ftp.sunet.sepub/pictures

home *** CD-ROM | disk | FTP | other *** search

/ ftp.sunet.sepub/pictures / 2014.11.ftp.sunet.se-pictures.tar / ftp.sunet.se / pub / pictures / ACiD-artpacks / www / mirrors / acheron / cgi-bin / discus / board-admin-3.cgi < prev next >

Wrap

Text File | 1999-01-26 | 8KB | 198 lines

#!/usr/bin/perl $discus_conf = '/usr/local/www/www.acheron.org/discus_admin_245059122/discus.conf'; #Discus board administration script (board-admin-3.cgi) #------------------------------------------------------------------------------- # This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved. # Its use is subject to the license agreement that can be found at the following # URL: http://www.chem.hope.edu/discus/license #------------------------------------------------------------------------------- if (open (FILE, "$discus_conf")) { @file = <FILE>; close (FILE); $evals = ""; foreach $line (@file) { if ($line =~ /^(\w+)=(.*)/) { $varname = $1; $value = $2; $value =~ s/'/\\'/g; $value =~ s/\r//g; $evals .= "\$$varname='$value'; "; } } eval($evals); require "$admin_dir/source/src-board-subs-common"; } else { print "Content-type: text/html\n\n"; print "<HTML><HEAD><TITLE>Script Execution Error</TITLE></HEAD>\n"; print "<BODY BGCOLOR=#ffffff TEXT=#000000>\n"; print "<H1>Script Execution Error</H1>\n"; print "Discus scripts could not execute because the discus.conf file\n"; print "could not be opened."; print "<P>Reason: <FONT COLOR=#ff0000><B>$!</B></FONT>" if $!; print "<P>This generally indicates a setup error of some kind.\n"; print "Consult the <A HREF=\"http://www.chem.hope.edu/discus/rc\">Discus "; print "Resource Center</A> for troubleshooting information.</BODY></HTML>\n"; exit(0); } require "$admin_dir/source/src-board-subs-admin"; &parse_form; &read_cookie; #------------------------------------------------------------------------------- # USER MANAGER ACTIONS AND OTHER RELATED FUNCTIONS #------------------------------------------------------------------------------- if ($FORM{'action'} eq "add_user") { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to add users to this group!"); &ex('add_user', $FORM{"username"}, $FORM{"newuser"}, $FORM{"pass_1"}, $FORM{"pass_2"}, $FORM{"group"}, $FORM{'email'}, $FORM{'fullname'}); &ex('user_mgr_2', $FORM{"username"}, $FORM{"group"}); exit(0); } if ($FORM{'action'} eq 'preview_list') { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to add users to this group!"); &ex("preview_user_list", $FORM{"username"}, $FORM{"group"}, $FORM{"list"}); exit(0); } if ($FORM{'action'} eq 'submit_list') { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to add users to this group!"); if ($FORM{'modify'} == 1) { ($modified_list) = &ex("modify_list", 1); &ex("preview_user_list", $FORM{"username"}, $FORM{"group"}, $modified_list, $FORM{"delimiter"}); } else { &ex("add_user_list", $FORM{"username"}, $FORM{"group"}); &ex('user_mgr_2', $FORM{"username"}, $FORM{"group"}); exit(0); } } if ($FORM{'action'} eq "user_form") { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to remove or edit users in this group!"); if ($FORM{'SELECTION'} =~ /^delete(.+)/) { $remove = $1; if ($remove ne "ALL") { &ex("delete_user", $remove, $FORM{"group"}); } else { &ex("delete_user", $FORM{"MARK"}, $FORM{"group"}); } &ex('user_mgr_2', $FORM{"username"}, $FORM{"group"}); exit(0); } elsif ($FORM{'SELECTION'} =~ /^edit(.+)/) { $edit = $1; &ex("profile_editor_screen", "users", $edit, $FORM{'group'}, $FORM{"username"}, "$cgiurl3", "profile_user", 1) if !$pro; &ex("profile_editor_screen_PRO", "users", $edit, $FORM{'group'}, $FORM{"username"}, "$cgiurl3", "profile_user", 1) if $pro; exit(0); } } if ($FORM{'action'} eq "profile_user") { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to remove or edit users in this group!"); $act2 = $FORM{'action2'}; $group = $FORM{'group'}; $username = $FORM{'username_edit'}; open (USERS, "$admin_dir/users.txt"); @users = <USERS>; close (USERS); @users = grep(/:$group\s*$/, @users); ($result) = grep(/^$username:/, @users); $result = "USERS:$result"; @result = ($result); if ($act2 eq "infosave") { $email = $FORM{'profile_email'}; $full = $FORM{'profile_fullname'}; if ($email =~ m|^([\w\-\+\.]+)\@([\w\-\+\.]+)$|) { $email_new = $email; } else { $email_new = "email"; } if ($full eq "") { $full = "fullname"; } else { $full =~ s/\n//g; $full =~ s/[:<>]//g; } &ex('save_profile_information', "", $email_new, $full, "", "", "", "", @result); } elsif ($act2 eq "notifysave") { if (!$pro) { undef @em; foreach $key (keys(%FORM)) { if ($key =~ m|^notify_(\d+)|) { push (@em, $1); } } $emr = join(",", @em); $emr = "*" if $emr eq ""; &ex('save_profile_information', "", "", "", "", $emr, "", "", @result); } else { &ex('select_by_subtopics', "users", $FORM{"username_edit"}, $FORM{'group'}, $FORM{"username"}, "$cgiurl3", "profile_user", 1) if $FORM{'submit'} eq $L{PRED_FIRSTLEVEL}; &ex('notify_save_pro', $FORM{'username_edit'}, $FORM{'username'}); } } elsif ($act2 eq "changepass") { $p1 = $FORM{'pass_1'}; $p2 = $FORM{'pass_2'}; $p1 =~ tr/A-Z/a-z/; $p2 =~ tr/A-Z/a-z/; while ($p1 =~ m|(\W)|g) { $o = ord($1); $m = $1; &error_message("Change Password Error", "Password is invalid (password may not contain the character <B>$m</B>).") if $o < 126; } &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_MATCH}) if $p1 ne $p2; &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_LENGTH}) if (length($p1) < 1 || length($p1) > 20); srand(time); undef (@salt); for ($i=1; $i<=4; $i++) { push (@salt, int(rand(26))+65); } $salt = pack('c4', @salt); $new_password = crypt($p1, $salt); &ex('save_profile_information', $new_password, "", "", "", "", "", "", @result); } elsif ($FORM{'action2'} eq "preferences") { @result_save = @result; &ex('prefs_save_pro', 1); } elsif ($FORM{'action2'} eq "infosection") { @result_save = @result; &ex('info_save_pro', 1); } elsif ($act2 eq "editpriv") { $FORM{'editing'} =~ s/\D//g; &ex('save_profile_information', "", "", "", $FORM{'editing'}, "", "", "", @result); } elsif ($act2 eq "picture") { &ex('clear_picture', @result); } &ex("profile_editor_screen", "users", $username, $FORM{'group'}, $FORM{"username"}, "$cgiurl3", "profile_user", 1) if !$pro; &ex("profile_editor_screen_PRO", "users", $username, $FORM{'group'}, $FORM{"username"}, "$cgiurl3", "profile_user", 1) if $pro; } if ($FORM{'action'} eq "selfreg") { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to configure this group!"); &ex('user_selfreg_config_save', $FORM{'group'}, $FORM{'selfreg'}); &ex('user_mgr_2', $FORM{"username"}, $FORM{"group"}); exit(0); } if ($FORM{'action'} eq "userqueue") { &check_passwd; &ex('userapp_framesetter', $FORM{'username'}, 1) if $FORM{'blank'} == 0; &ex('userapp_framesetter', $FORM{'username'}, 2) if $FORM{'blank'} == 1; } if ($FORM{'action'} eq "userapp_2") { &check_passwd; &ex('userapp_2', $FORM{'username'}); } if ($FORM{'action'} eq "userapp_disp") { &check_passwd; &verify_owner($FORM{'group'},$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to configure this group!"); &ex('userapp_disp', $FORM{'username'}, $FORM{'user'}, $FORM{'group'}); exit(0); } if ($FORM{'action'} eq "userapp_action") { &check_passwd; srand(time); if ($FORM{'SELECTION'} =~ /((approve)|(refuse))(.*)/) { $todo = $4; $action = $1; if ($todo ne "all") { if ($todo ne "") { &ex('userapp_action', $FORM{'username'}, $todo, $action); } } else { @mark = split(/,/, $FORM{'MARK'}); foreach $num (@mark) { &ex('userapp_action', $FORM{'username'}, $num, $action); } } } &ex('userapp_framesetter', $FORM{'username'}, 2, 1) if !$FORM{'form'}; &ex('userapp_result', 1) if scalar(@MESSAGE_OUT); &ex('userapp_2', $FORM{'username'}, 1); exit(0); } &error_message("Invalid Query", "The form action -$FORM{'action'}- is not valid for this script", 0, 1);