#!/bin/perl

require "ADMIN/config";

use lib '..';
use CGI;
$query = new CGI;

if (($preview = $query->param('preview')) eq 'n') {

    $date_now = &check_fields();

# open temp file for constructing $main_thread_file, and
# perform file locking
    open(LOCK,"list.lock"); flock(LOCK,2);

    open(ORIGDATA,"$main_thread_file") || die;
    
    open(NEWDATA,">$main_thread_file.bak") || die;

# if adding a reply to a current thread (i.e. there is a 'thread' value)
    if ($thread) {

	&update_replies_number();

	open(THREADFILE,">>DATA/$thread.th");
	select(THREADFILE); $| = 1; select(STDOUT);
		  
	&store_post($date_now);
    }
	 
# new thread
    else {
	
	$thread_num = &add_new_thread();
		  
# Create new .th file, enter first post
	open(THREADFILE,">DATA/$thread_num.th") || die;
	select(THREADFILE); $| = 1; select(STDOUT);
	
	&store_post($date_now);
    }

# copy new $main_thread_file.bak to $main_thread_file

    open(NEWDATA,"$main_thread_file.bak");
    open(ORIGDATA,">$main_thread_file");
    
    while(<NEWDATA>) {
	print ORIGDATA;
    }

# finally unlock file

    flock(LOCK,8);
    close(ORIGDATA);
    
    if ($thread) {
	print "Location: $base_url/thread.cgi?$thread,0\n\n";
    }
    else {
	print "Location: $base_url/list.cgi\n\n";
    }
}

elsif ($preview eq 'y') {
    $date_now = &check_fields();

    if (($html = $query->param('html')) eq 'y') {
	$html_field = qq(
Use your own HTML formatting?:
<INPUT TYPE="radio" NAME="html" VALUE="y" CHECKED> Yes
<INPUT TYPE="radio" NAME="html" VALUE="n"> No
			 <BR>);
    }
    else {
	$html_field = qq(
Use your own HTML formatting?: 
<INPUT TYPE="radio" NAME="html" VALUE="y"> Yes
<INPUT TYPE="radio" NAME="html" VALUE="n" CHECKED> No
			 <BR>);
    }

    $prev_field = qq(
<BR>Preview the message?:
<INPUT TYPE="radio" NAME="preview" VALUE="y"> Yes
<INPUT TYPE="radio" NAME="preview" VALUE="n" CHECKED> No
		     <P>);

    print "Content-type: text/html\n\n";
    open(TEMPLATE,"TEMPLATES/add.html");
    
    while(<TEMPLATE>) {
	s/NAME\=\"title\"/NAME\=\"title\" VALUE\=\"$title\"/io;
	s/NAME\=\"author\"/NAME\=\"author\" VALUE\=\"$author\"/io;
	s/NAME\=\"email\"/NAME\=\"email\" VALUE\=\"$email\"/io;
	s/\<TEXTAREA/$html_field<BR><TEXTAREA/;
	s/\<\/TEXTAREA\>/$rawpost\<\/TEXTAREA\>$prev_field/;
	s/\<FORM/\<P\>\<HR\>\<H3\>This is approximately what your post will look like:\<\/H3\>\n$post\<HR\>\<P\>\<FORM/;
	s/\<\/FORM>/$hidden<\/FORM>/;	
	print;
	/\<FORM/ && print "<INPUT TYPE=\"hidden\" NAME=\"thread\" VALUE=\"$thread\">\n";
    }
    close TEMPLATE;
}

else {

    $html_field = qq(
Use your own HTML formatting?: 
<INPUT TYPE="radio" NAME="html" VALUE="y"> Yes
<INPUT TYPE="radio" NAME="html" VALUE="n" CHECKED> No
		     <BR>);

    $prev_field = qq(
<BR>Preview the message?:
<INPUT TYPE="radio" NAME="preview" VALUE="y"> Yes
<INPUT TYPE="radio" NAME="preview" VALUE="n" CHECKED> No
		     <P>);

    print "Content-type: text/html\n\n";
    
    open(TEMPLATE,"TEMPLATES/add.html");
    while(<TEMPLATE>) {
	s/NAME\=\"title\"/NAME\=\"title\" VALUE\=\"$title\"/io;
	s/NAME\=\"author\"/NAME\=\"author\" VALUE\=\"$author\"/io;
	s/NAME\=\"email\"/NAME\=\"email\" VALUE\=\"$email\"/io;
	s/\<TEXTAREA/$html_field<BR><TEXTAREA/;
	s/\<\/TEXTAREA\>/$rawpost\<\/TEXTAREA\>$prev_field/;
	
	print;
    }
    close TEMPLATE;
}

# Subroutines

sub check_fields {

    if ($ENV{'CONTENT_LENGTH'} > 5000) {
        print "Content-type: text/html\n\nPlease reduce the message size for the sake of the hard disk.";
        exit;
    }

    if (!($title = $query->param('title'))) {
        print "Content-type: text/html\n\nPlease go back and enter a title.";
        exit;
    }

    if (!($author = $query->param('author'))) {
        print "Content-type: text/html\n\nPlease go back and enter your name.";
        exit;
    }
    if (!($rawpost = $query->param('post'))) {
        print "Content-type: text/html\n\nPlease go back and enter a message.";
        exit;
    }

    $post = $rawpost;
    $post =~ s/\t/   /g;
    if (($html = $query->param('html')) eq 'n') {
	$post =~ s/\</\&lt\;/g;
        $post =~ s/\>/\&gt\;/g;
	$post =~ s/\n/\<BR\>/g;
    }
    else {
	$post =~ s/\n/ /g;
    }
	 
    $title =~ s/[\t\n]/ /g;
    $title =~ s/\</\&lt\;/g;
    $title =~ s/\>/\&gt\;/g;
    $author =~ s/[\t\n]/ /g;
    $author =~ s/\</\&lt\;/g;
    $author =~ s/\>/\&gt\;/g;
    $email = $query->param('email');
    $email =~ s/[\t\n]//g;
    $email =~ s/\</\&lt\;/g;
    $email =~ s/\>/\&gt\;/g;

    $thread = $query->param('thread');
    $html = $query->param('html');
    $preview = $query->param('preview');

    $date_now = time;

    return $date_now;
}

sub update_replies_number {

    # update the 'replies' value  or 'number of moderated' in $main_thread_file

    open(ORIGDATA,"$main_thread_file") || die;
    while (<ORIGDATA>) {
	chop;
	if (/^$thread\t/) {
            ($thread_num,$titre,$name,$mail,$date,$replies,$last_mod,
	     $mod_val,$mod_num) = split(/\t/,$_);
	    if (!$moderated) {
		$replies++;
	    }
	    else {
		$mod_num++;
	    }
            print NEWDATA "$thread_num\t$titre\t$name\t$mail\t$date\t$replies\t$date_now\t$mod_val\t$mod_num\n";
        }
	else {
	    print NEWDATA $_, "\n";
	}
    }
}

sub add_new_thread {

# get the next $thread_num
    if (open(ORIGDATA,"$main_thread_file")) {
	$top_line = <ORIGDATA>;
	($thread_num, $junk) = split(/\t/,$top_line,2);
    }
    else {
	$thread_num = 0;
    }
    $thread_num_new = $thread_num + 1;
    
    select(NEWDATA); $| = 1; select(STDOUT);
	
    if ($moderated) { $replies = -1; }
    else { $replies = 0; }
    
# Enter new thread num, title, contact into database, append existing threads
    print NEWDATA "$thread_num_new\t$title\t$author\t$email\t$date_now\t$replies\t$date_now\t$moderated\t$moderated\n";
    
    if ($thread_num > 0) {    
	print NEWDATA "$thread_num\t$junk";
	
	while(<ORIGDATA>) {
	    print NEWDATA;
	}
    }
    return $thread_num_new;
}

sub store_post {

    print THREADFILE "$title\t$author\t$email\t$date_now\t$moderated\t";

    $post =~ s/\t/   /g;
    $post =~ s/\r//g;
	 
    print THREADFILE "$post\n";
    close(THREADFILE);
}