<%@ page contentType="text/html;charset=gbk"%>
<%@ page import="java.net.URLDecoder"%>
<%@ page import="com.hongshee.ejforum.util.PageUtils"%>
<%@ page import="com.hongshee.ejforum.util.AppUtils"%>
<%@ page import="com.hongshee.ejforum.common.ForumSetting"%>
<%@ page import="com.hongshee.ejforum.common.IConstants"%>
<%@ page import="com.hongshee.ejforum.common.CacheManager"%>
<%@ page import="com.hongshee.ejforum.data.UserDAO"%>
<%@ page import="com.hongshee.ejforum.data.UserDAO.UserInfo"%>
<%@ page import="com.hongshee.ejforum.data.GroupDAO.GroupVO"%>
<%@ page import="com.hongshee.ejforum.data.BoardDAO.BoardVO"%>
<%@ page import="com.hongshee.ejforum.data.SectionDAO.SectionVO"%>
<%@ page import="com.hongshee.ejforum.data.TopicDAO"%>
<%@ page import="com.hongshee.ejforum.data.ReplyDAO"%>
<%@ page import="com.hongshee.ejforum.data.ActionLogDAO"%>
<%@ page import="com.hongshee.ejforum.data.ShortMsgDAO"%>
<%@ page import="com.hongshee.ejforum.data.BookmarkDAO"%>
<%@ page import="com.hongshee.ejforum.data.FriendDAO"%>
<%
	PageUtils.checkReferer(request); // Enhance security
	String ctxPath = request.getContextPath();
	UserInfo userinfo = null; 
	
	ForumSetting setting = ForumSetting.getInstance();
	String forumName = setting.getForumName();

	String result = null;
	String msg = null;
	String backurl = "<a href=\"javascript:history.back()\">[ 點(diǎn)擊這里返回上一頁 ]</a>";
    String act = request.getParameter("act");
	
	if (act == null)
	{
		request.setAttribute("errorMsg", "請求參數(shù)錯誤");
		request.getRequestDispatcher("/error.jsp").forward(request, response);
		return;
	}
	else if (act.equals("lgn"))
	{	
		UserDAO dao = UserDAO.getInstance();
		result = dao.doLogin(request, response);
		if (result != null && result.equals("OK"))
		{
		    String fromPath = request.getParameter("fromPath");
			if (fromPath == null || fromPath.trim().length() == 0 || fromPath.trim().equals("/"))
				fromPath = ctxPath;
			else
				fromPath = URLDecoder.decode(fromPath);
			response.sendRedirect(fromPath);
			return;
		}
		else
		{
			request.setAttribute("errorMsg", "登錄失敗 - " + result);
			request.getRequestDispatcher("/error.jsp").forward(request, response);
			return;
		}
	}
	else if (act.equals("lgt"))
	{
		UserDAO.getInstance().doLogout(request, response);
	    String fromPath = request.getParameter("fromPath");
		if (fromPath == null || fromPath.trim().length() == 0 || fromPath.trim().equals("/"))
			fromPath = ctxPath;
		else
			fromPath = URLDecoder.decode(fromPath);
		response.sendRedirect(fromPath);
		return;
	}
	else if (act.startsWith("post_"))
	{
		String verifycode = request.getParameter("verifycode");
		String vcode = session.getAttribute("vcode")==null?"":session.getAttribute("vcode").toString();
		if (verifycode != null && verifycode.trim().equals(vcode))
		{
			act = act.substring(5);
		    userinfo = PageUtils.getSessionUser(request);

			String sectionID = request.getParameter("sid");
			String boardID = request.getParameter("fid");
			String topicID = request.getParameter("tid");
		
			CacheManager cache = CacheManager.getInstance();
			SectionVO aSection = cache.getSection(sectionID);
			BoardVO aBoard = cache.getBoard(aSection, boardID);
			GroupVO userGroup = PageUtils.getGroupVO(userinfo, aSection, aBoard);

			if (userinfo == null)
			{
				if (aBoard.isGuestPostOK == 'F' 
					|| (act.equals("reply") && !PageUtils.isPermitted(aBoard,userGroup,IConstants.PERMIT_NEW_REPLY))
					|| (act.equals("topic") && !PageUtils.isPermitted(aBoard,userGroup,IConstants.PERMIT_NEW_TOPIC))
					|| (act.equals("reward") && userGroup.rights.indexOf(IConstants.PERMIT_NEW_REWARD) < 0)
					|| (act.equals("reward") && !PageUtils.isPermitted(aBoard,userGroup,IConstants.PERMIT_NEW_TOPIC))
					|| (act.equals("edit")))
				{	
					String fromPath = ctxPath + "/post.jsp";
					String queryStr = request.getQueryString();
					if (queryStr != null)
					{
						queryStr = queryStr.replace("act=post_", "act=");
						int p = queryStr.indexOf("&verifycode=");
						if (p >= 0) 
							queryStr = queryStr.substring(0, p);
						fromPath = fromPath + "?" + queryStr + "&reload=true";
					}
					request.setAttribute("fromPath", fromPath);
					request.getRequestDispatcher("/login.jsp").forward(request, response);
					return;
				}
			}
			else if (userinfo.state == 'P')
			{
				request.setAttribute("errorMsg", "您已被禁止發(fā)帖或編輯帖子");
				request.getRequestDispatcher("/error.jsp").forward(request, response);
				return;
			}

			boolean hasRight = false;

			if (aBoard.allowGroups.indexOf(userGroup.groupID) < 0)
				hasRight = false;
			else if (act.equals("topic")) {
				if (PageUtils.isPermitted(aBoard,userGroup,IConstants.PERMIT_NEW_TOPIC))
					hasRight = true;
			} else if (act.equals("reward")) {
				if (userGroup.rights.indexOf(IConstants.PERMIT_NEW_REWARD) >= 0 
					&& PageUtils.isPermitted(aBoard,userGroup,IConstants.PERMIT_NEW_TOPIC))
					hasRight = true;
			} else if (act.equals("reply")) {
				if (PageUtils.isPermitted(aBoard,userGroup,IConstants.PERMIT_NEW_REPLY))
					hasRight = true;
			} else if (act.equals("edit")) {
				if (userGroup.rights.indexOf(IConstants.PERMIT_EDIT_POST) >= 0)
					hasRight = true;
				else
				{
					String replyID = request.getParameter("rid");
					String postID = null;
					if (replyID != null && !replyID.equals("0")) // reply
						postID = "r" + replyID + ",";    
					else if (topicID != null)
						postID = "t" + topicID + ",";
						
					if (postID != null)
					{
						String userPostIDs = (String)session.getAttribute("userPostIDs");
						if (userPostIDs != null && userPostIDs.indexOf(postID) >= 0)
							hasRight = true;
					}
				}	
			}				
			if (!hasRight)
			{		
				request.setAttribute("errorMsg", "用戶權(quán)限不足");
				request.getRequestDispatcher("/error.jsp").forward(request, response);
				return;
			}

			if (act.equals("topic") || act.equals("reward"))
			{
			    Object sessionPosts = (Object)session.getAttribute("posts");
			    if (sessionPosts != null)
				{
					int maxSessionPosts = setting.getInt(ForumSetting.MISC, "maxSessionPosts");
					if (Integer.parseInt(sessionPosts.toString()) > maxSessionPosts)
					{
						request.setAttribute("errorMsg", "您連續(xù)發(fā)帖數(shù)已經(jīng)達(dá)到上限，不能繼續(xù)發(fā)帖");
						request.getRequestDispatcher("/error.jsp").forward(request, response);
						return;
					}
				}
				result = TopicDAO.getInstance().createTopic(request, userinfo, aSection, aBoard, userGroup);
				if (result != null && result.equals("OK"))
				{
					StringBuilder sbuf = new StringBuilder();
					sbuf.append("forum-").append(sectionID).append("-").append(boardID).append("-1.html");
					response.sendRedirect(sbuf.toString());
					return;
				}
				else
					msg = result;
			}
			else if (act.equals("reply"))
			{
			    Object sessionPosts = (Object)session.getAttribute("posts");
			    if (sessionPosts != null)
				{
					int maxSessionPosts = setting.getInt(ForumSetting.MISC, "maxSessionPosts");
					if (Integer.parseInt(sessionPosts.toString()) > maxSessionPosts)
					{
						request.setAttribute("errorMsg", "您連續(xù)發(fā)帖數(shù)已經(jīng)達(dá)到上限，不能繼續(xù)發(fā)帖");
						request.getRequestDispatcher("/error.jsp").forward(request, response);
						return;
					}
				}
				result = ReplyDAO.getInstance().createReply(request, userinfo, aSection, aBoard, userGroup);
				if (result != null && result.equals("OK"))
				{
					StringBuilder sbuf = new StringBuilder();
					sbuf.append("topic-").append(topicID).append("-999.html");
					response.sendRedirect(sbuf.toString());
					return;
				}
				else
					msg = result;
			}
			else if (act.equals("edit"))
			{
				String replyID = request.getParameter("rid");

				if (replyID != null && !replyID.equals("0")) // reply
					result = ReplyDAO.getInstance().updateReply(request, userinfo, topicID, replyID, aSection, aBoard, userGroup);
				else	
					result = TopicDAO.getInstance().updateTopic(request, userinfo, topicID, aSection, aBoard, userGroup);
					
				if (result != null && result.equals("OK"))
				{
					String strPageNo = request.getParameter("page");
					int pageNo = PageUtils.getPageNo(strPageNo);
					
					StringBuilder sbuf = new StringBuilder();
					sbuf.append("topic-").append(topicID);
					sbuf.append("-").append(pageNo).append(".html");
					response.sendRedirect(sbuf.toString());
					return;
				}
				else
					msg = result;
			}
		}
		else
		{
			msg = "操作失敗：驗(yàn)證碼輸入錯誤，請重新填寫。";
		}
	}
	else if (act.startsWith("member_"))
	{
	    userinfo = PageUtils.getSessionUser(request);
	    if (userinfo == null)
    	{
			String fromPath = request.getHeader("referer");
	        request.setAttribute("fromPath", fromPath);
    	    request.getRequestDispatcher("/login.jsp").forward(request, response);
			return;
    	}
		
		// Do operation
		act = act.substring(7);
		if (act.equals("sms_compose"))
		{
			result = ShortMsgDAO.getInstance().addShortMsg(request, userinfo.userID);
			if (result != null && result.equals("OK"))
				result = "發(fā)送短消息成功。";
		}
		else if (act.equals("profile"))
		{
			result = UserDAO.getInstance().updateUser(request, userinfo);
			if (result != null && result.equals("OK"))
				result = "修改個人基本資料成功。";
		}
		else if (act.equals("special"))
		{
			result = UserDAO.getInstance().modSpecInfo(request, userinfo);
			if (result != null && result.equals("OK"))
				result = "修改個性化資料成功。";
		}
		else if (act.equals("chgpwd"))
		{
			result = UserDAO.getInstance().changePasswd(request, userinfo);
			if (result != null && result.equals("OK"))
				result = "修改密碼成功。";
		}
		else if (act.equals("favor_add"))
		{
			result = BookmarkDAO.getInstance().addBookmark(request, userinfo);
			if (result != null && result.equals("OK"))
			{
				response.sendRedirect("member/my_favors.jsp");
				return;
			}
		}