#!/usr/bin/perl #Set the line above this to your perl path. Usually fine as is # or /usr/local/bin/perl /sbin/perl # make certain that the first line stays the first line! ################################################################## # (C)2000 Kemford LLC # This software is FREEWARE! Do with it as you wish. It is yours # to share and enjoy. Modify it, improve it, and have fun with it! # It is distributed strictly as a learning aid and Kemford LLC # disclaims all warranties including but not limited to: # fitness for a particular purpose, merchantability, loss of # business, harm to your system, etc... # ALWAYS BACK UP YOUR SYSTEM BEFORE INSTALLING ANY # SCRIPT OR PROGRAM FROM ANY SOURCE! ############################################### # Script Configuration ############################################### # Modify each item below to meet your needs. #HTML file template for Guest Book: $template="./template.html"; sub process_template { open(F,$template) or die ("\ncant open $template"); $_o=$/; undef $/; $file_all=; $/=$_o; close F; #$referer = $cookie; #$referer=~/1001site_referer=([^;\s]+).*/; #$referer = $1; if(length($referer)==0) { $referer = $ENV{'HTTP_REFERER'}; $referer = substr ($referer,0,rindex ($referer,"/")); # print ("Set-Cookie: 1001site_referer=$referer\n"); } $file_all=~s//$out/s; printit ("src=\""); printit ("src =\""); printit ("src = \""); printit ("src= \""); printit ("src='"); printit ("src ='"); printit ("src = '"); printit ("src= '"); printit ("SRC='"); printit ("SRC ='"); printit ("SRC = '"); printit ("SRC= '"); printit ("SRC=\""); printit ("SRC =\""); printit ("SRC = \""); printit ("SRC= \""); printit ("background=\""); printit ("background =\""); printit ("background = \""); printit ("background =\""); printit ("BACKGROUND=\""); printit ("BACKGROUND =\""); printit ("BACKGROUND = \""); printit ("BACKGROUND= \""); printit ("href=\""); printit ("href =\""); printit ("href = \""); printit ("href= \""); printit ("HREF=\""); printit ("HREF =\""); printit ("HREF = \""); printit ("HREF= \""); printit ("HREF= \""); printit ("HREF=\\\""); print "\n".$file_all; } sub printit { $n=1; my $str = shift; while ($n>0) { $n = index ($file_all,$str,$n); if ($n>0) { $teststr = substr ($file_all,$n+length($str),7); $teststr2 = substr ($file_all,$n+length($str),6); $teststr3 = substr ($file_all,$n+length($str),10); if (!(($teststr2 eq "ftp://")||($teststr3 eq "javscript:")||($teststr eq "http://")||($teststr eq "mailto:"))) {substr ($file_all,$n+length($str),0,$referer."/");$n+=length($referer."/");} else {$n+=length($str);} } } } #Save messages into file: $bbs_file="guestbook.txt"; #Administrator contact e-mail address: $admin_email="frank_suess\@bfi-consulting.com"; #Admin password: $admin_passwd=""; #Set to 1 to activate debug info $DEBUG = 0; #Script name $s_name = $ENV{'SCRIPT_NAME'}; #Number of messages shown per screen: $m_count=10; $title="

Guest Book

"; #Color settings: Nick name,date,text,admin messages and other $g_n="id=\"guest_nick\""; $g_d="id=\"guest_data\""; $g_t="id=\"guest_text\""; $g_a="id=\"guest_adm\""; $g_o="id=\"guest_all\""; ############################################### # Start reading data # ############################################### if ($ENV{'REQUEST_METHOD'} eq "GET") {$in = $ENV{'QUERY_STRING'};} elsif ($ENV{'REQUEST_METHOD'} eq "POST") {read(STDIN,$in,$ENV{'CONTENT_LENGTH'});} @in = split(/&/,$in); foreach $i (0 .. $#in) { $in[$i] =~ s/\+/ /g; ($key, $val) = split(/=/,$in[$i],2); $key =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack("c",hex($1))/ge; $val =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack("c",hex($1))/ge; $in{$key} .= "\0" if (defined($in{$key})); # \0 is the multiple separator $in{$key} .= $val; } ############################################### # Finish reading data # ############################################### #$ENV{'HTTP_REFERER'}=$in{'ht_ref'} if(defined $in{'ht_ref'}); #$ENV{'HTTP_REFERER'}=~m|(.+/)[^/]*|; #$in{'ht_ref'}=$1 unless (defined $in{'ht_ref'}); ############################################### # Print header without cookies # ############################################### print "Content-type:text/html\n"; $header_ok=1; ############################################### # Check cookies and set it if it's nessesary # ############################################### $cookie=$ENV{'HTTP_COOKIE'}; $cookie=~ s/%([\dA-Fa-f][\dA-Fa-f])/pack ("C", hex ($1))/eg; $reg=0; $reg=1 if($cookie=~/bbs_p=([^;\s]+).*/ and $1 eq $admin_passwd); if($cookie=~/main_path=([^;\s]+).*/){ $ENV{'HTTP_REFERER'}=$1; }else{print "Set-Cookie: main_path=$ENV{'HTTP_REFERER'}\n"; } $out.="($1)"if($DEBUG); if($in{'a_email'} eq $admin_email and $in{'passwd'} eq $admin_passwd){ print "Set-Cookie: bbs_p=$in{'passwd'}\n"; $reg=1; } $out.="
cook=($cookie)
a_email=($in{'a_email'})
must be=($admin_email)
passwd=($in{'passwd'})
musr be=($admin_passwd)
reg=$reg " if($DEBUG); print "\n"; $out.="".$title; $out.=" "; $file=$bbs_file; &error("Can't find file $file") if(!-e $file); &error("Can't read file $file") if(!-r $file); &error("Can't write file $file") if(!-r $file); &error("$file it's a directory") if(-d $file); ############################################### # Case an action: # ############################################### if ($in{'action'} eq 'add') ############################################### # add # ############################################### { open (F, "<$file.last"); @s_f=stat "$file.last"; read (F,$tmp,$s_f[7]); close F; # print "<$tmp><$in{'text'}>"; goto out1 if($tmp eq $in{'text'}); open (F, ">$file.last")||&error("Can't write file $file.last: $!"); print F $in{'text'}; close F; open (F, ">>$file")||&error("Can't append file $file: $!"); $out.= "

Your message added

\n"; print F "\n\n"; $in{'text'}=~s//>/g; $in{'text'}=~s/\n/
/g; $in{'text'}=~s/\10/ /ge; print F "$nick "; print F 'say:'; print F "\n".(localtime)."\n$in{'uin'}\n$in{'mail'}\n"; # print F ""; print F ""; print F $in{'text'}; print F ""; print F "\n"; close F; out1: {;} } ############################################### # Kill message # ############################################### elsif (defined $in{'kill'}){ if(!($reg)){ $out.= "

You are not allowed to make this

"; goto out3; } $out.="

Remove message with id=$in{'kill'}

"; open (F, "<$file")||&error("Can't read file $file: $!"); $to=0; while (!eof F){ $del[$to]=""; while(!($t=~//)){$t=;goto out4 if(eof F);} $t=; $del[$to].= $t; $t=; $del[$to].= $t; $t=; $del[$to].= $t; $t=; $del[$to].= $t; $t=; $del[$to].= $t; $to++; } out4:{;} close F; $out.= "

Content of message:

".$del[$in{'kill'}]."

\n"; open (F, ">$file")||&error("Can't write file $file: $!"); for($i=0;$i<$to;$i++) {print F "\n\n$del[$i]" if($i!=$in{'kill'});} close F; } ############################################### # Answer message 1 # ############################################### elsif (defined $in{'answer'}){ if(!($reg)){ $out.= "

You are not allowed to make this

"; goto out3; } $out.= "

Your answer to message $in{'answer'}

"; $out.= "

; "; } ############################################### # Answer message 2 # ############################################### elsif ($in{'action'} eq 'answer'){ if(!($reg)){ $out.= "

You are not allowed to make this

"; goto out3; } $out.= "

Writed yor answer

"; open (F, "<$file")||&error("Can't read file $file: $!"); $to=0; while (!eof F){ $add[$to]=""; while(!($t=~//)){$t=;goto out4 if(eof F);} $t=; $add[$to].= $t; $t=; $add[$to].= $t; $t=; $add[$to].= $t; $t=; $add[$to].= $t; $t=; $add[$to].= $t; $to++; } out4:{;} close F; $out.= "

Content of message:

".$add[$in{'id'}]."

\n"; open (F, ">$file")||&error("Can't write file $file: $!"); chop $add[$in{'id'}]; chomp $add[$in{'id'}]; $in{'text'}=~s/\n/
/g; $add[$in{'id'}].="
From administrator:
$in{'text'}\n"; for($i=0;$i<$to;$i++) {print F "\n\n$add[$i]";} close F; } ############################################### # Answer message 2 # ############################################### elsif ($in{'action'} eq 'a_enter'){ $out.= " "; } else ############################################### # Wrong action!!! # ############################################### { # &error("

Warning!!!

Script was called with wrong action"); } out3:{;} ############################################### # Show all messages # ############################################### open (F, "<$file")||&error("Не могу прочитать файл $file: $!"); $to=0; while (!eof F){ $rez[$to]=""; while(!($t=~//)){$t=;goto out2 if(eof F);} $rez[$to].= "\n\n

\n\n

\n"; $t=; $rez[$to].= "$t \n"; $rez[$to].= "	"; $t=; $rez[$to].= "$t \n"; $rez[$to].= "	"; $t=; chomp $t; $rez[$to].= "$t\n " if($t>1000); $t=; chomp $t; $rez[$to].= "MAIL ME \n" if($t=~/@/); $rez[$to].= " [id mesage=$to: Kill Answer]" if($reg); $rez[$to].= "
\n"; $t=; $rez[$to].="$t \n

\n"; $to++; } out2:{;} $out.= "\n

Pages: "; for($i=0;$i<$to;$i++){ if(($i%$m_count)==0) { if($i!=$in{'show'}||!defined $in{'show'}) { $out.= "$i " ;} else {$out.= "$i " ;} } } $out.= " last $m_count" if(!defined $in{'show'}); $out.= "

\n"; if(!defined $in{'show'}){ for($i=$to-$m_count<0?0:$to-$m_count;$i<$to;$i++) {$out.= "\n\n$rez[$i]\n";} }else{ for($i=$in{'show'};$i<$in{'show'}+$m_count;$i++) {$out.= "\n\n$rez[$i]\n";} } close F; $out.= "\n

refresh

Administration Access

"; ############################################### ############################################### # Other functions # ############################################### ############################################### ############################################### # Error # ############################################### sub error{ print "Content-type:text/html\n\n" if(!$header_ok); if(!$_[1]){print "

Error!!!

Please, inform wwwadmin by the email: $admin_email
We are sorry for mistake ";} else { open (F,$_[1])||&error("Can't open $_[1]: $!"); my(@F);@F=; close F; print @F; } exit (1); } ############################################### # Show Template # ############################################### open(F,$template) or &error("Can't open template: $!"); $_o=$/; undef $/; $file_all=; $/=$_o; close F; $out.=""; $file_all=~s//$out/s; # #$ENV{'HTTP_REFERER'}=$in{'ht_ref'} if(defined $in{'ht_ref'}); #$ENV{'HTTP_REFERER'}=~m|(.+/)[^/]*|; #$t=$1; #$file_all=~s/\/\*base//igm; #$file_all=~s/base\*\///igm; #$file_all=~s/#base/$t/igm; #$file_all=~s/(]*>)/$1\n/igm; #$file_all=~s/(]*background\s*=\s*['"]?)([^"' >]*)(['"]?[^>]*>)/"$1".((index($2,'\/')==0 or -1!=index($2,':\/\/'))?$2:$t.$2)."$3"/igme; #$file_all=~s/(]*>)/$1\n/igm; #$file_all=~s/(]*href\s*=\s*['"]?)([^>]*>)/$1$t$2/igm; #$file_all=~s/(]*)($t)mailto/$1mailto/igm; #$file_all=~s/(\.src\s*=\s*['"])/$1$t/igm; #print $file_all; &process_template; sub MethGet { return ($ENV{'REQUEST_METHOD'} eq "GET"); } ############################################### # End Script # ############################################### __END__

Email:
ICQ UIN:
Your Nickname:

Guest Book

Your message added

You are not allowed to make this

Remove message with id=$in{'kill'}

You are not allowed to make this

Your answer to message $in{'answer'}

You are not allowed to make this

Writed yor answer

Please enter the email and password of admin

Warning!!!

Error!!!