#!/bin/bash
#
# phonebook, a companion cgi script for my phonebook stuff, which 
# searches a flat text file, and displays any matching lines in 
# HTMLized form. This utilizes my 'phone' bash script as well, 
# though any text file should work as a data source. This also 
# requires a JS capable user-agent. It is only suitable for relatively
# small "phonebooks" of a few hundred or so names/numbers since the 
# entire list stays in memory so as to minimize list retrieval time.
# The entire list is read into memory only once, and parsed from there.
# JS Regular Expressions are used to dynamically narrow the list 
# on each keypress. Very fast. 
#
# BUGS: Precautions to prevent 2 or more edits from happening at the
#       same time and stepping on each other, are non-existant.
#
# By: Hal Burgiss <hal at foobox.net>
#
# License: none.
#
###################################################################

# Data file with phone nums, names or whatever. We will read from, AND write
# to this. This needs to be a plain text file, with one entry per line.
# Permissions should be such that it can be written to, as well. Other than
# that, whatever floats one's boat.
datafile="/usr/share/phone/phones"

# The script/command that generates our list text ...
# This will have regex's applied against it.
# cmd="cat $datafile | sort -f"
cmd="/usr/local/bin/phone -f $datafile -list"

title="Phonebook"
generic="Phonebook"

# Hardcoded password--the same for all users. 
password=phones
# This password allows edit/write privileges, above does not.
admin_pword=elfin

whoami=$(basename $0)

# cookie stuff
cookie_name=$whoami
name="new user"
expires_int=10
cookie_date="expires="$(date --date "today +$expires_int days" +'%a, %d-%b-%Y 06:00:00 GMT')

#
getcolor='#dcf3f4'

# Max number of regex's matches to display. Too many hits, and we 
# clutter the display, so will ignore excessive number of matches.
def_hits=25

# Toggle depending on whether we have a valid, tested user. User is 
# allowed a) if a valid password is hanging on STDIN, or b) if a 
# cookie is present with the proper name. The cookie value is the user's 
# name. Cookie is written initially only on a password check.
is_OK=false

# check incoming
[ -s /dev/stdin ] && std_in=$(cat /dev/stdin)

# find and clean up the incoming, if its there ...

# 2 ways to get in ... ##########################################
#
if [ -n "$std_in" ] && echo "$std_in" |grep "password\=" > /dev/null; then
  # somebody is trying a password attempt.
  if [ "$(echo $std_in |sed 's/.*password=//')" == "$password" ] ; then
    is_OK=true
  elif [ "$(echo $std_in |sed 's/.*password=//')" == "$admin_pword" ] ; then
    is_OK=true
    admin='&admin'
  fi
  name=$(echo $std_in |sed 's/name=//' |sed 's/\&.*//' |sed 's/+/ /')
elif  echo "$HTTP_COOKIE"|grep "\(^\|; \)$cookie_name=" >/dev/null ; then
  # if a cookie exists, we will trust it since cookies are only set on 
  # password validation, and then get user's NAME from cookie. Cookies 
  # are then renewed on every re-entry.
  name=$(echo $HTTP_COOKIE |sed "s/^.*$cookie_name=//" |sed "s/;.*//"|sed 's/\&admin//')
  if echo $HTTP_COOKIE |grep "$cookie_name=$name&admin" >/dev/null ; then
    name="$name"
    admin='&admin'
  fi
  is_OK=true
fi

if $is_OK && [ "$(echo $std_in |sed 's/=.*//')" == "new_pfile" ]; then
  # ie, we are writing new data with an update to $datafile. 
  # Make a backup copy of datafile first:
  cp -f $datafile /tmp/$(basename $datafile)-$$
  # Shake and bake:
  cat /dev/null > $datafile
  echo "$std_in" |perl -pe 's/(^.*
.*$|^new_pfile=|^$)//s' >> $datafile
fi

if [ -n "$1" ]; then
  # somebody coming at us from another href
  search="$1"
  # make sure we have a cookie or password, and clean it up.
  $is_OK && search=$(echo $QUERY_STRING | sed 's/.*=//')
fi

if $is_OK; then
  # Get the entire list first, since its small, and
  # make a js compatible array from the file records.
  # Later we will regex just the ones we want from the full
  # list.
  data=$($cmd)
  alist=$(echo "$data"|perl -pe 's/(.*)\n/"$1",/;')
  # put a proper end on array to keep js happy.
  alist="$alist\"null\""
fi


# Document stuff starts here ###################################
# Put a cookie, if appropriate
$is_OK && echo "Set-Cookie: $cookie_name=$name$admin; $cookie_date"
 
 # start building html/js.
 echo "Content-type: text/html"
 echo;echo 

# There are two modes: need password & have password.
# The top of page and format is shared by both.
cat << EOF
<!--
 This little script was created by:

    Hal Burgiss <hal at foobox.net>

 and utilizes an additional bash script, "phone", also by moi, and 
 of course a  a phonebook data file (a simple flat text file),  which is 
 the data source. Optionally, some other script could be used to 
 generate the JS list data array of names/phonenums, ala:

 alist=\$(\$phone -list| sort -f|perl -pe 's/(.*)\n/"\$1",/;')

-->
 <html>
 <head><title>$name's $title</title>
 <style type="text/css" media=screen>
<!--
  body  { margin-left: 2%; margin-right: 2%; margin-top: 2%; 
          font-family: verdana,sans-serif; font-size: 10pt;}
  h3 { color: black; 
       background-color: aqua; font-weight: bold;font-size: 12pt;}
  pre { font-family: monospace,courier; font-weight: bold; font-size: 9pt;}
  input.flash { background-color: $getcolor;}
  button.flash { background-color: lightblue;}
  button,label {font-size: 8pt; }
  textarea {font-weight: bold; background-color: $getcolor;}
-->
</style>
<style type="text/css" media=print>
<!--
 #tabletop,#printbutton { display: none; }
-->
</style>
<style type="text/css">
<!--
 main.css
-->
</style>
<script language="JavaScript">
<!-- Begin
var justtesting = "hi, how are you";
var Max_Hits = $def_hits;               //set something reasonable here
var aList = new Array($alist);   //our data comes in here
aList.length--;                  //remove bogus last field

function Focus(formNum) {
  document.forms[formNum].elements[0].focus();
}

// END -->
</script>
</head>

<body bgcolor=white onfocus="Focus(0)" onload="Focus(0);findme();window.onfocus='findme()'" margin=0>
<center><p>
<h3 title="An original work by Yours Truly">
Personal $title for $name</h3>
<p></center>
<table id="tabletop" style="margin: 0; padding-left: 2px; 
       width: 100%; border: solid 1px; font-weight: bold;">
<tr><td><p></p>
EOF

# fork here depending on presence of qualified user/password.

# Here, we need to get a password, and a user name.
! $is_OK && cat << EOF
<p></p>
<form action=$whoami method=post>
  <span title="Your name">
  <label>&nbsp;&nbsp;Name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</label>
  <input class=flash type=text name=name id=name>
  </input></span><p></p>

  <span title="Your password">
  <label>&nbsp;&nbsp;Password:&nbsp;&nbsp;</label>
  <input class=flash type=password name=password id=password>
  </input></span><p></p>
   
   <center>
   <button class=flash type=submit> Submit </button>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
   </center>
   <p></p>

</form></tr></td></table></body></html>
EOF

# Otherwise, we have a valid user, and good to go, so lets get 
# some matching list data and draw page accordingly.
$is_OK && cat << EOF
<form action="" method=post>
<p><span title="Enter a search pattern, using regular expressions if you
want">
<a name=search><label accesskey=q for=query><b><u>Search for</u>:&nbsp;&nbsp;&nbsp;&nbsp;</b></label></a>
 <input class=flash type=text name=q id=regex size=20 
  maxlength=200 value="$search"
 onKeyUp="findme()"></span></p>
</td>
 <td align=left>
  <span title="Show the entire contents of this $generic">
  <input type=radio name=scope id=all onclick="findme()">
  <label>&nbsp;&nbsp;Show All</label></input></span><br>
 
  <span title="The search pattern will match any portion of a line">
  <input type=radio name=scope id=anywhere onclick="findme()" checked>
  <label>&nbsp;&nbsp;Match anywhere</label></input></span><br>
 
  <span title="The search pattern will match only at the beginning of a line">
  <input type=radio name=scope id=beginning onclick="findme();">
  <label>&nbsp;&nbsp;Match beginning of a line</label></input></span><br>
EOF

# only admin can edit
$is_OK && [ -n "$admin" ] && cat << EOF
  <span title="Add to, change or delete from this $generic">
  <input type=radio name=scope id=edit  
    onclick="findme();Focus(1);">
  <label>&nbsp;&nbsp;Add or Edit </label></input></span><br>
EOF

$is_OK && cat << EOF
  <hr noshade align=center size=1 style="width: 65%; size: 1px;">
  <span title="Search can be case-sensitive or not">
  <input type=checkbox name=case id=caseid  
    onclick="findme();">
  <label>&nbsp;&nbsp;Case sensitive </label></input></span><br>

  <span title="Maximum number of search results to show at one time">
  <label>
   &nbsp;&nbsp;Maximum number of results to show: </label>
  <input class=flash type=text name=maxhits id=maxhits size=2 maxlength=2 
   onchange="findme()">
  </input></span><br>
  </form>
  </td></tr>
</table>

<div id="masterlist" style="white-space: pre; font-family: monospace;
padding-left: 5px; background-color: lightgrey; border: solid 1px;">
<!-- generated list data will go here --></div>

<div id="divlist" style="display: none;">
 <form id="edit" name="edit" method=post enctype="text/plain" action="phonebook">
  <center>
  <textarea rows=20 cols=90 name=new_pfile id=new_pfile style="whitespace: pre;">
$data
  </textarea><p>
   <button class=flash type=submit> Save </button>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
  <button class=flash type=reset
  onclick="document.forms[0].scope[3].checked=false;
  document.forms[0].scope[1].checked=true;findme()"> Cancel </button>
 </center>
 </form>
</div>

<script language="JavaScript">
<!--
document.getElementById("maxhits").value = Max_Hits;

//function to dynamically fine-tune list on each key/mouse stroke:
function findme() {
 var flags = (document.forms[0].caseid.checked) ? '' : "i";
 var bol = (document.forms[0].scope[2].checked) ? '^' : '';
 var re = new RegExp('('+bol+document.forms[0].regex.value+')', flags);
 var newstr = '<pre><p></p>';
 var hits = 0;
 var max_hits = document.getElementById("maxhits").value;
 if (document.forms[0].scope[0].checked || (document.forms[0].scope[3] && document.forms[0].scope[3].checked) ) {
   //show all
     if (document.forms[0].scope[0].checked) {max_hits = 10000;}
     if (document.forms[0].scope[3] && document.forms[0].scope[3].checked) {
        document.getElementById("divlist").style.display = "block" ;
        setCursor(document.forms[1].new_pfile)
     } else {
        document.getElementById("divlist").style.display = "none" ;
     }
   document.forms[0].regex.value = '';
   document.forms[0].regex.disabled = true;
   document.forms[0].maxhits.disabled = true;
   document.forms[0].caseid.disabled = true;
   re = new RegExp("."); //match em all, the long and the short and the tall...
 } else {
   document.forms[0].caseid.disabled = false;
   document.getElementById("divlist").style.display = "none" ;
   document.forms[0].regex.disabled = false;
   document.forms[0].maxhits.disabled = false;
 }
 for (var i = 0; i < aList.length; i++) {
   if (aList[i].match(re)) { 
     newstr += aList[i]+"<br>";
     hits++;
   }
 }
 if (hits > max_hits || hits <1) {
    newstr = '';
 } else {
    newstr += '</pre><div id="printbutton" style="text-align: center; padding-top: 20px;"><input class=flash type="button" onclick="window.print()" value="Print This Page"><p></p></div>'; 
 }
 document.getElementById("masterlist").innerHTML = newstr ;
 Focus(0);
 return true;
}

function setCursor(control) {
  if (control.createTextRange) {
    var range = control.createTextRange();
    range.collapse(false);
    range.select();
  }
  else if (control.setSelectionRange) {
    control.focus();
    control.setSelectionRange(0, 0);
  }
}


//END--></script>
</body></html>
<!-- buh-bye -->
EOF

# eof phonebook
# set vi:nowrap