#!/usr/bin/perl
# OID entry script
# Config variables
$httpbase = "http://www.alvestrand.no/objectid";
$dirbase = "/home/httpd/html/alvestrand/objectid";
$mailprog = "/usr/sbin/sendmail";
$owneremail = "Harald\@alvestrand.no";

chdir("$dirbase/submissions")
	|| die "Unable to change directory\n";
# Security stuff
$ENV{"PATH"} = "/bin:/local/bin";
open(LOG, ">>submitlog") || die "Unable to open submitlog\n";
open(STDERR, ">&LOG");
select(LOG); $| = 1; select(STDOUT);
$date = `date`;
print LOG "Script started at $date";
print LOG "Argv is ", join(" ", @ARGV), "\n";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
print LOG "Stdin is $buffer\n";

@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
    ($name, $value) = split(/=/, $pair);
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

    # Uncomment for debugging purposes
    # print "Setting $name to $value<P>";
    $entry{$name} = $value;

}
$oid = $entry{"oid"};
$email = $entry{"email"};

if ($oid !~ /^(\d(\.\d+)+)$/) {
    &errorform("This does not look like an OID!");
} else {
    $oid = $1; # Untaint
    # Parameter checking over - enter the data!
    $filename = "$oid.html";
#   if ( -f $filename) {
    if (0) {
	&errorform("This OID is already registered");
    } else {
	print LOG "Opening $filename\n";
	open(FILE, ">$filename") || die "Unable to open $filename\n";
	if ($ENV{'REMOTE_IDENT'}) {
	    $authorization = "$ENV{'REMOTE_IDENT'} (ident)";
	} else {
	    $authorization = "$ENV{'REMOTE_USER'}";
	}
	$authorization = "Authorization gave $authorization" if $authorization;
	$entry{$description} =~ s/\n/<p>/;
	print LOG "Starting to write $filename\n";
	print FILE <<EoF;
<html> <head>
<title>OID description for $oid - $entry{"title"}</title>
</head> <body>
<h1>$oid - $entry{"title"}</h1>
Submitted by $email from host $ENV{'REMOTE_HOST'} ($ENV{'REMOTE_ADDR'})
on $date using a WWW entry form. $authorization
<p>
<strong>OID value:</strong> $oid
<p>
<strong>OID description:</strong><br>
$entry{"description"}
<p>
EoF
    if ($entry{"moreinfo"}) {
	print FILE "<strong>URL for further info:</strong>",
	" <a href=\"$entry{'moreinfo'}\">$entry{'moreinfo'}</a>\n<p>\n";
    }
	print FILE "<!-- AUTOREFERENCE START -->\n";
	$saveoid = $oid;
        while ($oid =~ s/\.\d+$//) {
	    print LOG "Checking for file $oid.html\n";
	    if ( -f "../$oid.html") {
		print FILE "See also <a href=$httpbase/$oid.html>$oid</a> (reviewed)<br>\n";
	    } elsif ( -f "$oid.html") {
		print FILE "See also <a href=$httpbase/submissions/$oid.html>$oid</a>(freshly entered)<br>\n";
	    }
	}
	$oid = $saveoid;
    }
}
print FILE <<EoF;
<p><a href=$httpbase/top.html>Top of OID tree</a>
<!-- AUTOREFERENCE END -->
<hr>
<address>$email</address>
<!-- hhmts start -->
Entered: $date (not changed manually)
<!-- hhmts end -->
</body>
</html>
EoF
print LOG "Finished writing $filename\n";
close FILE || die "Error closing $filename\n";

print <<EoF;
Content-type: text/html

<html>
<body>
Thank you very much!
You may view the data you entered
<a href="$httpbase/submissions/$filename">here</a>.
<p>
At random intervals, the owner, Harald Tveit Alvestrand, will scan
the incoming submissions and integrate them into the formal OID tree.
<p>
If there are any problems with your submission, he will use the Email
address you cited to contact you about it.
<hr>
<address>Harald.T.Alvestrand\@uninett.no</address>

</body>
</html>
EoF
open (MAIL, "|$mailprog $owneremail");
print MAIL "From: WWW server (OID-entry script)\n";
print MAIL "To: $owneremail\n";
print MAIL "Subject: OID $oid - $entry{'title'} submitted\n";
print MAIL "\n";
for $key (keys(%entry)) {
    print MAIL "$key: $entry{$key}\n";
}
close MAIL;

print LOG "Finished!\n";


sub errorform {

    local($error) = @_;
    print <<EoF;
Content-type: text/html

<html>
<body>
I'm sorry, but there was a problem with the data you entered.
<p>
$error
<p>
Please reedit your data and try again.
<p>
If you need more help, contact Harald.T.Alvestrand\@uninett.no
</body>
</html>
EoF
# Die!
die "Error form exit";
}