#!/usr/bin/perl # Wenn die Ordner so erstellt wurden,wie im File gaestebuch_anleitung.txt beschrieben, # m¸ssen NUR die grossgeschriebenen Worte angepasst werden # URL des G”stebuchscriptes $cgiurl = "http://www.westafrika.org/cgi-bin/forum/guestbook.pl"; # Admin Passwort $admin_pass = "moosi"; # Basis URL denr HTML G”stebuchdateien - ohne "/" am Ende $bookurl = "http://www.westafrika.org/_iu_write/forum"; # bPfad zu HTML G”stebuchdateien - ohne "/" am Ende $base_dir = "E:/wwwroot/westafrika.org/_iu_write/forum"; # G”stebucheintr”ge pro Seite; $entries = 120; # Dateilocking ein/aus; ($lock=0 f¸r Win32) $lock = 1; # HTML erlauben - 0=nein; 1=ja; $html_tags = "1"; # Zeiteinstellung der automatischen Weiterleitung zum G”stebuch zur¸ck in Sekunden $redirect_sec = "3"; # Zeiteinstellung - Zeit hinzuf¸gen = +1 ; abziehen = -1 # Meist nur n–tig zu ”ndern wenn Server ausserhalb der Schweiz steht $fix_time = 0; # entry bgcolor $entry_bg = "#f5deb3"; $font_face = "Verdana, Arial"; # Name der Dateien, kann normalerweise so bleiben $book_file = "guestbook.html"; $id_count = "guest_id.txt"; $page_count = "page_id.txt"; $sample = "sample.html"; # Name der Folgeseiten -> guest-1.html, guest-2.html, etc. # Kann normalerweise so bleiben $sub_page = "guest-"; # Kann normalerweise so bleiben $jump_menu = ""; # G”stebuchbilddateien - Pfad nur anpassen wenn nicht im selben verzeichnis $arrow_img = "point.gif"; $mail_img = "mail.gif"; $url_img = "url.gif"; # E-Mail Benachrichtigung bei Neueintr”gen yes=ja no=nein $notification = "no"; $mailprog = "../bin/formmail.pl"; # Pfad zu Formmail $recipient = "\@westafrika.org"; # Mailadresse des G”stebuchinhabers %required = ( ### Pflichtfelder die ausgef¸llt werden m¸ssen username => "yes", email => "no", url => "no", message => "yes" ); ### Badwortliste mit verbotenen Worten, kann erweitert werden $remove_bad_words = "no"; @bad_words = ("entenkadaver"); ######################################################################### # Ende des Setup, ab hier nichts mehr ver”ndern ######################################################################### &parse_form; if ($FORM{'add'} eq "new") { &check_input; &check_words if ($remove_bad_words eq "yes"); &add_entry; &error("Cannot add entry to guestbook because the comment
<!--begin --> was not found in $book_file") if ($succes != 1); &send_mail if ($notification eq "yes"); &success; } elsif ($FORM{'admin'} eq "enter") { &validation; } elsif ($FORM{'action'} eq "delete") { if ($FORM{'admin'} eq $admin_pass) { &delete_entry; &show_entries; } else { &error('Falsches Passwort eingegeben!'); } } elsif ($FORM{'action'} eq "show") { if ($FORM{'admin'} eq $admin_pass) { &show_entries; } else { &error('Falsches Passwort eingegeben!'); } } else { &error('Unerlaubtes Kommando!'); } sub parse_form { if ($ENV{'REQUEST_METHOD'} eq "GET") { $buffer = $ENV{'QUERY_STRING'}; } else { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); } @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $name =~ tr/+/ /; $name =~ s/%([a-f0-9]{2})/pack("C", hex($1))/egi; $value =~ tr/+/ /; $value =~ s/%([a-f0-9]{2})/pack("C", hex($1))/egi; $value =~ s///g; $value =~ s/^\s+|\s*\n$//g; $value =~ s/ +/ /g; if ($html_tags eq "0") { $value =~ s/<([^>]|\n)*>//g; $value =~ s/<([^>]|\n)*//g; } elsif ($html_tags eq "2") { $value =~ s/\&/\&\;/g; $value =~ s/\"/\"\;/g; $value =~ s//\>\;/g; } $FORM{$name} = $value; } } sub check_input { my($username,$usermail,$userurl,$usermessage); $username = $FORM{'username'}; $usermail = $FORM{'email'}; $userurl = $FORM{'url'}; $FORM{'message'} =~ s/\cM\n/
\n/g; $usermessage = $FORM{'message'}; if ($username !~ /\S/) { if ($required{'username'} eq "yes") { &error('Du hast vergessen das Feld Name auszuf¸llen. Bitte berichtigen Sie dies!'); } $FORM{'username'} = "anonymous"; } if ($usermail !~ /[._a-z0-9-]+\@[._a-z0-9-]+\.[a-z]{2,3}$/i) { if ($required{'email'} eq "yes") { &error('Die E-Mail Adresse ist in einem ung¸ltigen Format! Bitte ausbessern!'); } $FORM{'email'} = ""; } if ($userurl !~ /^http:\/\/[._a-z0-9-]+\.[._a-z0-9-]+/i) { if ($required{'url'} eq "yes") { &error('Die URL ist in einem ung¸ltigen Format! Bitte ausbessern!'); } $FORM{'url'} = ""; } if ($usermessage !~ /\S/) { if ($required{'message'} eq "yes") { &error('Du hast nichts in das Textfeld Eintrag notiert. Bitte ausbessern!'); } $FORM{'message'} = "No Comments"; } } sub check_words { foreach $word (@bad_words) { $FORM{'username'} =~ s/\b$word\b/\#\@\*\%\!/ig; $FORM{'message'} =~ s/\b$word\b/\#\@\*\%\!/ig; } } sub get_host { my ($ip_address,$ip_number,@numbers); if ($ENV{'REMOTE_HOST'}) { $host = $ENV{'REMOTE_HOST'}; } else { $ip_address = $ENV{'REMOTE_ADDR'}; @numbers = split(/\./, $ip_address); $ip_number = pack("C4", @numbers); $host = (gethostbyaddr($ip_number, 2))[0]; } if ($host eq "") { $host = "IP\: $ENV{'REMOTE_ADDR'}"; } else { $host = " $host"; } } sub get_time { my ($min,$hour,$mday,$mon,$year,$wday,@month,@days); @months = ('Januar','Februar','M”rz','April','Mai','Juni','Juli','August','September','Oktober','November','Dezember'); @days = ('Sonntag','Montag','Dienstag','Mittwoch','Donnerstag','Freitag','Samstag'); ($min,$hour,$mday,$mon,$year,$wday) = (localtime(time+($fix_time*3600)))[1,2,3,4,5,6]; $min = "0$min" if ($min < 10); $hour = "0$hour" if ($hour < 10); $mday = "0$mday" if ($mday < 10); $year += 1900; $this_day = ("$days[$wday], $mday $months[$mon] , $year um $hour:$min"); } sub add_entry { my ($remain,$entry_id,$page_num,$page_val,$num_min,$num_max,@lines,@filename,@foundlist,@booklines,@pages_id,@sublines); &get_host; &get_time; if (-e "$base_dir/$id_count") { open (COUNTER,"+<$base_dir/$id_count") || &error("Cannot open ID file $id_count in $base_dir for writing!"); $entry_id = ; } else { open (COUNTER,">$base_dir/$id_count") || &error("Cannot create ID file $id_count in $base_dir. Please check your base directory.","fatal"); $entry_id =1; } close(COUNTER); if (-e "$base_dir/$page_count") { open (PAGES,"+<$base_dir/$page_count") || &error("Cannot open ID file $page_count in $base_dir for writing!"); @pages_id = ; if ($pages_id[0] =~ //) { $last_entry = $1; $total_pages = @pages_id; } else { $last_entry = 0; } } else { open (PAGES,">$base_dir/$page_count") || &error("Cannot create ID file $page_count in $base_dir. Please check your base directory.","fatal"); $last_entry = 0; } close(PAGES); $remain = $entry_id - ($last_entry + $entries); if ($remain > 1) { $remain2 = $entry_id % $entries if ($entry_id > $entries); $remain = 1 if ($remain2 == 1); } if ($remain == 1) { $page_num = $total_pages + 1; $num_min = $last_entry + 1; $num_max = $entry_id-$remain; $page_val = ""; open(FILE,"$base_dir/$book_file"); @lines = ; close(FILE); open(FILE,">$base_dir/$sub_page$page_num\.html") || &error("Cannot create files in $base_dir. Chmod $base_dir to 777!"); print FILE (@lines); close(FILE); opendir(HOMEDIR, "$base_dir"); @filename = readdir(HOMEDIR); closedir(HOMEDIR); @foundlist = grep(/^$sub_page\d+/, @filename); if (-e "$base_dir/$sample") { push (@foundlist,"$sample"); } else { &error("Cannot find sample file $sample in $base_dir"); } foreach $bookpage (@foundlist) { open(SUBPAGE,"$base_dir/$bookpage"); @tmp_lines = ; close(SUBPAGE); if ($bookpage eq "$sample") { open(SUBPAGE,">$base_dir/tmp.html"); $flag = 1; } else { open(SUBPAGE,">$base_dir/$bookpage"); } foreach $line (@tmp_lines) { if ($line =~ /^.*$jump_menu.*/) { ($part1, $part2) = split(/$jump_menu\s*/,$line); print SUBPAGE "$part1"; print SUBPAGE "$jump_menu\n"; print SUBPAGE "$page_val\n"; print SUBPAGE (@pages_id) if ($flag ==1); print SUBPAGE "$part2"; $thread = 1; $flag = 0; } else { print SUBPAGE "$line"; } } close(SUBPAGE); &error("Cannot add entry to guestbook because the html tag
$jump_menu was not found in some guestbook files.") if ($thread != 1); $thread = 0; } open (PAGES,"+<$base_dir/$page_count"); @sublines = ; seek(PAGES,0,0); print PAGES "$page_val\n"; print PAGES (@sublines); close(PAGES); open(FILE,"$base_dir/tmp.html") || &error("Internal error!
Cannot open tmp.html in $base_dir"); } else { open(FILE,"$base_dir/$book_file") || &error("Cannot find $book_file in $base_dir"); } @booklines = ; close(FILE); open(FILE,">$base_dir/$book_file") || &error("The directory $base_dir requires mode 777!"); flock(FILE,2) if ($lock == 1); foreach $line (@booklines) { if ($line =~ /^.*.*/) { ($part1, $part2) = split(/\s*/,$line); print FILE "$part1"; print FILE "\n"; print FILE "\n"; print FILE "\n\n"; print FILE "\n"; print FILE ""; if ($FORM{'email'}) { print FILE "\n"; print FILE "\n"; } if ($FORM{'url'}) { print FILE "\n"; print FILE "\n"; } print FILE "
$entry_id)$FORM{'username'}
E-Mail von $FORM{'username'}
Homepage
\n\n"; print FILE "$FORM{'message'}
\n"; print FILE "$this_day\n"; print FILE "\n"; print FILE "$part2"; $succes = 1; } else { print FILE "$line"; } } close(FILE); unlink("$base_dir/tmp.html") if ($remain == 1); if ($succes == 1) { open (COUNTER,">$base_dir/$id_count"); flock(COUNTER,2) if ($lock == 1) ; $entry_id ++; print COUNTER "$entry_id"; close(COUNTER); } } sub success { print "Content-type: text/html\n\n"; print < °westafrika.org - diskussionsFORUM°
diskussionsFORUM
Danke $FORM{'username'} für deinen eintrag ind diskussionsFORUM.

Dein Eintrag wurde in das diskussionsFORUM aufgenommen!
Du wirst nun in $redirect_sec Sekunden automatisch zum diskussionsFORUM zur¸ckgeleitet.
Klicke hier wenn dein Browser keine automatische Weiterleitung unterstützt.
SuccessHTML exit (0); } sub validation { if ($FORM{'password'} eq $admin_pass) { &show_entries; } elsif ($FORM{'password'} eq "") { &enterpass('Bitte das Passwort eingeben:'); } else { &enterpass('Das Passwort ist leider falsch, bitte berichtigen und erneut versuchen.'); } } sub show_entries { my ($entry_num,$found,@filename,@foundlist); unless (@lines >0) { if ($FORM{'page'} !~ /$sub_page\d+\.html/) { open(FILE,"$base_dir/$book_file"); $FORM{'page'} = $book_file; } else { open(FILE,"$base_dir/$FORM{'page'}"); } @lines = ; close(FILE); } print "Content-type: text/html\n\n"; print < °westafrika.org - administration°
Administration
\n \n"; $entry_num=0; $found=0; foreach $line (@lines) { if ($line =~ /^.*.*/ && $found==0) { $entry_num = $1; ($part1, $part2) = split(/\s*/,$line); print "\n"; print $part2 if($part2); $found=1; next; } elsif ($line =~ /^.*.*/) { ($part3, $part4) = split(/\s*/,$line); print $part3 if($part3); if ($part4 =~ /.*/) { $entry_num = $1; ($part5,$part6) = split(/\s*/,$part4); print "\n"; print $part6 if($part6); $found=1; next; } $entry_num=0; $found=0; next; } elsif ($found==1) { print $line; } } print "
\n"; print " \n
Gewählte Seite:
 Aktion:
 Eintrags ID:
 Passwort:
 Gehe zu Seite:
Header opendir(HOMEDIR, "$base_dir"); @filename = readdir(HOMEDIR); closedir(HOMEDIR); @foundlist = grep(/^$sub_page\d+/, @filename); print " \n
\n
\n"; print " \n
ID: $entry_num 
ID: $entry_num 
\n"; print " \n
\n\n\n"; exit (0); } sub delete_entry { my ($found); if ($FORM{'page'} !~ /$sub_page\d+\.html/) { open(FILE,"$base_dir/$book_file"); $FORM{'page'} = $book_file; } else { open(FILE,"$base_dir/$FORM{'page'}"); } @lines = ; close(FILE); $found=0; foreach $line (@lines) { if ($line =~ /^.*.*/) { ($part1, $part2) = split(/\s*/,$line); if ($part1) { $line="$part1"; } else { $line=""; } $found=1; next; } elsif ($line =~ /^.*.*/) { ($part3, $part4) = split(/\s*/,$line); if ($part4) { $line="$part4"; } else { $line=""; } last; } elsif ($found==1) { $line = ""; } } if ($found==1) { open(FILE,">$base_dir/$FORM{'page'}"); flock(FILE,2) if ($lock == 1); print FILE (@lines); close(FILE); } } sub send_mail { open (MAIL, "|$mailprog -t"); print MAIL "To: $recipient\n"; print MAIL "From: $FORM{'username'}\n"; print MAIL "Betreff: Neuer Eintrag im diskussionsFORUM\n"; print MAIL "Reply-to: $FORM{'username'} ($FORM{'email'})\n"; print MAIL "Du hast einen neuen Eintrag im diskussionsFORUM:\n\n"; print MAIL "Von:$FORM{'username'}\n"; print MAIL "$FORM{'message'}\n"; print MAIL "$this_day"; close (MAIL); } sub enterpass { print "Content-type: text/html\n\n"; print < °westafrika.org - administration°
diskussionsFORUM - Administration  
diskussionsFORUM - Administration
Bitte das Administratorpasswort eingeben!		 Zurück zum diskussionsFORUM | Eintrag im diskussionsFORUM
$_[0]
Passwort:
 
ENTERHTML exit (0); } sub error { print "Content-type: text/html\n\n"; print < diskussionsFORUM - Error
diskussionsFORUM - Error  
$_[0] Zurück zum Eintragsformular | Zurück zum diskussionsFORUM

ErrorHTML if ($_[1] eq "fatal") { print "\n"; print "\n \n \n"; foreach $key (sort keys %ENV) { print " \n \n \n \n"; } print "
Environment Variablen
$key$ENV{$key} 
\n"; } print "\n\n"; exit (0); }