#!/usr/bin/perl -w
##########################################################################
#
# The initial filmlib cgi. This is where the main decision tree is and
# the hub of the whole operation.
# Filename: init.cgi
#					-Neil Doane
##########################################################################

# Set up the cgi script 
push(@INC,"/var/lib/httpd/cgi-bin");
push(@INC,"/usr/lib/perl5/i586-linux/5.00404");
require "cgi-lib.pl";	# For easy cgi functions.
require "cookie.lib";	# For easy cookie functions.
use DBI;		# For easy database functions.
#use diagnostics;	# For when it's not so easy.
#use strict;
# Read in the form input and set up some variables with it.
&ReadParse(*input);
$action_type = $input{'action_type'}; # What're we doing?
$string = $input{'search_string'};    # We looking for anything in particular
$browse = $input{'browse'};	      # Or are we looking at everything?



# Set up the two most important variables we'll be using.
$user = $input{'user'};			
$password = $input{'password'};

# If either field is blank, assume we're just browsing.
# So log into the read-only account.
if ($user eq "" || $password eq "") {
		$user = "read";
		$password = "read";
	} 


# Connect to the database or die (this also verifies the passwords.)
$dbh = DBI->connect("DBI:mysql:filmlib",$user,$password) 
	or die &ErrNoLogin;


# We need the content-type header info here.
print "Content-type:text/html\n";

# Okay, set the cookies and die if they can't be set properly.
&SetCookies('userted',$user);
&SetCookies('passwordted',$password);


# The main decision tree...the center of our universe.
#
	
	if ($action_type eq "query" && $browse eq "true" && $string ne "") 
		{ 
			# They selected browse everything and then
			# specified a search string...duh.
			print "\n";
			&ErrStrnBrowse;
		}
	elsif ($action_type eq "query" && $browse eq "true") 
		{ 
			&Query ("_all");
		}
	elsif ($action_type eq "query" && $browse ne "true" && $string eq "") 
		{ 
			print "\n";
			&ErrNoString;
		}
	elsif ($action_type eq "query" && $browse ne "true" && $string ne "") 
		{ 
			&Query;
		}
	elsif ($action_type eq "add" && ($browse eq "true" || $string ne ""))
		{ 
			print "\n";
			&ErrAddnQuery;
		}
	elsif ($action_type eq "add") 
		{ 
			&AddIt;
		}
	
	else 
		{
			print "\n";
			&ErrNoSolution;
		}





&HtmlBot;



#---------BEGIN Subroutines--------#


# This is an error-output subroutine.
sub ErrNoLogin {

	$refer = $ENV{'HTTP_REFERER'};
	print "Content-type:text/html\n\n";

	print <<END_ERROR_1;

<html>

<title>Film/Video Library - Login Error 1:NoLogin</title>
<body bgcolor="#ffffff" background="bgitem1.jpg">


<table width=550>
<tr><td colspan=1 bgcolor="#ffffff" align=center><a
href="http://web.indstate.edu:80/mtr/filmlib.html"><img
src="filmtop.jpg" border=0></a>
<tr><td bgcolor="#eeeeee">
<b>Login Error</b><p>
<tr><td>
There has been an error connecting to the database.  The most likely reason
this has happened is that you have attempted to use an invalid username and
password to access the database.<p>

Please keep the following in mind:<br>
	<ol>
	<li>No password is required to view records in the database.<br>
		(Simply leave the "username" and "password" fields empty<br>
		if you are just wanting to browse the film/video library.)
	<li>Only authorized accounts may modify the database in any way.<br>
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_1


	&HtmlBot;
}
	
sub ErrStrnBrowse {
	$refer = $ENV{'HTTP_REFERER'};
	print <<END_ERROR_2;

<title>Film/Video Library - Submission Error 1:ErrStrnBrowse</title>
<BODY bgcolor="#ffffff" background="bgitem1.jpg">

<table width=550>
<tr><td colspan=1 bgcolor="#ffffff" align=center><a
href="http://web.indstate.edu:80/mtr/filmlib.html"><img
src="filmtop.jpg" border=0></a>

<tr><td bgcolor="#eeeeee">
<b>Submission Error</b><p>
<tr><td>
There has been an error processing your request.  It appears that you have
specified to both "Browse all records" (indicating you wish to view the
entire database) and have also specified a search text (indicating you
wish to search for specific database entries.)
<p>

Please keep the following in mind:<br>
	<ol>
	<li>Select only "Browse all records" <b>or</b> enter a text to
search for...not both.
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_2


	&HtmlBot;
}

 
sub ErrNoString {
	$refer = $ENV{'HTTP_REFERER'};
	print <<END_ERROR_3;

<title>Film/Video Library - Submission Error 1:ErrNoString</title>
<BODY bgcolor="#ffffff" background="bgitem1.jpg">

<table width=550>
<tr><td colspan=1 bgcolor="#ffffff" align=center><a
href="http://web.indstate.edu:80/mtr/filmlib.html"><img
src="filmtop.jpg" border=0></a>

<tr><td bgcolor="#eeeeee">
<b>Submission Error</b><p>
<tr><td>
There has been an error processing your request.  It appears you have not
selected the "Browse all records" option, yet have not specified a search
string in the "Search For:" text area.<p>

Please keep the following in mind:<br>
	<ol>
	<li>Select "Browse all records" to view every record in the
database.
	<li>Enter the text you wish to find in the database in the space
marked "Search For:" on the submission form and select the database catagories you
wish to search in (in the space marked "Search In:")
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_3


	&HtmlBot;
}

sub ErrAddnQuery {
	$refer = $ENV{'HTTP_REFERER'};
	print <<END_ERROR_4;

<title>Film/Video Library - Submission Error 1:ErrAddnQuery</title>
<BODY bgcolor="#ffffff" background="bgitem1.jpg">


<table width=550>
<tr><td colspan=1 bgcolor="#ffffff" align=center><a
href="http://web.indstate.edu:80/mtr/filmlib.html"><img
src="filmtop.jpg" border=0></a>

<tr><td bgcolor="#eeeeee">
<b>Submission Error</b><p>
<tr><td>
There has been an error processing your request.  It appears you have either 
selected the "Browse all records" option <b>or</b> have entered a search
string while at the same time selecting the "Add A New Record" action.  The
two basic types of action are 'View/Modify/Delete Records' or 'Add A New
Record'...you may not do both simultaneously.

Please keep the following in mind:<br>
	<ol>
	<li>Select "Browse all records" to view every record in the
database.
	<li>Enter the text you wish to find in the database in the space
marked "Search For:" on the submission form and select the database catagories you
wish to search in (in the space marked "Search In:")
	<li>Select the 'Add A New Record' to create a new database entry.
	<li>You may <b>NOT</b> add a new record at the same time you are
searching the database.
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_4


	&HtmlBot;
}

sub ErrNoSolution  {	
	$refer = $ENV{'HTTP_REFERER'};
	print <<END_ERROR_5;

<title>Film/Video Library - Submission Error 1:ErrAddnQuery</title>
<BODY bgcolor="#ffffff" background="bgitem1.jpg">


<table width=550>
<tr><td colspan=1 bgcolor="#ffffff" align=center><a
href="http://web.indstate.edu:80/mtr/filmlib.html"><img
src="filmtop.jpg" border=0></a>


<tr><td bgcolor="#eeeeee">
<b>Submission Error</b><p>
<tr><td>
There has been an error processing your request.  We have no idea what you
are doing...please report this error to your server administrator. 

Please keep the following in mind:<br>
	<ol>
	<li>Select "Browse all records" to view every record in the
database.
	<li>Enter the text you wish to find in the database in the space
marked "Search For:" on the submission form and select the database catagories you
wish to search in (in the space marked "Search In:")
	<li>Select the 'Add A New Record' to create a new database entry.
	<li>You may <b>NOT</b> add a new record at the same time you are
searching the database.
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_5


	&HtmlBot;

}


sub Query 
{
	local ($records) = @_;

# If we're called with 'all', then we show every single record.
#
	if ($records eq "_all") 
		{
		#set search clause to all records


		$prepare="SELECT ID,TITLE,CATALOGNO,RUNTIME,LANGUAGE,LANGUAGE FROM Result3";


		}

# Otherwise we start looking for specif stuff.
  	if ($records ne "_all")
 		{
		# Set search clause to selected records
		$title = $input{'Title'};
		$catno = $input{'CatalogNo'};
		$runtm = $input{'Runtime'};
		$annot = $input{'Annotation'};
		$langu = $input{'Language'};
		$allfi = $input{'AllFields'};
		
# Find out what to look for if we're not querying 'all' records.
#
# If they've either a> selected the 'All Fields' option or b>
# Not checked any of the other options, then we give them everything...
# Otherwise...we give them what they've asked for.



#chop $string;
$strleng = length $string;
$pos =$strleng;
for($k=($strleng-1);$k>=0;$k--)

{
        $sub3 = substr($string,$k,1);
        if ($sub3 eq " " )
        {       $pos--;}
        else{}
}
$sub4= substr($string,0,$pos); 




$dudball = "";
for ($i=0 ; $i<$pos ; $i++)
	{
	$sub2 = substr($sub4,$i,1);
	$uc = uc $sub2;
	$lc = lc $sub2;
	$dudball = "$dudball\[$uc$lc\]";
	}

	




		if (
			(	
			($title ne "True") &&
			($catno ne "True") &&
			($runtm ne "True") &&
			($annot ne "True") &&
			($langu ne "True")
			) 
			||
			($allfi eq "True")
			
		 )
			{ 
		  # Make select for all fields



			$string_u = uc $string;	
				
			$prepare="SELECT * FROM Result3
				WHERE TITLE REGEXP \"$string_u\"  
				OR CATALOGNO REGEXP \"$dudball\"
				OR RUNTIME REGEXP \"$dudball\"
				OR ANNOTATION REGEXP \"$dudball\"
				OR LANGUAGE REGEXP \"$dudball\" ";

		} else {

			# Something was checked...and it wasn't allfie.
			$string_u = uc $string;
			$title_w="";
			$catno_w="";
			$runtm_w="";
			$annot_w="";
			$langu_w="";
			if ($title eq "True") {
				$title_w=" OR TITLE REGEXP \"$string_u\"";
				}
			if ($catno eq "True") {
				$catno_w=" OR CATALOGNO REGEXP \"$dudball\"";
				}
			if ($runtm eq "True") {
				$runtm_w=" OR RUNTIME REGEXP \"$dudball\"";
				}
			if ($annot eq "True") {
				$annot_w=" OR ANNOTATION REGEXP \"$dudball\"";
				}
			if ($langu eq "True") { 
				$langu_w=" OR LANGUAGE REGEXP \"$dudball\"";
				}

			$prepare="SELECT * FROM Result3 WHERE ID='0'
				$title_w $catno_w $runtm_w $annot_w
				$langu_w"			

			}
	}
	

# Send it to Execute...start at 0, end at 20.
#
&Execute($prepare,"0","20");
}

# End the HTML cleanly.
sub HtmlBot	
	{
	return "</body>\n</html>\n";
	}



sub Execute
{
	local($pprepare) 	= @_[0];
   	local($start_num)	= @_[1];
	local($end_num)	 	= @_[2];


	if (($start_num eq "") || ($end_num eq "")) {
		print "ERROR: Execute passed without parameters";
		}
	

	$cursor = $dbh->prepare("$pprepare");		
	$cursor->execute;

	# ...stick them in an array.
	my @field;
	
	# Start the HTML output...set up the table for results.
	
	&SetCookies('prepared',$prepare);

	print "\n";
	

	print "<title>Database Results</title>";
	print "<BODY bgcolor=\"#ffffff\" background=\"bgitem1.jpg\">";
        print "<center><table size=600>";
 
	print "<tr><td colspan=5 bgcolor=\"#ffffff\" align=center>";
	print "<IMG src=\"filmtop.jpg\" border=0></a>";
	print "<tr><td bgcolor=\"#dddddd\" colspan=5>Database Results\n";
	print "<tr><td bgcolor=\"#ffffff\">ID Number<td>Title<td>Catalog Number <td>Runtime <td>Language\n";


	$i=$start_num;
	$b=0;
	while ( @field = $cursor->fetchrow_array ) {
		
		if (($i >= $start_num) && ($i <= $end_num)) 
			{
			print "<tr><td bgcolor=\"#eeeeee\">$field[0] 
				<td bgcolor=\"#eeeeee\">
				<A href=\"display.cgi?single=True&id=$field[0]\">$field[1]</a> 
				<td bgcolor=\"#eeeeee\">$field[2]
				<td bgcolor=\"#eeeeee\">$field[3]
				<td bgcolor=\"#eeeeee\">$field[5]\n";
				$b++;
			}
		$i++;
		}
	$count=$i-1;











	if ( $b == 0 ) 	
			{

	print <<GOOFY;

	<tr><td colspan=5 bgcolor="#eeeeee" align="center">
		
	<font size="+2">Sorry</font><br>
	Your search yielded no results.  
	Please <a href="index.html">revise your search</a> and try again.<p>
	
GOOFY

			}




	print "<tr><td colspan=5 bgcolor=\"#eeeeee\" align=\"center\">";	
	PREVIOUS: 
	 {

	 	if ($start_no >= 20) 
		{
		$start_no	= $start_num - 20;
		$end_no		= $end_num - 20;
		print "<A
	href=\"display.cgi?startnumber=$start_no&endnumber=$end_no\">
		<- [ Previous 20 Records ] </a>";
		}
	 }


	NEXT:
	{
	 	if ($start_no <= ($count-20)) 
		{
		$start_no	= $start_num + 20;
		$end_no		= $end_num + 20;
		print "<A
	href=\"display.cgi?startnumber=$start_no&endnumber=$end_no\">
		[ Next 20 Records ] -></a>";
		}
	}

	$cursor->finish;
	$dbh->disconnect;
	        print <<TTT;
        <tr><td colspan=5 bgcolor="#ffffff" align=center>
        <a href="index.html">[ Back to Main Page ]</a>
TTT

    print "</table>\n";

	&HtmlBot;



}	



sub ErrNoCookie
{
	$refer = $ENV{'HTTP_REFERER'};
	print <<END_ERROR_X;

<title>Film/Video Library - Submission Error 1:ErrNoCookie</title>
<table width=550>
<tr><td bgcolor="#eeeeee">
<b>Security Error</b><p>
<tr><td>
There has been an error processing your request.  Accessing this program
requires that you have the ability to pass and accept Cookies with your
browser.  Some browsers do not have the ability to accept Cookies, but it
may be that your browser does accept Cookies but that they are disabled in
your present security settings.

Please keep the following in mind:<br>
	<ol>
	<li>Check with the vendor of your browser to see if it does accept
cookies.
	<li>Check the help documentation that came with your browser to
determine if you can enable the sending and recieving of Cookies.
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_X


	&HtmlBot;


}


sub AddIt 
{
	
	if ( $user eq "read" ) {
		&ErrNoAdd;
		} else {

		
		print "\n";
		print "<title>Testing</title><body bgcolor=\"#ffffff\">";		
		print <<ENDOFTABLE;
	<form action="dbmodify.cgi" method=post>
	<input type="hidden" name="action_type" value="add">
	<center><table width="500">
	<tr><td bgcolor="#eeeeee" colspan=3>
		<font size="+1"> &nbsp; Information on This Film/Video</font>
	<tr><td colspan=3 bgcolor="#cccccc" align=center><font size="-1">Title: </font>
		<input type="text" size=40 name="title">
	<tr><td bgcolor="#dddddd" align=center>
		<font size="-1">Catalog Number:</font>
		<input type="text" name="catalogno">
	<td bgcolor="#dddddd" align=center>
		<font size="-1">Runtime (in minutes): </font>
		<input type="text" name="runtime">
	<td bgcolor="#dddddd" align=center>
		<font size="-1">Language: </font> 
		<input type="text" name="language" value="(None given)">
	<tr><td colspan=3 bgcolor="#eeeeee" align=center>
		<font size="-1">Information:</font><br>
		<textarea name="annotation" rows="10" cols="50" wrap=soft>
		</textarea><p>
	<tr><td colspan=3 bgcolor="#dddddd" align=center><p>
		<A href="index.html"> [ Back To Main Page ]</a><br>
	<tr><td colspan=3 bgcolor="#eeeeee" align=center><p>
	<input type="submit" value="Add Record To Database">
	</form>
		
		
		
		
	</table>
	
ENDOFTABLE
	
	&HtmlBot;	

	}
	
}


sub ErrNoAdd
{
	$refer = $ENV{'HTTP_REFERER'};
	print <<END_ERROR_X;

<title>Film/Video Library - Database Modification Error 1:ErrNoAdd</title>
<table width=550>
<tr><td bgcolor="#eeeeee">
<b>Security Error</b><p>
<tr><td>
There has been an error processing your request.  It appears you are
attempting to "Add A New Record" to the database.  Database security
measures require that you first login with an authorized username and
password before attempting database modification.  

Please keep the following in mind:<br>
	<ol>
	<li>Logging into the database with no specific username or password logs you into
the default read-only account.
	<li>If you have a secure password, you will need to return to the
main page, then enter your account information in the space provided.
	</ol>
<p>
Please <A HREF="$refer">go back</a> and try again.
</table>

END_ERROR_X


	&HtmlBot;


}