#!/usr/bin/perl -w

require "lib_pl";
require "editpage.conf";
use HTML::Entities;

use strict;
use vars qw/
  $debug__ $doc_file $doc_url $editable_space_end $editable_space_start $editable_text $editor_html $doc_html
  $pass $query $root $template_file $template_url $user $vhost $vhost_rx $rx_nl $which_section %metadata $admin_pass_crypt $password_field $secret
/;

$vhost_rx = $vhost;
for ($vhost_rx) { s/\./\\./g; s/\*/.*/g; }

if ($F::Section || $F::UserPass) {};   # CGI parameters

$query = CGI->new; $query->import_names('F');
$root = $ENV{DOCUMENT_ROOT};
#$doc_url = $F::URL; # = !param() ? $ENV{HTTP_REFERER} : $F::URL;
$doc_url = $F::URL || $ENV{HTTP_REFERER};
$which_section = $F::Section;
defined $which_section or ohno("missing Section cgi parameter");
# !param('Submit') ? which_edit_button() : $F::Section;
$editable_space_start =~ s/X/$which_section/g;
$editable_space_end =~ s/X/$which_section/g;
($doc_file = $doc_url) =~ s,^https?://([^/]*),,;
$1 =~ $vhost_rx or ohno("vhostname `$1' of doc_url: `$doc_url' does not match `$vhost_rx'");
$doc_file =~ /\.\./ and ohno();
$doc_file = "$root/$doc_file";
$doc_file = <$doc_file/index.*> if -d $doc_file;
$doc_html = slurp($doc_file);

read_metadata($doc_html);

my $pass_crypt = $metadata{$password_field};

if (!param('Submit')) {
	$doc_html =~ /\Q$editable_space_start\E$rx_nl?(.*?)\Q$editable_space_end\E/s or ohno("the editable space `$which_section' was not found");
	$editable_text = $1;
	$editable_text =~ tr/\r//d;
	encode_entities($editable_text);
#	$editable_text = html2wiki($editable_text);
	$editor_html = slurp($template_file);
	$editor_html = sub_template($editor_html, Text => $editable_text, URL => $doc_url, Section => $which_section);
	print header(); print $editor_html;
} else {
	### we access the form with $F::Foo

	my $given_pass_crypt = oneway($F::UserPass, $secret);
	unless (
            defined $pass_crypt and $given_pass_crypt eq $pass_crypt or
            $given_pass_crypt eq $admin_pass_crypt) {
		ohno("You entered the wrong password, press the `back' button then try again!"); }

        if (defined $F::NewPass && $F::NewPass ne "") {
            $metadata{$password_field} = oneway($F::NewPass, $secret); }

#	$F::Text = escapeHTML($F::Text);
	$F::Text =~ tr/\r//d;
#	$F::Text = wiki2html($F::Text);
	$doc_html =~
		s{(\Q$editable_space_start\E$rx_nl?)(.*?)(\Q$editable_space_end\E)}
		 {$1$F::Text$3}sg or ohno();

	write_metadata($doc_html);

	copy($doc_file, "$doc_file.old") and
	belch($doc_html, $doc_file) or ohno("$! - Likely a permissions problem on webserver.  The webserver process needs to be able to write to the document space.");
	print redirect($F::URL);  # XXX should force to refresh somehow...
}

#--------------------------------------------------