#!/usr/bin/env python

import sys, cgi, Cookie, time, string
from cgitools import *
from PythonInsideHTML import PIH
from tools import encodeStr

import cgitb; cgitb.enable(display=0, logdir='/tmp')

#sys.setdefaultencoding('latin-1') # to disable UTF-8

#cgi_token = "Content-type:text/html\n\n"

pwd_test = '' # '' or None will disable test
guest_name = guest_pwd = 'guest'
demo_name = demo_pwd = 'demo'

form_data = {}
form = cgi.FieldStorage()
user_id = form.getvalue('user_id')
if user_id is not None: user_id = user_id.strip().lower()
if not user_id: exitWithInfo("No valid user ID offered!<p><input type='button' value='Go back' onClick='javascript:history.go(-1)'>")

#print cgi_token
#print '<table>'
#for k in form.keys(): print '<tr><td>',k, ' : </td><td>', form.getvalue(k), '</td></tr>'
#print '<tr><td>','user_passwd', ' : </td><td>', form.getvalue('user_passwd'), '</td></tr>'
#rsa_key = getRSAkeys()
#user_passwd = form.getvalue('user_passwd')
#print '<tr><td>RAW pass:</td><td>',rsaStr(user_passwd, rsa_key[1], rsa_key[2], True, 8, True), '</td></tr>'
#print '</table>'
#sys.exit(0)

user_passwd = form.getvalue('user_passwd')
if user_passwd is not None: user_passwd = user_passwd.strip()
pwd_orig = user_passwd
if user_passwd: 
	#open('PASSWD.TXT','wb').write(re.sub(r'%([0-9a-fA-F]{2})', lambda a:chr(string.atoi(a.group(1),16)), user_passwd))
	#open('PASSWD.TXT','wb').write(user_passwd)
	rsa_key = getRSAkeys()
	if rsa_key: 
		user_passwd = rsaStr(user_passwd, rsa_key[1], rsa_key[2], True, 8, True)
		srv_tag, user_passwd = user_passwd[-4:], user_passwd[:-4]
		if not srv_tag: exitWithInfo('Error in data that need encryption!')
		t_now = getSec(n=2)
		t_diff = t_now - Str2Num(srv_tag, hex_str=True)
		if t_diff<0 or t_diff>15: exitWithInfo('Time out error!'+ ' (%d - %d9' % (t_now, Str2Num(srv_tag, hex_str=True)))

	#up=user_passwd
	pwd_orig = user_passwd
	user_passwd = myMD5(user_passwd)

connection, cursor = getConnectionCursor()
if (user_id==guest_name and pwd_orig==guest_pwd) or (user_id==demo_name and pwd_orig==demo_pwd) or (pwd_test and pwd_orig==pwd_test):
	sql_statement = 'SELECT logon_num, logon_state, user_name, user_passwd FROM users WHERE user_name="%s" and act_state=1' % user_id
else:
	sql_statement = 'SELECT logon_num, logon_state, user_name, user_passwd FROM users WHERE user_name="%s" AND user_passwd="%s" and act_state=1' % (user_id, user_passwd)
n = cursor.execute(sql_statement)
if cursor.rowcount < 1: # logon failed
	#rlt = cursor.fetchone()
	print cgi_token
	#print user_id,"'s passwd is ", user_passwd, '    :     ', form.getvalue('user_passwd')
	#print "<br>", n, "<br>Stored passwd is ", rlt[0], rlt[1], rlt[2], rlt[3]
	print "Wrong username and/or password or your account is not active!<p><input type='button' value='Go back' onClick='javascript:history.go(-1)'>"#, '<p>',up
	cursor.close()
	connection.close()
	sys.exit(0)

# Success. update db
logon_num = cursor.fetchone()[0]
date_time = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())
sql_statement = 'UPDATE users SET logon_num=%d, logon_state=1, logon_time="%s" WHERE user_name="%s"' % (logon_num+1, date_time, user_id)

#exitWithInfo(sql_statement)

n =cursor.execute(sql_statement)
saveEvent(ev_time=date_time, user_id=user_id, ev_catcode="logon", ev_valcode=None, ev_valstr=None, cur=cursor)
connection.commit()
cursor.close()
connection.close()

# send out some cookies.
CookieJar = Cookie.SimpleCookie()
CookieJar['user_name'] = encodeStr(user_id)
CookieJar['online'] = encodeStr(OnlineStr(user_id))

#TimeOffset = cookies.get('TimeOffset', '0')
#CookieJar['TimeOffset'] = TimeOffset

print CookieJar
print cgi_token

#print cgi.print_environ() 
#print 'OK!'
#exec PIH('pages/ui_userpage.pih').pythonCode()
exec PIH('pages/ui_mainfunc.pih').pythonCode()
