#!/usr/bin/perl ######################################################################## # COPYRIGHT NOTICE: # # Copyright 2007 FocalMedia.Net All Rights Reserved. # # Selling the code for this program without prior written consent # from FocalMedia.Net is expressly forbidden. You may not # redistribute this program in any shape or form. # # This program is distributed "as is" and without warranty of any # kind, either express or implied. In no event shall the liability # of FocalMedia.Net for any damages, losses and/or causes of action # exceed the total amount paid by the user for this software. # ######################################################################## #### EDIT HERE -- FOR WINDOWS/IIS BASED INSTALLATIONS ONLY ####### $config_cgi = "config.cgi"; ## <-- CHANGE THIS LINE TO THE FULL SERVER PATH TO config.cgi # THE PATH ON A WINDOWS INSTALLATION WILL LOOK SOMETHING LIKE THIS: # $config_cgi = "c:/inetpub/webpub/cgi-bin/pseek/config.cgi"; #### DO NOT CHANGE ANYTHING BELOW THIS LINE ################# #use FindBin; #use lib $FindBin::Bin; use CGI; use CGI::Carp qw(fatalsToBrowser); use gfriend; #$version = "EasyList 1.0 Beta"; &get_setup; $q = CGI->new; $default_permissions = 0777; ### DEFAULT PERMISSIONS THAT IS USED FOR DATA FILES IN DATA DIRECTORY ################################################################################## $pages_prev = "4"; ### PAGES TO LIST ON PAGE (TO THE LEFT) $pages_next = "4"; ### PAGES TO LIST ON PAGE (TO THE RIGHT) print "Content-type: text/html\n\n"; $guestbook_settings = gfriend::get_file_contents("$webdir/settings.dat"); @gset = split (/\n/, $guestbook_settings); if ($q->param('fct') eq ""){&start;} if ($q->param('fct') eq "post"){&post_entry;} sub post_entry { $img_auth_check = &check_img_auth; if ($img_auth_check eq "false") {&start($gset[0]); exit;} ## "The letters you typed did not match." if ($q->param('name') eq "") {&start($gset[1]); exit;} ## "You must supply a name." if ($q->param('message') eq "") {&start($gset[2]); exit;} ## "You must supply a message." if (($gset[5] eq "Y") and ($q->param('email') eq "")) { &start($gset[9]); exit; ## Email Address Required } if (length($q->param('message')) > $gset[15]) { &start($gset[16]); exit; ## Maxium length exceeded } #################### $orig_entries = gfriend::get_file_contents("$webdir/data.dat"); #################### $name = $q->param('name'); $email = $q->param('email'); $message = $q->param('message'); $webtitle = $q->param('webtitle'); $weburl = $q->param('weburl'); $letters = $q->param('letters'); if ($gset[13] eq "Y") { $name = &remove_html($name); $email = &remove_html($email); $message = &remove_html($message); $webtitle = &remove_html($webtitle); $weburl = &remove_html($weburl); } if ($gset[14] eq "Y") { $newmsg_que = "Y"; } $nowtime = time(); open (GDATA, "> $webdir/data.dat"); print GDATA $name . ":oo_-_oo:" . $email . ":oo_-_oo:" . $message . ":oo_-_oo:" . $nowtime . ":oo_-_oo:" . $webtitle . ":oo_-_oo:" . $weburl . ":oo_-_oo:" . $newmsg_que . ":---o--o--o---:" . $orig_entries; close (GDATA); if (($gset[6] eq "Y") and ($gset[7] ne "")) { $nowtime = &decode_date($nowtime); $message = "A new post has been made to your Guestbook! The post is as follows: ======================= Name: $name Email: $email Date: $nowtime Message: ======== $message Web Site Title: $webtitle Web URL: $weburl "; gfriend::send_mail($smail, "GuestFriend", "guestfriend\@mailer", $gset[7], "New posting notification", $message); } if ($gset[8] eq "Y") { $emailmsg = gfriend::get_file_contents("$webdir/autoresponse.eml"); @elines = split (/\n/, $emailmsg); $from_name = $elines[0]; $from_email = $elines[1]; $email_subject = $elines[2]; $lnc = 0; foreach $line (@elines) { if ($lnc > 2) { $email_message = $email_message . $line . "\n"; } $lnc++; } gfriend::send_mail($smail, "$from_name", "$from_email", $email, $email_subject, $email_message); } $template = gfriend::get_file_contents("$webdir/success.html"); $template =~ s/!!web_url!!/$web_url/gi; print $template; } sub start { my ($lerror) = @_; $template = gfriend::get_file_contents("$webdir/guestbook.html"); $name = $q->param('name'); $email = $q->param('email'); $message = $q->param('message'); $webtitle = $q->param('webtitle'); $weburl = $q->param('weburl'); $template =~ s/!!name!!/$name/gi; $template =~ s/!!email!!/$email/gi; $template =~ s/!!message!!/$message/gi; $template =~ s/!!webtitle!!/$webtitle/gi; if ($weburl eq "") { $weburl = "http://"; } $template =~ s/!!weburl!!/$weburl/gi; $scrolling_text_box = qq[ ]; $template =~ s/!!scrolling_text_box!!/$scrolling_text_box/gi; $imgbox = &get_imgboxes; ($boxes,$crps) = split (/:::/, $imgbox); $template =~ s/!!letters!!/$boxes/gi; $hinv = qq[ ]; $template =~ s/<\/form>/$hinv<\/form>/gi; $template =~ s/<\/form >/$hinv<\/form>/gi; $template =~ s/!!problem!!/$lerror/gi; ########## $orig_entry_template = gfriend::get_file_contents("$webdir/entries.html"); $entries = gfriend::get_file_contents("$webdir/data.dat"); @allentries2 = split(/:---o--o--o---:/,$entries); foreach $item (@allentries2) { ($name, $email, $message, $edate, $webtitle, $weburl, $appr) = split(/:oo_-_oo:/, $item); if ($appr ne "Y") { push (@allentries, $item); } } ########### $icnt = @allentries; $nr_searchres = $gset[4]; $modp = ($icnt % $nr_searchres); $pages = ($icnt - $modp) / $nr_searchres; if ($modp != 0) {$pages++;} $st = $q->param('st'); $nd = $q->param('nd'); if ($st eq ""){$st = 0;} if ($nd eq ""){$nd = $nr_searchres;} $main_nd = $nd; $main_st = $st; $ippc = 1; ########### $cnt=0; foreach $entry (@allentries) { if (($ippc > $st) and ($ippc <= $nd)) { $tmp_entry = $orig_entry_template; ($name, $email, $message, $edate, $webtitle, $weburl, $appr) = split(/:oo_-_oo:/, $entry); $message =~ s/\n/
/g; $tmp_entry =~ s/!!name!!/$name/gi; $tmp_entry =~ s/!!message!!/$message/gi; $edate = &decode_date($edate); $tmp_entry =~ s/!!date!!/$edate/gi; $tmp_entry =~ s/!!website!!/$webtitle/gi; $tmp_entry =~ s/!!website_url!!/$weburl/gi; $allentries = $allentries . $tmp_entry; } $cnt++; $ippc++; } #### PAGE NAVIGATION for ($ms = 0; $ms < $pages; $ms++) { $pg = $ms + 1; if ($nd == ($pg * $nr_searchres)){ $cnposition = $pg; } } if ($cnposition < $pages_next) { $pages_next = $pages_next + $pages_next - ($cnposition - 1); } $pgstring = ""; if ($main_nd eq "") {$main_nd = $nr_searchres;} for ($ms = 0; $ms < $pages; $ms++) { $pg = $ms + 1; if ($main_nd == ($pg * $nr_searchres)) { $pgstring = $pgstring . " [$pg] "; $currentpage = $pg; } elsif (($pg >= ($cnposition - $pages_prev)) and ($pg <= ($cnposition + $pages_next))) { $st = ($pg * $nr_searchres) - $nr_searchres; $nd = ($pg * $nr_searchres); $pgstring = $pgstring . "$pg "; } } #### « PAGES NAVIGATION if (($cnposition - $pages_prev) > 1) { $prev_ppos = $cnposition - $pages_prev; $staticpos = $prev_ppos - 1; $prev_ppos = $prev_ppos - 2; $pvst = $prev_ppos * $nr_searchres; $pvnd = ($prev_ppos * $nr_searchres) + $nr_searchres; $pgstring = "<< " . $pgstring; } #### » PAGES NAVIGATION if (($cnposition + $pages_next) < $pages) { $next_ppos = $cnposition + $pages_next; $staticpos = $next_ppos + 1; $pvst = $next_ppos * $nr_searchres; $pvnd = ($next_ppos * $nr_searchres) + $nr_searchres; $pgstring = $pgstring . ">> "; } ### PREV NEXT PAGES $st = $q->param('st'); $nd = $q->param('nd'); if ($st eq ""){$st = 0;} if ($nd eq ""){$nd = $nr_searchres;} $spls = $modp; if ($spls == 0){$spls++;} if ($nd <= ($icnt - $spls)) { $st1 = $st + $nr_searchres; $nd1 = $nd + $nr_searchres; $nextt = "$gset[10] "; } if ($st > 0) { $st1 = $st - $nr_searchres; $nd1 = $nd - $nr_searchres; $prev = "$gset[11] "; } if (($prev ne "") and ($nextt ne "")) { $spcer = " | "; } else { $spcer = " "; } $prevnext = $prev . "$spcer" . $nextt; if (length($prevnext) > 5){$myspacer = " | ";} ############ $template =~ s/!!next_prev_page_navigation!!/$prevnext/gi; $template =~ s/!!pages!!/$pgstring/gi; $template =~ s/!!total_entries!!/$cnt/gi; if ($cnt == 0) { $allentries = $gset[3]; } ##"There are no Guestbook entries at present." $template =~ s/!!guestbook_entries!!/$allentries/gi; $template =~ s/!!web_url!!/$web_url/gi; $pwr = qq[

Guestbook Powered by GuestFriend


]; $template =~ s/<\/body>/$pwr<\/body>/gi; print $template; } ########################################## sub confirm_email_address { my ($eml_tow) = @_; open (RTYD, ">> $webdir/email.lst"); print RTYD $eml_tow . "\n"; close (RTYD); ## SEND WELCOME EMAIL $ewelcome = easylist::get_file_contents("$webdir/welcome.eml"); @elines = split (/\n/, $ewelcome); $from_name = $elines[0]; $from_email = $elines[1]; $email_subject = $elines[2]; $lnc = 0; foreach $line (@elines) { if ($lnc > 2) { $email_message = $email_message . $line . "\n"; } $lnc++; } $unsl = "$script_url/sbs.cgi"; $email_message =~ s/%%usubscribe_link%%/$unsl/g; easylist::send_mail($smail, $from_name, $from_email, $eml_tow, $email_subject, $email_message); } sub get_imgboxes ### IMAGE AUTHENTICATION { my ($ls1, $ls2, $ls3, $ls4, $alpha, @alpharray, $alpha1, $alpha2, $alpha3, $alpha4, $alpha_number1, $alpha_number2, $alpha_number3, $alpha_number4, @files, $filename, $img1, $img2, $img3, $img4, $iname1, $iname2, $iname3, $iname4, $un_crypted_str, $crypted_str, $imgb); $ls1 = int(rand(4)); $ls1++; if ($ls1 < 1) { $ls1 = 1; } if ($ls1 == 1){ $ls1 = 49; }if ($ls1 == 2){ $ls1 = 50; }if ($ls1 == 3){ $ls1 = 51; }if ($ls1 == 4){ $ls1 = 52; } $ls2 = int(rand(4)); $ls2++; if ($ls2 < 1) { $ls2 = 1; } if ($ls2 == 1){ $ls2 = 49; }if ($ls2 == 2){ $ls2 = 50; }if ($ls2 == 3){ $ls2 = 51; }if ($ls2 == 4){ $ls2 = 52; } $ls3 = int(rand(4)); $ls3++; if ($ls3 < 1) { $ls3 = 1; } if ($ls3 == 1){ $ls3 = 49; }if ($ls3 == 2){ $ls3 = 50; }if ($ls3 == 3){ $ls3 = 51; }if ($ls3 == 4){ $ls3 = 52; } $ls4 = int(rand(4)); $ls4++; if ($ls4 < 1) { $ls4 = 1; } if ($ls4 == 1){ $ls4 = 49; }if ($ls4 == 2){ $ls4 = 50; }if ($ls4 == 3){ $ls4 = 51; }if ($ls4 == 4){ $ls4 = 52; } #print "--> $ls1
"; $alpha++; @alpharray = ("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"); $alpha1 = rand(26); $alpha_number1 = ord($alpharray[$alpha1]); $alpha2 = rand(26); $alpha_number2 = ord($alpharray[$alpha2]); $alpha3 = rand(26); $alpha_number3 = ord($alpharray[$alpha3]); $alpha4 = rand(26); $alpha_number4 = ord($alpharray[$alpha4]); #print "1:$alpha_number1 - $ls1
"; #print "2:$alpha_number2 - $ls2
"; #print "3:$alpha_number3 - $ls3
"; #print "4:$alpha_number4 - $ls4
"; opendir(DIR,"$webdir"); @files = readdir(DIR); foreach $filename (@files) { if (($filename ne ".") and ($filename ne "..")) { #print "->" . substr($filename, 9, length($filename)- 9) . "
"; if ((substr($filename, 5, 2) == $ls1) and (substr($filename, 9, length($filename)- 9) == $alpha_number1)) { $img1 = ""; $iname1 = $filename; #print "-1-> $filename - $alpha_number1 - $img1
"; } if ((substr($filename, 5, 2) == $ls2) and (substr($filename, 9, length($filename)- 9) == $alpha_number2)) { $img2 = ""; $iname2 = $filename; #print "-2-> $filename - $alpha_number2 - $img2
"; } if ((substr($filename, 5, 2) == $ls3) and (substr($filename, 9, length($filename)- 9) == $alpha_number3)) { $img3 = ""; $iname3 = $filename; #print "-3-> $filename - $alpha_number3 - $img3
"; } if ((substr($filename, 5, 2) == $ls4) and (substr($filename, 9, length($filename)- 9) == $alpha_number4)) { $img4 = ""; $iname4 = $filename; #print "-4-> $filename - $alpha_number4 - $img4
"; } } } closedir(DIR); $un_crypted_str = $iname1 ."O". $iname2 . "O" . $iname3 . "O" . $iname4; $crypted_str = &encode_ps($un_crypted_str); $ip = $ENV{'REMOTE_ADDR'}; $cip = crypt($ip, $password); $crypted_str = $crypted_str . "oo-oo" . $cip; $imgb = "$img1 $img2 $img3 $img4 :::" . $crypted_str; return ($imgb); } sub encode_ps { my($cc) = @_; my($rcc, $ccount, $rndchar, $onechar); $rcc = ""; $ccount = 0; while ($ccount < length($cc)) { $ccount++; $rndchar = int(rand(24)) + 97; $onechar = ord(substr($cc, length($cc) - $ccount, 1)); $onechar = $onechar + 1; $rcc = $rcc . chr($onechar) . chr($rndchar); } $lcnt = 0; while ($lcnt < length($rcc)) { $onechar = substr($rcc,$lcnt,1); $ordchar = ord($onechar); if (length($ordchar) == 1) { $ordchar = "00" . $ordchar; } if (length($ordchar) == 2) { $ordchar = "0" . $ordchar; } $retrcc = $retrcc . $ordchar; $lcnt++; } return ($retrcc); } sub decode_tags { my ($msg_whole) = @_; $msg_whole =~ s/\[black\]//gi; ### BLACK $msg_whole =~ s/\[\/black\]/<\/font>/gi; $msg_whole =~ s/\[Silver\]//gi; ### Silver $msg_whole =~ s/\[\/Silver\]/<\/font>/gi; $msg_whole =~ s/\[Red\]//gi; ### Red $msg_whole =~ s/\[\/Red\]/<\/font>/gi; $msg_whole =~ s/\[lpurple\]//gi; ### Light Purple $msg_whole =~ s/\[\/lpurple\]/<\/font>/gi; $msg_whole =~ s/\[Blue\]//gi; ### Blue $msg_whole =~ s/\[\/Blue\]/<\/font>/gi; $msg_whole =~ s/\[Aqua\]//gi; ### Aqua $msg_whole =~ s/\[\/Aqua\]/<\/font>/gi; $msg_whole =~ s/\[Lime\]//gi; ### Lime $msg_whole =~ s/\[\/Lime\]/<\/font>/gi; $msg_whole =~ s/\[Yellow\]//gi; ### Yellow $msg_whole =~ s/\[\/Yellow\]/<\/font>/gi; $msg_whole =~ s/\[White\]//gi; ### White $msg_whole =~ s/\[\/White\]/<\/font>/gi; $msg_whole =~ s/\[Gray\]//gi; ### Gray $msg_whole =~ s/\[\/Gray\]/<\/font>/gi; $msg_whole =~ s/\[Maroon\]//gi; ### Maroon $msg_whole =~ s/\[\/Maroon\]/<\/font>/gi; $msg_whole =~ s/\[Purple\]//gi; ### Purple $msg_whole =~ s/\[\/Purple\]/<\/font>/gi; $msg_whole =~ s/\[Navy\]//gi; ### Navy $msg_whole =~ s/\[\/Navy\]/<\/font>/gi; $msg_whole =~ s/\[Teal\]//gi; ### Teal $msg_whole =~ s/\[\/Teal\]/<\/font>/gi; $msg_whole =~ s/\[Green\]//gi; ### Green $msg_whole =~ s/\[\/Green\]/<\/font>/gi; $msg_whole =~ s/\[Olive\]//gi; ### Olive $msg_whole =~ s/\[\/Olive\]/<\/font>/gi; #### IMAGES $HTMLstart = ""; $msg_whole =~ s/\[image\]/$HTMLstart/gi; $msg_whole =~ s/\[\/image\]/$HTMLend/gi; #### BOLD $msg_whole =~ s/\[b\]//gi; $msg_whole =~ s/\[\/b\]/<\/b>/gi; #### URLS $excount = 0; while ($msg_whole =~ /\[url\]/) { $urlstring = ""; $msg_whole =~ m/\[url\]/gi; $istart = pos($msg_whole); $msg_whole =~ m/\[\/url\]/gi; $iend = pos($msg_whole); $urlstring = substr($msg_whole, $istart, ($iend - $istart - 6)); $urlstring = ""; $msg_whole =~ s/\[url\]/$urlstring/i; $msg_whole =~ s/\[\/url\]/<\/a>/i; $excount++; if ($excount == 100) { $msg_whole =~ s/\[url\]//gi; } } $excount = 0; while ($msg_whole =~ /\[url=/) { $msg_whole =~ m/\[url=/gi; $istart = pos($msg_whole); $msg_whole =~ m/\]/gi; $iend = pos($msg_whole); $urlstring = substr($msg_whole, $istart, ($iend - $istart - 1)); $msg_whole =~ m/\[\/url\]/gi; $iend2 = pos($msg_whole); $textstring = substr($msg_whole, $iend, ($iend2 - $iend - 6)); #$urlstring2 = ""; #$msg_whole =~ s/\[url=$urlstring\]/$urlstring2/i; #$msg_whole =~ s/\[\/url\]/<\/a>/i; $urlstring2 = ""; $msg_whole =~ s/\[url=/$urlstring2/i; $msg_whole =~ s/\]/$urlsclose/i; $msg_whole =~ s/\[\/url\]/<\/a>/i; $excount++; if ($excount == 100) { $msg_whole =~ s/\[url=//gi; } } return ($msg_whole); } sub check_img_auth { $query = new CGI; ($ccr1, $ccip) = split (/oo-oo/, $query->param('ia')); $uncr = &decode_ps($ccr1); $uncr =~ s/\.gif//gi; ($img1, $img2, $img3, $img4) = split (/O/, $uncr); $letter1 = chr(substr($img1, 9, length($img1) - 9)); $letter2 = chr(substr($img2, 9, length($img2) - 9)); $letter3 = chr(substr($img3, 9, length($img3) - 9)); $letter4 = chr(substr($img4, 9, length($img4) - 9)); $lbox = $letter1 . $letter2 . $letter3 . $letter4; $ia = $query->param('ia'); $letters = $query->param('letters'); $letters = lc($letters); if ($letters ne $lbox) { $error_ind = "false"; } $ip = $ENV{'REMOTE_ADDR'}; $cip = crypt($ip, $password); if ($cip ne $ccip) { $error_ind = "false"; } return ($error_ind); } sub decode_ps { my($cc) = @_; my($rcc, $ccount, $ccount2, $rndchar, $rchar); $lcnt = 0; $thrc = 1; while ($lcnt < length($cc)) { if ($thrc == 1) { $to_dec = $to_dec . substr($cc, $lcnt, 1); $thrc = 2; } elsif ($thrc == 2) { $to_dec = $to_dec . substr($cc, $lcnt, 1); $thrc = 3; } elsif ($thrc == 3) { $to_dec = $to_dec . substr($cc, $lcnt, 1); $thrc = 1; $real_c = $real_c . chr($to_dec); $to_dec = ""; } $lcnt++; } $cc = $real_c; $cc = "_" . $cc; #### $rcc = ""; $ccount = 0; $d1 = 2; while ($ccount < length($cc) ) { if ($d1 == 2) { $rchar = substr($cc, length($cc) - $ccount, 1); $rchar = ord($rchar); $rchar = $rchar - 1; $rchar = chr($rchar); $rcc = $rcc . $rchar; $d1 = 0; } $d1++; $ccount++; } return (substr($rcc, 1, length($rcc))); } sub decode_date { my ($tvalue) = @_; my ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst,@marray, $rdvalue, $ampm); ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst) = localtime($tvalue); $year = "20" . substr($year, 1, 2); @marray = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); if (length($min) == 1) {$min = "0" . $min;} if (length($min) == 1) {$min = "0" . $min;} if ($hour == 0){$hour = 12;} $rdvalue = "$marray[$mon] $mday, $year"; return ($rdvalue); } sub remove_html { ($html_ecode) = @_; $html_ecode =~ s/<[^>]*>//g; $html_ecode =~ s/>//g; $html_ecode =~ s/ 0) { open (STP, "config.cgi"); while (defined($line=)) { if ($line =~ m/#/g) { $r = pos($line); $line = substr($line, 0, $r - 1); } $line =~ s/\n//g; if ($line =~ /^WEBDIR/){$webdir = &get_setup_line($line, WEBDIR);} if ($line =~ /^WEB_URL/){$web_url = &get_setup_line($line, WEB_URL);} if ($line =~ /^SMAIL/){$smail = &get_setup_line($line, SMAIL);} if ($line =~ /^PASSWORD/){$password = &get_setup_line($line, PASSWORD);} } close (STP); } } sub get_setup_line { my ($setup_line, $setup_var) = @_; $crit = "\""; $setup_line =~ m/$crit/g; $r1 = pos($setup_line); $setup_line =~ m/$crit/g; $r2 = pos($setup_line); $setup_line = substr($setup_line, $r1, ($r2 - $r1 - 1)); $return_val = $setup_line; return ($return_val); } #### END CONFIGURATION ########################################################