/*******************************************\
| * Ce programme est sous licence GNU GPL  * |
| * This software is under GNU/GPL licence  * |
| * * * * * * * * * * * * * * * * * * * * * * |
| * http://www.gnu.org/copyleft/gpl.html    * |
 \*******************************************/

/* Créé par Laurent Coustet <ed@zehome.com>
 * http://ed.zehome.com/                    
 * Made by Laurent Coustet <ed@zehome.com>
 */

#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <mysql/mysql.h>
#include "mysql.h"
#include "debug.h"
#include "guestbook.h"

/* vim: set shiftwidth=2 tabstop=2
 */

void GetGB ()
{
  MYSQL mysql;
  MYSQL_ROW row;
  MYSQL_RES *result;
  MYSQL_FIELD *field;
  ST_GB *guestbook;
  unsigned int num_fields;
  unsigned int i,j=0;
  unsigned long *lengths;

  connect(&mysql);
  query(&mysql,"SELECT id,auteur,ip,browser,texte,DATE_FORMAT(date,'%W %%e %M %Y') AS formated_date FROM site_guestbook ORDER by date desc",NULL);
  if ((result = mysql_store_result(&mysql))==NULL)
    {
//      ERROR("Impossible d'executer une requete SQL!");
      printf("Impossible d'executer une requete SQL!\n");
      return;
    }
  num_fields = mysql_num_fields(result);
  // On attribue a guestbook la taille nécessaire.
  //guestbook = malloc((int)num_fields*sizeof(ST_GB));
  guestbook = malloc(sizeof(ST_GB)*1000);
  field = mysql_fetch_field(result);

  while((row = mysql_fetch_row(result)))
  {
    lengths = mysql_fetch_lengths(result);
    for(i = 0; i < num_fields && i<999; i++)
    {
      if (strcmp(field[i].name,"id")==0)
      {
        guestbook[j].id = atoi(row[i]);
      }
      if (strcmp(field[i].name,"ip")==0)
      {
        guestbook[j].ip = strdup(row[i]);
      }
      if (strcmp(field[i].name,"texte")==0)
      {
        guestbook[j].texte = strdup(row[i]);
      }
      if (strcmp(field[i].name,"auteur")==0)
      {
        guestbook[j].auteur = strdup(row[i]);
      }
      if (strcmp(field[i].name,"formated_date")==0)
      {
        guestbook[j].date = strdup(row[i]);
      }
    }
    j++;
  } // while
  print_gb_head();

  for(i=0;i< mysql_num_rows(result);i++)
    {
      printf("<h1 style=\"text-align: left; font-size: 1em;\">Posté par : %s, %s (%s)</h1>\n<br />\n%s\n",
             guestbook[i].auteur,
             guestbook[i].date,
             guestbook[i].ip,
             guestbook[i].texte);
      free(guestbook[i].auteur);
      free(guestbook[i].date);
      free(guestbook[i].ip);
      free(guestbook[i].texte);
    }
  free(guestbook);
  mysql_free_result(result);
  disconnect(&mysql);
  return;
}

void print_gb_head()
{
  printf("<h1>Le livre d'or</h1>\n\n");
  printf("<form method=\"post\" /><input type=\"hidden\" name=\"page\" value=\"addgb\" />\n");
  printf("Auteur: <input type=\"text\" name=\"auteur\"><br />\n");
  printf("Texte: <textarea name=\"texte\" cols=\"50\"></textarea><br />\n");
  printf("<input type=\"submit\" value=\"Envoyer\" />\n</form>\n");
}

char *sanitize(char *t, int len)
{
  char *new;
  int pos = 0;

  len += 64;
  new = malloc(len);

  while (*t)
  {
    switch (*t)
    {
      case '>':
        if (pos + 4 > len)
        {
          len += 64;
          realloc(new, len);
        }
        new[pos++] = '&';
        new[pos++] = 'g';
        new[pos++] = 't';
        new[pos] = ';';
        break;
      case '<':
        if (pos + 4 > len)
        {
          len += 64;
          realloc(new, len);
        }
        new[pos++] = '&';
        new[pos++] = 'l';
        new[pos++] = 't';
        new[pos] = ';';
        break;

      case '\"':
        if (pos + 2 > len)
        {
          len += 64;
          realloc(new, len);
        }
        new[pos++] = '\\';
        new[pos] = '\"';
        break;

      default:
        new[pos] = *t;
        break;
    }
    pos++;
    t++;
  }

  new[pos] = '\0';

  return new;
}

int AddGB(char *texte, char *auteur, char *ip, char *browser)
{
   MYSQL mysql;
   char *saut, *stexte, *sip, *sbrowser;

   connect(&mysql);
   if ((! auteur) || (! ip) || (! texte))
     return 1;

   saut = sanitize(auteur, strlen(auteur));
   stexte = sanitize(texte, strlen(texte));
   sip = sanitize(ip, strlen(ip));
   sbrowser = sanitize(browser, strlen(browser));

    query(&mysql,"INSERT INTO site_guestbook (texte,auteur,ip,browser,date) VALUES (\"%s\",\"%s\",\"%s\",\"%s\",NOW())",stexte,saut,sip,sbrowser);
   disconnect(&mysql);

   free(saut);
   free(stexte);
   free(sip);
   free(sbrowser);

   return 0;
}