#!/usr/bin/perl

use CGI;
use DBI;
unshift(@INC, '.');
use ipac_cfg;

my $q = new CGI;
my $path="https://" . $q->server_name();
my $cgi=$path . "/cgi-bin";
my $dbh;
my $sth;
my @row;
my $options = "0";
my $user = $ENV{REMOTE_USER};
my $login;
my $tariff;
my $price;
my $active;
my $cust_id;
my $tar_id;
my $pr_type;
my $cash;
my $logins;
my $tariffs;
my $refer=$q->referer();
my $oldp;
my %pr_types = ('0'=>'free', '1'=>'per byte', '15'=>'per month');
my %yes_no = ('0'=>'no', '1'=>'yes');
my %yes_no_b = ('f'=>'no', 't'=>'yes'); 

if ($ENV{HTTPS} ne "on" || $user ne "admin") {
    print $q->header(-type=>"text/html;", -status=>'403 Forbidden'),
	    $q->start_html('Forbidden'),
	    $q->h1('You dont have permission to access this script'),
	    print $user, "fuck<P>", $ENV{HTTPS};
	    $q->end_html;
    exit;
}

$dbh = DBI->connect("dbi:Pg:dbname=$ipac_cfg::pg_dbname",                  
                        $ipac_cfg::pg_login, $ipac_cfg::pg_pwd,            
##                                     { RaiseError => 1, AutoCommit => 0 });
                                     { RaiseError => 1, AutoCommit => 1 });


if ($q->param('login') ne "") {
	$login=$q->param('login');
	$tariff=$q->param('tariff');
	$price=$q->param('price');
	$pr_type=$q->param('pr_type');
	$active=$q->param('active');
	$detailed=$q->param('detailed');
	$sth = $dbh->prepare("select login,tariff_name from tariffs_names,customers,".
	        "tariffs where customers.cust_id=tariffs.cust_id and ".
		"tariffs.tariff_id=tariffs_names.tariff_id and ".
		"customers.login=? and tariffs_names.tariff_name=?");
	$sth->execute($login, $tariff) or die $sth->errstr;
	@row = $sth->fetchrow_array;
	$sth->finish;
	if ($row[0] ne "") {
		print "<P>Error, login name '$login' already have tariff '$tariff'";
		$dbh->disconnect or warn $dbh->errstr;
		print $q->end_html;
		exit;
	}

	$sth = $dbh->prepare("select cust_id from customers where login=?");
	$sth->execute($login);
	@row = $sth->fetchrow_array;
	$sth->finish;
	$cust_id=$row[0];
	$sth = $dbh->prepare("select tariff_id from tariffs_names where tariff_name=?");
	$sth->execute($tariff);
	@row = $sth->fetchrow_array;
	$sth->finish;
	$tar_id=$row[0];

	$dbh->do(q{insert into tariffs (cust_id, tariff_id, price, pr_type, active_nocash, detailed)
	        values (?,?,?,?,?,?)}, undef, $cust_id, $tar_id, $price, $pr_type, $active, $detailed)
				or die $dbh->errstr;
	$dbh->disconnect  or warn $dbh->errstr;
	reconfig();

        $oldp=$q->param('refer');
	print "Location: $oldp\n";
	print  $q->header;
	exit;
}


print  $q->header,
       $q->start_html(-title=>'Add a tariff');

print "<table><tr><td>".
	"<IMG BORDER=0 ALT=\"ipac-ng logo\"".
	"SRC=\"$path/poweredby.png\"></td><td>".
	"<center><font color=\"#ff0000\" size=6>ipac-ng add tariff</font></center>".
	"</td></tr></table><A HREF=\"http://sf.net/projects/ipac-ng\">".
    	"ipac-ng home page</A>&nbsp;&nbsp;";
print "<A HREF=\"$path/stat\">Go to main page</A>&nbsp;&nbsp;";
print $ipac_cfg::menu;

($login, $name, $surname, $ipaddr, $cash) = split(/ /, $options, 5);

if ($q->param('cust') ne '') {
	$sth = $dbh->prepare("select login from customers where cust_id=?");
	$sth->execute($q->param('cust')) or die $sth->errstr;
} else {
	$sth = $dbh->prepare("select login from customers order by login");
	$sth->execute() or die $sth->errstr;
}
while (@row = $sth->fetchrow_array) {
	push(@logins, $row[0]);
}
$sth->finish;
$sth = $dbh->prepare("select tariff_name from tariffs_names order by tariff_name");
$sth->execute() or die $sth->errstr;
while (@row = $sth->fetchrow_array) {
	push(@tariffs, $row[0]);
}
$sth->finish;
print "<P><TABLE CELLPADDING=2 CELLSPACING=1 BORDER=0>";

print $q->startform,
	"<tr><td>Login:</td><td>", $q->popup_menu('login', \@logins), "</td></tr>",
	"<tr><td>Tariff:</td><td>", $q->popup_menu('tariff', \@tariffs), "</td></tr>",
	"<tr><td>Price:</td><td>", $q->textfield('price'), "</td></tr>",
	"<tr><td>Tariff type:</td><td>", $q->popup_menu('pr_type', ['0', '1', '15'], '1', \%pr_types), "</td></tr>",
	"<tr><td>Allow debt:</td><td>", $q->popup_menu('active', ['0', '1'], '0', \%yes_no), "</td></tr>",
	"<tr><td>Detailed:</td><td>", $q->popup_menu('detailed', ['0', '1'], '0', \%yes_no), "</td></tr>",
	$q->hidden('refer', $refer),
	"</table>", $q->submit(), $q->endform;

$dbh->disconnect or warn $dbh->errstr;
print $q->end_html;
