<?page
title=><?_code $ML{'.title'} _code?>
body<=
<?_code
{
    use strict;
    use vars qw(%POST %GET);
    use Class::Autouse qw(LJ::MassPrivacy);
    BML::decl_params(_default => qr/./);

    my $remote = LJ::get_remote();
    return "<?needlogin?>" unless $remote;

    my $u = LJ::load_user($remote->{'user'});

    return "This feature is currently disabled."
        if $LJ::DISABLED{mass_privacy};

    unless ($u->get_cap('mass_privacy')) {
        return "<?standout $ML{'.unable'} standout?>";
    }

    my $mode = $POST{'mode'} || $GET{'mode'} || "init";
    my $more_public = 0; # flag indiciating if security is becoming more public
    # Check fields
    my @errors = ();
    if (LJ::did_post()) {
        return LJ::bad_input($ML{'error.invalidform'})  unless LJ::check_form_auth();

        # Timeframe
        push @errors, 'No timeframe selected' unless ($POST{'time'});

        # date range
        if ($POST{'time'} eq 'range' && $mode eq 'change') {
            if ( !($POST{'s_year'} =~ /\d+/) || !($POST{'s_mon'} =~ /\d+/) || !($POST{'s_day'} =~ /\d+/) ) {
                push @errors, 'Start date is not a valid date';
            }
            if ( !($POST{'e_year'} =~ /\d+/) || !($POST{'e_mon'} =~ /\d+/) || !($POST{'e_day'} =~ /\d+/) ) {
                push @errors, 'End date is not a valid date';
            }

            # Round down the day of month to the last day of the month
            if ( $POST{'s_day'} > LJ::days_in_month($POST{'s_mon'}, $POST{'s_year'}) ) {
                $POST{'s_day'} = LJ::days_in_month($POST{'s_mon'}, $POST{'s_year'});
            }
            if ( $POST{'e_day'} > LJ::days_in_month($POST{'e_mon'}, $POST{'e_year'}) ) {
                $POST{'e_day'} = LJ::days_in_month($POST{'e_mon'}, $POST{'e_year'});
            }
        }

        # security must change
        if ($POST{'s_security'} eq $POST{'e_security'}) {
            push @errors, 'Privacy levels are the same';
        }

        # display initial page if errors
        $mode = 'init' if  @errors;

        # check if security is becoming more public
        $more_public = 1 if ($POST{'s_security'} eq 'private');
        $more_public = 1 if ($POST{'s_security'} eq 'friends' && $POST{'e_security'} eq 'public');

        if (($mode eq 'amsure') && $more_public && !LJ::auth_okay($u, $POST{password}, undef, undef, undef)) {
            push @errors, 'Password Incorrect';
            $mode = 'change' if @errors;
        }
    }

    # map security form values to 0) DB value 1) From string 2) To string
    my %security = ( 'public'  => ['public', BML::ml('label.security.public2'), BML::ml('label.security.public2')],
                     'friends' => ['usemask', BML::ml('label.security.friends'), BML::ml('label.security.friends')],
                     'private' => ['private', BML::ml('label.security.private2'), BML::ml('label.security.private2')]);

    # Initial view of page
    if ($mode eq "init") {
        my $ret = '';
        $ret .= LJ::bad_input(@errors) if @errors;
        $ret .= "<?p $ML{'.intro'} p?>";

        $ret .= "<?p " . BML::ml('.calendar',
                                { aopts => "href='" . $u->journal_base() . "/calendar/'" })
                . " p?>\n";;

        $ret .= "<form method='post' action='./editprivacy.bml'>";
        $ret .= "<?h1 $ML{'.timeframe'} h1?>";
        $ret .= "<table><tr><td>\n";
        $ret .= LJ::html_check({ 'type' => 'radio', 'name' => 'time',
                                 'value' => 'all', 'id' => 'time_all',
                                 'checked' => ($POST{time} eq 'time_all') })
                . "</td>";
        $ret .= "<td><b><label for='time_all'>$ML{'.timeframe.all'}</label></b></td></tr>";
        $ret .= "<tr><td valign='top'>";
        $ret .= LJ::html_check({ 'type' => 'radio', 'name' => 'time',
                                 'value' => 'range', 'id' => 'time_range',
                                 'checked' => ($POST{time} eq 'time_range') })
                . "</td>";
        $ret .= "<td><b><label for='time_range'>$ML{'.timeframe.range'}</a></b><br />\n";
        $ret .= "<div style='float: left; text-align: right'>$ML{'.timeframe.range.start'}: ";
        $ret .= LJ::html_text({ 'name' => 's_year', 'size' => 4,
                                'value' => $POST{'s_year'} || '1999',
                                'maxlength' => '4' }) . " ";
        $ret .= LJ::html_select({ 'name' => 's_mon', 'selected' => int($POST{'s_mon'}) },
                                  map { $_, $ML{LJ::Lang::month_long_langcode($_)} } (1..12)) . " ";
        $ret .= LJ::html_select({ 'name' => 's_day', 'selected' => int($POST{'s_day'}) },
                                  map { $_, $_ } (1..31)) . "<br/>\n";
        $ret .= "\n$ML{'.timeframe.range.end'}: ";
        $ret .= LJ::html_text({ 'name' => 'e_year', 'size' => 4,
                                'value' => $POST{'e_year'},
                                'maxlength' => '4' }) . " ";
        $ret .= LJ::html_select({ 'name' => 'e_mon', 'selected' => int($POST{'e_mon'}) },
                                  map { $_, $ML{LJ::Lang::month_long_langcode($_)} } (1..12)) . " ";
        $ret .= LJ::html_select({ 'name' => 'e_day', 'selected' => int($POST{'e_day'}) },
                                  map { $_, $_ } (1..31)) . "<br/>\n";
        $ret .= "</td></tr></table>";

        my @secs_fr = ("public", $security{'public'}[1],
                      "friends", $security{'friends'}[1],
                      "private", $security{'private'}[1]);
        my @secs_to = ("public", $security{'public'}[2],
                      "friends", $security{'friends'}[2],
                      "private", $security{'private'}[2]);
        $ret .= "<?h1 $ML{'.privacy'} h1?>";
        $ret .= "<b>From:</b> ";
        $ret .= LJ::html_select({ 'name' => 's_security',
                                  'selected' => $POST{s_security} }, @secs_fr);
        $ret .= " &nbsp; <b>To:</b> ";
        $ret .= LJ::html_select({ 'name' => 'e_security',
                                  'selected' => $POST{e_security} }, @secs_to) . "<br />\n";

        $ret .= LJ::form_auth();
        $ret .= LJ::html_hidden("mode","change");
        $ret .= "<?p " . LJ::html_submit(undef, $ML{'.button.update'}) . " p?>";
        $ret .= "</form>";

        return $ret;

    # User has chosen parameters for making change
    } elsif ($mode eq "change") {

        my ($posts, $s_unixtime, $e_unixtime);
        my $form_root = $more_public ? $LJ::SSLROOT : ".";
        my $body = "<form method='post' action='$form_root/editprivacy.bml'>";

        $body .= LJ::bad_input(@errors) if @errors;
        $body .= "<p>Change \"$security{$POST{'s_security'}}[1]\" posts to \"$security{$POST{'e_security'}}[2]\"";

        if ($POST{'time'} eq 'range') {
            # if this step reloads, due to missing password
            if ($POST{s_unixtime} && $POST{e_unixtime}) {
                $s_unixtime = $POST{s_unixtime};
                $e_unixtime = $POST{e_unixtime};
            } else {
                # Convert dates to unixtime
                use DateTime;
                my $s_dt = DateTime->new( year=> $POST{'s_year'}, month => $POST{'s_mon'}, day => $POST{'s_day'});
                my $e_dt = DateTime->new( year=> $POST{'e_year'}, month => $POST{'e_mon'}, day => $POST{'e_day'});
                $s_unixtime = $s_dt->epoch;
                $e_unixtime = $e_dt->epoch;

                $body .= ", between " . $s_dt->ymd . " and " . $e_dt->ymd;
            }
            $posts = $u->get_post_count(
                       'security' => $security{$POST{'s_security'}}[0],
                      'allowmask' => ($POST{'s_security'} eq 'friends' ? 1 : 0),
                     'start_date' => $s_unixtime,
                       'end_date' => $e_unixtime + 24*60*60 );
        } else {
            $posts = $u->get_post_count(
                     'security' => $security{$POST{'s_security'}}[0],
                    'allowmask' => ($POST{'s_security'} eq 'friends' ? 1 : 0) );
        }

        $body .= ".<p>";

        $body .= "<p>" . BML::ml('.matching', {posts => $posts}) . "</p>";

        if ($posts) {
            $body .= "<h2>$ML{'.rusure'}</h2>";
            $body .= LJ::form_auth();
            $body .= LJ::html_hidden("mode","amsure");
            $body .= LJ::html_hidden("s_unixtime", $s_unixtime) if ($s_unixtime);
            $body .= LJ::html_hidden("e_unixtime", $e_unixtime) if ($e_unixtime);
            $body .= LJ::html_hidden( map { $_ => $POST{$_} }
                                      qw(s_security e_security time) );
            if ($more_public) {
                $body .= "Password Required<br />\n";
                $body .= "<input type='password' name='password' size='20' maxlength='30' />";
            }
            $body .= "<?p " . LJ::html_submit(undef, $ML{'.button.ya.rly'}) . " p?>";
        }

        return $body;

    # User is sure they want to update posts
    } elsif ($mode eq 'amsure' || $mode eq 'secured') {
        my $body;

        if ($mode eq 'amsure') {
            my $handle = LJ::MassPrivacy->enqueue_job('userid' => $u->{userid},
                                            's_security' => $security{$POST{s_security}}[0],
                                            'e_security' => $security{$POST{e_security}}[0],
                                            's_unixtime' => $POST{s_unixtime},
                                            'e_unixtime' => $POST{e_unixtime} );

            if ($handle) {
                $u->log_event('mass_privacy_change', {     remote => $remote,
                                                       s_security => $security{$POST{s_security}}[0],
                                                       e_security => $security{$POST{e_security}}[0],
                                                       s_unixtime => $POST{s_unixtime},
                                                       e_unixtime => $POST{e_unixtime} } );
                return BML::redirect("$LJ::SITEROOT/editprivacy.bml?mode=secured");
            }
        }

        $body .= "<p>$ML{'.notified'}</p>";
        # TODO: Let the user know when the job is complete

        return $body;
    }

}
_code?>
<=body
page?>