#!/usr/bin/perl

use DBI;
use CGI;
#use CGI::Carp qw(fatalsToBrowser);

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
        ($name, $value) = split(/=/, $pair);
        $value =~ tr/+/ /;
        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
             $value =~ s/\;|\<|\>|\?|\n|\f|\r|\\|\|//g; #Clean harmful characters.
                $value =~ s/'/\\'/g; #replace all ' with /'
                $value =~ s/"/\\"/g; #replace all " with /"
                if ($INPUT{$name}) { $INPUT{$name} = $INPUT{$name}.",".$value; }
        else { $INPUT{$name} = $value; }
      $value =~ s/<!--(.|\n)*-->//g;
}


###########################Begin Get Date#######################################
#Defines arrays for the day of the week and month of the year.
    @days   = ('Sunday','Monday','Tuesday','Wednesday',
               'Thursday','Friday','Saturday');
    @months = ('January','February','March','April','May','June','July',
                 'August','September','October','November','December');

    # Get the current time and format the hour, minutes and seconds.  Add
    # 1900 to the year to get the full 4 digit year.
    ($sec,$min,$hour,$mday,$mon,$year,$wday) = (localtime(time))[0,1,2,3,4,5,6];
    $time = sprintf("%02d:%02d:%02d",$hour,$min,$sec);
    $year += 1900;

    # Format the date.
    $date = "$days[$wday], $months[$mon] $mday, $year at $time";

#print "$days[$wday], $months[$mon] $mday, $year at $time";
################################################################################


##Set Technology##########################################################
# If technology type isn't selected, it needs to be set to false.
if (!$INPUT{'radar'}) {$INPUT{'radar'} = "false"};
if (!$INPUT{'laser'}) {$INPUT{'laser'} = "false"};
if (!$INPUT{'vascar'}) {$INPUT{'vascar'} = "false"};
if (!$INPUT{'airplane'}) {$INPUT{'airplane'} = "false"};
if (!$INPUT{'photo'}) {$INPUT{'photo'} = "false"};
if (!$INPUT{'roadblock'}) {$INPUT{'roadblock'} = "false"};
if (!$INPUT{'unknown'}) {$INPUT{'unknown'} = "false"};
################################################################################


##Start database connections####################################################
$database = "database";
$db_server = "localhost";
$user = "user";
$password = "password";

##Connect to database, insert statement, & disconnect ##########################
$dbh = DBI->connect("DBI:mysql:$database:$db_server", $user, $password);

$statement = "INSERT INTO speedtrap (state, city, locationname, referencename, lat_deg, lat_min, lat_sec, long_deg, long_min, long_sec, xcoord, ycoord, ttime, level, radar, laser, vascar, airplane, photo, roadblock, unknown, comments, email, name, date_added) VALUES ('".$INPUT{'state'} ."', '".$INPUT{'city'} ."','".$INPUT{'locationname'} . "','".$INPUT{'referencename'} ."','".$INPUT{'lat_deg'} ."','".$INPUT{'lat_min'} ."','".$INPUT{'lat_sec'} ."','".$INPUT{'long_deg'} ."', '".$INPUT{'long_min'} ."', '".$INPUT{'long_sec'} ."','".$INPUT{'xcoord'} ."','".$INPUT{'ycoord'} ."','".$INPUT{'ttime'} ."', '".$INPUT{'level'} ."', '".$INPUT{'radar'} ."','".$INPUT{'laser'} ."', '".$INPUT{'vascar'} ."', '".$INPUT{'airplane'} ."','".$INPUT{'photo'} ."', '".$INPUT{'roadblock'} ."', '".$INPUT{'unknown'} ."', '".$INPUT{'comments'} ."','".$INPUT{'email'} ."', '".$INPUT{'name'} . "','" . $date."')";

$sth = $dbh->prepare($statement) or die "Couldn't prepare the query: $sth->errstr";

$rv = $sth->execute or die "Couldn't execute query: $dbh->errstr";

$rc = $sth->finish;
$rc = $dbh->disconnect;
################################################################################



$query = new CGI;

print $query->redirect('http://www.yourname.com/index.html');