#!/usr/bin/perl
########################################################################
# COPYRIGHT NOTICE:
#
# Copyright 2007 FocalMedia.Net All Rights Reserved.
#
# Selling the code for this program without prior written consent
# from FocalMedia.Net is expressly forbidden. You may not
# redistribute this program in any shape or form.
#
# This program is distributed "as is" and without warranty of any
# kind, either express or implied. In no event shall the liability
# of FocalMedia.Net for any damages, losses and/or causes of action
# exceed the total amount paid by the user for this software.
#
########################################################################
#### EDIT HERE -- FOR WINDOWS/IIS BASED INSTALLATIONS ONLY #######
$config_cgi = "config.cgi"; ## <-- CHANGE THIS LINE TO THE FULL SERVER PATH TO config.cgi
# THE PATH ON A WINDOWS INSTALLATION WILL LOOK SOMETHING LIKE THIS:
# $config_cgi = "c:/inetpub/webpub/cgi-bin/pseek/config.cgi";
#### DO NOT CHANGE ANYTHING BELOW THIS LINE #################
#use FindBin;
#use lib $FindBin::Bin;
use CGI;
use CGI::Carp qw(fatalsToBrowser);
use gfriend;
#$version = "EasyList 1.0 Beta";
&get_setup;
$q = CGI->new;
$default_permissions = 0777; ### DEFAULT PERMISSIONS THAT IS USED FOR DATA FILES IN DATA DIRECTORY
##################################################################################
$pages_prev = "4"; ### PAGES TO LIST ON PAGE (TO THE LEFT)
$pages_next = "4"; ### PAGES TO LIST ON PAGE (TO THE RIGHT)
print "Content-type: text/html\n\n";
$guestbook_settings = gfriend::get_file_contents("$webdir/settings.dat");
@gset = split (/\n/, $guestbook_settings);
if ($q->param('fct') eq ""){&start;}
if ($q->param('fct') eq "post"){&post_entry;}
sub post_entry
{
$img_auth_check = &check_img_auth;
if ($img_auth_check eq "false") {&start($gset[0]); exit;} ## "The letters you typed did not match."
if ($q->param('name') eq "") {&start($gset[1]); exit;} ## "You must supply a name."
if ($q->param('message') eq "") {&start($gset[2]); exit;} ## "You must supply a message."
if (($gset[5] eq "Y") and ($q->param('email') eq ""))
{
&start($gset[9]); exit; ## Email Address Required
}
if (length($q->param('message')) > $gset[15])
{
&start($gset[16]); exit; ## Maxium length exceeded
}
####################
$orig_entries = gfriend::get_file_contents("$webdir/data.dat");
####################
$name = $q->param('name');
$email = $q->param('email');
$message = $q->param('message');
$webtitle = $q->param('webtitle');
$weburl = $q->param('weburl');
$letters = $q->param('letters');
if ($gset[13] eq "Y")
{
$name = &remove_html($name);
$email = &remove_html($email);
$message = &remove_html($message);
$webtitle = &remove_html($webtitle);
$weburl = &remove_html($weburl);
}
if ($gset[14] eq "Y") { $newmsg_que = "Y"; }
$nowtime = time();
open (GDATA, "> $webdir/data.dat");
print GDATA $name . ":oo_-_oo:" .
$email . ":oo_-_oo:" .
$message . ":oo_-_oo:" .
$nowtime . ":oo_-_oo:" .
$webtitle . ":oo_-_oo:" .
$weburl . ":oo_-_oo:" .
$newmsg_que . ":---o--o--o---:"
. $orig_entries;
close (GDATA);
if (($gset[6] eq "Y") and ($gset[7] ne ""))
{
$nowtime = &decode_date($nowtime);
$message = "A new post has been made to your Guestbook!
The post is as follows:
=======================
Name: $name
Email: $email
Date: $nowtime
Message:
========
$message
Web Site Title: $webtitle
Web URL: $weburl
";
gfriend::send_mail($smail, "GuestFriend", "guestfriend\@mailer", $gset[7], "New posting notification", $message);
}
if ($gset[8] eq "Y")
{
$emailmsg = gfriend::get_file_contents("$webdir/autoresponse.eml");
@elines = split (/\n/, $emailmsg);
$from_name = $elines[0];
$from_email = $elines[1];
$email_subject = $elines[2];
$lnc = 0;
foreach $line (@elines)
{
if ($lnc > 2)
{
$email_message = $email_message . $line . "\n";
}
$lnc++;
}
gfriend::send_mail($smail, "$from_name", "$from_email", $email, $email_subject, $email_message);
}
$template = gfriend::get_file_contents("$webdir/success.html");
$template =~ s/!!web_url!!/$web_url/gi;
print $template;
}
sub start
{
my ($lerror) = @_;
$template = gfriend::get_file_contents("$webdir/guestbook.html");
$name = $q->param('name');
$email = $q->param('email');
$message = $q->param('message');
$webtitle = $q->param('webtitle');
$weburl = $q->param('weburl');
$template =~ s/!!name!!/$name/gi;
$template =~ s/!!email!!/$email/gi;
$template =~ s/!!message!!/$message/gi;
$template =~ s/!!webtitle!!/$webtitle/gi;
if ($weburl eq "") { $weburl = "http://"; }
$template =~ s/!!weburl!!/$weburl/gi;
$scrolling_text_box = qq[
];
$template =~ s/!!scrolling_text_box!!/$scrolling_text_box/gi;
$imgbox = &get_imgboxes;
($boxes,$crps) = split (/:::/, $imgbox);
$template =~ s/!!letters!!/$boxes/gi;
$hinv = qq[ ];
$template =~ s/<\/form>/$hinv<\/form>/gi;
$template =~ s/<\/form >/$hinv<\/form>/gi;
$template =~ s/!!problem!!/$lerror/gi;
##########
$orig_entry_template = gfriend::get_file_contents("$webdir/entries.html");
$entries = gfriend::get_file_contents("$webdir/data.dat");
@allentries2 = split(/:---o--o--o---:/,$entries);
foreach $item (@allentries2)
{
($name, $email, $message, $edate, $webtitle, $weburl, $appr) = split(/:oo_-_oo:/, $item);
if ($appr ne "Y")
{
push (@allentries, $item);
}
}
###########
$icnt = @allentries;
$nr_searchres = $gset[4];
$modp = ($icnt % $nr_searchres);
$pages = ($icnt - $modp) / $nr_searchres;
if ($modp != 0) {$pages++;}
$st = $q->param('st');
$nd = $q->param('nd');
if ($st eq ""){$st = 0;}
if ($nd eq ""){$nd = $nr_searchres;}
$main_nd = $nd;
$main_st = $st;
$ippc = 1;
###########
$cnt=0;
foreach $entry (@allentries)
{
if (($ippc > $st) and ($ippc <= $nd))
{
$tmp_entry = $orig_entry_template;
($name, $email, $message, $edate, $webtitle, $weburl, $appr) = split(/:oo_-_oo:/, $entry);
$message =~ s/\n/
/g;
$tmp_entry =~ s/!!name!!/$name/gi;
$tmp_entry =~ s/!!message!!/$message/gi;
$edate = &decode_date($edate);
$tmp_entry =~ s/!!date!!/$edate/gi;
$tmp_entry =~ s/!!website!!/$webtitle/gi;
$tmp_entry =~ s/!!website_url!!/$weburl/gi;
$allentries = $allentries . $tmp_entry;
}
$cnt++;
$ippc++;
}
#### PAGE NAVIGATION
for ($ms = 0; $ms < $pages; $ms++)
{
$pg = $ms + 1;
if ($nd == ($pg * $nr_searchres)){ $cnposition = $pg; }
}
if ($cnposition < $pages_next) { $pages_next = $pages_next + $pages_next - ($cnposition - 1); }
$pgstring = "";
if ($main_nd eq "") {$main_nd = $nr_searchres;}
for ($ms = 0; $ms < $pages; $ms++)
{
$pg = $ms + 1;
if ($main_nd == ($pg * $nr_searchres))
{
$pgstring = $pgstring . " [$pg] ";
$currentpage = $pg;
}
elsif (($pg >= ($cnposition - $pages_prev)) and ($pg <= ($cnposition + $pages_next)))
{
$st = ($pg * $nr_searchres) - $nr_searchres;
$nd = ($pg * $nr_searchres);
$pgstring = $pgstring . "$pg ";
}
}
#### « PAGES NAVIGATION
if (($cnposition - $pages_prev) > 1)
{
$prev_ppos = $cnposition - $pages_prev;
$staticpos = $prev_ppos - 1;
$prev_ppos = $prev_ppos - 2;
$pvst = $prev_ppos * $nr_searchres;
$pvnd = ($prev_ppos * $nr_searchres) + $nr_searchres;
$pgstring = "<< " . $pgstring;
}
#### » PAGES NAVIGATION
if (($cnposition + $pages_next) < $pages)
{
$next_ppos = $cnposition + $pages_next;
$staticpos = $next_ppos + 1;
$pvst = $next_ppos * $nr_searchres;
$pvnd = ($next_ppos * $nr_searchres) + $nr_searchres;
$pgstring = $pgstring . ">> ";
}
### PREV NEXT PAGES
$st = $q->param('st');
$nd = $q->param('nd');
if ($st eq ""){$st = 0;}
if ($nd eq ""){$nd = $nr_searchres;}
$spls = $modp;
if ($spls == 0){$spls++;}
if ($nd <= ($icnt - $spls))
{
$st1 = $st + $nr_searchres;
$nd1 = $nd + $nr_searchres;
$nextt = "$gset[10] ";
}
if ($st > 0)
{
$st1 = $st - $nr_searchres;
$nd1 = $nd - $nr_searchres;
$prev = "$gset[11] ";
}
if (($prev ne "") and ($nextt ne ""))
{
$spcer = " | ";
}
else
{
$spcer = " ";
}
$prevnext = $prev . "$spcer" . $nextt;
if (length($prevnext) > 5){$myspacer = " | ";}
############
$template =~ s/!!next_prev_page_navigation!!/$prevnext/gi;
$template =~ s/!!pages!!/$pgstring/gi;
$template =~ s/!!total_entries!!/$cnt/gi;
if ($cnt == 0) { $allentries = $gset[3]; } ##"There are no Guestbook entries at present."
$template =~ s/!!guestbook_entries!!/$allentries/gi;
$template =~ s/!!web_url!!/$web_url/gi;
$pwr = qq[
Guestbook Powered by GuestFriend
];
$template =~ s/<\/body>/$pwr<\/body>/gi;
print $template;
}
##########################################
sub confirm_email_address
{
my ($eml_tow) = @_;
open (RTYD, ">> $webdir/email.lst");
print RTYD $eml_tow . "\n";
close (RTYD);
## SEND WELCOME EMAIL
$ewelcome = easylist::get_file_contents("$webdir/welcome.eml");
@elines = split (/\n/, $ewelcome);
$from_name = $elines[0];
$from_email = $elines[1];
$email_subject = $elines[2];
$lnc = 0;
foreach $line (@elines)
{
if ($lnc > 2)
{
$email_message = $email_message . $line . "\n";
}
$lnc++;
}
$unsl = "$script_url/sbs.cgi";
$email_message =~ s/%%usubscribe_link%%/$unsl/g;
easylist::send_mail($smail, $from_name, $from_email, $eml_tow, $email_subject, $email_message);
}
sub get_imgboxes ### IMAGE AUTHENTICATION
{
my ($ls1, $ls2, $ls3, $ls4, $alpha, @alpharray, $alpha1, $alpha2, $alpha3, $alpha4, $alpha_number1,
$alpha_number2, $alpha_number3, $alpha_number4, @files, $filename, $img1, $img2, $img3, $img4,
$iname1, $iname2, $iname3, $iname4, $un_crypted_str, $crypted_str, $imgb);
$ls1 = int(rand(4));
$ls1++;
if ($ls1 < 1) { $ls1 = 1; }
if ($ls1 == 1){ $ls1 = 49; }if ($ls1 == 2){ $ls1 = 50; }if ($ls1 == 3){ $ls1 = 51; }if ($ls1 == 4){ $ls1 = 52; }
$ls2 = int(rand(4));
$ls2++;
if ($ls2 < 1) { $ls2 = 1; }
if ($ls2 == 1){ $ls2 = 49; }if ($ls2 == 2){ $ls2 = 50; }if ($ls2 == 3){ $ls2 = 51; }if ($ls2 == 4){ $ls2 = 52; }
$ls3 = int(rand(4));
$ls3++;
if ($ls3 < 1) { $ls3 = 1; }
if ($ls3 == 1){ $ls3 = 49; }if ($ls3 == 2){ $ls3 = 50; }if ($ls3 == 3){ $ls3 = 51; }if ($ls3 == 4){ $ls3 = 52; }
$ls4 = int(rand(4));
$ls4++;
if ($ls4 < 1) { $ls4 = 1; }
if ($ls4 == 1){ $ls4 = 49; }if ($ls4 == 2){ $ls4 = 50; }if ($ls4 == 3){ $ls4 = 51; }if ($ls4 == 4){ $ls4 = 52; }
#print "--> $ls1
";
$alpha++;
@alpharray = ("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z");
$alpha1 = rand(26);
$alpha_number1 = ord($alpharray[$alpha1]);
$alpha2 = rand(26);
$alpha_number2 = ord($alpharray[$alpha2]);
$alpha3 = rand(26);
$alpha_number3 = ord($alpharray[$alpha3]);
$alpha4 = rand(26);
$alpha_number4 = ord($alpharray[$alpha4]);
#print "1:$alpha_number1 - $ls1
";
#print "2:$alpha_number2 - $ls2
";
#print "3:$alpha_number3 - $ls3
";
#print "4:$alpha_number4 - $ls4
";
opendir(DIR,"$webdir");
@files = readdir(DIR);
foreach $filename (@files)
{
if (($filename ne ".") and ($filename ne ".."))
{
#print "->" . substr($filename, 9, length($filename)- 9) . "
";
if ((substr($filename, 5, 2) == $ls1) and (substr($filename, 9, length($filename)- 9) == $alpha_number1))
{
$img1 = "
";
$iname1 = $filename;
#print "-1-> $filename - $alpha_number1 - $img1
";
}
if ((substr($filename, 5, 2) == $ls2) and (substr($filename, 9, length($filename)- 9) == $alpha_number2))
{
$img2 = "
";
$iname2 = $filename;
#print "-2-> $filename - $alpha_number2 - $img2
";
}
if ((substr($filename, 5, 2) == $ls3) and (substr($filename, 9, length($filename)- 9) == $alpha_number3))
{
$img3 = "
";
$iname3 = $filename;
#print "-3-> $filename - $alpha_number3 - $img3
";
}
if ((substr($filename, 5, 2) == $ls4) and (substr($filename, 9, length($filename)- 9) == $alpha_number4))
{
$img4 = "
";
$iname4 = $filename;
#print "-4-> $filename - $alpha_number4 - $img4
";
}
}
}
closedir(DIR);
$un_crypted_str = $iname1 ."O". $iname2 . "O" . $iname3 . "O" . $iname4;
$crypted_str = &encode_ps($un_crypted_str);
$ip = $ENV{'REMOTE_ADDR'};
$cip = crypt($ip, $password);
$crypted_str = $crypted_str . "oo-oo" . $cip;
$imgb = "$img1 $img2 $img3 $img4 :::" . $crypted_str;
return ($imgb);
}
sub encode_ps
{
my($cc) = @_;
my($rcc, $ccount, $rndchar, $onechar);
$rcc = "";
$ccount = 0;
while ($ccount < length($cc))
{
$ccount++;
$rndchar = int(rand(24)) + 97;
$onechar = ord(substr($cc, length($cc) - $ccount, 1));
$onechar = $onechar + 1;
$rcc = $rcc . chr($onechar) . chr($rndchar);
}
$lcnt = 0;
while ($lcnt < length($rcc))
{
$onechar = substr($rcc,$lcnt,1);
$ordchar = ord($onechar);
if (length($ordchar) == 1) { $ordchar = "00" . $ordchar; }
if (length($ordchar) == 2) { $ordchar = "0" . $ordchar; }
$retrcc = $retrcc . $ordchar;
$lcnt++;
}
return ($retrcc);
}
sub decode_tags
{
my ($msg_whole) = @_;
$msg_whole =~ s/\[black\]//gi; ### BLACK
$msg_whole =~ s/\[\/black\]/<\/font>/gi;
$msg_whole =~ s/\[Silver\]//gi; ### Silver
$msg_whole =~ s/\[\/Silver\]/<\/font>/gi;
$msg_whole =~ s/\[Red\]//gi; ### Red
$msg_whole =~ s/\[\/Red\]/<\/font>/gi;
$msg_whole =~ s/\[lpurple\]//gi; ### Light Purple
$msg_whole =~ s/\[\/lpurple\]/<\/font>/gi;
$msg_whole =~ s/\[Blue\]//gi; ### Blue
$msg_whole =~ s/\[\/Blue\]/<\/font>/gi;
$msg_whole =~ s/\[Aqua\]//gi; ### Aqua
$msg_whole =~ s/\[\/Aqua\]/<\/font>/gi;
$msg_whole =~ s/\[Lime\]//gi; ### Lime
$msg_whole =~ s/\[\/Lime\]/<\/font>/gi;
$msg_whole =~ s/\[Yellow\]//gi; ### Yellow
$msg_whole =~ s/\[\/Yellow\]/<\/font>/gi;
$msg_whole =~ s/\[White\]//gi; ### White
$msg_whole =~ s/\[\/White\]/<\/font>/gi;
$msg_whole =~ s/\[Gray\]//gi; ### Gray
$msg_whole =~ s/\[\/Gray\]/<\/font>/gi;
$msg_whole =~ s/\[Maroon\]//gi; ### Maroon
$msg_whole =~ s/\[\/Maroon\]/<\/font>/gi;
$msg_whole =~ s/\[Purple\]//gi; ### Purple
$msg_whole =~ s/\[\/Purple\]/<\/font>/gi;
$msg_whole =~ s/\[Navy\]//gi; ### Navy
$msg_whole =~ s/\[\/Navy\]/<\/font>/gi;
$msg_whole =~ s/\[Teal\]//gi; ### Teal
$msg_whole =~ s/\[\/Teal\]/<\/font>/gi;
$msg_whole =~ s/\[Green\]//gi; ### Green
$msg_whole =~ s/\[\/Green\]/<\/font>/gi;
$msg_whole =~ s/\[Olive\]//gi; ### Olive
$msg_whole =~ s/\[\/Olive\]/<\/font>/gi;
#### IMAGES
$HTMLstart = "
";
$msg_whole =~ s/\[image\]/$HTMLstart/gi;
$msg_whole =~ s/\[\/image\]/$HTMLend/gi;
#### BOLD
$msg_whole =~ s/\[b\]//gi;
$msg_whole =~ s/\[\/b\]/<\/b>/gi;
#### URLS
$excount = 0;
while ($msg_whole =~ /\[url\]/)
{
$urlstring = "";
$msg_whole =~ m/\[url\]/gi;
$istart = pos($msg_whole);
$msg_whole =~ m/\[\/url\]/gi;
$iend = pos($msg_whole);
$urlstring = substr($msg_whole, $istart, ($iend - $istart - 6));
$urlstring = "";
$msg_whole =~ s/\[url\]/$urlstring/i;
$msg_whole =~ s/\[\/url\]/<\/a>/i;
$excount++;
if ($excount == 100) { $msg_whole =~ s/\[url\]//gi; }
}
$excount = 0;
while ($msg_whole =~ /\[url=/)
{
$msg_whole =~ m/\[url=/gi;
$istart = pos($msg_whole);
$msg_whole =~ m/\]/gi;
$iend = pos($msg_whole);
$urlstring = substr($msg_whole, $istart, ($iend - $istart - 1));
$msg_whole =~ m/\[\/url\]/gi;
$iend2 = pos($msg_whole);
$textstring = substr($msg_whole, $iend, ($iend2 - $iend - 6));
#$urlstring2 = "";
#$msg_whole =~ s/\[url=$urlstring\]/$urlstring2/i;
#$msg_whole =~ s/\[\/url\]/<\/a>/i;
$urlstring2 = "";
$msg_whole =~ s/\[url=/$urlstring2/i;
$msg_whole =~ s/\]/$urlsclose/i;
$msg_whole =~ s/\[\/url\]/<\/a>/i;
$excount++;
if ($excount == 100) { $msg_whole =~ s/\[url=//gi; }
}
return ($msg_whole);
}
sub check_img_auth
{
$query = new CGI;
($ccr1, $ccip) = split (/oo-oo/, $query->param('ia'));
$uncr = &decode_ps($ccr1);
$uncr =~ s/\.gif//gi;
($img1, $img2, $img3, $img4) = split (/O/, $uncr);
$letter1 = chr(substr($img1, 9, length($img1) - 9));
$letter2 = chr(substr($img2, 9, length($img2) - 9));
$letter3 = chr(substr($img3, 9, length($img3) - 9));
$letter4 = chr(substr($img4, 9, length($img4) - 9));
$lbox = $letter1 . $letter2 . $letter3 . $letter4;
$ia = $query->param('ia');
$letters = $query->param('letters');
$letters = lc($letters);
if ($letters ne $lbox) { $error_ind = "false"; }
$ip = $ENV{'REMOTE_ADDR'};
$cip = crypt($ip, $password);
if ($cip ne $ccip) { $error_ind = "false"; }
return ($error_ind);
}
sub decode_ps
{
my($cc) = @_;
my($rcc, $ccount, $ccount2, $rndchar, $rchar);
$lcnt = 0; $thrc = 1;
while ($lcnt < length($cc))
{
if ($thrc == 1)
{
$to_dec = $to_dec . substr($cc, $lcnt, 1);
$thrc = 2;
}
elsif ($thrc == 2)
{
$to_dec = $to_dec . substr($cc, $lcnt, 1);
$thrc = 3;
}
elsif ($thrc == 3)
{
$to_dec = $to_dec . substr($cc, $lcnt, 1);
$thrc = 1;
$real_c = $real_c . chr($to_dec);
$to_dec = "";
}
$lcnt++;
}
$cc = $real_c;
$cc = "_" . $cc;
####
$rcc = ""; $ccount = 0; $d1 = 2;
while ($ccount < length($cc) )
{
if ($d1 == 2)
{
$rchar = substr($cc, length($cc) - $ccount, 1);
$rchar = ord($rchar);
$rchar = $rchar - 1;
$rchar = chr($rchar);
$rcc = $rcc . $rchar;
$d1 = 0;
}
$d1++;
$ccount++;
}
return (substr($rcc, 1, length($rcc)));
}
sub decode_date
{
my ($tvalue) = @_;
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst,@marray, $rdvalue, $ampm);
($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst) = localtime($tvalue);
$year = "20" . substr($year, 1, 2);
@marray = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
if (length($min) == 1) {$min = "0" . $min;}
if (length($min) == 1) {$min = "0" . $min;}
if ($hour == 0){$hour = 12;}
$rdvalue = "$marray[$mon] $mday, $year";
return ($rdvalue);
}
sub remove_html
{
($html_ecode) = @_;
$html_ecode =~ s/<[^>]*>//g;
$html_ecode =~ s/>//g;
$html_ecode =~ s//g;
my $h_removed = $html_ecode;
return ($h_removed);
}
sub get_setup
{
$exists = (-e "config.cgi");
if ($exists > 0)
{
open (STP, "config.cgi");
while (defined($line=))
{
if ($line =~ m/#/g)
{
$r = pos($line);
$line = substr($line, 0, $r - 1);
}
$line =~ s/\n//g;
if ($line =~ /^WEBDIR/){$webdir = &get_setup_line($line, WEBDIR);}
if ($line =~ /^WEB_URL/){$web_url = &get_setup_line($line, WEB_URL);}
if ($line =~ /^SMAIL/){$smail = &get_setup_line($line, SMAIL);}
if ($line =~ /^PASSWORD/){$password = &get_setup_line($line, PASSWORD);}
}
close (STP);
}
}
sub get_setup_line
{
my ($setup_line, $setup_var) = @_;
$crit = "\"";
$setup_line =~ m/$crit/g;
$r1 = pos($setup_line);
$setup_line =~ m/$crit/g;
$r2 = pos($setup_line);
$setup_line = substr($setup_line, $r1, ($r2 - $r1 - 1));
$return_val = $setup_line;
return ($return_val);
}
#### END CONFIGURATION ########################################################