#!/bin/sh -e

header() {
    echo -en 'Content-type: text/html
Strict-Transport-Security: max-age=86400000\n\n'
}

header_redir_display() {
    header
    echo "<head><meta http-equiv=\"Refresh\" content=\"0; $SCRIPT_NAME?secret=$secret\"></head>"
}

## enforce SSL
#if [ $SERVER_PORT -ne 443 ]; then
#    header_redir_display
#    exit
#fi

# extract parameters
# tr -dc removes all characters, this prevents things like xss
getp() {
  echo "$REQUEST_URI" | sed 's/.*?//' | sed 's/%20/ /g' | tr "?&" "\n"  | tr -dc "0-9a-z_= \n" | egrep "^$1=" | sed "s/^$1=//"
}
secret=$(getp secret)
hashed_secret=$(echo "$secret" | md5sum | cut -f1 -d\ )
cmd=$(getp cmd)

#echo "secret        $secret"  >/var/www/cgi-bin/2
#echo "hashed_secret $hashed_secret"  >>/var/www/cgi-bin/2
#echo "cmd           $cmd"     >>/var/www/cgi-bin/2


# check secret
# the secrets file has to contain the hashes on a single line, comments are allowed on seperate lines
# secrets can only contain the characters that are allowed in getp() with tr -dc
if [ -z "$secret" ] || ! grep -q "^$hashed_secret$" /etc/door-token-hashs; then
    header
    [ -z "$secret" ] || echo "<html><p>Ich bin mir nicht sicher. Mir scheint du bist doch ein Kohlkopf oder Anderes!</p>"
    cat /var/www/tpl/secret.html
    exit
fi

# control relais card
if [ -n "$cmd" ]; then
    case "$cmd" in
    indoor_lock)   pin=17; delay1=0;  delay2=1;;
    indoor_unlock) pin=4;  delay1=0;  delay2=1;;
    indoor_open)   pin=27; delay1=0;  delay2=1;;
    outdoor_buzz)  pin=22; delay1=15; delay2=5;;
    *) header; echo 'Do not hack the hackerspace!'"$cmd"; exit;;
    esac
    
    # execute long-running ppio job in background shell
    (   sleep $delay1
    /usr/local/bin/gpio -g write $pin on
    sleep $delay2
    /usr/local/bin/gpio -g write $pin off
    ) </dev/null >/dev/null 2>/dev/null &


    header
    sed 's/XTIMEOUTX/'"$(($delay1 + $delay2))"'/' /var/www/tpl/wait.html | sed 's/XSECRETX/'"$secret"/
    exit

fi

# show feature page
header
sed 's/XSECRET_HEREX/'"$secret"'/' /var/www/tpl/features.html
exit