$path = "$ENV{'PATH_TRANSLATED'}";
$path =~ s/bbs-submit.cgi//;
$configFile = "config";
$configPath = $path.$configFile;
require $configPath;

print "Content-type: text/html\n\n";
#
# This reads in the information sent when the user pressed Submit
#
if ($ENV{'REQUEST_METHOD'} eq "GET") { $buffer = $ENV{'QUERY_STRING'}; }
else { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); }
#
# Now, using a little loop, we'll split up the data into name/value
# pairs, which makes them easier to work with. 
#
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
    ($name, $value) = split(/=/, $pair);
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
	 
    $FORM{$name} = $value;
}
#
# Once the name/value pairs have been created, you can work with
# them by referring to the variable names you set up in the 
# original HTML, using $FORM{"varname"}.
#
#
# First, we make sure that they actually gave an email address
#
#check for error -- REQUIRE ALL
&notcomplete unless $FORM{'thread'} && $FORM{'time'} && $FORM{'RealTime'};
#$FORM{'name'} =~ s/([\(\)\>\<\"\'])/\\$1/g;
$FORM{'name'} =~ tr/\n//d;
#$FORM{'email'} =~ s/([\(\)\>\<\"\'])/\\$1/g;
$FORM{'email'} =~ tr/\n//d;
# $FORM{'subject'} =~ s/([\(\)\>\<\"\'])/\\$1/g;
$FORM{'subject'} =~ tr/\n//d;
#$FORM{'body'} =~ s/([\(\)\>\<\"\'])/\\$1/g;
$body = $FORM{'body'};
$body =~ s/\n\r/<br>/g;
$body =~ s/\r\n/<br>/g;
$body =~ s/\r/<br>/g;
$body =~ s/\n/<br>/g;
$name = $FORM{'name'};
$name =~ s/\r//g;
$name =~ s/\n/<br>/g;
$name2 = $name;
$name2 =~ s/\\/\\\\/g;
$name2 =~ s/\"/\\\"/g;
$email = $FORM{'email'};
$email =~ s/\r//g;
$email =~ s/\n/<br>/g;
$subject = $FORM{'subject'};
$subject =~ s/\r//g;
$subject =~ s/\n/<br>/g;
$subject2 = $subject;
$subject2 =~ s/\\/\\\\/g;
$subject2 =~ s/\"/\\\"/g;
### The following 3 field is internal and self generating. user have no business
### to generate beyond the set allowed 
&invalidchar if $FORM{'RealTime'} =~ /([*\|\;\&\\\~\^\[\]\$\.\(\)\>\<\"\'\n\r])/;
&invalidchar if $FORM{'thread'} =~ /([A-z*\|\;\&\\\~\^\[\]\$\.\(\)\>\<\"\'\,\n\r])/;
&invalidchar if $FORM{'time'} =~ /([A-z*\|\;\&\\\~\^\[\]\$\.\(\)\>\<\"\'\,\n\r])/;
&invalidchar if $FORM{'parent'} =~ /([A-z*\|\;\&\\\~\^\[\]\$\.\(\)\>\<\"\'\,\n\r])/;
$realTime = $FORM{'RealTime'};
$realTime =~ s/_/ /g;
&makeMessage;
&addToIndex;
&success;
exit;
#######################################################################
 ############################  Add to data file  #######################
#######################################################################
sub addToIndex {
    select(STDOUT);
    open(toINDEX,"$INDEX_FILE") || die "can't open $INDEX_FILE\n";
    &lock(toINDEX);
    open(temp, "> $TMP") || die "can't open $TMP\n";
    while(<toINDEX>){
        if(/<!--insertion point-->/){
            print temp "parent.addpbbsArray(\"$subject2\",$FORM{'time'},\"$realTime\",\"$name2\",$FORM{'thread'},\"message/$file_handle.html\",\"$FORM{'parent'}\",\"$file_handle\")\n<!--insertion point-->\n";
        }
        else {
            print temp $_;
        }
    }
    &unlock(toINDEX);
    close(toINDEX);
    close(temp);
       rename($TMP, $INDEX_FILE);
}
######################################################################
############################  Make .dat file    ######################
######################################################################
sub makeMessage {
    select(STDOUT);
    $file_handle = getToken();
    open(NEW,">> $STORAGE_DIR:$file_handle.html") || die "can't open $STORAGE_DIR/$file_handle.html\n";
    select(NEW);
print <<"DONE";
<html>
<META HTTP-EQUIV="Expires" CONTENT="Sat, 29 Sep 1973 23:59:00 GMT">
<head>
    <title>$subject</title>
</head>
<body bgcolor="#FFFFFF">
<script language="JavaScript">
<!--
    var coun = navigator.appVersion.indexOf("(");
    var last = navigator.appVersion.lastIndexOf(";");
				var previous = parent.returnNgbr($file_handle,"Prev");
				var next = parent.returnNgbr($file_handle,"Next");
				document.write('<a href="'+previous+'" target="message" > <img src="$UNIX_IMAGE_DIR/previous.gif" border="0"></a>');	
				document.write('<a href="'+next+'" target="message" > <img src="$UNIX_IMAGE_DIR/next.gif" border="0"></a>');
//Need ../ since CGIBIN_DIR in config file is taken relative to the bbs directory.
       document.write('<a href="$UNIX_MESSAGE_TO_CGIBIN/submit-bbs-form.cgi?$FORM{'thread'}" target="message"><img src="$UNIX_IMAGE_DIR/reply.gif" border=0></a><br>');	

//-->
</script><hr>
<pre>
<b>Name</b>:    $name
<b>Email</b>:   <a href=mailto:$email>$email </a> 
<b>Subject</b>: $subject
<b>Thread</b>:  $FORM{'thread'}
<b>Time</b>:    $realTime
</pre><hr>
<!-- since 1/1/70 GMT$FORM{'time'} -->
<b>
    $body
</b>
</body>
</html>
DONE
    close(NEW);
}
###############################################################################
############################  Get Token #######################################
sub getToken{
######
#lock
######
    open(TOKEN,"$TOKEN_FILE") || die "can't open $STORDIR/$file_handle.html\n";
    &lock(TOKEN);
    while (<TOKEN>) {
        $tokenReturn  = "$_";
        chop($tokenReturn);
    }
    close(TOKEN);
    open(TOKEN,"> $TOKEN_FILE") || die "can't open $STORDIR/$file_handle.html\n";
    $tokenNext = $tokenReturn + 1;
    select(TOKEN);
 print <<"DONE";
$tokenNext
DONE
    &unlock(TOKEN);
    close(TOKEN);
    select(STDOUT);
    return $tokenReturn;
#######
#unlock
#######
}
sub lock{
if ($flock_exists == 1){
        local ($file_handle);
        foreach $file_handle (@_){
                flock($file_handle, 2);
                }
        }
}
sub unlock{
if ($flock_exists == 1){
        local ($file_handle);
        foreach $file_handle (@_){
                flock($file_handle, 8);
                }
        }
}
###############################################################################
############################  Complete/Success  ###############################
###############################################################################
sub success{
    select(STDOUT);
    open(EP,"$SUCCESS");
    while(<EP>){
        $tk = "$_";
       $tk =~ s/\#\#\#\#HOME-LOCATION\#\#\#\#/$BBS_HOME/;
        print "$tk";
    }
    close(EP);
    exit;
}
###############################################################################
############################  Incomplete Error  ###############################
###############################################################################
sub notcomplete {
    select(STDOUT);
    open(EP,"$ERROR");
    while(<EP>){
        print "$_";
    }
    close(EP);
    exit;
} 
###############################################################################
############################  Invalid char  ###############################
###############################################################################
sub invalidchar {
    select(STDOUT);
    open(EP,"$ERROR_CHAR");
    while(<EP>){
        print "$_";
    }
    close(EP);
    exit;
}