local cache = require("cache")
local sql = require("lsqlite3")
local db = require("db")
local queries = require("queries")
local util = require("util")

local stmnt_tags_get

local oldconfigure = configure
function configure(...)
	stmnt_tags_get = util.sqlassert(db.conn:prepare(queries.select_suggest_tags))
	return oldconfigure(...)
end

local function suggest_tags(req,data)
	print("Suggesting tags!")
	stmnt_tags_get:bind_names{
		match = data .. "%"
	}
	local err = util.do_sql(stmnt_tags_get)
	if err == sql.ROW or err == sql.DONE then
		local tags = {data}
		for tag in stmnt_tags_get:rows() do
			print("Found tag:",tag[1])
			table.insert(tags,tag[1])
		end
		stmnt_tags_get:reset()
		http_response_header(req,"Content-Type","text/plain")
		http_response(req,200,table.concat(tags,";"))
	else
		log(LOG_ALERT,"Failed to get tag suggestions in an unusual way:" .. err .. ":" .. db.conn:errmsg())
		--This is bad though
		local page = pages.error({
			errcode = 500,
			errcodemsg = "Server error",
			explanation = string.format(
				"Failed to retreive tags from database:%d:%q",
				err,
				db.conn:errmsg()
			),
		})
		stmnt_tags_get:reset()
		http_response(req,500,page)
	end
end

local function api_get(req)
	http_request_populate_qs(req)
	local call = assert(http_argument_get_string(req,"call"))
	local data = assert(http_argument_get_string(req,"data"))
	local body
	if call == "suggest" then
		--[[
		Prevent a malicious user from injecting '%' into the string
		we're searching for, potentially causing a DoS with a
		sufficiently backtrack-ey search/tag combination.
		]]
		assert(data:match("^[a-zA-Z0-9,%s-]+$"),"Bad characters in tag")
		return suggest_tags(req,data)
	end
end
return api_get