#!/usr/bin/perl -wT

BEGIN {
  $ENV{PATH} = "/usr/local/bin:/bin:/usr/bin"; ## for MIME::Lite
}

### config ###

my $from        = 'webmaster@fullscreeners.com';
my $to          = 'info@fullscreeners.com';
my $bcc         = 'alex-bcc@zeitform.de';

my $subject     = 'Mitteilung über Kontaktformular';

my $mailtext = "Folgende Kontaktdaten wurden Ihnen über das Kontaktformular 
auf http://www.fullscreeners.com gesendet:

";

my $date = sprintf("%04d-%02d-%02d", (localtime)[5]+1900, (localtime)[4]+1, (localtime)[3]);

my $form_tmpl   = "/merker/fullscreeners.de/html/de/kontakt/formular2.tmpl";
my $result_tmpl = "/merker/fullscreeners.de/html/de/kontakt/formular-danke.tmpl";

my @sort_fields = qw(firma branche name vorname abteilung strasse plz_ort email telefon fax 
		    );

my %req_fields = ( firma       => 1,
                   branche     => 0,
                   name        => 1,
                   vorname     => 1,
                   abteilung   => 0,
                   strasse     => 1,
                   plz_ort     => 1,
                   email       => 1,
                   telefon     => 1,
                   fax         => 0,
		   captcha     => 1,
		 );

### end config ###

use strict;
use HTML::Template;
use CGI;
use MIME::Lite;
use Email::Valid;

use lib "/perl-zeitform";
use zeitform::captcha;

### init
my $message;
my $q = CGI->new;
my $type = $q->param("cmd");
my %vars;
foreach ($q->param)
  {
    $vars{$_} = $q->param($_);
  }
my %params = ();
my $template;

### drop unwanted params
foreach (keys %vars)
  {
    delete $vars{$_} unless exists $req_fields{$_};
    $vars{$_} =~ s/[\$&<>|\\\/]//g if $vars{$_};  ## clean all chars that we don't want
  }

$vars{"email"} = "" unless $vars{"email"} && Email::Valid->address($vars{"email"});

### collect params
if ($type) ## check for missing fields
  {
    foreach (keys %req_fields)
      {
	$params{"exist_$_"} = $req_fields{$_} && !$vars{$_} ? 1 : 0;
        $params{$_} = $vars{$_} || "";
	$message = 1 if $req_fields{$_} && !$vars{$_};
      }
  }

### captcha
$q->delete("verified");
my $c = zeitform::captcha->new(secret => 'my s3cr3t k3y');
my $captcha_id = $q->param("captcha_id") || $c->encrypt("234554325sdfaw3r");
my $captcha_newrnd = int(rand(1000));
my $captcha_text = $q->param("captcha") || "";
my $captcha_rnd  = $q->param("captcha_rnd") || $captcha_newrnd || "";

if ($captcha_text && $captcha_text eq $c->captcha_text($captcha_id, salt => $captcha_rnd))
{
    $q->param(-name => "verified", -value => 1);
}


### fill template
if ($message || !$type || ! $q->param("verified"))
  {
    $template = HTML::Template->new(filename => $form_tmpl, die_on_bad_params => 0);
    $template->param(
		     %params,
		     message           => $message || 0,
		     cgi               => $q->url(),
	             cpt_id      => $captcha_id,
                     cpt_rnd     => $captcha_newrnd,
		    );
  }

else
  {
      ## create mailtext
      foreach (@sort_fields)
        {
	    my $label = $_; $label =~ s/_/\//g;
	    $mailtext .= sprintf("%-11s: %s\n", uc($label), $params{$_}); 
        }

      $mailtext .= sprintf("%-11s: %s\n", "DATUM", $date);

      my $error = 0;

      ## now the dirty stuff
      eval {

        # send mail to registrator
        my $msg = MIME::Lite->new(
  				From     => $params{email} || $from,
  				To       => $to,
                                Bcc      => $bcc,
  				Subject  => $subject,
                                Encoding => "quoted-printable",
  				Data     => $mailtext,
  			       );
	$msg->attr('content-type.charset' => 'iso-8859-1');
        $msg->send;


      } or $error = 1; ## or do something

      # print result page
      $template = HTML::Template->new(filename => $result_tmpl, die_on_bad_params => 0);
      $template->param(
  		     message            => $error, ## some error things
                     cpt_id      => $captcha_id,
                     cpt_rnd     => $captcha_newrnd,
  		    );

  }

### output
print $q->header;
print $template->output;

###fin