#!/usr/bin/perl
#  Copyright 2001-2006 Leslie Richardson
#  Updated by Scott Mazur to remove APG requirement.

#  This file is part of Open Admin for Schools.

#  Open Admin for Schools is free software; you can redistribute it
#  and/or modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; either version 2 of
#  the License, or (at your option) any later version.

use DBI;
use CGI;

$q = new CGI;

# Http Header to return
print $q->header;

%arr = $q->Vars;

# Read config variables
require "../../etc/admin.conf" || die "Cannot read admin.conf!";

foreach $key (keys(%arr)) {
#  $arr{$key} =~ s/'/''/g;
  $arr{$key} =~ s/\\/\\\\/g;
}

$dsn = "DBI:$dbtype:dbname=$dbase";
$dbh = DBI->connect($dsn,$user,$password);

# print the HTML head section.
print "$doctype\n<html><head><title>Password Updates</title>
<link rel=\"stylesheet\" href=\"$css\" type=\"text/css\">
$chartype\n</head><body>[ <a href=\"$homepage\">Main</a> |
<a href=\"$eoypage\">Eoy</a> ]\n";

print "<table cellpadding=\"3\" cellspacing=\"0\" border=\"1\">\n";
print "<tr><th>Name (student number)</th><th>Password</th>\n";

$sth = $dbh->prepare("select studnum,lastname, firstname from student
  where password is null or password = ''");
$sth->execute;
if ($DBI::errstr){ print $DBI::errstr; die; }

my %source_chars = (
  '0' => [qw(A B C D E F G H J K L M N O P Q R S T U V W X Y Z)],  # no 'I'
  '1' => [qw(a b c d e f g h i j k m n o p q r s t u v w x y z)],  # no 'l'
  '2' => [qw(0 1 2 3 4 5 6 7 8 0)]
);

while (my ($studnum, $lastname, $firstname) = $sth->fetchrow){
    # my $password = `/usr/local/bin/apg -n1 -m6 -x7 -M CLN -E lI`;
    # Note: -M characters, letters,numbers exclude 'ell' and capital 'eye'
    my $len = 6 + int(rand(2));
    my %used = ('0' => [], '1' => [], '2' => []);
    my $password = '';
    # generate string of random source_chars
    my $count = 0;
    while ($count < $len) {
	my $type = int(rand(3));
	push @{$used{$type}}, $count++;
	$password .= $source_chars{$type}->[ rand @{$source_chars{$type}} ];
    }

    # fill in any char sets that got missed!
    foreach (qw(0 1 2)) {
	if (!@{$used{$_}}) {
	    # randomly try to replace another char
	    my $next = ($_ + 1 + int(rand(2))) % 3;
	    # Can't replace this char if it that would make it's repesentation disappear
	    while (@{$used{$next}} < 2) {
		# forget random or we could be here all day
		# start walking through the list now
		$next = ($next +1) % 3;
	    }
	    my $index = int(rand @{$used{$next}});
	    substr($password, $used{$next}->[$index], 1) = $source_chars{$_}->[ rand @{$source_chars{$_}} ];
	    # this char can't be substituted again
	    splice(@{$used{$next}}, $index, 1);
	}
    }

    $sth1 = $dbh->prepare("update student set password = '$password'
     where studnum = '$studnum'");
    $sth1->execute;
    if ($DBI::errstr){ print $DBI::errstr; die }
}

print "</table></body></html>\n";