package GD::SecurityImage::AC;
# drop-in replacement for Authen::Captcha
use strict;
use warnings;
use vars qw($VERSION);
use GD::SecurityImage;
use Digest::MD5 qw(md5_hex);
use File::Spec;
use Fcntl qw(:flock); # imports LOCK_NB, LOCK_EX, LOCK_SH, LOCK_UN (among other things)
use Symbol; # imports 'gensym'

BEGIN {
   $VERSION = '1.13';
   @Authen::Captcha::ISA = ('GD::SecurityImage::AC');
}

sub new {
   my $class = shift;
   my %opts  = scalar(@_) % 2 ? () : (@_);
   my $self  = {
                  gdsi        => { 
                                  map {$_ => ''} qw[new create particle]
                  },
                  GDSI_CALLED => 0,
   };
   bless $self, $class;
   if ($opts{'lock_timeout'} and $opts{'lock_timeout'} >= 1) {
     $self->lock_timeout($opts{'lock_timeout'});
   } else {
     $self->lock_timeout(10);
   }
   foreach my $name (qw[keep_failures data_folder output_folder]) {
      $self->{'_'.$name} = $opts{$name} if $opts{$name};
   }
   $self->{_debug}         = $opts{debug}         if defined $opts{debug};
   foreach my $p ([expire => 300], [width => 100], [height => 32]) {
      $self->{"_".$p->[0]} = $opts{$p->[0]} && ($opts{$p->[0]} !~ /[^0-9]/) ? $opts{$p->[0]} : $p->[1];
   }
   $self->{_keep_failures} = $opts{keep_failures} ? 1 : 0;
   srand( time() ^ ($$ + ($$ << 15)) ) if $] < 5.005; # create a random seed if perl version less than 5.005
   return $self;
}

sub _lock_ex { shift->_lock(&LOCK_EX); }
sub _lock_sh { shift->_lock(&LOCK_SH); }
sub _lock_un { shift->_lock(&LOCK_UN); }

sub _lock { # Non-blocking locking with a timeout
   my $self = shift;

   my ($lock_mode) = @_;

   my $lock_handle  = $self->_lock_handle;
   my $timeout      = $self->lock_timeout + 0; # seconds
   if (0 <= $timeout) {
       $timeout = 10;
   }
   my $count_timer  = 10 * $timeout;
   my $lock_result;
   my $effective_lock_mode = (&LOCK_UN == $lock_mode) ? $lock_mode : $lock_mode | &LOCK_NB;
   while (! ($lock_result = flock ($lock_handle, $effective_lock_mode))) {
      if (! $count_timer--) {
         my $package = __PACKAGE__;
         my $lock_description = 'non-blocking ';
         if (&LOCK_EX == $lock_mode) {
            $lock_description .= ' exclusive lock'
         } elsif (&LOCK_SH == $lock_mode) {
            $lock_description .= ' shared lock'
         } elsif (&LOCK_UN == $lock_mode) {
            $lock_description .= ' unlock'
         }
         die("${package}::_lock() - Failed to obtain $lock_description in $timeout seconds: $!");
      }
      # sleep for 1/10th of a second before trying again
      select (undef,undef,undef,0.1);
   }
   return;
}

sub _lock_handle { # returns an open filehandle to use for locking
   my $self = shift;

   my $lock_handle = $self->{'_lock_handle'};
   return $lock_handle if defined ($lock_handle);
   my $lock_file = $self->_lock_file;
   $lock_handle  = gensym;
   if (! open ($lock_handle,"+>$lock_file")) {
      my $package = __PACKAGE__;
      die("${package}::_lock_handle() - Unable to open '$lock_file' for locking: $!");
   }
   
   $self->{'_lock_handle'} = $lock_handle;
   return $lock_handle;
}

sub _lock_file { # Returns the lock file path
   my $self = shift;

   my $package = __PACKAGE__;
   my $lock_file = $self->{_lock_file};
   return $lock_file if (defined $lock_file);
   my $data_folder = $self->{_data_folder};
   unless (defined ($data_folder)) {
      die("${package}::_lock_file() - 'data_folder' is not set")
   }
   unless (-e $data_folder && -d _) {
      die("${package}::_lock_file() - '$data_folder' either does not exist or is not a directory")
   }
   $lock_file = File::Spec->catfile($data_folder,'codes.lck');
   $self->{_lock_file} = $lock_file;
   return $lock_file;
}

sub _untaint { # This doesn't make things safe. It just removes the taint flag. Use wisely.
   my ($value) = @_;
   my ($untainted_value) = $value =~ m/^(.*)$/s;
   return $untainted_value;
}

sub gdsi {
   my $self = shift;
   my %opt  = scalar(@_) % 2 ? () : (@_);
      $self->{gdsi}{'new'}    = delete $opt{'new'}    if ($opt{'new'}    && ref $opt{'new'}    && ref $opt{'new'}    eq 'HASH' );
      $self->{gdsi}{create}   = delete $opt{create}   if ($opt{create}   && ref $opt{create}   && ref $opt{create}   eq 'ARRAY');
      $self->{gdsi}{particle} = delete $opt{particle} if ($opt{particle} && ref $opt{particle} && ref $opt{particle} eq 'ARRAY');
      $self->{GDSI_CALLED} = 1;
      $self;
}

sub create_image_file {
   my $self = shift;
   my $code = shift;
   my $md5  = shift; # junk
   my $i    = GD::SecurityImage->new($self->{gdsi}{'new'} ? %{$self->{gdsi}{'new'}} : (
                  # defaults
                  width      => $self->{_width} < 60 ? 60 : $self->{_width},
                  height     => $self->{_height},
                  gd_font    => 'giant',
                  lines      => 2,
                  send_ctobg => 0,
   ),             rndmax     => 1);
   $i->random($code);
   $i->create($self->{gdsi}{create}
      ? @{ $self->{gdsi}{create} }
      : (normal => 'default', '#6C7186', '#917862')
   );
   die "Error loading ttf font for GD: $@" if $i->gdbox_empty;
   $i->particle(@{ $self->{gdsi}{particle} }) if $self->{gdsi}{particle};

   my @data = $i->out(force => 'png');
   return $data[0];
}

sub database_file {
   my $self = shift;
   my $file = File::Spec->catfile($self->{_data_folder},'codes.txt');
   unless(-e $file) { # create database file if it doesn't already exist
      local *DATA;
      open   DATA, '>>'.$file or die "Can't create File: $file\n";
      close  DATA;
   }
   return $file;
}

sub database_data {
   my $self = shift;
   my $db   = $self->database_file;
   local *DATA;
   open   DATA, '<'.$db  or die "Can't open $db for reading: $!\n";
   my @data = <DATA>;
   close  DATA;
   return @data;
}

sub _unlink {
   my $file = shift or return;
   if (-e $file && !-d _) {
      return unlink($file);
   }
   return 1; # resume on unexistent file
}

sub check_code {
   my $self   = shift;
   my $code   = shift;
   my $crypt  = shift;
   my $db     = $self->database_file;
     ($code   = lc $code) =~ tr/01/ol/;
   my $md5    = _untaint(md5_hex($code)); # remove 0-1
   my $now    = time;
   my $rvalue = 0;
   my $passed = 0;
   my $new    = ''; # saved entries
   my $found;

   # make taint happy
   local $ENV{'PATH'} = '';
   local $ENV{'ENV'} = '';
   local $ENV{'IFS'} = '';
   local $ENV{'CDPATH'} = '';
   local $ENV{'BASH_ENV'} = '';

   $self->_lock_ex;

   foreach my $line ($self->database_data) {
      chomp $line;
      my ($data_time, $data_code) = split /::/, $line;
      my $png_file = File::Spec->catfile($self->{_output_folder}, _untaint($data_code) . '.png');
      if ($data_code eq $crypt) { # the crypt was found in the database
         if (($now - $data_time) > $self->{_expire}) { 
            $rvalue = -1; # the crypt was found but has expired
         } else {
            $found = 1;
         }
         if ( ($md5 ne $crypt) && ($rvalue != -1) && $self->{_keep_failures}) { # solution was wrong, not expired, and we're keeping failures
            $new .= $line."\n";
         } else {
            _unlink($png_file) or die "Can't remove [$png_file]: $!\n"; # remove the found crypt so it can't be used again
         }
      } elsif (($now - $data_time) > $self->{_expire}) {
         _unlink($png_file) or die "Can't remove [$png_file]: $!\n"; # removed expired crypt
      } else {
         $new .= $line."\n"; # crypt not found or expired, keep it
      }
   }

   # update database
   local *DATA;
   open   DATA, '>'.$db  or die "Can't open $db for writing: $!\n";
   # Turn on autoflush for our output handle. I have seen rare cases where locking fails because of perl buffers without this.
   my $temp_fh = select(DATA); $| = 1; select($temp_fh);
   print  DATA $new;
   close  DATA;

   $self->_lock_un;

   if ($md5 eq $crypt) { # solution was correct
      if ($found) {
         $rvalue = 1;  # solution was correct and was found in database - passed
      } elsif (!$rvalue) {
         $rvalue = -2; # solution was not found in database
      }
   } else {
      $rvalue = -3; # incorrect solution
   }
   return $rvalue;
}

sub generate_code {
   my $self  = shift;
   my $len   = shift;
   my $code  = '';
      $code .= chr( int(rand 4) == 0 ? (int(rand 7)+50) : (int(rand 25)+97)) for 1..$len;
   my $md5   = _untaint(md5_hex($code));
   my $now   = time;
   my $new   = "";
   my $db    = $self->database_file;

   # make taint happy
   local $ENV{'PATH'} = '';
   local $ENV{'ENV'} = '';
   local $ENV{'IFS'} = '';
   local $ENV{'CDPATH'} = '';
   local $ENV{'BASH_ENV'} = '';

   $self->_lock_ex;

   foreach my $line ($self->database_data) { # clean expired codes and images
      chomp $line;
      my ($data_time, $data_code) = split /::/, $line;
      $data_code =~ m/^([a-fA-F0-9]+)$/;
      $data_code = $1 or die "Bad session key!";
      $data_time =~ m/^([0-9]+)$/s;
      $data_time = $1 or die "Bad timeout data!";
      if (($now - $data_time) > $self->{_expire} || $data_code eq $md5) {   # remove expired captcha, or a dup
         my $png_file = File::Spec->catfile($self->{_output_folder}, _untaint($data_code) . ".png");
         _unlink($png_file) or die "Can't remove png file [$png_file]\n";
      } else {
         $new .= $line."\n";
      }
   }

   # first, test if we can open all files
   my $file = File::Spec->catfile($self->{_output_folder},$md5 . '.png');
   local  *DATA;
   local  *FILE;
   open    FILE, '>'.$file or die "Can't open $file for writing: $!\n";
   open    DATA, '>'.$db   or die "Can't open $db   for writing: $!\n";

   # Turn on autoflush for our output handles. I have seen rare cases where locking fails because of perl buffers without this.
   my $temp_fh = select(DATA); $| = 1; select(FILE); $| = 1; select($temp_fh);

   # save image data
   binmode FILE;
   print   FILE $self->create_image_file($code, $md5);
   close   FILE;

   # save the code to database
   print   DATA $new, $now,"::",$md5,"\n";
   close   DATA;

   $self->_lock_un;

   return  wantarray ? ($md5, $code) : $md5;
}

sub output_folder { my ($self, $val) = @_; $self->{"_output_folder"} = $val if defined $val; return $self->{"_output_folder"}; }
sub images_folder { my ($self, $val) = @_; $self->{"_images_folder"} = $val if defined $val; return $self->{"_images_folder"}; }
sub data_folder   { my ($self, $val) = @_; $self->{"_data_folder"}   = $val if defined $val; return $self->{"_data_folder"};   }
sub debug         { my ($self, $val) = @_; $self->{"_debug"}         = $val if defined $val; return $self->{"_debug"};         }
sub expire        { my ($self, $val) = @_; $self->{"_expire"}        = $val if $val and $val >= 0; return $self->{"_expire"}; }
sub width         { my ($self, $val) = @_; $self->{"_width"}         = $val if $val and $val >= 0; return $self->{"_width"};  }
sub height        { my ($self, $val) = @_; $self->{"_height"}        = $val if $val and $val >= 0; return $self->{"_height"}; }
sub lock_timeout  { my ($self, $val) = @_; $self->{"_lock_timeout"}  = $val if $val and $val >= 1; return $self->{"_lock_timeout"}; }
sub version       { return $VERSION; }
sub keep_failures { my ($self, $val) = @_; $self->{"_keep_failures"} = $val ? 1 : 0 if defined $val; return $self->{"_keep_failures"}; }
sub create_sound_file { return 'there is no such thing!'; }
sub type          { return 'image' }

1;