#!/usr/bin/perl -wT
# pop-view.cgi

$| = 1;

use strict;
use Mail::POP3Client;
use CGI qw(:standard);
use CGI::Carp qw(fatalsToBrowser);
use MIME::Parser;
use URI::Escape;
use Untaint;

my $cookie = cookie('WebMail') || 0;
my ($user, $pass, $server);

if (!$cookie) {
	print redirect("pop-login.html"); exit;
}else{
	print header;
	($user, $pass, $server) = split(" ",$cookie);
}

my $message = param('mess');

$server = untaint(qr(.*), $server);
$user = untaint(qr(^\w{1,8}$), $user);
$pass = untaint(qr(^\w{1,8}$), $pass);

my $pop = new Mail::POP3Client(HOST => "$server");

$pop->User($user);
$pop->Pass($pass);
$pop->Connect() || &error($pop->Message);

my $parser = new MIME::Parser;

if (!(-d "./$user-$server")) {
	system("/bin/mkdir", "-m","0777", "$user-$server");
}

$parser->output_dir("./$user-$server");

my $mail = $pop->Retrieve($message);
my $entity = $parser->parse_data($mail);
my $head = $entity->head;

print qq(To: ) . text_to_html($head->get('To',0));
print qq(CC: ) . text_to_html($head->get('Cc', 0)) if $head->get('Cc', 0);
print qq(Subject: ) . text_to_html($head->get('Subject',0));
print qq(From: ) . text_to_html($head->get('From', 0));
print qq(Date: ) . $head->get('Date', 0) . qq(<br>\n);

my $parts = $entity->parts;

print p;

if (!$parts) {
	print text_to_html($entity->body_as_string);
	$entity->purge;
}else{
	print text_to_html($entity->parts(0)->bodyhandle->as_string);
	print h3("Attachments:");
	for (my $i=1; $i<$entity->parts;$i++) {
		(my $temp_file_name = $entity->parts($i)->bodyhandle->path) =~
			s!^.*$user-$server/!!;

		my $uri_file = uri_escape($temp_file_name);

		if ($temp_file_name=~/\.(gif|jpg|png)$/i) {
			print qq(File: <img src="$user-$server/$temp_file_name"><br>);
		} else {
			print qq(File: <a href="view_att.cgi?att=$uri_file">$temp_file_name</a><br>);
		}
	}
}

print p({-align=>'center'},

a({-href=>"index.cgi?delete=1&mess=$message"},"Delete Message"), " | ",
a({-href=>"index.cgi"}, "Back to Mail"), " | ",
a({-href=>"pop-logout.cgi"}, "Log Out"));

$pop->Close;

sub text_to_html {
	my $raw = shift;
	$raw =~ s/([<>])/($1 eq '<') ? "&lt;" : "&gt\;"/eg;
	$raw =~ s!((ht|f)tps?://)([\w-]*)((\..[^\s]*)+)!<a href="$1$3$4" tar-get="external">$1$3$4</a>!g;
	$raw =~ s!([\w\-.]+)\@([\w-]+)((\.[\w-]+)*)!<a href=\"compose.isp?to_address=$1\@$2$3\">$1\@$2$3</a>!g;
	$raw =~ s/\n/<br>/g;
	return $raw;
}

sub error {
	my $err = shift;
	print h3("There was an error connecting to the server ($err). Please try again"),p,
		a({-href=>'index.cgi'},"Home");
	exit;
}