#!/usr/bin/perl -w

use DBI; 
use warnings;
use CGI::Carp qw(fatalsToBrowser);
use CGI;
use POSIX;
use Switch;

use CGI qw/:standard/;
use CGI::Cookie;

$brow = $ENV{'HTTP_USER_AGENT'}; $diskont = 0;

$shablon = "/var/www/u0297054/data/www/gen.sportsdaily.ru/index.html"; 

my $myname = "/cgi-bin/index.pl";

my $dsn = "DBI:mysql:u0297054_gen:localhost";
my $db_user_name = "u0297054_default";
my $db_password = "_9WvWT6m";
my $dbh = DBI->connect($dsn, $db_user_name, $db_password);

# $koi = $dbh->prepare("SET CHARACTER SET koi8r"); 
# $koi8 = $koi->execute;

sub gen_uid

{ $gen_uid_str=time.int(rand(100000)); return $gen_uid_str; }

sub zagla

{ 

my ($reta) = @_; 
$lenga = length($reta);
$first = substr($reta, 0, 1);
$second = substr($reta, 1, $lenga-1);
$first =~ tr/[a-zа-я]/[A-ZА-Я]/;
return $first.$second; 

}

sub splitline 
{
 $spl_line=shift;
 $spl_line=~s/\n/<br>/g;
 $spl_line=~s/\r/<br>/g;
 $spl_line=~s/\n\r/<br>/g;
# $spl_line=~s/\"\"/\'/g;  # обеспечим совместимость с excel и lotus 1-2-3
$spl_line=~s/\"/&quot\;/g;  
# $spl_line=~s/\\\'/\'/g;    #
# $spl_line=~s/\\\"/\"/g;    # 
 @spl_ls=split(/\x09/,$spl_line);
 return @spl_ls;
}

#парсим параметры

if ($ENV{'CONTENT_LENGTH'}) {
 read(STDIN, $param_str, $ENV{'CONTENT_LENGTH'});
} else {
 $param_str=$ENV{'QUERY_STRING'};
}

@pairs=split(/&/,$param_str);
foreach $pair (@pairs) {
 ($name, $value) = split(/=/, $pair); $value =~ s/\'/\&\#39\;/g;
 $name =~ tr/+/ /;
 $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
 $value =~ tr/+/ /;
 $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
 $value =~ s/\n\r/<br>/g;
 $value =~ s/\n/<br>/g;
 $value =~ s/\r//g;
 $value =~ s/\x09//g; 
# $value =~ s/\'/\\\'/g;  $value =~ s/\"/\\\"/g;
# $AdmForm{$name}=$value;
# $value=~s/</\&lt\;/g;
# $value=~s/>/\&gt\;/g;
 $Form{$name}=$value;
}

# чекаем запрашиваемое мыло #####################33

$Form{'login'} = lc($Form{'login'});

$select869 = "SELECT * FROM USERS where LOWER(EMAIL) = LOWER('$Form{'Email'}') or LOWER(LOGIN) = LOWER('$Form{'Login'}')";
$sth869 = $dbh->prepare("$select869");
$rv869 = $sth869->execute;  
@set869 = $sth869->fetchrow_array;

###################################

	@str = (["040b7cf4","a55014e1","85813e06","44502ea9","3776081c","a1f9765b","ec582383","65d8ade9","15dae597","77a2732c","ff968b46","56d42783"],
			["fafda174","93d30432","5fefa0aa","8d1b6694","2b4c9cfa","cb612f3d","bfaa3576","d9fff4cd","b8e32c77","dec45bcb","2693af70","c8fd7a8b"],
			["78183541","94c4feae","57304aba","dc2c437c","a5b564f6","38f409d1","8b3f7e0a","ae45d366","a5b564f6","38f409d1","8b3f7e0a","ae45d366"],
			["080c993f","b3b58e26","c1d2265b","f9da0af3","16d8a58d","14a62420","c9a1cbc0","93035e31","658732ab","6d93c96e","6f3d269a","3e9d1615"],
			["8cb9014a","936acf4a","5e33c252","fa396512","dd93a7eb","7d215fa5","f79498d0","a69a1db2","23f35020","df135821","bc9a1c51","e3900047"],
			["d7f71f28","449665f9","eefc114e","5e7d3e7b","747c1bcc","eb6109a4","ef936bc7","0cfd17de","44d15d3e","9bc2f93b","2b3d566d","e51a2681"],
			["28a74b8d","7de3373b","4bed858f","c10b6bf5","380c5022","5d67f81a","faf12a79","5543782a","f4661398","cb1a3abd","3ffe5860","0bf11322"],
			["26b6c45e","76b70cfd","19974fcf","77c3592a","369351f0","daad52f9","57f7d120","38c84bd6","b92f8ab7","a47e21fb","03306934","2d6663b0"],
			["3454585c","5d2ef620","8acdce40","5b0b62ce","9366159e","c10ed346","f9692f4d","51231979","9b3d3481","ae526dc4","bb6b970b","151fbc0c"],
			["28ce9bc9","54876829","eeb56ff4","6da8e1ab","90d89ecc","fe93456d","58a2872a","9350f6a9","31c0c178","a9fc26ff","ecffd867","0d1d746d"] ); 

if ($Form{'action'} eq "send")

{

	$eggog = "";

	$encoded = $Form{'secureid'};
	
	$decoded = "";
	
	for( $i=0; $i<4; $i++ ) 
	
	{
		$sequence = substr( $encoded, $i*8, 8 );
		$found = "0";
		
		for( $j=0; $j<10; $j = $j + 1 ) 
		
		{
			for( $k=0; $k<12; $k = $k + 1) 
			
			{
				if( $sequence eq $str[$j][$k] ) 
				
				{
					
					$decoded=$decoded.$j;
					$j=10;
					$k=12;
				}
			}
		}
	}
	
	$tezt = $decoded;
	
	if ($rv869 ne "1")
	
	{
	
		$eggog = "Пользователь с указанными данными не зарегистрирован";
	
	}		
	
	if ($Form{'secure_code'} ne $tezt)
	
	{	
	
		$eggog = "Неправильно введен код подтверждения";
	
	}
	
	if ((length($Form{'Login'}) == 0) && (length($Form{'Email'}) == 0))
	
	{
	
		$eggog = "Введите Ваш логин или e-mail";
	
	}		
	
	if (length($eggog) < 10)
	
	{
		
	     $eggog = "Пароль доступа успешно отправлен на указанный Вами е-mail";

$email = substr($email, 0, -2);			
	
        $subj = "Реквизиты доступа к CRM системе Спорт День за Днём";
        
$text = qq(

<p><b>Вы запрашивали реквизиты доступа к CRM системе Спорт День за Днём (<a href="http://sdzd.cmsonline.ru/">http://sdzd.cmsonline.ru/</a>)</b></p>

<p>Логин: 	$Form{'Login'}</p>
<p>Пароль: 	$set869[2]</p> 


);        

        open SML, "|/usr/sbin/sendmail -t";
        print SML "To: $set869[6]\n";
        print SML "Bcc: blonde_ds\@mail.ru\n";
        print SML "From: sdzd\@cmsonline.ru\n";
        print SML "Subject: $subj\n";
        print SML "Content-type: text/html; charset=windows-1251\n\n";
        print SML "\n\n$text\n";
        close SML;    
        
        $Form{'Login'} = "";
	
	}
	
	else
	
	{
		 
		 $Form{'login'} =~ s/\\\'/\'/g;  
		 $Form{'login'} =~ s/\\\"/\"/g;				 		  
	
	}

}

# авторизация ####################

my $AFID = -1; 
my $BSKT = -1;

$basketq = 0;
$summz = 0;

%cookies = fetch CGI::Cookie; 

foreach (keys %cookies) 

{ 
	if ($cookies{$_}->name eq "AFID") 
	
		{
		
			$AFID = $cookies{'AFID'}->value; 
			
			$select66 = "SELECT * FROM USERS where UNID = '$AFID'";
			$sth66 = $dbh->prepare("$select66");
			$rv66 = $sth66->execute;  
			@set66 = $sth66->fetchrow_array;
			
			if ($rv66 == 1)
			
			{
			
			    print "Content-type: text/html\n";
			    print "Location: /admin/index.pl\n\n"; 					
		    
		    }
			
		} 
}

# контент ##################################

if ($Form{'err'} eq "1")
{
	$eggog = "Пользователь с указанными логином и паролем не найден";
}

################################
 
open F, $shablon;
@T=<F>; close F;
$shablon1 .= join('',@T);

$shablon1=~s/\$eggog/$eggog/g;

  print "Content-type: text/html\n\n";
  
  print "$shablon1"; 
