#!/usr/bin/env python

# If (password, custid) exist in the database, and the user is in state
# 'WAITING', he will be changed to 'CONFIRMED'.

import sys
import MySQLdb
import cgi
import os
import re

# specify the filename of the template file
HTMLTemplate = "eressea.html"
DefaultTitle = "Eressea Anmeldung"
dbname = "eressea"
db=None
tutorial_id=1 # the tuorial game has id 1

# define a new function called Display
# it takes one parameter - a string to Display
def Display(Content, Title=DefaultTitle):
    TemplateHandle = open(HTMLTemplate, "r")  # open in read only mode
    # read the entire file as a string
    TemplateInput = TemplateHandle.read()
    TemplateHandle.close()                    # close the file

    # this defines an exception string in case our
    # template file is messed up
    BadTemplateException = "There was a problem with the HTML template."

    SubResult = re.subn("<!-- INSERT TITLE HERE -->", Title, TemplateInput)
    SubResult = re.subn("<!-- INSERT CONTENT HERE -->", Content, SubResult[0])
    if SubResult[1] == 0:
        raise BadTemplateException

    print "Content-Type: text/html\n\n"
    print SubResult[0]
    return


def GetKey(Form, key):
    if Form.has_key(key):
	value=Form[key].value
	if value!="":
	    return value
    return None


def genpasswd():                                                                               
    newpasswd=""                                                                                 
    chars = string.letters + string.digits
    for i in range(8):                                                                           
	newpasswd = newpasswd + choice(chars)                                                      
    return newpasswd                                                                             


#Display("Derzeit ist wegen einer technischen Umstellung keine Anmeldung m�glich")
#sys.exit(0)

Form = cgi.FieldStorage()

custid=GetKey(Form, "custid")
password=GetKey(Form, "password")

if (password==None) or (custid==None):
    output="<p>Um Deine Anmeldung zu best�tigen musst Du das Formular vollst�ndig ausf�llen.\n "
    for key in Form.keys():
	output=output+"<br>"+str(key)+"="+str(Form[key])
    Display(output)
else:
    db=MySQLdb.connect(db=dbname)
    cursor=db.cursor()
    try:
	custid=int(custid)
    except:
	custid=0
    query = "select u.status, s.id, s.game from users u, subscriptions s where u.id="+str(custid)+" and s.status in ('WAITING', 'CONFIRMED') and u.status not in ('INVALID', 'BANNED') and s.password='"+password+"'"
    exist=cursor.execute(query)
    if exist==0:
	Display('<p>Kundennummer oder Schl�ssel falsch. Bitte beachte, dass Du beim Schl�ssel auf Gro�- und Kleinschreibung achten mu�t.')
    else:
	status, sid, gid = cursor.fetchone()
	if os.environ.has_key('REMOTE_ADDR'):
	    ip=os.environ['REMOTE_ADDR']
	    cursor.execute("REPLACE userips (ip, user) VALUES ('"+ip+"', "+str(custid)+")")
	if status=='NEW' or status=='TUTORIAL':
	    if tutorial_id!=None and gid==tutorial_id:
		# user confirms his tutorial participation
		cursor.execute("update users set status='TUTORIAL' where id="+str(custid))
	    else:
		cursor.execute("update users set status='ACTIVE' where id="+str(custid))
	cursor.execute("update subscriptions set status='CONFIRMED' where id="+str(sid))

	Display("<p>Deine Anmeldung wurde best�tigt.");
    db.close()