#!/usr/bin/perl

use strict;
use warnings;
use DBI;
use URI::Escape;

my $query_string = $ENV{'QUERY_STRING'} || '';
my @values;

if ($query_string !~ /[=&]/ && $query_string ne '') {
    # Split the string by '+' or space and URL-decode each part
    @values = map { uri_unescape($_) } split(/[+ ]/, $query_string);
}

my ($uid,$oid);
if (@values) {
	$oid = (split /-/, $values[0])[0];
	$uid = (split /-/, $values[0])[1];
} 

my $line = `cat /etc/www/site/db_creds`;
chomp (my ($db,$ip,$user,$pw) = split(/:/, $line));

my $dbh = DBI->connect("DBI:Pg:dbname=$db;host=$ip", $user, $pw);
my $un = $dbh->selectrow_array('select first_name from data_details where random_string  = ?', {}, $uid);

print "Content-type:text/html\n\n";
print "<html><head><title>Welcome</title></head><body>";

print qq{<div style="padding-top: 100px;">};
print "<center>";
print "<p>Hello $un</p>";
print "<p>We found an exclusive offer for you.</p>";
print "<p>Click to proceed.</p>";

print qq{
<form action="/process.pl" method="POST">
    <input size="9" type="text" value= "$uid" name="uid" pattern="[a-zA-Z0-9]+" minlength="6" maxlength="8" required>
    <input type="hidden" name="oid" value="} . $oid . qq{"/>
    <input type="submit" value="Submit">
</form>
};
print "</center></body></html>";