#!/usr/bin/perl
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#
# Sorrentino dot Net administrative server
# Scott Sorrentino <scott@sorrentino.net>
#
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

use FileHandle;
use IPC::Open2;
use Mysql;

require "cgi-lib.pl";
require "cookie.lib";
require "/usr/local/apache/webutil/sorrentino.net/perl/headfoot.lib";
require "/usr/local/apache/webutil/sorrentino.net/perl/gpgauth.lib";

&ReadParse;
&GetCookies;

### Vars ###
# Admin users by uid.
%Admins = ( 
	    "1" => "Admin"
	    );
$lib_base = "/usr/local/apache/webutil/sorrentino.net/perl/admin/";
%Mods = ( "acctmgt" => { "lib" => $lib_base . "acctmgt.lib",
			 "sub" => "acctmsg_Main",
			 "title" => "Account Management"
			 },
	  "email" =>   { "lib" => $lib_base . "email.lib",
			 "sub" => "email_Main",
			 "title" => "Email Services"
			 }
	  );
$login_timeout = 1800;
$mysql_user = "snetsql";
$mysql_pass = "p4ssql4M3";
$mysql_host = "localhost";
$mysql_db = "snet";
$now = time;
$resp_timeout = 300;
$sess_timeout = 604800;

# SSL Check
if (($ENV{SERVER_PORT} ne "443") && ($ENV{SERVER_PORT} ne "8443")){
    print "Location: https://".$ENV{SERVER_NAME}.$ENV{REQUEST_URI}."\n\n";
    exit;
}

if ($Cookies{sessid}){
    $dbh = Mysql->connect($mysql_host,$mysql_db,$mysql_user,$mysql_pass);
    $sessid = &snSanitizeSQLInput($Cookies{sessid});
    my $sql = "select uid,ip,realname,ts from sessions where sessid = '$sessid'";
    my $res = $dbh->query($sql);
    if ($dbh->errmsg){
	&DBError;
	exit;
    }
    if ($res->numrows == 1){
	my ($uid,$ip,$realname,$ts) = $res->fetchrow;
	if (($ip eq $ENV{REMOTE_ADDR})      &&
	    ($Admins{$uid} eq "Admin")      &&
	    (($ts + $sess_timeout) >= $now)){
	    my $sql = "update sessions set ts = $now where sessid = '$sessid'";
	    my $res = $dbh->query($sql);
	    $ENV{HOME} = "/usr/local/apache/webutil/sorrentino.net/data";
	    &RunCommand;
	}
	else{
	    # Bad Login
	    # Eventually, we may want to log this somehow...
	    &ShowLoginPage;
	}
    }
    else{
	&ShowLoginPage;
    }
}
else{
    if ($in{request} eq "login"){
	$dbh = Mysql->connect($mysql_host,$mysql_db,$mysql_user,$mysql_pass);
	if ($in{sessid}&&$in{resp}){
	    my $sessid = &snSanitizeSQLInput($in{sessid});
	    my $sql = "select loginreq.sessid,loginreq.secret,loginreq.uid,loginreq.ip,loginreq.ts,users.realname from loginreq,users where loginreq.sessid = '$sessid' and loginreq.uid = users.uid";
	    my $res = $dbh->query($sql);
	    if ($dbh->errmsg){
		&DBError;
		exit;
	    }
	    if ($res->numrows == 1){
		my ($t_sessid,$secret,$uid,$ip,$ts,$realname) = $res->fetchrow;
		if (($secret eq $in{resp})          &&
		    ($ip eq $ENV{REMOTE_ADDR})      &&
		    ($Admins{$uid} eq "Admin")      &&
		    (($ts + $login_timeout) >= $now)){
		    $sql = "delete from loginreq where sessid = '$sessid'";
		    $res = $dbh->query($sql);
		    $sql = "insert into sessions values ('$sessid',$uid,'$ENV{REMOTE_ADDR}','$realname',$now)";
		    $res = $dbh->query($sql);
		    &SetCookiePath("/");
		    &SetSecureCookie(1);
		    &SetCookies("sessid","$sessid");
		    print "Location: https://".$ENV{SERVER_NAME}.$ENV{REQUEST_URI}."\n\n";
		    exit;
		}
		else{
		    # Bad Login
		    # Eventually, we may want to log this somehow...
		    &ShowLoginPage;
		}
	    }
	    else{
		&ShowLoginPage;
	    }
	}
	elsif ($in{user}){
	    # Make sure provided userid exists in table.
	    my $user = &snSanitizeSQLInput($in{user});
	    my $sql = "select uid,passwd,usegpgauth,keyid from users where username = '$user'";
	    my $res = $dbh->query($sql);
	    if ($dbh->errmsg){
		&DBError;
		exit;
	    }
	    if ($res->numrows != 1){
		&ShowLoginPage;
	    }
	    else{
		my ($uid,$passwd,$usegpgauth,$keyid) = $res->fetchrow;
		if (($usegpgauth)               &&
		    (crypt($in{passwd},$passwd) eq $passwd)){
		    # Set GPG home directory for processing
		    $ENV{HOME} = "/usr/local/apache/webutil/sorrentino.net/data";
		    # Generate login secret for this session
		    my ($sessid,$secret) = &GenSesID();
		    $sql = "insert into loginreq (sessid,secret,uid,ip,ts) values('$sessid','$secret','$uid','$ENV{REMOTE_ADDR}','$now')";
		    $res = $dbh->query($sql);
		    if ($dbh->errmsg){
			&DBError;
			exit;
		    }
		    $data = &gpgEncryptMsg($secret, $keyid);
		    print "Content-type: text/html\n\n";
		    print &snHeader("Site Administration","");
		    print &snStartForm("admin.phtml","request","login","sessid","$sessid");
		    print &CenterBox("<font class=\"headertext\">Site Administration Login</font><br /><br /><b>Challenge for <u>'".$in{user}."'</u>:</b><br /><pre>$data</pre><br /><b>Your Response:</b> <input type=\"text\" name=\"resp\" size=\"20\"> <input type=\"submit\" value=\"Next\">\n");
		    print "</form>\n";
		    print &snFooter;
		}
		else{
		    &ShowLoginPage;
		}
	    }
	}
	else{
	    &ShowLoginPage;
	}
    }
    else{
	&ShowLoginPage;
    }
}

# Display a box centered on the page
# Takes: text/HTML to display in box
# Returns: HTML for box
sub CenterBox {
    my $txt = $_[0];
    my $retval = "<center><table border=\"0\" cellpadding=\"1\" cellspacing=\"0\" bgcolor=\"#DDDDDD\">\n";
    $retval .= "<tr><td align=\"left\">\n";
    $retval .= "<table border=\"0\" bgcolor=\"#333366\" cellspacing=\"0\" cellpadding=\"3\" width=\"100\%\">\n";
    $retval .= "<tr><td class=\"normaltext\">$txt</td></tr>\n";
    $retval .= "</table>\n";
    $retval .= "</td></tr>\n";
    $retval .= "</table></center>\n";
    return $retval;
}

# What to do in case of a database error
#  - We really need to work on this...
# Takes as input: database errmsg
# Returns: nothing
sub DBError {
    my $errmsg = $dbh->errmsg;
    print "Content-type: text/html \n\n";
    print "Error: $errmsg<br>\nBummer, dude!\n";
    exit;
}

# Generate session ID and gpg auth secret
# Takes as input: nothing
# Returns: session ID, secret string for GPG auth
sub GenSesID {
    my @chars = (a..z,0..9,A..Z);
    my $max = scalar(@chars);
    my ($sessid,$secret);
    srand(time);
    for (my $i = 0; $i < 40; $i++){
	$sessid .= @chars[int(rand($max))];
	$secret .= @chars[int(rand($max))];
    }
    return $sessid,$secret;
}

# Run commands from admin interface - the real meat
# Takes as input: nothing (cgi input vars)
# Returns: nothing
sub RunCommand {
    if ($in{request} eq "logout"){
	&SetCookiePath("/");
	&SetSecureCookie(1);
	&SetCookies("sessid","");
	$sql = "delete from sessions where sessid = '$sessid'";
	$res = $dbh->query($sql);
	print "Location: http://" . $ENV{SERVER_NAME} . "/ \n\n";
	exit;
    }
    else{
	print "Content-type: text/html \n\n";
	print &snHeader("Site Administration","");
	# Build top menu
	print "<center> [ ";
	$cnt = 0;
	foreach $k (sort keys %Mods){
	    if ($cnt){ print " | ";}
	    else{ $cnt = 1;}
	    print "<a href=\"admin.phtml?request=$k\">".$Mods{$k}{title}."</a>";
	}
	print " ]</center><br />\n";
	if ($Mods{$in{request}}){
	    require $Mods{$in{request}}{lib};
	    $data = &{$Mods{$in{request}}{sub}};
	}
	else{
	    $data = "<font class=\"headertext\">Site Administration</font><br /><br />Feel free to select an option from the list above.";
	}
	print &CenterBox($data);
	print &snFooter;
    }
}

# Prints login page to STDOUT
# Takes as input: nothing
# Returns: nothing
sub ShowLoginPage {
    # Show Login Page
    print "Content-type: text/html\n\n";
    print &snHeader("Site Administration","");
    print &snStartForm("admin.phtml","request","login");
    print &CenterBox("<font class=\"headertext\">Sorrentino dot Net Site Administration</font><br /><br />Username: <input type=\"text\" name=\"user\" size=\"20\"><br />Password: <input type=\"password\" name=\"passwd\" size=\"20\"> <input type=\"submit\" value=\"Next\">\n");
    print "</form>\n<br /><br />";
    print "<center><a href=\"/site/admin_why.phtml\">Why is this public?</a></center>\n";
    print &snFooter;
}