#!/usr/bin/perl $version = 'CSGuestbook.cgi - 1.6 - 052502'; $basepath = './'; # optional bad word filter.. enter words to filter in the array below. Add as many words as you like: @bad = ('badword1','badword2','badword3','badword3'); #word to replace the bad words with $rw = '&^#$%'; # ##################################################################### # # # Copyright © 1999-2000 CGISCRIPTS.NET - All Rights Reserved # # # ##################################################################### # # # THIS COPYRIGHT INFORMATION MUST REMAIN INTACT # # AND MAY NOT BE MODIFIED IN ANY WAY # # # ##################################################################### # # When you downloaded this script you agreed to accept the terms # of this Agreement. This Agreement is a legal contract, which # specifies the terms of the license and warranty limitation between # you and CGISCRIPTS.NET. You should carefully read the following # terms and conditions before installing or using this software. # Unless you have a different license agreement obtained from # CGISCRIPTS.NET, installation or use of this software indicates # your acceptance of the license and warranty limitation terms # contained in this Agreement. If you do not agree to the terms of this # Agreement, promptly delete and destroy all copies of the Software. # # Versions of the Software # Only one copy of the registered version of CGISCRIPTS.NET # may used on one web site. # # License to Redistribute # Distributing the software and/or documentation with other products # (commercial or otherwise) or by other than electronic means without # CGISCRIPTS.NET's prior written permission is forbidden. # All rights to the CGISCRIPTS.NET software and documentation not expressly # granted under this Agreement are reserved to CGISCRIPTS.NET. # # Disclaimer of Warranty # THIS SOFTWARE AND ACCOMPANYING DOCUMENTATION ARE PROVIDED "AS IS" AND # WITHOUT WARRANTIES AS TO PERFORMANCE OF MERCHANTABILITY OR ANY OTHER # WARRANTIES WHETHER EXPRESSED OR IMPLIED. BECAUSE OF THE VARIOUS HARDWARE # AND SOFTWARE ENVIRONMENTS INTO WHICH CGISCRIPTS.NET MAY BE USED, NO WARRANTY # OF FITNESS FOR A PARTICULAR PURPOSE IS OFFERED. THE USER MUST ASSUME THE # ENTIRE RISK OF USING THIS PROGRAM. ANY LIABILITY OF CGISCRIPTS.NET WILL BE # LIMITED EXCLUSIVELY TO PRODUCT REPLACEMENT OR REFUND OF PURCHASE PRICE. # IN NO CASE SHALL CGISCRIPTS.NET BE LIABLE FOR ANY INCIDENTAL, SPECIAL OR # CONSEQUENTIAL DAMAGES OR LOSS, INCLUDING, WITHOUT LIMITATION, LOST PROFITS # OR THE INABILITY TO USE EQUIPMENT OR ACCESS DATA, WHETHER SUCH DAMAGES ARE # BASED UPON A BREACH OF EXPRESS OR IMPLIED WARRANTIES, BREACH OF CONTRACT, # NEGLIGENCE, STRICT TORT, OR ANY OTHER LEGAL THEORY. THIS IS TRUE EVEN IF # CGISCRIPTS.NET IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO CASE WILL # CGISCRIPTS.NET' LIABILITY EXCEED THE AMOUNT OF THE LICENSE FEE ACTUALLY PAID # BY LICENSEE TO CGISCRIPTS.NET. # # Credits: # # Andy Angrick - Programmer - andy@cgiscript.net # Mike Barone - Developer - mike@cgiscript.net # # For information about this script or other scripts see # http://www.cgiscript.net # # Thank you for trying out our script. # If you have any suggestions or ideas for a new innovative script # please direct them to suggest@cgiscript.net. Thanks. # # ######################################################################## # Config Variables # ######################################################################## (! -e "$basepath/setup.cgi")?($nosetup=1):(require("$basepath/setup.cgi")); (!$htmlpath)&&($htmlpath = $cgipath); (!$htmlurl)&&($htmlurl = $cgiurl); ##config variables $dd = 'Guestbook'; $in{'cgiurl'} = $cgiurl.'/csGuestbook.cgi';$in{'cgiurl'} =~s/([^:])\/\//$1\//g; $in{'imageurl'} = $htmlurl.'/images';$in{'imageurl'} =~s/([^:])\/\//$1\//g; $in{'imagepath'} = $htmlpath.'/images';$in{'imagepath'} =~s/([^:])\/\//$1\//g; $in{'exportpath'} = $htmlpath.'/lists';$in{'exportpath'} =~s/([^:])\/\//$1\//g; $in{'exporturl'} = $htmlurl.'/lists';$in{'exporturl'} =~s/([^:])\/\//$1\//g; $in{'htmlurl'} = $htmlurl; $edd = $dd.'.db'; $edd =~ s/([^\w&=\.])/'%'.sprintf("%.2x",ord($1))/ge; $in{'cinfo'} = qq|

Powered by csGuestbook - © 2000,2001 CGIScript.net |; ######################################################################## # End Config Variables # ######################################################################## require("$basepath/libs.cgi"); $| = 1; eval { &main; }; if ($@) { &cgierr("Error: $@"); } exit; sub main{ &getdata; ($in{'command'} ne "manage")&&(!$in{'database'})&&($in{'database'} = 'Guestbook.db'); $in{'database'} =~ s/%(..)/pack("c",hex($1))/ge; $in{'database'} =~ s/([^\w&=\.])/'%'.sprintf("%.2x",ord($1))/ge; ($in{'command'} eq "showtext")&&($go=1)&&(&ShowText); print "Content-type: text/html\n\n"; (!$in{'format'})&&($in{'format'} = 't_entry.htm'); ($in{'command'} eq "view")&&($go=1)&&(&View); ($in{'command'} eq '')&&($nosetup)&&(&Setup); ($in{'command'} eq '')&&(!$nosetup)&&(&View); ($in{'command'} eq "add")&&($go=1)&&(&Add); ($in{'command'} eq "sign")&&($go=1)&&(&ShowAdd); ($in{'command'} eq 'login')&&(&Login); ($in{'command'} eq 'savesetup')&&(($nosetup)?(&SaveSetup):(&PError("Error. Permission denied."))); #all require password below &GetLogin; ($in{'command'} eq "manage")&&($go=1)&&(&ShowMan); ($in{'command'} eq "showmodify")&&($go=1)&&(&ShowModify); ($in{'command'} eq "savechanges")&&($go=1)&&(&SaveChanges); ($in{'command'} eq "delete")&&($go=1)&&(&Delete); ($in{'command'} eq "showadv")&&($go=1)&&(&ShowAdv); ($in{'command'} eq "setstyles")&&($go=1)&&(&SetStyles); ($in{'command'} eq "deletedb")&&($go=1)&&(&DeleteDB); ($in{'command'} eq "showadddb")&&($go=1)&&(&ShowAddDB); ($in{'command'} eq "addguestdb")&&($go=1)&&(&AddGuestDB); ($in{'command'} eq "showcolor")&&($go=1)&&(&ShowColor); ($in{'command'} eq "setcolor")&&($go=1)&&(&SetColor); ($in{'command'} eq "expire")&&($go=1)&&(&Expire); (!$go)&&(print "No command specified.."); } sub Login{ &PageOut("$htmlpath/t_login.htm"); exit; } sub GetLogin{ &GetCookies; $in{'UserName'} = $cookie{'UserName'}; $in{'PassWord'} = $cookie{'PassWord'}; if(!$in{'UserName'}){ &PageOut("$htmlpath/t_login.htm"); exit; } else{ (($in{'UserName'} ne $username)||(($in{'PassWord'} ne $password)))&&(&PError("Error. Invalid username or password")); } } sub AddGuestDB{ (!$in{'guestdb'})&&(&PError("Error. Please Enter a Database Name.")); $in{'guestdb'} .= '.db'; $in{'guestdb'} =~ s/([^\w&=\.])/'%'.sprintf("%.2x",ord($1))/ge; (-e $in{'guestdb'})&&(&PError("Error. Database already exists. Please use another name.")); open(NEWS,">$htmlpath/$in{'guestdb'}"); close NEWS; print <<"EOF"; EOF exit; } sub ShowColor{ $in{'c'.$in{'cc'}} = checked; &PageOut("$htmlpath/color_selector.htm"); exit; } sub SetColor{ (-e "$htmlpath/$in{'database'}.style")?($dbs = "$htmlpath/$in{'database'}.style"):($dbs = "$htmlpath/styles.pl"); open(ADV,"<${dbs}"); open(TMP,">$htmlpath/$in{'database'}.style.tmp"); while(){ (!/'\$in{'$in{'fieldname'}'}'/)&&(!/1;/)&&(print TMP $_); } $in{'colorselect'} =~ s/[\\\"]//g; print TMP "\$in{'$in{'fieldname'}'} = \"$in{'colorselect'}\";\n1;\n"; close ADV; close TMP; @fi = stat("$htmlpath/$in{'database'}.style.tmp"); rename("$htmlpath/$in{'database'}.style.tmp","$htmlpath/$in{'database'}.style") unless ($fi[7] < 1); print <<"EOF"; EOF exit; } sub ShowAddDB{ &PageOut("${htmlpath}/t_adddb.htm"); exit; } sub DeleteDB{ unlink("$htmlpath/$in{'database'}"); print <<"EOF"; EOF exit; } sub ShowText{ print "Content-type: text/plain\n\n"; print "Guestbook Entries\n"; print "===========================================================================\n\n"; open(DB,"<$htmlpath/$in{'database'}")||die print "$!: $htmlpath/$in{'database'}"; while(){ chomp; ($id,$icon,$name,$email,$comments,$date) = split("\t",$_); $date = &ctime($date); &unescape(*comments); $comments =~ s/%%(\d+)/[image]/g; ###add line breaks $comments =~ s/(.{50,64})\s/$1\n/g; &unescape(*name); &unescape(*email); $date =~ s/\/ /gi; $date =~ s/\n/ /gi; print <<"EOF"; Date: $date Name: $name Email: $email $comments =========================================================================== EOF } close DB; exit; } sub SetStyles{ if($in{'rd'} eq ' Reset Defaults '){ unlink("$htmlpath/$in{'database'}.style"); print<<"EOF"; EOF } open(STYLES,">$htmlpath/$in{'database'}.style")||die print "$!: $htmlpath/$in{'database'}.style"; foreach $i (keys(%in)){ next if (($i eq 'command')||($i eq 'cgiurl')); next if (($i eq 'basemanageurl')||($i eq 'cinfo')); next if (($i eq 'database')||($i eq 'imagedir')); next if (($i eq 'imagerealdir')||($i eq 'images2')); next if (($i eq 'format')||($i eq 'managementname')); next if (($i eq 'managementuser')||($i eq 'managementemail')); next if (($i eq 'exportdir')||($i eq 'managementemail')); $in{$i} =~ s/\\//g; $in{$i} =~ s/\@/\\\@/g; $in{$i} =~ s/\"/\\\"/g; print STYLES "\$in{'$i'}=\"$in{$i}\";\n"; } print STYLES "1;\n"; close STYLES; print<<"EOF"; EOF exit; } sub ShowAdd{ &GetAdvSettings; ($in{'dui'} eq 'checked')&&($in{'duis'}=''); &GetCookies; $cookie{'name'} =~ s/%(..)/pack("c",hex($1))/ge; $cookie{'email'} =~ s/%(..)/pack("c",hex($1))/ge; $in{'name'} = $cookie{'name'}; $in{'email'} = $cookie{'email'}; (!$in{'icon'})&&($in{'icon1'} = 'checked'); &GetImages; $in{'command'} = 'add'; ($in{'header'})&&(&PageOut("$htmlpath/$in{'header'}")); ($in{'template'})?(&InsertPage($in{'template'},"$htmlpath/t_sign_guestbook.htm")):(&PageOut("$htmlpath/t_sign_guestbook.htm")); ($in{'footer'})&&(&PageOut("$htmlpath/$in{'footer'}")); exit; } sub GetImages{ $tr = 1; opendir(IMG,"$in{'imagepath'}"); @imagefiles = grep(/.gif/,readdir(IMG)); closedir(IMG); #$in{'iline'} = ""; foreach $i (@imagefiles){ ($ic) = $i =~ /(.*)\.gif$/; ($ino) = $ic; $ino =~ s/\D//g; ($tr++)&&($tr == 2)&&($in{'iline'} .= ""); $in{'iline'} .= " $ino "; ($tr == 11)&&($tr = 1)&&($in{'iline'} .= ""); } ($tr < 11)&&($in{'iline'} .= ""); } sub ShowAdv{ &GetAdvSettings; &PageOut("$htmlpath/t_guestbook_advanced_settings.htm"); exit; } sub GetAdvSettings{ local($ud) = @_; if($ud eq 'ud'){ (-e "$htmlpath/$in{'database'}.style")&&(require "$htmlpath/$in{'database'}.style"); $df = $in{'dateformat'}; require "$htmlpath/styles.pl"; $in{'dateformat'} = $df; $defstyle=1; } elsif(-e "$htmlpath/$in{'database'}.style"){ require "$htmlpath/$in{'database'}.style"; } else{ require "$htmlpath/styles.pl"; $defstyle=1; } $in{'c1headingcellcolor'.$in{'c1headingcellcolortxt'}} = "selected"; $in{'c2headingcellcolor'.$in{'c2headingcellcolortxt'}} = "selected"; $in{'c3headingcellcolor'.$in{'c3headingcellcolortxt'}} = "selected"; $in{'c4headingcellcolor'.$in{'c4headingcellcolortxt'}} = "selected"; $in{'c1headingcolor'.$in{'c1headingcolortxt'}} = "selected"; $in{'c2headingcolor'.$in{'c2headingcolortxt'}} = "selected"; $in{'c3headingcolor'.$in{'c3headingcolortxt'}} = "selected"; $in{'c4headingcolor'.$in{'c4headingcolortxt'}} = "selected"; $in{'seltEvenCellColorText'.$in{'tEvenCellColorText'}} = "selected"; $in{'seltOddCellColorText'.$in{'tOddCellColorText'}} = "selected"; $in{'selBackgroundColorText'.$in{'BackgroundColorText'}} = "selected"; $in{$in{'entryorder'}} = "checked"; $in{'evenentrycolor'.$in{'evenentrycolortxt'}} = "selected"; $in{'oddentrycolor'.$in{'oddentrycolortxt'}} = "selected"; $in{'signcolortxt'.$in{'signcolortxt'}} = "selected"; $in{$in{'signtype'}} = "checked"; $in{'d'.$in{'dateformat'}} = "checked"; ($in{'signtype'} eq 'text')?($in{'sign'} = "$in{'signtext'}"):($in{'sign'} = "

"); } sub View{ $flip=1; &GetAdvSettings; ($in{'dge'})&&(&Expire); &GetCookies; ($in{'dui'} eq 'checked')&&($in{'duis'}=''); open(TMP,"<$htmlpath/$in{'format'}")||die print "$!: $htmlpath/$in{'format'}"; while(){ $linktmp .= $_; } close TMP; open(DB,"<$htmlpath/$in{'database'}"); (!$in{'page'})&&($in{'page'} = 1); $start = ($in{'page'}*$in{'entriesperpage'})-$in{'entriesperpage'}; $end = $start + $in{'entriesperpage'}; while(){ chomp; ($id,$icon,$name,$email,$comments,$date,$dos) = split("\t",$_); next if ($dos eq 'N'); $count++; if(($count > $start) & ($count <= $end)){ &unescape(*comments); $iu = $in{'imageurl'}; $comments =~ s/%%(\d+)//g; &unescape(*name); &unescape(*email); $comments =~ s/\n/
/g; ($email)&&($email = "$email
"); ($icon)?($in{'icon'} = ""):($in{'icon'} = '°'); $in{'name'} = $name; $in{'email'} = $email; $in{'comments'} = $comments; $in{'date'} = &ctime($date); $in{'lrb'} = ''; $in{'lre'} = ''; ($date >= $cookie{'lastread'})?(($in{'lrb'} = "")&&($in{'lre'} = "")):(($in{'lrb'} = '')&&($in{'lre'} = '')); $line = $linktmp; if($flip ==1 ){ $in{'entrysize'} = $in{'evenentrysize'}; $in{'entrycolor'} = $in{'evenentrycolortxt'}; $in{'entryface'} = $in{'evenentryface'}; $in{'rowcolor'} = $in{'tEvenCellColorText'}; } else{ $in{'entrysize'} = $in{'oddentrysize'}; $in{'entrycolor'} = $in{'oddentrycolortxt'}; $in{'entryface'} = $in{'oddentryface'}; $in{'rowcolor'} = $in{'tOddCellColorText'}; } $flip = $flip * -1; $line =~ s/in\((\w+)\)/$in{$1}/g; $in{'line'} .= $line; }#end 10up } close DB; (!$in{'line'})&&($in{'line'} = "No entries in guestbook."); &GetNlinks; $in{'count'} = $count; (!$in{'count'})&&($in{'count'} = '0'); $in{'lastread'} = time; ($in{'header'})&&(&PageOut("$htmlpath/$in{'header'}")); ($in{'template'})?(&InsertPage($in{'template'},"$htmlpath/t_guestbook.htm")):(&PageOut("$htmlpath/t_guestbook.htm")); ($in{'footer'})&&(&PageOut("$htmlpath/$in{'footer'}")); exit; } sub GetNlinks{ ((!$in{'page'})||($in{'lpage'} < 0))&&($in{'lpage'} = 1); $nstart = ($in{'lpage'}+10)-10; $nend = $nstart + 10; $sstring = "command=$in{'command'}&database=$in{'database'}&format=$in{'format'}&query=$in{'query'}"; $sstring =~ s/([^\w&=])/'%'.sprintf("%.2x",ord($1))/ge; $npages = int($count/$in{'entriesperpage'}); (($count/$in{'entriesperpage'}) > $npages)&&($npages++); #print "S: $nstart E: $nend Total # pages: $npages
"; for $i (1..$npages){ if(($i > $nstart) & ($i <= $nend)){ ($i eq $in{'page'})?($link .= " $i "):($link .= " $i "); } } $nend; $pend = $nend - 20; ($npages > $nend)&&($link .= " [Next] "); ($nend > 11)&&($link = " [Prev] " . $link); $link .= ""; #print "$link
"; $link = "Result Pages: " . $link; $in{'link'} = $link; } sub Delete{ open(DB,"<$htmlpath/$in{'database'}"); flock(DB,2); open(DBT,">$htmlpath/$in{'database'}.tmp"); select(DB);$|=1;select(STDOUT); select(DBT);$|=1;select(STDOUT); while(){ $out = $_; $count++; chomp; @fields = split("\t",$_); ($fields[0] ne $in{'id'})&&(print DBT $out); } close DB; close DBT; @fi = stat("$htmlpath/$in{'database'}.tmp"); rename("$htmlpath/$in{'database'}.tmp","$htmlpath/$in{'database'}") unless (($fi[7] < 1)&&($count > 1)); print<<"EOF"; EOF } sub Expire{ return if (!$in{'database'}); if(-e "expire.go"){ @s = stat("expire.go"); @et = localtime($s[9]); @t = localtime(time); ($et[3] == $t[3])&&(return); } open(DB,"<$htmlpath/$in{'database'}"); flock(DB,2); open(DBT,">$htmlpath/$in{'database'}.tmp"); select(DB);$|=1;select(STDOUT); select(DBT);$|=1;select(STDOUT); while(){ $out = $_; chomp; @fields = split("\t",$_); $age = time - $fields[5]; $life = $in{'dge'}*86400; ($age < $life)&&(print DBT $out); } close DB; close DBT; @fi = stat("$htmlpath/$in{'database'}.tmp"); rename("$htmlpath/$in{'database'}.tmp","$htmlpath/$in{'database'}") unless (($fi[7] < 1)&&($count > 1)); open(GO,">$htmlpath/expire.go"); close GO; } sub SaveChanges{ &Filter; #unescape the variables $in{'comments'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'name'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'email'} =~ s/&#(\d+);/pack("c",$1)/ge; #escape the variables $in{'comments'} =~ s/([^\w]|[\n])/'&#'.ord($1).';'/ge; $in{'name'} =~ s/([^\w]|[\n])/'&#'.ord($1).';'/ge; $in{'email'} =~ s/([^\w]|[\n])/'&#'.ord($1).';'/ge; open(DB,"<$htmlpath/$in{'database'}"); flock(DB,2); open(DBT,">$htmlpath/$in{'database'}.tmp"); select(DB);$|=1;select(STDOUT); select(DBT);$|=1;select(STDOUT); while(){ $count++; chomp; @fields = split("\t",$_); $newline = "$in{'id'}\t$in{'MsgIcon'}\t$in{'name'}\t$in{'email'}\t$in{'comments'}\t$in{'date'}\t$in{'dos'}\n"; ($fields[0] ne $in{'id'})?(print DBT "$_\n"):(print DBT $newline); } close DB; close DBT; @fi = stat("$htmlpath/$in{'database'}.tmp"); rename("$htmlpath/$in{'database'}.tmp","$htmlpath/$in{'database'}") unless (($fi[7] < 1)&&($count > 1)); close DB; print<<"EOF"; EOF } sub ShowModify{ &GetAdvSettings; ($in{'dui'} eq 'checked')&&($in{'duis'}=''); open(DB,"<$htmlpath/$in{'database'}"); while(){ chomp; ($idt,$in{'icon'},$in{'name'},$in{'email'},$in{'comments'},$in{'date'},$in{'dos'}) = split("\t",$_); ($in{'id'} eq $idt)&&($found=1)&&(last); } $in{'command'} = 'savechanges'; ($in{'icon'} eq 'nographic')&&($in{'nographic'} = 'checked'); ($ic) = $in{'icon'} =~ /(.*)\..../; $in{$ic} = 'checked'; $in{'sdos'.$in{'dos'}} = 'checked'; &GetImages; $in{'mdos'} = qq|
Approved for Display Yes No
|; ($found)?(&PageOut("$htmlpath/t_sign_guestbook.htm")):(print "Error..no record found."); exit; } sub Add{ &GetAdvSettings; (!$in{'name'})&&(&PError("Error. Please enter a name.")); (!$in{'email'})&&(&PError("Error. Please enter your email address.")); ($in{'email'})&&(!&validemail($in{'email'}))&&(&PError("Error. Invalid email address.")); (!$in{'comments'})&&(&PError("Error. Please enter your comments.")); ($in{'mlength'})&&(length($in{'comments'}) > $in{'mlength'})&&(&PError("Error. Messsages must be less than $in{'mlength'} characters.")); &Filter; #escape the variables $in{'ename'} = $in{'name'}; $in{'eemail'} = $in{'email'}; $in{'ename'} =~ s/([^\w&=])/'%'.sprintf("%.2x",ord($1))/ge; $in{'eemail'} =~ s/([^\w&=])/'%'.sprintf("%.2x",ord($1))/ge; $in{'name'} =~ s/([^\w]|[\n])/'&#'.ord($1).';'/ge; $in{'email'} =~ s/([^\w]|[\n])/'&#'.ord($1).';'/ge; $in{'comments'} =~ s/([^\w]|[\n])/'&#'.ord($1).';'/ge; ###get highest id open(DB,"<$htmlpath/$in{'database'}"); while(){ @fields = split("\t",$_); ($fields[0] > $id)&&($id = $fields[0]); } close DB; $id++; ##save the record $today = time; ($in{'approvesub'})?($dos='N'):($dos='Y'); $newline = "$id\t$in{'MsgIcon'}\t$in{'name'}\t$in{'email'}\t$in{'comments'}\t$today\t$dos\n"; if($in{'entryorder'} eq 'FIRST'){ open(DB,"<$htmlpath/$in{'database'}"); flock(DB,2); open(DBT,">$htmlpath/$in{'database'}.tmp"); print DBT $newline; while(){ print DBT $_; } close DB; close DBT; @fi = stat("$htmlpath/$in{'database'}.tmp"); rename("$htmlpath/$in{'database'}.tmp","$htmlpath/$in{'database'}") unless (($fi[7] < 1)&&($count > 1)); } else{ open(DB,">>$htmlpath/$in{'database'}"); flock(DB,2); print DB $newline; close DB; } ($script eq 'management')?($tcom = 'manage'):($tcom = ''); if($in{'docatalog'} eq 'checked'){ $in{'email'} =~ s/&#(\d+);/pack("c",$1)/ge; open(EMAIL,">>$in{'exportpath'}/$in{'database'}.export")||print "$!:$in{'exportpath'}/$in{'database'}.export
"; print EMAIL "$in{'email'}\n"; close EMAIL; &CleanUp("$in{'exportpath'}/$in{'database'}.export"); } ($in{'emailnotification'} eq 'checked')&&(&SendNotify); ($in{'autoresponse'} eq 'checked')&&(&SendAuto); $lastread=time; ($in{'approvesub'})?($mess='Your entry has been submitted for approval.'):($mess='The entry has been added.'); print<<"EOF"; EOF exit; } sub SendNotify{ ##load in environment variables; foreach $i (keys(%ENV)){ $in{$i} = $ENV{$i}; } $in{'guestbook'} = $in{'database'}; $in{'guestbook'} =~ s/\.db//; $in{'message'} = $in{'comments'}; ##replace variables $in{'emailnotificationsubject'} =~ s/FORM\((\w+)\)/$in{$1}/g; $in{'emailnotificationmessage'} =~ s/FORM\((\w+)\)/$in{$1}/g; $in{'autoresponsesubject'} =~ s/FORM\((\w+)\)/$in{$1}/g; $in{'autoresponsemessage'} =~ s/FORM\((\w+)\)/$in{$1}/g; $in{'emailnotificationsubject'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'emailnotificationmessage'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'autoresponsesubject'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'autoresponsemessage'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'email'} =~ s/&#(\d+);/pack("c",$1)/ge; open(MAIL,"|$sendmail -t"); print MAIL <<"EOF"; To: $in{'emailnotificationemail'} From: $in{'email'} Subject: $in{'emailnotificationsubject'} $in{'emailnotificationmessage'} $cc EOF close MAIL; } sub SendAuto{ open(MAIL,"|$sendmail -t"); print MAIL <<"EOF"; To: $in{'email'} From: $in{'autoresponsefrom'} Subject: $in{'autoresponsesubject'} $in{'autoresponsemessage'} $cc EOF close MAIL; } sub ShowMan{ &GetAdvSettings('ud'); ($in{'dge'})&&(&Expire); &GetDatabases; $in{'entrysize'} = $in{'evenentrysize'}; $in{'entrycolor'} = $in{'evenentrycolortxt'}; $in{'entryface'} = $in{'evenentryface'}; $in{'rowcolor'} = $in{'tEvenCellColorText'}; open(TMP,"<$htmlpath/$in{'format'}")||die print "$!: $htmlpath/$in{'format'}"; while(){ $linktmp .= $_; } close TMP; open(DB,"<$htmlpath/$in{'database'}"); (!$in{'page'})&&($in{'page'} = 1); $start = ($in{'page'}*10)-10; $end = $start + 10; while(){ chomp; ($id,$icon,$name,$email,$comments,$date,$dos) = split("\t",$_); #($dos eq 'N')?($in{'entrycolor'}='FF0000'):($in{'entrycolor'}='000000'); ($dos eq 'N')?($in{'lrb'}=''):($in{'lrb'}=''); ($dos eq 'N')?($in{'rowcolor'}='FF9999'):($in{'rowcolor'}=$in{'tEvenCellColorText'}); $count++; if(($count > $start) & ($count <= $end)){ &unescape(*comments); &unescape(*name); &unescape(*email); $comments =~ s/\n/
/g; $iu = $in{'imageurl'}; $comments =~ s/%%(\d+)//g; ($email)&&($email = "$email
"); $in{'icon'} = "

"; $in{'name'} = $name; $in{'email'} = $email; $in{'comments'} = $comments; $in{'date'} = &ctime($date); $line = $linktmp; $line =~ s/in\((\w+)\)/$in{$1}/g; $in{'line'} .= $line; }#end 10up } close DB; (!$in{'line'})&&($in{'line'} = "No entries in guestbook."); &GetNlinks; $in{'count'} = $count; (!$in{'count'})&&($in{'count'} = '0'); ($in{'catalog'})&&($catalog="View Captured Email Addresses"); $in{'managebuttons'} ="
$catalog
Advanced Settings Plain Text View of Entries

"; $in{'nos1'} = "
Select A Guestbook Database
"; $in{'ssiurl'} = "$in{'cgiurl'}?database=$in{'database'}&command=view"; $in{'preview'} = "
Use the following URL to view the current guestbook on your website (hint: you can cut/paste this onto your page):


"; $in{'exporturl'} = $in{'exporturl'}.'/'.$in{'database'}.'.export'; $in{'exporturl'} =~ s/%/%25/g; $in{'c1heading'} = 'Action'; &PageOut("$htmlpath/t_manage.htm"); #&PageOut("$htmlpath/t_manage_gb.htm"); } sub GetDatabases{ opendir(IMG,"$htmlpath"); @dbfiles = grep(/db$/,readdir(IMG)); closedir(IMG); $dfound=0; foreach $i (sort @dbfiles){ $seldb=''; $dbo = $i; $dbo =~ s/%(..)/pack("c",hex($1))/ge; $dbo =~ s/\.db//g; (!$in{'database'})&&($seldb='selected')&&($in{'database'} = $i)&&($dfound=1); ($i eq $in{'database'})&&($seldb = 'selected'); $in{'databases'} .= "\n"; } (!$dfound)&&(!$in{'databases'})&&($in{'database'} = $edd)&&($in{'databases'} = ""); } sub SortList{ open(DB,"<$htmlpath/$in{'database'}")||die print "$!"; while ($in = ){ $count++; ($idt,$title,$url) = split("\t",$in); ($sort) = $title =~ /(.{1,8}).*/; $sort =~ tr/a-z/A-Z/; $lines{$sort.$count}=$in; } close DB; open(DB,">$htmlpath/$in{'database'}")||die print "$!"; foreach $o (sort keys(%lines)){ print DB $lines{$o} unless $lines{$o} le " "; } close DB; } sub CleanUp{ local($list) =@_; local($i,%m); open(LST,"<$list"); while(){ $m{$_} = 1; } close LST; open(LST,">$list"); foreach $i (keys(%m)){ print LST $i; } close LST; } sub validemail { $email = $_[0]; if ($email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/ || $email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/) { return 0; } else { return 1; } } sub unescapearray{ local(*var) = @_; foreach $i (keys (%var)){ $var{$i} =~ s/&#(\d+);/pack("c",$1)/ge; } } sub InsertPage{ #format local($out,$file) = @_; open(OUT,"<$file"); while(){ $_ =~ s/in\((\w+)\)/$in{$1}/g; $page .= $_; } close OUT; open(OUT,"<$out"); while(){ $_ =~ s/\