#!/usr/bin/perl -wT

use DBI;
use strict;
use CGI qw(:standard);
require "./shared.pl" or die "Can't find file. $!\n";

my $file   = param('file');
my $action = param('action');

my $user   = Check_Cookie();
my $dbh    = DB_Connect();

my $f_ptr  = Get_File_Info_ID($file);
my $group  = Get_Group($user);

my %g_hash = ( 'BOFH' => 4, 'PHB'  => 3,
               'USER' => 2, 'PEON' => 1);

my $u_val = $g_hash{$group};
my $f_val = $g_hash{$f_ptr->{group_id}};

print redirect(-uri=>"auth.cgi") 
  unless($u_val >= $f_val);

if($action eq "view"){
    View_File();
    exit;
}
elsif($action eq "checkout"){
    Check_Out();
    print redirect(-uri=>"main.cgi");
    exit;
}
elsif($action eq "checkin"){
    Check_In();
    print redirect(-uri=>"main.cgi");
    exit;
}
else{
    print redirect(-uri=>"main.cgi");
    exit;
}


sub Check_Out{
    my $time = time();
    $dbh->do( qq{ UPDATE dms_files
                  SET 
                  who_to   = '$user',
                  out_date = '$time'
                  WHERE
                  file_id  = '$file' } );

    print redirect(-uri=>"main.cgi");
}

sub Check_In{
    $dbh->do( qq{ UPDATE dms_files
                  SET 
                  who_to   = NULL,
                  out_date = NULL 
                  WHERE
                  file_id  = '$file' } );

    print redirect(-uri=>"main.cgi");
}

sub View_File{
    my $data;
    my $filepath = "data/$f_ptr->{group_id}/$f_ptr->{filename}";

    print redirect(-uri=>"main.cgi") unless $f_ptr->{filename};

    open(FILE, $filepath) or die "Error opening file! $filepath $!\n";

    print header($f_ptr->{mime_type});
    while( read(FILE, $data, 1024) ){
        print $data;
    }
    close FILE;
}


sub Get_File_Info_ID{
    my $file_id = shift;

    my $sth = $dbh->prepare( qq{ SELECT *
                                 FROM dms_files
                                 WHERE file_id = ? } );

    $sth->execute($file_id);

    my $ptr = $sth->fetchrow_hashref;
    return $ptr; 
}