#!/usr/planet/bin/perl5

require("include/bbn.pm");
use Msql;

#### configuration constants
$SENDMAIL = '/usr/lib/sendmail';           # location of your sendmail binary
$TO_ADDRESS = 'sourceNEW@mail.cato.com';  # will become this one

#### Do standard HTTP stuff ####
&cgi_receive;
&cgi_decode;
&cgi_header;

#### Do the actual processing ##########################################

#### Make sure the database is alive
$dbh = Connect Msql;
if (!$dbh) { &do_msql_error; }
SelectDB $dbh $DB;

#### mash some fields to all lower case
$FORM{'email'} = "\L$FORM{'email'}" ;
#$FORM{'password'} = "\L$FORM{'password'}" ;
#$FORM{'password2'} = "\L$FORM{'password2'}" ;

#### Validate the data... are the fields filled in?
&check_fields;
#&do_pwd_doc; 
&zorch_nasties;
#&check_pwd;
&check_logon;

#### Add the data to the database
$dmade= time();
$query = "insert into $TBL_REG values 
   ('$FORM{'email'}', 'NoMorePwds', 
    '$FORM{'lname'}', '$FORM{'fname'}', 
    '$FORM{'company'}', '$FORM{'title'}', '$FORM{'address'}', 
    '$FORM{'country'}', '$FORM{'phone'}', '$FORM{'fax'}', 
    '$FORM{'howheard'}', $dmade, 
    '$ENV{'REMOTE_ADDR'}', '$ENV{'REMOTE_HOST'}', '$ENV{'REMOTE_USER'}',
    'N',$dmade)";

$sth = Query $dbh $query;

if (!defined($sth)) {
   print "We were unable to add your information to the CatoSource database.";
   print "<p>\n";
   print "Please try registering again in a few minutes, or contact ";
   print "CatoSource to report the problem using the email address below.";
   print "<p>\n";
   &cgi_footer;
   exit;
}

#### snapshot the database for backup
$DBDUMPFILE = $DBDUMP_PATH . $DB . ".dump." . $dmade ;
`$DBDUMPER $DB >$DBDUMPFILE` ;

#### confirm data with the user
&do_thanks_doc;

#### Notify someone at CCS
&do_mail;

exit;

#### SUBROUTINES ####################################################


sub error_blank_field {
  # Procedure to send a message back to the user if a required field on 
  # the form was left blank. Call with the name of the missing field.
  local($variable) = @_;
  print "<H1>Incomplete Form</H1>\n";
  print "You did not fill in $variable.\n";
  print "Please provide all the requested information.\n";
  print "Use your browser's <b>Back</b> operation to return to the form;";
  print "any existing information will be retained. \n";
  &cgi_footer;
  exit;
}


sub check_fields {
  # Check all the required fields for a form and fail if any are blank
  # ouputs a apropos error message first
  &error_blank_field('your last name') unless ($FORM{'lname'});
  &error_blank_field('your first name') unless ($FORM{'fname'});
  &error_blank_field('your company') unless ($FORM{'company'});
  &error_blank_field('your address') unless ($FORM{'address'});
  &error_blank_field('your country') unless ($FORM{'country'});
  &error_blank_field('your phone number') unless ($FORM{'phone'});
  &error_blank_field('your email address') unless ($FORM{'email'});
}


sub zorch_nasties {
  # Check form fields for characters that will foul up the database insertion
  # first replace ' char by \'
  $FORM{'email'} =~ s/'/\\'/g ;
  #$FORM{'password'} =~ s/'/\\'/g ;
  #$FORM{'password2'} =~ s/'/\\'/g ;
  $FORM{'lname'} =~ s/'/\\'/g ;
  $FORM{'fname'} =~ s/'/\\'/g ;
  $FORM{'company'} =~ s/'/\\'/g ;
  $FORM{'address'} =~ s/'/\\'/g ;
  $FORM{'country'} =~ s/'/\\'/g ;
  $FORM{'phone'} =~ s/'/\\'/g ;
  $FORM{'fax'} =~ s/'/\\'/g ;
  $FORM{'title'} =~ s/'/\\'/g ;
  $FORM{'howheard'} =~ s/'/\\'/g ;
}


sub do_thanks_doc {
  print<<EndOfDoc;
<h2>Thank You for Registering</h2>
<img src="/pix/line1.gif">
<h4>Next time you use CatoSource enter as a registered reader.</h4>
<h4>The following information has been recorded for you: </h4>
<ul>
Name: $FORM{'fname'} $FORM{'lname'}<BR>
EMail: $FORM{'email'}  (this is your logon identifier)<BR>
Company: $FORM{'company'}<BR>
Title: $FORM{'title'}<BR>
Address: $FORM{'address'}<BR>
Country: $FORM{'country'}<BR>
Phone: $FORM{'phone'}
Fax: $FORM{'fax'}<BR>
</ul>
</form>
<FORM METHOD=POST ACTION="/cgi-bin/logon">
<ul>
<table border>
<tr><td>Do you see a boxed table with 2 rows here?
<tr><td><input type="radio" name="tables" value="yes" checked>Yes
<input type="radio" name="tables" value="no" >No
<input type="hidden" name="logon" value="$FORM{'email'}>
</table>
</ul>
<INPUT TYPE="submit" VALUE="Start your CatoSource Session">
<p>
<a href="/index.html"><img src="/pix/ccs-ico.gif"> Return to Welcome page</a>
</FORM>
EndOfDoc
  &cgi_footer("registration");
}


sub do_mail {
  open(MAIL, "| $SENDMAIL $TO_ADDRESS") || die("Can't open $SENDMAIL: $!\n");
  print MAIL "From: $FORM{'email'} ($FORM{'fname'} $FORM{'lname'})\n";
  print MAIL "Reply-to: $FORM{'email'} ($FORM{'fname'} $FORM{'lname'})\n";
  print MAIL "To: $TO_ADDRESS\n";
  print MAIL "Subject: CatoSource New User Registration\n";
  print MAIL "=============================================================\n";
  print MAIL "HOST:      $ENV{'REMOTE_HOST'} ($ENV{'REMOTE_ADDR'})\n";
  print MAIL "USER:      $ENV{'REMOTE_USER'}\n";
  print MAIL "BROWSER:   $ENV{'HTTP_USER_AGENT'}\n";
  print MAIL "=============================================================\n";
  while ( ($key,$val) = each %FORM ) { 
    print MAIL "$key=$val\n"; 
  }
  print MAIL "=============================================================\n";
  close(MAIL);
}


sub check_logon {
  #See if the entry is in the database
  $FORM{'email'} = "\L$FORM{'email'}" ;
  $query = "select logon from $TBL_REG where logon = '$FORM{'email'}'";
  $sth = Query $dbh $query;
  if (!defined($sth)) { &do_msql_error; }
  @arr = FetchRow $sth;
  if ($#arr >= $[) { 
     print "<h1 ALIGN=CENTER>Unable to use that logon idenitifer.</h1>\n";
     print "Someone has already registered using the address: $FORM{'email'}\n";
     print "Please use your browser's <b>Back</b> operation ";
     print "and select another name.<p>\n"; 
     &cgi_footer;
     exit;
  }
}


sub do_msql_error {
  print "<h2>Failure Accessing Database</h2>\n";
  print "The database is currently down for maintainence.\n";
  print "Please try connecting again in a few minutes.\n";
  print "<p>\n";
  &cgi_footer;
  exit;
}


sub do_pwd_doc {
### this is inactive at the moment 1/26/96 pds
print<<EndOfDoc;
<HTML>
<HEAD>
<TITLE>Enter Logon Information</TITLE>
</HEAD>
<BODY
TEXT="#000000" LINK="#ff0000" VLINK="#000aaf" ALINK="#0ff000"
Background="/pix/panel.gif" 
>
<FORM ACTION="/cgi-bin/addUser" METHOD="POST">
<H1>Welcome to CatoSource</H1>
<img src="/pix/line1.gif">
<p>
To use the system, you will need to enter your email address and a password.
<p>
<STRONG>Type a password:</STRONG>  
<INPUT TYPE="password" NAME="password" MAXLENGTH=30 SIZE=30>
<p>
<STRONG>Verify password:</STRONG>  
<INPUT TYPE="password" NAME="password2" MAXLENGTH=30 SIZE=30>
<INPUT TYPE="hidden" NAME="lname" VALUE="$FORM{'lname'}">
<INPUT TYPE="hidden" NAME="fname" VALUE="$FORM{'fname'}">
<INPUT TYPE="hidden" NAME="company" VALUE="$FORM{'company'}">
<INPUT TYPE="hidden" NAME="title" VALUE="$FORM{'title'}">
<INPUT TYPE="hidden" NAME="address" VALUE="$FORM{'address'}">
<INPUT TYPE="hidden" NAME="country" VALUE="$FORM{'country'}">
<INPUT TYPE="hidden" NAME="phone" VALUE="$FORM{'phone'}">
<INPUT TYPE="hidden" NAME="fax" VALUE="$FORM{'fax'}">
<INPUT TYPE="hidden" NAME="email" VALUE="$FORM{'email'}">
<INPUT TYPE="hidden" NAME="howheard" VALUE="$FORM{'howheard'}">
<p>
<INPUT TYPE="submit" VALUE="Submit Form">
<INPUT TYPE="reset" VALUE="Clear Form">
</FORM>
</BODY>
</HTML>
EndOfDoc
}


sub check_pwd {
#### this is inactive at the moment  1/26/96 pds
  if ($FORM{'password'} eq $FORM{'password2'}) { return; }
  #&cgi_header("Registration Request Error");
  print <<EndPWD;
<h1>Passwords Did Not Match</h1>
The two password entries did not match.
Use your browser's <b>Back</b> operation to return to the form and enter
the same password in both fields. They must be exactly the same.
EndPWD
  &cgi_footer;
  exit;
}