = $QUERY[1];
   $cardname =~ tr/a-zA-Z0-9_//cd; # Strip non-alphanum
   $orientation = $CARD_ORIENTATION{$cardname};
   $FIELDS{'CARD_NAME'} = $cardname;
   $FIELDS{'IMG_NAME'}  = $CARD_GIF{$cardname};
   $FIELDS{'TAG_LINE'}  = $CARD_TAG{$cardname};
   $FIELDS{'COPYRIGHT'}	= $CARD_COPYRIGHT{$cardname};
   output_html_with_variables( "$CONFIG{'HTML_PATH'}/compose_$orientation.html", \%FIELDS );
   exit;
}

if ( $action =~ /send/i ) {
   $cardname = $QUERY[1];
   $cardname =~ tr/a-zA-Z0-9_//cd; # Strip non-alphanum
   
   $code = generate_code();
   open( FILE, ">$CONFIG{'DB_PATH'}/$code" ) or &html_die("Can't save card data");
   print FILE $cardname . "\n";
   print FILE encode_lf($FORM{'greeting'}) . "\n";
   print FILE $FORM{'tag_line'} . "\n";
   print FILE $FORM{'from_name'} . "\n";
   print FILE $FORM{'from_email'} . "\n";
   print FILE $FORM{'to_name'} . "\n";
   print FILE $FORM{'to_email'} . "\n";
  	close( FILE );
  	
  	# Mail the recepient a message
  	
  	$msg = "
$FORM{'from_name'} has sent you an electronic postcard. To view it,
click on the following link:

   http://$ENV{'HTTP_HOST'}$ENV{'SCRIPT_NAME'}?$code
   
Your postcard will be kept on the server for 60 days. This is an
automated message -- please do not reply.
";
  	sendmail( $FORM{'to_email'}, $FORM{'to_name'},
  	          $FORM{'from_email'}, $FORM{'from_name'},
  	          "Electronic Postcard", $msg );
  	          
	output_html_with_variables( "$CONFIG{'HTML_PATH'}/done.html", \%FIELDS );
	exit;
}

if ( $action =~ /reply/i ) {
   # Note that the to and from addresses are reversed.
   
  	sendmail( $FORM{'from_email'}, $FORM{'from_name'},
  	          $FORM{'to_email'}, $FORM{'to_name'},
  	          "Re: Your Postcard", $FORM{'reply'} );
	output_html_with_variables( "$CONFIG{'HTML_PATH'}/done.html", \%FIELDS );
	exit;
}

if ( ($action =~ /[A-Za-z]{9}/) || ($action =~ /read/) ) {
   if( $action =~ /read/ ) {
   	$action = $FORM{'keycode'};
   }

   $action =~ tr/a-zA-Z0-9_//cd; # Strip non-alphanum
   
   open( FILE, "<$CONFIG{'DB_PATH'}/$action" ) or &html_die("Can't load card data");
   chomp( $cardname   = <FILE> );
   chomp( $greet      = <FILE> );
   chomp( $tagline    = <FILE> );
   chomp( $from_name  = <FILE> );
   chomp( $from_email = <FILE> );
   chomp( $to_name    = <FILE> );
   chomp( $to_email   = <FILE> );
  	close( FILE );
  	
   $FIELDS{'CARD_NAME'}		= $cardname;
   $FIELDS{'IMG_NAME'}		= $CARD_GIF{$cardname};
   $FIELDS{'TAG_LINE'}		= $tagline;
   $FIELDS{'COPYRIGHT'}		= $CARD_COPYRIGHT{$cardname};
   $FIELDS{'GREETING'}		= decode_lf($greet);
   $FIELDS{'FROM_NAME'}		= $from_name;
   $FIELDS{'FROM_EMAIL'}	= $from_email;
   $FIELDS{'TO_NAME'}		= $to_name;
   $FIELDS{'TO_EMAIL'}		= $to_email;
   $orientation = $CARD_ORIENTATION{$cardname};
   output_html_with_variables( "$CONFIG{'HTML_PATH'}/view_$orientation.html", \%FIELDS );
	exit;
}

&html_die("No valid action specified");