#!/usr/bin/perl
use CGI::Carp qw(fatalsToBrowser);


################################################################
#                                                              #
#        HitMan                                                #
#                                                              #
#        Este script es de web access                          #
#                                                              #
#        HitMan 2 es para win interface                        #
#                                                              #
#                                                              #
################################################################

&parse_form;
&get_date;

$cmnd = $formdata{'cmd'};
$custID = $formdata{'acc'};

if ($cmnd eq 'errmail') {
    $fname = "errmails.txt";
    open(DAT,">>$fname") || die $!;
    flock(DAT,2);
    print(DAT "$date|$custID|$formdata{'ref'}|$formdata{'email'}\n");
    flock(DAT, 8);
    close(DAT);
    $link = "http://www.caracolix.com/HitMan/mailerror.html";
    print "Location: $link\n\n";
    exit;
}



if ($cmnd eq '') {
    $frmLink = "$formdata{'flnk'}";
    &ifisuniqhit;
    $src = '1';
    &countHit;

###########################################################################
    print "Error invalid HitMan code - Expected Page View code";
### Added Dec 2007
###########################################################################
    exit;
}

sub ifisuniqhit {

    if ($formdata{'unq'} eq '1') {
        $fname = "cgi-bin/hm3/users/$custID/$frmLink\.obj";

        open(DAT,"$fname") || die $!;
        flock(DAT,2);        
        seek(DAT,0,0);
        @raw_data=<DAT>;
        flock(DAT, 8);
        close(DAT);

	foreach $indata (@raw_data) {
	    chop($indata);
            ($xdate,$xip,$xhost,$xclient,$xrefer,$xforw) = split(/\|/, $indata);


            for ($i=0; $i<length($xdate); $i++) {
                if (substr($xdate,$i,1) eq ":") {            
                    $sxdate = substr($xdate,0,$i);
                    last;
                }
            }
     

	    if ($sxdate eq $shdate) {                
                $hhour = substr($xdate,$i+1,2);
                $hmin = substr($xdate,$i+4,2);
                $htime = (60 * $hhour) + $hmin;  

		#print "Content-type: text/html\n\n";
		#print "$htime";
		#exit; 
            }
	    $tdif = $ttime - $htime;
            if ($tdif < 1380) {
                $nocount="1";
            }            
	}
    }
}


#right to know shows stats to public through web

if ($cmnd eq 'rtn') {
    #check to see if pin file exist
    #pin file is the permit to show
    $fname = "cgi-bin/hm3/users/$custID/pin.dat";
    print "Content-type: text/html\n\n";
    open(REG, "$fname") || goto noacc;
    close(REG);
    &openandshow;
    exit;
}




if ($cmnd eq 'fix') {
    $frmLink = "$formdata{'lnk'}";
    &ifisuniqhit;
    &countHit;
    exit;
}


sub countHit {
    $fname = "cgi-bin/hm3/users/$custID/$custID\.obj";
    open(DAT,"<$fname") || die $!;
    flock(DAT,2);
    seek(DAT,0,0);
    @raw_data=<DAT>;
    flock(DAT, 8);
    close(DAT);

    foreach $data_line (@raw_data) {
        chop($data_line);
        ($file,$link,$delator)=split(/`/,$data_line);

        if ($frmLink eq $file) {
	    if ($nocount ne '1') {
                &Count_hit;
                &Report_Contacto;
                &Check_alerts;
            }
            if ($src eq '1') {
                print "Location: $link\n\n";
            } else {
                print "Content-type: text/html\n\n";
                if ($formdata{'colr'}) {
                    print "<BODY BGCOLOR=$formdata{'colr'}";
                }
                print "<P ALIGN=CENTER><FONT SIZE=1>Counters Powered by </FONT><A HREF=http://www.caracolix.com/HitMan/><FONT SIZE=1>HitMan</FONT></A>";
            }
            exit;
        }        
    }
}




## Counter

sub Count_hit {

    $fname = "cgi-bin/hm3/users/$custID/$custID\.dat";
    open(DB,"+<$fname") || die $!;
    flock(DB,2);
    seek(DB,0,0);
    @DATA = <DB>;
    $SIZE = @DATA;

    $i = 0;
    while ($i <= $SIZE) {
        ($counter,$oldlink,$olddate) = split(/`/,$DATA[$i]);
        chop($olddate);
        if ($oldlink eq $frmLink) {
            $counter++;
            $DATA[$i] = "$counter`$frmLink`$date\n";
            goto LocateLink;
        }
        $i++;
    }

    push @DATA, "1`$frmLink`$date\n";

LocateLink:

    seek(DB,0,0);
    print(DB @DATA);
    truncate(DB,tell(DB));
    flock(DB, 8);
    close(DB);
}



sub Report_Contacto {
    $fname = "cgi-bin/hm3/users/$custID/$frmLink\.obj";
    $out_data = "$date|$ENV{'REMOTE_ADDR'}|$ENV{'REMOTE_HOST'}|$ENV{'HTTP_USER_AGENT'}|$ENV{'HTTP_REFERER'}|$ENV{'HTTP_X_FORWARDED_FOR'}";
    open(OUF,">>$fname") || die $!;
    flock(OUF, 2);
    print(OUF "$out_data\n");
    flock(OUF, 8); 
    close(OUF);    
}


sub Check_alerts {

    $fname = "cgi-bin/hm3/users/$custID/$custID\.alr";
    if (-e $fname) {
        
        open(DAT,"<$fname") || die $!;
        flock(DAT,2);
        seek(DAT,0,0);
        @ALARMS=<DAT>;
        flock(DAT, 8); 
        close(DAT); 

        foreach $data_alm (@ALARMS)
        {
             ($fref,$alarmval,$fmailwho) = split(/\|/,$data_alm);

             if ($fref eq $formdata{'lnk'}) {            

                 if ($alarmval eq $counter) {

                     $link = 'http://www.caracolix.com/cgi-bin/HitMan/hitman.cgi?cmd=errmail&acc=';
                     $formatedLink = $formdata{'lnk'};
                     $formatedLink =~ tr/ /+/;
                     $mailprog = '/usr/sbin/sendmail -i -t';
                     $cfrom = "alerts\@hitMan.caracolix.com";
                     $motivo = "HitMan COUNTER ALERT: We are making noises here";
                     $txtmsg = "DING - DING - DING - DING - DING - DING - DING \n\n"; 
                     $txtmsg .= "Your alarm for $formdata{'lnk'} has just reached $counter hits.\n";
                     $txtmsg .= "That happened Today : $date\n";
                     $txtmsg .= "Visitor IP is: $ENV{REMOTE_ADDR}\n\n\n";
                     $txtmsg .= "This is not spam. someone has selected you to be informed when this event happens.\n";
                     $txtmsg .= "If you belive to have received this notice for error please click the link below to report this incident\n\n\n";
                     $txtmsg .= "$link$custID&email=$fmailwho&ref=$formatedLink\n\n";

                     open(MAIL,"|$mailprog");
                     print MAIL "To: $fmailwho\n";
                     print MAIL "From: $cfrom\n";
                     print MAIL "Subject: $motivo\n\n";
                     print MAIL "-" x 75 . "\n\n";
                     print MAIL $txtmsg;
                     print MAIL "$env_report: $ENV{$env_report}\n";
                     print MAIL "-" x 75 . "\n\n";
                     close (MAIL);
                 }
            }
        }     
    }
}



sub openandshow {
    $fname = "cgi-bin/hm3/users/$custID/$custID\.dat";
    open(DAT,"$fname") || die $!;
    flock(DAT,2);
    seek(DAT,0,0);
    @raw_data=<DAT>;
    flock(DAT, 8);
    close(DAT);
    print "@raw_data";
}



sub get_date {

    # Define arrays for the day of the week and month of the year.           #
    @days   = ('Sunday','Monday','Tuesday','Wednesday',
               'Thursday','Friday','Saturday');
    @months = ('January','February','March','April','May','June','July',
               'August','September','October','November','December');

    # Get the current time and format the hour, minutes and seconds.  Add    #
    # 1900 to the year to get the full 4 digit year.                         #
    ($sec,$min,$hour,$mday,$mon,$year,$wday) = (localtime(time))[0,1,2,3,4,5,6];
    $time = sprintf("%02d:%02d:%02d",$hour,$min,$sec);
    $year += 1900;

    # Format the date.                                                       #
    #$date = "$days[$wday], $months[$mon] $mday, $year at $time";
    
    $dmon = $mon + 1;

    $date = "$dmon\-$mday\-$year\:$time";

    $shdate = "$dmon\-$mday\-$year";

    $ttime = (60 * $hour) + $min;

}


# parse the form

sub parse_form {
	if ($ENV{'REQUEST_METHOD'} eq 'GET') {
		@pairs = split(/&/, $ENV{'QUERY_STRING'});
	} elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
		read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
		@pairs = split(/&/, $buffer);
		
		if ($ENV{'QUERY_STRING'}) {
			@getpairs =split(/&/, $ENV{'QUERY_STRING'});
			push(@pairs,@getpairs);
			}
	} else {
		print "Content-type: text/html\n\n";
		print "<P>Use Post or Get";
	}


	foreach $pair (@pairs) {
		($key, $value) = split (/=/, $pair);
		$key =~ tr/+/ /;
		$key =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
		$value =~ tr/+/ /;
		$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;	
		$value =~s/<!--(.|\n)*-->//g;

		if ($formdata{$key}) {
			$formdata{$key} .= ", $value";
		} else {
			$formdata{$key} = $value;
		}


	}
	@reqval = split(/,/,$formdata{'required'});
}


noacc:
print "<B>Forbidden Access";