#!/usr/bin/perl
#
# $Id: login.pl,v 1.16 2006/10/19 17:35:29 psims Exp $
#
# Source File: login.pl

# Get config
require 'sitecfg.pl';
require 'testlib.pl';

&traceoutput("login.pl");	# TRACE IF ACTIVE

&app_initialize;

$SESSION{'temptime'} = time();
$SESSION{'clid'} = $FORM{'clid'};
$SESSION{'lang'} = $FORM{'lang'};

&get_client_configuration();
&traceoutput("login.pl:$FORM{'clid'}:$FORM{'uid'}:$FORM{'pwd'}");	# TRACE IF ACTIVE
&setbrowsertype();

## DED Patch for secure_html/tests dir permission problem 2006/10/11
if (! -x $testroot) {
    print STDERR "PERMS: $testroot is not X\n";
    chmod(0777, $testroot);
}

if ($FORM{'selfregister'} eq "Y") {
    unless ($SESSION{'clid'}) {
	warn "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
	print STDERR "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
#	&show_illegal_access_warning("user");
	exit();
    }
    &get_client_profile($SESSION{'clid'});
    unless (%CLIENT) {
	warn "ERROR: Invalid Client ID $FORM{'clid'} " ;
	print STDERR "ERROR: Invalid Client ID $FORM{'clid'} " ;
#	&show_illegal_access_warning("user");
	exit();
    }
    $CANDIDATE{'new'}="Y";
    print "Content-Type: text/html\n\n";
    &show_template("regsas");
} elsif (&verifyaccess) {
    &init_session;
    &LanguageSupportInit();
    &log_entry($SESSION{'clid'}, $SESSION{'uid'}, "1");
    $FORM{'notice'} = $SYSTEM{'message'};

    ### For redirect to regcnd & regsas
    $vars{'tid'} = $SESSION{'tid'};
    $vars{'lang'} = $SESSION{'lang'};
    $vars{'testid'} = $FORM{'testid'} if ($FORM{'testid'}) ;
    $vars{'badid'} = $FORM{'badid'} unless !(defined($FORM{'badid'}));	#This is used if badid is passed from regsas for autorefresh location trick
    $vars{'direction'} = $FORM{'direction'} unless !(defined($FORM{'direction'}));
    unless ($SESSION{'clid'}) {
	warn "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
	print STDERR "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
#	&show_illegal_access_warning("user");
	exit();
    }
    &get_client_profile($SESSION{'clid'});
    unless (%CLIENT || $SESSION{'clid'} eq 'std') {
	warn "ERROR: Invalid Client ID $FORM{'clid'} " ;
	print STDERR "ERROR: Invalid Client ID $FORM{'clid'} " ;
#	&show_illegal_access_warning("user");
	exit();
    }
    if ($SESSION{'taclid'} ne '') {
	print "Content-Type: text/html\n\n";
	my $opts = { restrict_to_availability_window => 1 };
	&set_session($SESSION{'tid'},'taclauthtests',$SESSION{'taclauthtests'});
	&set_session($SESSION{'tid'},'uid',$SESSION{'taclid'});
	if ($FORM{'pwd'} eq '_____') {
	    &get_tacl_profile("regauto");
	    &regdusr("regauto");
	} else {
	    &get_tacl_profile();
	    &regdusr("regtacl");
	}
    } elsif ($FORM{'sas'} ne '') {
	## ^ support for wilcard login
	# register an account to the candidate
	my $opts = { restrict_to_availability_window => 1 };
	unless ($SESSION{'uid'}) {
	    warn "ERROR: Empty Candidate ID in Session data " ;
  	}
	&get_candidate_profile($SESSION{'clid'}, $SESSION{'uid'}, $opts);
	#&regdusr("regsas");
	&redirect("regsas", \%vars);
    } else {
	if ($FORM{'sadm'} ne '') {
	    print "Content-Type: text/html\n\n";
	    if ($SESSION{'uac'} eq 'gadmin') {
		# Site administration
		$CLIENT{'active'} = "X";
		$CLIENT{'logo'} = "<IMG SRC=\"$PATHS{'graphroot'}/logo.gif\" BORDER=0>\n";
		$CLIENT{'clorg'} = "ACTS Corporation";
		&regdusr("frsadmin");
	    } elsif ($SESSION{'uac'} =~ /txlatr./ ) {
		($FORM{'uac'},$FORM{'lang'}) = split(/\./, $SESSION{'uac'});
		$CLIENT{'active'} = "X";
		$CLIENT{'logo'} = "<IMG SRC=\"$PATHS{'graphroot'}/logo.gif\" BORDER=0>\n";
		$CLIENT{'clorg'} = "ACTS Corporation";
		print "<HTML>\n";
		print "<HEAD>\n";
		print "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=$PATHS{'cgiroot'}/Interpreter.pl?tid=$SESSION{'tid'}&lang=$FORM{'lang'}\">\n";
		print "</HEAD>\n";
		print "<BODY>\n";
		print "</BODY>\n";
		print "</HTML>\n";
	    } elsif ($SESSION{'uac'} eq 'madmin') {
		# Multiple-client admin
		&regdusr("madmin");
	    } else {
		# Client Test Administration
		&get_client_profile($SESSION{'clid'});
		&regdusr("frsadmin");
	    }
	} else {
	    if ($FORM{'tadm'} ne '') {
		print "Content-Type: text/html\n\n";
		if ($SESSION{'uac'} eq 'madmin') {
		    # Multiple-client admin
		    &regdusr("madmin");
		} else {
		    # Client Test Administration
		    &get_client_profile($SESSION{'clid'});
		    &regdusr("frsadmin");
		}
	    } else {
		if (&checkinprogress($SESSION{'clid'}, $FORM{'uid'}) ) {
		    # resume test at point of pause
		    &resumetest;
		} else {
		    if ($FORM{'cnd'} ne '') {
			&get_client_profile($SESSION{'clid'});
			my $opts = { restrict_to_availability_window => 1 };
			&get_candidate_profile($SESSION{'clid'}, $FORM{'uid'}, $opts);
			#print STDERR "clid: $SESSION{'clid'}, uid: $FORM{'uid'}, opts: $opts\n";
			if ($CANDIDATE{'grpowner'} eq 'Y') {
			    print "Content-Type: text/html\n\n";
			    &show_template("frcnd");
			} elsif ($CANDIDATE{'registrar'} eq 'Y') {
			    print "Content-Type: text/html\n\n";
			    &show_template("frcnd");
			} else {
			    &redirect("regcnd", \%vars);
			}
		    } else {
			&get_candidate_profile($SESSION{'clid'}, $FORM{'uid'});
			#&regdusr("regsas");
			&redirect("regsas", \%vars);
		    }
		}
	    }
	}
    }
} else {
    # Load Index.html
    print "Content-Type: text/html\n\n";
    if ($FORM{'home'} eq 'client') {
	&get_client_profile($FORM{'clid'});
	@lines = &get_template("cindex");
    } else {
	@lines = &get_template("shome");
    }
    if ($ipfilter ne '') {
	if ($ipfilter =~ /$ENV{'REMOTE_ADDR'}/ ) {
	    # ip blocked
	    if ($FORM{'sas'} eq '') {
		# uid or password were incorrect
		$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgbpw.gif\" ALT=\"System Maintenance In Progress.\" BORDER=0>";
	    } else {
		# uid is used
		$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgidu.gif\" ALT=\"Requested Login ID is not available.\" BORDER=0>";
	    }
	} else {
	    &logger::loginfo("Incorrect passwd 4");
	    $SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgipb.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
	}
    } else {
	if ($SYSTEM{'IP_ACCESS_FILTER'} ne '') {
	    if ($SYSTEM{'IP_ACCESS_FILTER'} =~ /$ENV{'REMOTE_ADDR'}/ ) {
		if ($FORM{'sas'} eq '') {
		    # uid or password were incorrect
		    &logger::loginfo("Incorrect passwd 3");
		    $SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgbpw.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
		} else {
		    # uid is used
		    $SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgidu.gif\" ALT=\"Requested Login ID is not available.\" BORDER=0>";
		}
	    } else {
		&logger::loginfo("Incorrect passwd 2");
		$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgipb.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
	    }
	} else {
	    if ($FORM{'sas'} eq '') {
		# uid or password were incorrect
		&logger::loginfo("Incorrect passwd 1");
		$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgbpw.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
	    } else {
		# uid is used
		$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgidu.gif\" ALT=\"Requested Login ID is not available.\" BORDER=0>";
	    }
	}
    }
    foreach $line (@lines) {
	$line = &xlatline($line);
    }
}

sub resumetest {
    print "RESUMING TEST<BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"tid\" VALUE=\"$FORM{'tid'}\"><BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"uid\" VALUE=\"$FORM{'uid'}\"><BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"pwd\" VALUE=\"$FORM{'pwd'}\"><BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"uac\" VALUE=\"$FORM{'uac'}\"><BR>\n";
}

sub test {
    print "<INPUT TYPE=TEXT NAME=\"tid\" VALUE=\"$FORM{'tid'}\"><BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"uid\" VALUE=\"$FORM{'uid'}\"><BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"pwd\" VALUE=\"$FORM{'pwd'}\"><BR>\n";
    print "<INPUT TYPE=TEXT NAME=\"uac\" VALUE=\"$FORM{'uac'}\"><BR>\n";
    &showenv;
}