#!/usr/bin/perl

#Einleitung

use CGI;
use CGI::Carp qw(fatalsToBrowser);
use POSIX;
$q = new CGI;

$page = $q->param("page");

require "../hpm_einstellungen.cgi";
require "../templates_login/$logintemplate/daten.cgi";

if ($page eq "index")
{
   #Eingaben einlesen

   $username = $q->param("user");
   $passwort = $q->param("pass");
   $lng = $q->param("lng");

   $username = lc($username);

   if ($username eq "") { print "Location: $maindir/index.php?lng=$lng&page=fehler&er=29\n\n"; exit(); }
   if ($passwort eq "") { print "Location: $maindir/index.php?lng=$lng&page=fehler&er=30\n\n"; exit(); }

   if (!(-e "../$internmaindir/userdaten/main/$username.dat")) { print "Location: $maindir/index.php?lng=$lng&page=fehler&er=31\n\n"; }

   open(FILE, "../$internmaindir/userdaten/main/$username.dat");
   chomp(@userdata = <FILE>);
   close(FILE);

   $userid = $userdata[0];
   $sollpass = $userdata[2];
   $lng = $userdata[3];

   $passwortc = crypt $passwort, 12;
   $pass = $passwort;

   if (!($passwortc eq $sollpass)) { print "Location: $maindir/index.php?lng=$lng&page=fehler&er=31\n\n"; }

   #Session anlegen

   $uid .= ("a".."z")[int rand 62] foreach 1..10;
 
   use DBI;
   $dbh = DBI->connect("DBI:$dbdriver:$dbdatabase:$dbhost:$dbport", $dbuser, $dbpassword);
   $dbh->do("INSERT INTO hpm_sessions VALUES ('$uid','time();','$username','$lng','$userid');");
}
else
{
   $uid = $q->param("uid");

   #Session vorhanden?

   use DBI;
   $dbh = DBI->connect("DBI:$dbdriver:$dbdatabase:$dbhost:$dbport", $dbuser, $dbpassword);
   $data = $dbh->selectrow_hashref("SELECT username, lng, userid FROM hpm_sessions WHERE sid='$uid';");

   $username = $$data{'username'};
   $lng = $$data{'lng'};
   $userid = $$data{'userid'};

   if (!$username)
   {
      print "Location: $maindir/index.php?lng=$lng&page=fehler&er=31\n\n";
   }

   $bilderdir = "$maindir/sprache/$lng/bilder";
}

require $page . ".cgi";

exit();