#!/usr/bin/perl
 
########################################################################
# COPYRIGHT NOTICE:
#
# Copyright 2007 FocalMedia.Net All Rights Reserved.
#
# Selling the code for this program without prior written consent 
# from FocalMedia.Net is expressly forbidden. You may not 
# redistribute this program in any shape or form.
# 
# This program is distributed "as is" and without warranty of any
# kind, either express or implied. In no event shall the liability 
# of FocalMedia.Net for any damages, losses and/or causes of action 
# exceed the total amount paid by the user for this software.
#
########################################################################

#### EDIT HERE -- FOR WINDOWS/IIS BASED INSTALLATIONS ONLY #######

$config_cgi = "config.cgi"; ## <-- CHANGE THIS LINE TO THE FULL SERVER PATH TO config.cgi

# THE PATH ON A WINDOWS INSTALLATION WILL LOOK SOMETHING LIKE THIS:
# $config_cgi = "c:/inetpub/webpub/cgi-bin/pseek/config.cgi";

#### DO NOT CHANGE ANYTHING BELOW THIS LINE #################


#use FindBin;
#use lib $FindBin::Bin;
use CGI;
use DBI;
use CGI::Carp qw(fatalsToBrowser); 
use mysdesk;
use fmspm;

&get_setup;

fmspm::check_spamb("login.cgi", "header", $data_dir);

$q = CGI->new;

################# 
print "Content-type: text/html\n\n"; 


### AUTHENTICATION
if ($q->param('fct') eq "") { mysdesk::login_screen; exit; }
($u_username, $u_password, $enc_password, $login_error, $uid) = mysdesk::check_pass;
if ($login_error ne ""){ mysdesk::login_screen($login_error); exit;}
##################

if ($q->param('fct') eq "do_login") { &do_login; exit;}

#################


sub do_login
{

$login_tmpl = mysdesk::get_file_contents("$data_dir/ucontrolp.html");
$login_tmpl =~ s/!!login_cgi!!/$script_url\/login\.cgi/g;
$login_tmpl =~ s/!!login_error!!/$login_error/g;
$login_tmpl =~ s/!!new_ticket!!/$script_url\/login2\.cgi?fct=new_ticket&u=$u_username&p=$enc_password/g;
$login_tmpl = mysdesk::insert_template_includes($login_tmpl, $u_username, $enc_password);


### LINKS PER PAGE

$results_per_page = 10;
$st = $q->param('st');
if ($st eq "") { $st = 0; }
$total = $q->param('total');


### GET TICKETS

$message_style = mysdesk::get_file_contents("$data_dir/subject_style.html");

if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";}
$dbh = DBI->connect($dsn, $db_username, $db_password);
if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; } 


### GET NUMBER OF SUPPORT TICKETS
if ($total eq "")
	{
	$sql = "SELECT * FROM support_tickets WHERE supportuid = '$uid' ORDER BY ticketid DESC";
	$sth = $dbh->prepare($sql);
	$sth->execute;
	$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $sql";} 
	$total = $sth->rows();
	}

$sql = "SELECT * FROM support_tickets WHERE supportuid = '$uid' ORDER BY ticketid DESC LIMIT $st,$results_per_page";
$sth = $dbh->prepare($sql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $sql";} 

#### RESULTS PER PAGE
$modp = ($total % $results_per_page);
$pages = ($total - $modp) / $results_per_page;
if ($modp != 0) {$pages++;}


while ( @row = $sth->fetchrow() )
	{
	$msg_temp = $message_style;

		($date_only, $tmp) = split (/ /,$row[6]);
		$msg_temp =~ s/!!date!!/$date_only/gi;
		
		$subject = "<a href=\"$script_url/login3.cgi?fct=ticket&id=$row[0]&u=$u_username&p=$enc_password\">$row[4]</a>";
		$msg_temp =~ s/!!subject!!/$subject/gi;
		
		if ($row[7] eq "N"){$status = "Open";}
		if ($row[7] eq "R"){$status = "Replied";}
		if ($row[7] eq "Y"){$status = "Closed";}
		#if ($row[7] eq "Y"){$status = "Replied";} 
		$msg_temp =~ s/!!status!!/$status/gi;  
		
		########################## TICKET ID - USER UDE
		$ticket_no = &get_user_ticket_no($row[0], $row[1]);
		$msg_temp =~ s/!!ticket_no!!/$ticket_no/gi;
	
		if ($row[11] ne "")
			{	
			$msg_temp =~ s/!!replies!!/$row[11]/gi;
			}
			else
			{
			$msg_temp =~ s/!!replies!!/0/gi;
			}
	
	$ticket_table = $ticket_table . $msg_temp;
		
	}

$sth->finish;
$dbh->disconnect; 


#### PAGES

for ($ms = 0; $ms < $pages; $ms++) 
	{
	$pg = $ms + 1;
	$stpg = $results_per_page * $ms;
	
	if ($st ne $stpg)
		{
		$page_display = $page_display . "<a href=\"$script_url/login.cgi?fct=do_login&st=$stpg&total=$total&u=$u_username&p=$enc_password\">$pg</a> ";
		}
		else
		{
		$page_display = $page_display . "[$pg] ";
		$current_st = $stpg;
		}
	}

if ($page_display eq "") { $page_display = 0; }

$login_tmpl =~ s/!!pages!!/$page_display/gi;


##### NEXT | PREV

$prevst = $current_st + $results_per_page;
if ($prevst > $results_per_page)
 	{
 	$prevst = $prevst - ($results_per_page * 2);
	$prev_next = $prev_next . " <a href=\"$script_url/login.cgi?fct=do_login&st=$prevst&total=$total&u=$u_username&p=$enc_password\">< Prev Page</a> ";
	}


$nextst = $current_st + $results_per_page;
if ($nextst < $total)
 	{
 	if ($prev_next ne "")
 		{
 		$spacer = "|";
 		}
 	
	$prev_next = $prev_next . "$spacer <a href=\"$script_url/login.cgi?fct=do_login&st=$nextst&total=$total&u=$u_username&p=$enc_password\">Next Page ></a> ";
	}

$login_tmpl =~ s/!!next_prev!!/$prev_next/gi;


if ($total == 0)
	{
	$message_style =~ s/!!date!!//g;
	$message_style =~ s/!!status!!//g;
	$message_style =~ s/!!ticket_no!!//g;
	$message_style =~ s/!!replies!!//g;
	
	
	$message_style =~ s/!!subject!!/No tickets opened yet/g;
	
	$ticket_table = $message_style;
	}

#########

$login_tmpl =~ s/!!tickets!!/$ticket_table/gi;

######### FIND A TICKET

$login_tmpl =~ s/!!find_msg!!/$script_url\/login3\.cgi/g;
$login_tmpl =~ s/!!username!!/$u_username/g;
$login_tmpl =~ s/!!password!!/$enc_password/g;


print $login_tmpl;

}








#################

sub get_setup
{

$exists = (-e "$config_cgi");
if ($exists > 0)
	{
	open (STP, "$config_cgi");
		while (defined($line=<STP>))
			{
			if ($line =~ m/#/g)
				{
				$r = pos($line);
				$line = substr($line, 0, $r - 1);
				}
				
				$line =~ s/\n//g;
	
if ($line =~ /^DB_NAME/){$db_name = &get_setup_line($line, DB_NAME);}
if ($line =~ /^DB_USERNAME/){$db_username = &get_setup_line($line, DB_USERNAME);}
if ($line =~ /^DB_PASSWORD/){$db_password = &get_setup_line($line, DB_PASSWORD);}
if ($line =~ /^MYSQL_HOSTNAME/){$mysql_hostname = &get_setup_line($line, MYSQL_HOSTNAME);}
if ($line =~ /^MYSQL_PORT/){$mysql_port = &get_setup_line($line, MYSQL_PORT);}

if ($line =~ /^SCRIPT_URL/){$script_url = &get_setup_line($line, SCRIPT_URL);}
if ($line =~ /^ADMIN_URL/){$admin_url = &get_setup_line($line, ADMIN_URL);}
if ($line =~ /^WEB_URL/){$web_url = &get_setup_line($line, WEB_URL);}
if ($line =~ /^WEB_DIR/){$web_dir = &get_setup_line($line, WEB_DIR);}
if ($line =~ /^DATA_DIR/){$data_dir = &get_setup_line($line, DATA_DIR);}

if ($line =~ /^USERNAME/){$username = &get_setup_line($line, USERNAME);}
if ($line =~ /^PASSWORD/){$password = &get_setup_line($line, PASSWORD);}


			}
	close (STP);
	
	}
}




sub get_setup_line
{
my ($setup_line, $setup_var) = @_;
$crit = "\"";
$setup_line =~ m/$crit/g;
$r1 = pos($setup_line);
$setup_line =~ m/$crit/g;
$r2 = pos($setup_line);
$setup_line = substr($setup_line, $r1, ($r2 - $r1 - 1));
$return_val = $setup_line;
return ($return_val);
}

#### END CONFIGURATION ########################################################