#!/usr/bin/perl -T

#
# akopia, Inc.
# Somewhat modified version of embpexec.pl, to limit access to all but
# specified .epl files.

# *** the variables listed below will need to be modified for
# *** each installation not using mod_perl

##############################################################################
#
#   Embperl - Copyright (c) 1997-1999 Gerald Richter / ECOS
#
#   You may distribute under the terms of either the GNU General Public
#   License or the Artistic License, as specified in the Perl README file.
#   For use with Apache httpd and mod_perl, see also Apache copyright.
#
#   THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
#   IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
#   WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
##############################################################################


##############################################################################
######## Edit the following values:  #########################################
##############################################################################

# The directory containing the TallyMan libraries:
use lib "/usr/local/tallyman/lib";

# The directory containing this file
$base_dir = '/usr/local/tallyman/tallyman';

# The directory containing the lib/ and stores/ directories
$ENV{TALLYMAN_PATH} = '/usr/local/tallyman';

# The subdirectory of stores/ containing your store's info. 
# "sample" is the included sample store
$ENV{TALLYMAN_SID} = 'test';

# If you want to redirect the browser to the images, instead of 
# running them through this script, uncomment this line and set it
# to the path (from the browser's perspective) of the images directory
# (not the real file path of the images).  Obviously, you'll then need to
# copy the images to the appropriate directory. 
#    $image_redirect_path = '/~jason/images';


# You shouldn't need to edit anything below this line ########################
##############################################################################
##############################################################################
##############################################################################
##############################################################################
##############################################################################
##############################################################################
##############################################################################













$forbidden = <<EOF;
Content-type: text/html
Status: 403

<html>
<head>
<title>
Forbidden
</title>
</head>
<body>
<p>
The server has been instructed not to let you have the file you requested.
</p>
</body>
</html>
EOF

sub cat_img {
    my($fn) = @_;

    local $/;
    undef $/;

    unless($fn =~ m|^[a-zA-Z0-9.\-/_]+$|) {
	print("Content-type: text/plain\n\nForbidden.\n");
	exit 0;
    }

    unless(open(IMG_FILE, "< $fn")) {
	print("Content-type: text/plain\n\nError opening $fn.\n");
	exit 0;
    }

    my($img_data);

    seek(IMG_FILE,0,2);
    my($length)=tell(IMG_FILE);
    seek(IMG_FILE,0,0);
    read IMG_FILE,$img_data,$length;
    close(IMG_FILE);

    my($c_type);
    $c_type = "image/gif" if($fn =~ /gif$/i);
    $c_type = "image/jpeg" if($fn =~ /jpg$/i);
    $c_type = "image/jpeg" if($fn =~ /jpeg$/i);
    $c_type = "application/x-javascript" if($fn =~ /js$/i);

    print("Content-type: $c_type\n\n", $img_data);
    
    exit 0;
}

$req_fn = $ENV{PATH_INFO};

if($req_fn !~ m{^/(images/)?[a-zA-Z0-9\_\.\-]+\.(epl|js|gif|jpg|jpeg)$}) {
    print $forbidden;
    exit 0;
}

if($req_fn =~ /epl$/) {

  $ENV{PATH_TRANSLATED} = $base_dir . $req_fn;

  unless(open(FOO, "< $ENV{PATH_TRANSLATED}")) {
      print $forbidden;
      exit 0;
  }

  close FOO;

  # require does its thing at runtime, not compile time.  Putting
  # it here makes the other branch of the if statement execute *much*
  # faster
  require HTML::Embperl;

  HTML::Embperl::run () ;

  exit 0;

} elsif($req_fn =~ /(gif|jpg|jpeg|js)$/) {

    if(defined($image_redirect_path)) {
	$req_fn =~ s|^/images/||;
	print("Location: $image_redirect_path/$req_fn\n\n");
    } else {

	&cat_img($base_dir . $req_fn);
    }
} else {
print <<EOF;
Content-type: text/plain

Reality check bounced in epl.
EOF
}





