#!/usr/bin/env python

import cgi
import json

from bs4 import BeautifulSoup

# Worse code here. Prepare your eyes for this monster.
# Its almost as bad as programming anything in php or even worse javascript.

print('Content-Type: text/html')

# Mode for letting peope inject stuff.
form = cgi.FieldStorage()
unsafe_mode = form.getvalue("unsafe_mode") == "on"

# Hehehe
def check_for_injection(value):
    if bool(BeautifulSoup(value, "html.parser").find()) and not unsafe_mode:
        return """
            This silly silly tried to hack this website lmao.
            <a href=\"?unsafe_mode=on\">Click to see the website with the hack</a>
        """
        
    return value

def create_blahaj_tables():
    try:
        tables_html = """
            <h1>Blahaj list!!!!!</h1>
            <table border="1" width="50%">
                <tr>
                    <td>
                        <h3><a href=\"../submit_blahaj_info.html\">Submit yours here if you haven't already!</a></h3>
                        <h3><a href=\"../blahajRoom.html\">Back to blahaj room</a></h3>
                    </td>
                </tr>
            </table>
            <br/>
        """
        
        with open("blahaj_info.json", "r") as fp:
            blahaj_list = json.load(fp)

            for blahaj in blahaj_list[::-1]:
                current_table = """
                    <table border="1" width="50%">
                        <tr>
                            <td>
                                <!-- Great place for an injection hint hint -->
                                <h2>put_name_here</h2>
                                <p>Date submitted: put_date_here</p>
                            </td>
                        </tr>

                        <tr>
                            <td>
                                <p>put_info_here</p>
                            </td>
                        </tr>
                    </table>
                """

                current_table = current_table.replace("put_name_here", check_for_injection(blahaj["name"]))
                current_table = current_table.replace("put_info_here", check_for_injection(blahaj["info"]))
                current_table = current_table.replace("put_date_here", check_for_injection(blahaj["date"]))

                tables_html += current_table

            return tables_html
            
    except FileNotFoundError: # No blahaj's yet
        return """
            <table border="1">
                <tr>
                    <td>
                        <h1>No blahaj's found ):</h1>
                        <h2>Yours could be first tho :3</h2>
                        <h3><a href=\"../submit_blahaj_info.html\">Submit yours here</a></h3>
                    </td>
                </tr>
            </table>
        """

html_text = """
<!DOCTYPE html>
<html>

<head>
    <title>hehehe</title>

<style>
    
body {
    color: black;
    background-image: url('../images/blahaj_background.jpg');
}

table {
	color: black;
	background-color: #bebebe;
	margin-top: 10px;
	margin-bottom: 10px;
	margin-left: 10px;
	margin-right: 10px;
}

</style>
</head>

<body>
    <center>
        thing_to_replace
    </center>
</body>

</html>
"""

tables = create_blahaj_tables()
html_text = html_text.replace("thing_to_replace", tables)

print(html_text)