improve HTTP headers; can't post with GET request

[ott/bsta] / 2words.1.pl

diff --git a/2words.1.pl b/2words.1.pl
index b69ea409a84afb662a4609a5a743ba765df913bc..3b8bdfa3b17d3c7ed5fa5384d30c6da881b03b51 100644 (file)
--- a/2words.1.pl
+++ b/2words.1.pl
@@ -27,6 +27,8 @@ use Encode ('encode', 'decode');
 
 ###PERL_LIB: use lib /botm/lib/bsta
 use botm_common (
+       'HTTP_STATUS',
+       'http_header_status', 'http_header_allow',
        'read_data_file', 'write_data_file',
        'merge_url',
        'read_header_env',
@@ -82,6 +84,8 @@ my $color2;
 my $last_IP;
 my $story_id;
 my $turn;
+my $status;
+my $allow;
 my $message;
 my $first_letter;
 my $second_letter;
@@ -107,7 +111,7 @@ if ($ENV{'REQUEST_METHOD'} =~ /^(HEAD|GET|POST)$/) {
        $method = $1;
 }
 else {
-       exit fail_method($ENV{'REQUEST_METHOD'}, 'GET, POST, HEAD');
+       exit fail_method($ENV{'REQUEST_METHOD'}, ['GET','POST', 'HEAD']);
 }
 
 %http = read_header_env(\%ENV);
@@ -166,9 +170,12 @@ if (open_encoded($fh, "+<:encoding(UTF-8)", DATA_STORY_PATH())) {
        }
        
        if (
-               ($words eq $cmd_clear) ||
-               ($words eq $cmd_clear_all) ||
-               ($intf_state < 0)
+               ($intf_state < 0) || (
+                       ($method eq 'POST') && (
+                               ($words eq $cmd_clear) ||
+                               ($words eq $cmd_clear_all)
+                       )
+               )
        ) {
                if (
                        ($words eq $cmd_clear_all) ||
@@ -194,8 +201,9 @@ if (open_encoded($fh, "+<:encoding(UTF-8)", DATA_STORY_PATH())) {
                write_data_file($fh, \%story);
        }
        
-       if ($words ne '') {
+       if (($words ne '') && ($method eq 'POST')) {
                if (!$turn) {
+                       $status = HTTP_STATUS->{'forbidden'};
                        $message = "It's not your turn.";
                }
                # TODO: consider allowing non-ASCII letters in words.
@@ -208,9 +216,11 @@ if (open_encoded($fh, "+<:encoding(UTF-8)", DATA_STORY_PATH())) {
                                ($first_letter ne $last_letter) &&
                                ($last_letter ne '')
                        ) {
+                               $status = HTTP_STATUS->{'bad_request'};
                                $message = 'The first word must start with '.uc($last_letter).'.';
                        }
                        elsif ($first_letter eq $second_letter) {
+                               $status = HTTP_STATUS->{'bad_request'};
                                $message = 'The second word can\'t also start with '.uc($first_letter).'.';
                        }
                        else {
@@ -349,6 +359,7 @@ if (open_encoded($fh, "+<:encoding(UTF-8)", DATA_STORY_PATH())) {
                        }
                }
                else {
+                       $status = HTTP_STATUS->{'bad_request'};
                        $message = 'Please, two words, not more, not less (some punctuation is allowed).';
                }
        }
@@ -378,7 +389,14 @@ if (open_encoded($fh, "+<:encoding(UTF-8)", DATA_STORY_PATH())) {
        close($fh);
 }
 
+if ($status ne '') {
+       print http_header_status($status);
+}
+if ($allow ne '') {
+       print http_header_allow($allow);
+}
 print "Content-type: text/html; charset=UTF-8\n\n";
+
 if($method eq 'HEAD') {
        exit;
 }