#!/usr/local/bin/perl -wT
use strict;
##############################################
#Debug
use diagnostics;
##############################################
use CGI::Pretty qw/:standard/;

$CGI::POST_MAX=1024*10;
$CGI::DISABLE_UPLOADS = 1;

##############################################
#Debug
BEGIN {
        $|=1;
        print "Content-type: text/html\n\n";
        use CGI::Carp('fatalsToBrowser');
}
##############################################

delete @ENV{ qw(IFS CDPATH ENV BASH_ENV) };
$ENV{PATH}="";
$ENV{CDPATH}="";
$ENV{ENV}="";
$ENV{BASH_ENV}="";
   
our $post_data;   
our $username;
our $on_off;
our $message;
our $path_to_authorize;
our @junk;
our $runme;
our $output;
        
$path_to_authorize = "/home/prieheck/public_html/cgi-bin/vacation_suid/";

if ($#ARGV < 0)
  {
    $post_data=new CGI;
    $username=$post_data->param('username');
    $on_off=$post_data->param('on_off');
    $message=$post_data->param('message');
  }
elsif ($#ARGV > 0)
  {
    $username=$ARGV[0];
    $on_off=$ARGV[1];
    #Patern match for letters and pass ONLY those on as $username
    $username =~ s/\W//g;
    if ($username =~ /\A([A-Z0-9]{3,16})\z/i )
      {
        $username = lc($1);
        $username =~ tr/[A-Z]/[a-z]/;
      }
    else
      {
        #since username doesnt contain any characters we can use, it is now empty
        $username ="";
      }
    
    #convert to lowercase and check to see if the possible values exist
    $on_off =~ tr/[A-Z]/[a-z]/;
    if ($on_off eq "on")
      {
        $on_off = "on";
      }
    elsif ($on_off eq "off")
      {
        $on_off = "off";
      }
    else
      {
        #on_off was not correct, it is now empty
        $on_off = "";
      }

    @junk = (($path_to_authorize . "authorize"), "vacation.pl", $username, $on_off);

    if($#ARGV > 1)
      {
        $message = join (" ",@ARGV);
        $message =~ s/$username//;
        $message =~ s/$on_off//;
        $message =~ s/\s/ /;
        #Patern match for letters numbers spaces underscores hyphens at signs and periods
        #pass ONLY those characters on as the message text discarding the rest
        if ($message =~ /([-\@\s\w.]+)/)
          {
            $message = $1;
            @junk = (($path_to_authorize . "authorize"), "vacation.pl", $username, $on_off, $message);
          }
        else
          {
            #since message doesnt contain any characters we can use, it is now empty
            $message ="";
          }
      }
  }
else
  {
    print "Not All Required Values Found\n";
    #There were not enough arguments passed.  Dieing with error code 1
    exit 1;
  }

$runme = join (" ",@junk);
$runme =~ s/[;<+>\(\)\{\{\*\|\'\`\&\$\!\#\"]/\ $1/g;

&begin_html;

$output=`$runme`;
print $output;

&stop_html;

sub begin_html
  {
    print start_html( -head=>meta({-http_equiv => 'Content-Type',
                                   -content => 'text/html'}),
                      -title=>'Vacation Message Status For $username',
                      -BGCOLOR=>'white',
                      -Link=>'black',
                      -vlink=>'black',
                      -alink=>'black');
    print table({ -border=>undef, -width=>'100%'},
                Tr(
                   [
                    td(['Information Technologies']),
                    td({-align=>"right"},['iwu.edu']),
                   ]
                  )
                );
    print hr;

  }

sub stop_html
  {
    print hr;
    print table({ -border=>undef, -BGCOLOR=>'#005533'},
                Tr(
                   [
                    td({-align=>"center", -style=>"font:white"},['IT @ IWU']),
                   ]
                  )
               );
    print hr;
    print end_html;
  }

##</code><code>##

<html>
  <head>
    <meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
    <title>Enable/Disable/Change Your Vacation Message</title>
  </head>

  <body bgcolor="white">
   <center>
    <form action="http://cyborg.iwu.edu/~prieheck/cgi-bin/vacation_suid/step_through.cgi" method="POST">
     <font size="4">
      <b>Vacation Message</b><BR>
      <font color=red> Activating your vacation message sends an automated<BR> response to anyone who e-mails you.</font>
     </font>
                        
    <font size="4">
     <b> </b>
    </font>

    <p>
    
    <table border="1" bgcolor="#005533" cellspacing="0" cellpadding="5" valign="CENTER">
     <tr>
      <td width="150">
        <font color=white>
         Would you like to?<br>
        </font>
      <td bgcolor="silver">
        <input type="radio" name="on_off" Value="on" checked>Enable Vacation Message
        <input type="radio" name="on_off" Value="off">Disable Vacation Message
      </td>
      <td>

     <tr>
      <td width="150">
        <font color=white>
         Your login name?
        </font>
      </td>
      <td bgcolor="silver">
        <input type="text" name="username" size="8">@iwu.edu
      </td>                      
     </tr>

     <tr>
      <td width="150">
        <font color=white>
        Text to send back as vacation message.<BR> 
        NOTE: use only standard alpha-numeric characters<BR>
        </font>
      </td>
      <td bgcolor="silver">
        <TEXTAREA name="message" ROWS=6 COLS=60>
I will not be reading my mail for a while.
Your mail regarding $SUBJECT will be read when I return.
</TEXTAREA>
      </td>
     </tr>

     <tr height="40">
      <td colspan="2" height="40">
        <input type="submit" name="Submit" value="Submit"> <input type="reset" value="Clear Form">
        <font color=white>Please be patient this will take some time</font>
      </td>
     </tr>

    </table>
    </form>

   <p>

   <hr>

   </center>
  </body>
</html>