#!/usr/bin/perl

# we use DBI, for it's sexy body
use DBI;

# database connection
my $GLOBAL_DBH = undef;

##
# Returns a random tagline
sub get_tagline {
	return $TAG_LINES[ @TAG_LINES*rand() ];
}

##
# Returns the kwote count
sub get_kwote_count {
	
	# connect
	my $dbh = get_db_connection();
	
	# execute
	my $sth = $dbh->prepare("SELECT COUNT(*) as kwote_count FROM kwote");
	$sth->execute();

	# return
	my $row = $sth->fetchrow_hashref();
	return $row->{"kwote_count"};
}

##
# Returns the kwote_backup count
sub get_kwote_backup_count {
	
	# connect
	my $dbh = get_db_connection();
	
	# execute
	my $sth = $dbh->prepare("SELECT COUNT(*) as kwote_count FROM kwote_backup");
	$sth->execute();

	# return
	my $row = $sth->fetchrow_hashref();
	return $row->{"kwote_count"};
}

##
# does some minor database cleanup
sub cleanup {
	
	# get a db connection
	my $dbh = get_db_connection();
	
	# backup kwotes to be deleted
	my $sth = $dbh->prepare(
		"INSERT INTO kwote_backup SELECT * FROM kwote WHERE ".
		"(now()-submit_dt)>? AND rating<=?"
	);
	$sth->bind_param(1, $KWOTE_TTL);
	$sth->bind_param(2, $KWOTE_DEATH_RATING);
	$sth->execute() or die "Couldn't backup kwotes";

	# delete kwotes
	$sth = $dbh->prepare(
		"DELETE FROM kwote WHERE (now()-submit_dt)>? AND rating<=?"
	);
	$sth->bind_param(1, $KWOTE_TTL);
	$sth->bind_param(2, $KWOTE_DEATH_RATING);
	$sth->execute() or die "Couldn't delete kwotes";

	# delete the vote log (this doesn't affect kwote rating)
	$sth = $dbh->prepare(
		"DELETE FROM vote WHERE (now()-vote_dt)>?"
	);
	$sth->bind_param(1, $VOTE_TTL);
	$sth->execute() or die "Couldn't delete votes";
	
	# let em know we're good 
	print "Kwote Database cleanup complete\n";
	
	# w00t
	return 0;
}

##
# votes on a kwote
sub  vote {
	my ($addr, $kid, $amt) = @_;
	
	# connect to db
	my $dbh = get_db_connection();
	
	# prepare statement
	my $sth = $dbh->prepare(
		"SELECT COUNT(*) as vote_count FROM vote WHERE ".
		"ip_address=? AND kwote_id=?"
	);
	$sth->bind_param(1, $addr);
	$sth->bind_param(2, $kid);
	
	# execute
	$sth->execute();
	
	# get row
	my $row = $sth->fetchrow_hashref();
	
	# check if they suck
	return undef if ($row->{"vote_count"}>=$MAX_VOTES_PER_IP);
	
	# prepare
	$sth = $dbh->prepare(
		"UPDATE kwote SET rating=rating+(?) WHERE id=?"
	);
	$sth->bind_param(1, $amt);
	$sth->bind_param(2, $kid);
	$sth->execute() or return undef;
	
	# record the vote
	$sth = $dbh->prepare(
		"INSERT INTO vote (ip_address, kwote_id, vote_dt) ".
		"VALUES (?, ?, now())"
	);
	$sth->bind_param(1, $addr);
	$sth->bind_param(2, $kid);
	$sth->execute() or return undef;
	
	# we're good
	return 1;
}

##
# adds a kwote to the database
sub add_kwote {
	my ($dbh, $kwote_text, $ip_address) = @_;
	my ($addr, $kid, $amt) = @_;    

	# make sure the kwote is ok
	return undef if (!defined($kwote_text) || $kwote_text eq "");
	
	# prepare statement
	my $sth = $dbh->prepare(
		"SELECT COUNT(*) as kwote_count FROM kwote WHERE ip_address=? AND (now()-submit_dt)<?"
	);
	$sth->bind_param(1, $ip_address);
	$sth->bind_param(2, $SECS_BETWEEN_KWOTES);
	
	# execute
	$sth->execute() or return undef;
	
	# get row
	my $row = $sth->fetchrow_hashref() or return undef;
	
	# check if they suck
	return undef if ($row->{"kwote_count"}>=$MAX_KWOTES_PER_IP);
	
	# prepare statement
	my $sth = $dbh->prepare(
		"INSERT INTO kwote (submit_dt, content, rating, ip_address) ".
		"VALUES (now(), ?, ?, ?)"
	) or return undef;
		
	# bind params
	$sth->bind_param(1, $kwote_text);	# this is the kwote text
	$sth->bind_param(2, 0);				# no rating as of yet
	$sth->bind_param(3, $ip_address);	# the ip address
	
	# execute
	$sth->execute() or return undef;

	# return the id
	return $sth->{insertid};
}

##
# adds a kwote to the database
sub get_kwote {
	my ($dbh, $kid) = @_;
	
	# prepare statement
	my $sth = $dbh->prepare(
		"SELECT * FROM kwote WHERE id=?"
	) or return undef;
		
	# bind params
	$sth->bind_param(1, $kid);
	
	# execute
	$sth->execute() or return undef;
	
	# get the row
	my $row = $sth->fetchrow_hashref();

	# return the id
	return (defined($row)) ? $row : undef;
}

##
# Gets a list of kwotes
sub list_kwotes {
	my ($dbh, $sort_by, $order_direction, $return_amt, 
	$start_index, $search_string, $min_rating, $max_rating) = @_;

	# clean up the numbers
	$return_amt =~ s/[^0-9]//ig;
	$start_index =~ s/[^0-9]//ig;

	# ensure these numbers are ok
	if ($start_index eq "" || int($start_index)<=0) {
		$start_index = 0;
	}
	if ($return_amt eq "" || int($return_amt)<=0
		|| int($return_amt) > 200) {
		$return_amt = 20;
	}

	# break out the keywords
	my @kws = split(/,/,$search_string);

	# build SQL query
	my $sql = "SELECT * FROM kwote WHERE 1=1 ";

	
	# search stuff
	if (defined($search_string)) {
		foreach my $kw (@kws) {
			$sql.= "AND content LIKE ? ";
		}
	}
	
	# min rating
	if (defined($min_rating)) {
		$sql .= "AND rating >= ? ";
	}

	# max rating
	if (defined($max_rating)) {
		$sql .= "AND rating <= ? ";
	}

	# sorting and paging
	if (defined($sort_by)) {
		$sql .=  "ORDER BY $sort_by $order_direction ";
	}
	
	# paging
	$sql .= "LIMIT $start_index, $return_amt ";

	# prepare
	my $sth = $dbh->prepare($sql) or return undef;	
	my $param_num = 1;	

	# apply the search criteria
	if (defined($search_string)) {
		for (my $i=0; $i<@kws; $i++) {
			$sth->bind_param($param_num, "\%".$kws[$i]."\%");
			$param_num++;
		}
	}

	# min rating
	if (defined($min_rating)) {
		$sth->bind_param($param_num, $min_rating);
		$param_num++;
	}

	# max rating
	if (defined($max_rating)) {
		$sth->bind_param($param_num, $max_rating);
		$param_num++;
	}

	# execute
	$sth->execute() or return undef;

	# get the rows
	my @rows;
	while (my $row = $sth->fetchrow_hashref()) {
		push(@rows, $row);
	}
	
	# return it
	return @rows;
}

##
# Connect to the database
sub get_db_connection {
	if (!$GLOBAL_DBH) {
		$GLOBAL_DBH = DBI->connect(
			"dbi:$DB_TYPE:$DB_NAME:$DB_HOST",
			$DB_USER,
			$DB_PASS
		);
	}
	return $GLOBAL_DBH;
}

##
# Escape html
sub html_escape {
	my ($data) = @_;
	my $ret_data = "";
	foreach my $line (split(/\n/,$data)) {
		$line =~ s/</&lt;/g;
		$line =~ s/>/&gt;/g;
		$line =~ s/"/&quot;/g;
		$line =~ s/^\s+/"&nbsp;"x$+[0]/e;
		$ret_data .= "$line<br />";
	}
	return $ret_data;
}

##
# Escape xml
sub xml_escape {
	my ($data) = @_;
	my $ret_data = "";
	foreach my $line (split(/\n/,$data)) {
		$line =~ s/</&lt;/g;
		$line =~ s/>/&gt;/g;
		$line =~ s/"/&quot;/g;
		$line =~ s/^\s+/"&nbsp;"x$+[0]/e;
		$ret_data .= $line;
	}
	return $ret_data;
}

##
# Sends the HTML header
sub send_html_header {
	print STDOUT "Content-type: text/html\n\n";
}

##
# Renders an HTML template
sub wrap_template {
	my ($template, $template_file, %vars) = @_;
	open(IN,"templates/$template/$template_file");
	my $data = join("",<IN>);
	close(IN);
	foreach $key (keys %vars) {
		$data =~ s/\${$key}/$vars{$key}/ig;
	}
	return $data;
}

##
# Wraps and renders a template
sub render_template {
	my ($template, $template_file, %vars) = @_;
	my $data = wrap_template($template, $template_file, %vars);
	print STDOUT $data;
}

##
# Parse form data
sub parse_form {
	my (@pairs, $pair, $buffer, %FORM);
	if ($ENV{'REQUEST_METHOD'} eq 'GET') {
		@pairs = split(/&/, $ENV{'QUERY_STRING'});
	} elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
		read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
		@pairs = split(/&/, $buffer);
	}
	foreach $pair (@pairs) {
		local($name, $value) = split(/=/, $pair);
		$name =~ tr/+/ /;
		$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
		$value =~ tr/+/ /;
		$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
		$FORM{$name} = $value if (length($value)>0);
	}
	return %FORM;
}
                                                                                            
1;