<%--/*
 Programmer: Rick Reuvekamp
 Verion: 2.00
 File: index.jsp
 Requires:
  * directories:
    *: ./includes/
    *: ./news/
    *: ./menu/
  * files:
    *: ./notfound.html
    *: ./emptyparameter.html
    *: ./default.html
    *: ./default.jsp
    *: ./menu/default.html
*/--%><%@ page import="java.net.*, java.io.*, java.util.*, javax.mail.*, javax.mail.internet.*, javax.servlet.http.Cookie, javax.servlet.http.HttpSession" %><%!

void Mail (String args[]) {
    /*String host = args[0];
    String from = args[1];
    String to = args[2];
    String cc = args[3];
    String s_subject = args[4];
    String s_message = args[5];

    // Get system properties
    Properties props = System.getProperties();

    // Setup mail server
    props.put("mail.smtp.host", host);

    // Get session
    Session session = Session.getDefaultInstance(props, null);

    // Define message
    MimeMessage message = new MimeMessage(session);

    // Set the from address
    message.setFrom(new InternetAddress(from));

    // Set the to address
    message.addRecipient(Message.RecipientType.TO,
      new InternetAddress(to));

    // Set the subject
    message.setSubject("Hello JavaMail");

    // Set the content
    message.setText("Welcome to JavaMail");

    // Send message
    Transport.send(message);*/
}

String replace(String s, String one, String another) {
  if (s.equals("")) return "";
  String res = "";
  int i = s.indexOf(one,0);
  int lastpos = 0;
  while (i != -1) {
    res += s.substring(lastpos,i) + another;
    lastpos = i + one.length();
    i = s.indexOf(one,lastpos);
  }
  res += s.substring(lastpos);
  return res;
}

void copyhtmlxmllocal(String urlpath, File xmlfile) {
  try {
    if (xmlfile.exists()) {
        Date curDate = new java.util.Date();
        Date xmlfileDate = new Date(xmlfile.lastModified());
        Calendar xmlfileGC = new GregorianCalendar(xmlfileDate.getYear(), xmlfileDate.getMonth(), xmlfileDate.getDate(), xmlfileDate.getHours(), xmlfileDate.getMinutes(), 0);
        Calendar curGC = new GregorianCalendar(curDate.getYear(), curDate.getMonth(), curDate.getDate(), curDate.getHours(), curDate.getMinutes(), 0);

        long diff = curGC.getTimeInMillis() - xmlfileGC.getTimeInMillis();
        if (3600000 <= diff) {
            URL url = new URL(urlpath);
            URLConnection connection = url.openConnection();
            InputStream stream = connection.getInputStream();
            BufferedInputStream in = new BufferedInputStream(stream);
            FileOutputStream xmlfiledata = new FileOutputStream(xmlfile);
            BufferedOutputStream outputdata = new BufferedOutputStream(xmlfiledata);
            int i;
            while ((i = in.read()) != -1) {
                outputdata.write(i);
            }
            outputdata.flush();
        }
    }
  } catch (IOException ioe) {
    ioe.printStackTrace();
  }
}

%><%

// Initizalizing
String subdirectory = "/"; // needed when you are using a sub directory from the website path.

// Declaration of variables:
String root = application.getRealPath(subdirectory);
String menupath = "menu/default.jsp";
String filepath = "default.html";
String filteredparameter = "default";
String item = request.getParameter("item");
String parameter = request.getParameter("page");
String actionstr = request.getParameter("action");
String Message = "";
boolean loggedin = false;
session = request.getSession(false);
//session.setMaxInActiveInterval();
// mail
String SMTP_HOST_NAME = "smtp.tradpaq.com";
String SMTP_AUTH_USER = "rreuveka";
String SMTP_AUTH_PWD  = "akevuerr600";
String[] emailList = {"rreuvekamp@tradepaq.com", "rick.reuvekamp@planet.nl"};
String emailMsgTxt = "Generated mail from on-line forum:";
String emailSender = "failed@tradepaq.com";
boolean go = true;

// Anti-directory up/down filter
if (parameter != null) {
  parameter = replace(parameter,"'","\\\'");
  parameter = replace(parameter,"\"","\\\"");
  parameter = replace(parameter,"\\","\\\\");
  if (parameter.indexOf("..") != -1) parameter = null;
}
if (actionstr != null) {
  actionstr = replace(actionstr,"'","\\\'");
  actionstr = replace(actionstr,"\"","\\\"");
  actionstr = replace(actionstr,"\\","\\\\");
  if (actionstr.indexOf("..") != -1) actionstr = null;
}

// Check for xml (rss feeds) updates
//copyhtmlxmllocal("http://finance.yahoo.com/rss/SteelIron",new File(root + "/steeliron.xml"));
//copyhtmlxmllocal("http://finance.yahoo.com/rss/Aluminum",new File(root + "/aluminium.xml"));
//copyhtmlxmllocal("http://finance.yahoo.com/rss/Copper",new File(root + "/copper.xml"));
//copyhtmlxmllocal("http://tweakers.net/feeds/mixed.xml",new File(root + "/tweakers.xml"));
//copyhtmlxmllocal("http://finance.yahoo.com/rss/PersonalComputers",new File(root + "/pc.xml"));
//copyhtmlxmllocal("http://finance.yahoo.com/rss/AgriculturalChemicals",new File(root + "/agricultural.xml"));

// Check login
if (request.getParameter("action") != null && request.getParameter("action").equals("security")) {
    Message = "<h3>Please login</h3><br>";
    if (request.getParameter("subaction") != null && request.getParameter("subaction").equals("Login")) {
        Message = "<h2>500 - Internal Error (0000)</h2><br>";
        if (request.getParameter("username") != null && request.getParameter("password") != null) {
            Message = "<h2>500 - Internal Error (0001)</h2><br>";
            if (request.getParameter("password").equals("adminTPQ"))
            {
                session.setAttribute("theName", request.getParameter("username"));
                Message = "<h3>Logged in</h3>";
            }
            else {
                session.setAttribute("theName", "");
                Message = "<h2>Username/Password combination incorrect</h2>";
            }
        }
    }
    else if (request.getParameter("action").equals("Logout"))
    {
        session.setAttribute("theName", "");
        Message = "<h3>You're logged out</h3>";
    }
}

if (session.getAttribute("theName") != null)
{
  if (session.getAttribute("theName").equals("admin") || session.getAttribute("theName").equals("editer")) {
      loggedin = true;
      Message = "<h3>Welcome</h3><br>";
  }
}

// Set including variables
if (parameter != null) {
  if (0 < parameter.indexOf("-")) filteredparameter = parameter.substring(0, parameter.indexOf("-"));

  try {
    File dir = new File(root + "/menu/");

    String[] children = dir.list();
    if (children != null) {
      for (int i=0; i<children.length; i++) {
        if ((filteredparameter + ".html").equals(children[i])) menupath = "menu/" + filteredparameter + ".html";
        if ((parameter + ".html").equals(children[i])) menupath = "menu/" + parameter + ".html";
      }
    }
  }
  catch (Exception e) {
    e.printStackTrace();
  }


  if (actionstr != null && actionstr.equals("news")) {
    if (!parameter.equals("")) {
      try {
        File dir = new File(root + "/news/");

        String[] children = dir.list();
        if (children != null) {
          for (int i=0; i<children.length; i++) {
            if ((parameter).equals(children[i])) filepath = "news/" + parameter;
          }
        }
      }
      catch (Exception e) {
        e.printStackTrace();
      }
    }
    else {
      filepath = "emptyparameter.html";
    }
  } else {
    try {
      File dir = new File(root + "/includes/");

      String[] children = dir.list();
      if (children != null) {
        for (int i=0; i<children.length; i++) {
          if ((parameter + ".html").equals(children[i])) filepath = "includes/" + parameter + ".html";
        }
      }
    }
    catch (Exception e) {
      e.printStackTrace();
    }
  }
  if (filepath.equals("default.html")) {
    response.setStatus(404);
    filepath = "notfound.html";
  }
  //if (filepath.equals("includes/contact-form.html")) {
  //  filepath = "includes/contact-form.jsp";
  //}
}
else if (actionstr != null && actionstr.equals("news")) {
  filepath = "indexnews.jsp";
}
else if (actionstr != null && actionstr.equals("mail")) {
  if (go) {
/*    emailSender = request.getParameter("email");

    emailMsgTxt = emailMsgTxt + " " + request.getParameter("name") + " <" + request.getParameter("email") + "> from " + request.getParameter("company");
    if (request.getParameter("website") != null && !request.getParameter("website").equals("")) { emailMsgTxt = emailMsgTxt + " (site: " + request.getParameter("website") + " )"; }
    if (request.getParameter("function") != null && !request.getParameter("function").equals("")) { emailMsgTxt = emailMsgTxt + " in function \"" + request.getParameter("function") + "\""; }
    emailMsgTxt = emailMsgTxt + request.getParameter("name") + " has the following request: \r\n" + request.getParameter("request");
    if (request.getParameter("phone") != null && !request.getParameter("phone").equals("")) { emailMsgTxt = emailMsgTxt + "\r\n Also availible on phone number: " + request.getParameter("phone"); }

    boolean debug = false;

    Properties props = new Properties();
    props.put("mail.smtp.host", SMTP_HOST_NAME);
    props.put("mail.smtp.auth", "true");

    javax.mail.PasswordAuthentication auth = new javax.mail.PasswordAuthentication(SMTP_AUTH_USER, SMTP_AUTH_PWD);
    javax.mail.Session sessionmail = javax.mail.Session.getDefaultInstance(props, auth);

    sessionmail.setDebug(debug);


    javax.mail.internet.MimeMessage msg = new javax.mail.internet.MimeMessage(sessionmail);


    InternetAddress addressFrom = new InternetAddress(emailSender);
    msg.setFrom(addressFrom);


    InternetAddress[] addressTo = new InternetAddress[emailList.length];
    for (int i = 0; i < emailList.length; i++)
    {
        addressTo[i] = new InternetAddress(emailList[i]);
    }
    msg.setRecipients(Message.RecipientType.TO, addressTo);


    msg.setSubject("Online form from www.tradepaq.com");
    msg.setContent(Message, "text/plain");
    Transport.send(msg);*/
  }
}

// Write a news page when submited
if (request.getParameter("file") != null && request.getParameter("elm1") != null && !request.getParameter("file").equals("") && !request.getParameter("elm1").equals("") && request.getParameter("file").indexOf("..") == -1 && request.getParameter("file").indexOf("\\.") == -1 && loggedin) {
  try {
    PrintWriter pw = new PrintWriter(new FileOutputStream(root + "/news/" + request.getParameter("file")));
    pw.println(request.getParameter("elm1"));
    pw.close();
  } catch(IOException e) {
    e.printStackTrace();
  }
}

// Delete a news page on request
if (request.getParameter("file") != null && request.getParameter("delete") != null && !request.getParameter("file").equals("") && request.getParameter("file").indexOf("..") == -1 && request.getParameter("file").indexOf("\\.") == -1 && loggedin) {
  File deleteme = new File(root + "/news/" + request.getParameter("file"));
  if (deleteme.exists()) deleteme.delete();
}

%><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  <link href="/style.css" rel="stylesheet" type="text/css" />
  <script src="/runflash.js" type="text/javascript"></script>
  <script src="/news.js" type="text/javascript"></script>
  <!--[if IE 6]>
  <link href="iehacks.css" rel="stylesheet" type="text/css" />
  <![endif]-->
<meta name="Description" content="Solutions for BPCS, ERP LX and documents" />
<meta name="keywords" content="BPCS, ERP LX, Export, Trade, documents, ERP, TRADEPAQ, INFOR, SSA, Enable" />
<title>TRADEPAQ<% if (parameter != null) if (!parameter.equals("")) out.print(" (" + parameter + ")"); %></title>
<script language="javascript" type="text/javascript">
    function clearText(thefield)
    {
        if (thefield.defaultValue == thefield.value)
            thefield.value = ""
        else if (thefield.defaultValue != thefield.value && thefield.value == "")
            thefield.value = thefield.defaultValue
    }
</script>
<%
if (actionstr != null && actionstr.equals("editer") && loggedin) {
%>
<!-- tinyMCE -->
<script language="javascript" type="text/javascript" src="./tiny_mce/tiny_mce.js"></script>
     <script language="javascript" type="text/javascript">
         tinyMCE.init({
             theme : "advanced",
             mode : "exact",
             elements : "elm1",
             content_css : "example_data/example_advanced.css",
             plugins : "table,save",
             theme_advanced_buttons1_add_before : "save",
             theme_advanced_buttons3_add_before : "tablecontrols,separator",
             theme_advanced_styles : "Header 1=header1;Header 2=header2;Header 3=header3;Table Row=tableRow1",
             debug : false
         });

         // Custom insert link callback, extends the link function
         function customInsertLink(href, target) {
             var result = new Array();

             alert("customInsertLink called href: " + href + " target: " + target);

             result['href'] = "http://www.sourceforge.net";
             result['target'] = '_blank';

             return result;
         }

         // Custom insert image callback, extends the image function
         function customInsertImage(src, alt, border, hspace, vspace, width, height, align) {
             var result = new Array();

             var debug = "CustomInsertImage called:\n"
             debug += "src: " + src + "\n";
             debug += "alt: " + alt + "\n";
             debug += "border: " + border + "\n";
             debug += "hspace: " + hspace + "\n";
             debug += "vspace: " + vspace + "\n";
             debug += "width: " + width + "\n";
             debug += "height: " + height + "\n";
             debug += "align: " + align + "\n";
             alert(debug);

             result['src'] = "logo.jpg";
             result['alt'] = "test description";
             result['border'] = "2";
             result['hspace'] = "5";
             result['vspace'] = "5";
             result['width'] = width;
             result['height'] = height;
             result['align'] = "right";

             return result;
         }

         // Custom save callback, gets called when the contents is to be submitted
         function customSave(id, content) {
             alert(id + "=" + content);
         }
     </script>
<!-- /tinyMCE -->
<%
}
%>
</head>
<body>
 <div id="site">
  <div id="header">
   <jsp:include page="header.html" flush="true" />
  </div>

<%
if (actionstr != null && actionstr.equals("news")) {
%>

  <div id="banner">
   <div class="ad">
   <script type="text/javascript">RunAd();</script>
   </div>
   <script type="text/javascript">RunMenu();</script>
  </div>
  <div id="content">
   <div class="content">
    <div class="menu" style="float: left;">
     <jsp:include page="<%= menupath %>" flush="true" />
    </div>
    <div style="padding-left: 240px; margin: 0; display: block;">
     <jsp:include page="<%= filepath %>" flush="true" />
    </div>
    <div class="bar">
     <!-- empty -->
    </div>
   </div>
  </div>

<%
} else if (actionstr != null && actionstr.equals("error")) {
%>

  <div id="banner">
   <div class="ad">
   <script type="text/javascript">RunAd();</script>
   </div>
   <script type="text/javascript">RunMenu();</script>
  </div>
  <div id="content">
   <div class="content">
    <div class="menu" style="float: left;">
     <jsp:include page="<%= menupath %>" flush="true" />
    </div>
    <div style="padding-left: 240px; margin: 0; display: block;">
    <h1><%= request.getAttribute("javax.servlet.error.status_code") %></h1>
      <%
        if (request.getAttribute("javax.servlet.error.exception_type") != null) out.println(request.getAttribute("javax.servlet.error.exception_type") + "<br />");
        else if (request.getAttribute("javax.servlet.error.status_code").equals("404")) {
            out.println("File Not Found:<br />");
        } else {
            out.println("Error from:<br />");
        }
        out.println(request.getRequestURL() + "<br />");
      %>
    </div>
    <div class="bar">
     <!-- empty -->
    </div>
   </div>
  </div>

<%
} else if (actionstr != null && actionstr.equals("security")) {
%>

  <div id="banner">
   <div class="ad">
   <script type="text/javascript">RunAd();</script>
   </div>
   <script type="text/javascript">RunMenu();</script>
  </div>
  <div id="content">
   <div class="content">
    <div class="menu" style="float: left;">
     <jsp:include page="<%= menupath %>" flush="true" />
    </div>
    <div style="padding-left: 240px; margin: 0; display: block;">
    <%= Message %>
    <%
      if (!loggedin) {
    %>
     <form action="?action=security" method="post">
      <input onclick="clearText(this)" type="text" name="username" value="Username" />
      <input onclick="clearText(this)" type="password" name="password" value="********" />
      <input type="submit" name="subaction" value="Login" />
     </form>
    <%
      } else {
    %>
     <form action="?action=security" method="post">
      Welcome: <%= session.getAttribute("theName") %>
      <input type="submit" name="subaction" value="Logout">
     </form>
     <a href="?action=editer">Html news editor</a>
    <%
      }
    %>
    </div>
    <div class="bar">
     <!-- empty -->
    </div>
   </div>
  </div>

<%
} else if (actionstr != null && actionstr.equals("editer") && loggedin) {
%>

  <div id="banner">
   <div class="ad">
   <script type="text/javascript">RunAd();</script>
   </div>
   <script type="text/javascript">RunMenu();</script>
  </div>
  <div id="content">
   <div class="content">
    <div class="menu" style="float: left;">
     <jsp:include page="<%= menupath %>" flush="true" />
    </div>
    <div style="padding-left: 240px; margin: 0; display: block;">     <form method="post" action="?action=editer">
     <textarea id="elm1" name="elm1" rows="35" cols="80" style="width: 445px;">
     <%
         if (request.getParameter("file") != null && request.getParameter("delete") == null) {
             if (request.getParameter("file") != "") {
                 if (request.getParameter("file").indexOf("..") != -1) {
                     out.println("<!-- Filtered -->");
                 }
                 else if (request.getParameter("file").indexOf("\\.") != -1) {
                     out.println("<!-- Filtered -->");
                 }
                 else
                 {
                     InputStream in = null;
                     try {
                         in = new BufferedInputStream( new FileInputStream( root + "/news/" + request.getParameter("file") ) );
                         int ch;
                         while ((ch = in.read()) !=-1) {
                             out.print((char)ch);
                         }
                     }
                     finally {
                         if (in != null) in.close();
                     }
                 }
             }
         }
     %>
     </textarea>
     <br />
     <input type="text" name="file" style="width: 445px;" value="<%
       if (request.getParameter("file") != null && request.getParameter("delete") == null) {
         if (request.getParameter("file") != "") out.println(request.getParameter("file"));
         else out.println("Enter file name which is used as title, don't use special characters");
       }
       else out.println("Enter file name which is used as title, don't use special characters");
     %>" /><br />
     <input type="submit" name="save" value="Save" />
     <input type="reset" name="reset" value="Reset" />
     </form>
     <hr />
     <form method="post" action="?action=editer">
     <select name="file">
     <%
       try {
       File dir = new File(root + "/news/");

       String[] children = dir.list();
         if (children != null) {
             for (int i=0; i<children.length; i++) {
                 out.println("<option>" + children[i] + "</option>");
             }
         }
       }
       catch (Exception e) {
           e.printStackTrace();
       }
     %>
     </select>
     <input type="submit" name="open" value="Open" />
     <input type="submit" name="delete" value="Delete" />
     </form>
    </div>
    <div class="bar">
     <!-- empty -->
    </div>
   </div>
  </div>

<%
} else {
%>

  <div id="banner">
   <div class="ad">
   <script type="text/javascript">RunAd();</script>
   </div>
   <script type="text/javascript">RunMenu();</script>
  </div>
  <div id="content">
   <div class="content">
    <div class="menu" style="float: left;">
     <jsp:include page="<%= menupath %>" flush="true" />
    </div>
    <div style="padding-left: 240px; margin: 0; display: block;">
     <jsp:include page="<%= filepath %>" flush="true" />
    </div>
    <div class="bar">
     <!-- empty -->
    </div>
   </div>
  </div>

<%
}
%>

 </div>
 <div id="footer">
  <img src="/images/spacer.gif" alt="" />
  <jsp:include page="footer.html" flush="true" />
 </div>
 <!-- BEGIN WebSTAT Activation Code -->
 <script type="text/javascript" language="JavaScript" src="http://hv3.webstat.com/cgi-bin/wsv2.cgi?96908"></script>
 <noscript>
 <a href="http://www.webstat.com">
 <img src="http://hv3.webstat.com/scripts/wsb.php?ac=96908" border="0" alt="Site Metrics and Web Analytics by NextSTAT" /></a>
 </noscript>
 <!-- END WebSTAT Activation Code -->
 <div id="window" class="hidden"></div>
</body>
</html>