ftp.sunet.sepub/pictures

home *** CD-ROM | disk | FTP | other *** search

/ ftp.sunet.sepub/pictures / 2014.11.ftp.sunet.se-pictures.tar / ftp.sunet.se / pub / pictures / ACiD-artpacks / www / mirrors / acheron / cgi-bin / discus / board-post.cgi < prev next >

Wrap

Text File | 1999-01-26 | 27KB | 614 lines

#!/usr/bin/perl $discus_conf = '/usr/local/www/www.acheron.org/discus_admin_245059122/discus.conf'; #Discus board post script (board-post.cgi) #------------------------------------------------------------------------------- # This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved. # Its use is subject to the license agreement that can be found at the following # URL: http://www.chem.hope.edu/discus/license #------------------------------------------------------------------------------- ####################################################### # Reply by e-mail: some people have been given a script # to intercept incoming mail messages and process them # as Discus messages. To permit this, the following # variable must be set to 1. # 1=On 0=Off [Default] $reply_by_email = 0; ####################################################### # SCRIPT BEGINS HERE... $double_post_threshold = 120; if (open (FILE, "$discus_conf")) { @file = <FILE>; close (FILE); $evals = ""; foreach $line (@file) { if ($line =~ /^(\w+)=(.*)/) { $varname = $1; $value = $2; $value =~ s/'/\\'/g; $value =~ s/\r//g; $evals .= "\$$varname='$value'; "; } } eval($evals); require "$admin_dir/source/src-board-subs-common"; } else { print "Content-type: text/html\n\n"; print "<HTML><HEAD><TITLE>Script Execution Error</TITLE></HEAD>\n"; print "<BODY BGCOLOR=#ffffff TEXT=#000000>\n"; print "<H1>Script Execution Error</H1>\n"; print "Discus scripts could not execute because the discus.conf file\n"; print "could not be opened."; print "<P>Reason: <FONT COLOR=#ff0000><B>$!</B></FONT>" if $!; print "<P>This generally indicates a setup error of some kind.\n"; print "Consult the <A HREF=\"http://www.chem.hope.edu/discus/rc\">Discus "; print "Resource Center</A> for troubleshooting information.</BODY></HTML>\n"; exit(0); } require "$admin_dir/source/src-board-subs-admin"; &parse_form; &read_cookie; $FORM{'name'} = $FORM{'username'} if $FORM{'username'} ne ""; $FORM{'number'} = $FORM{'passwd'} if $FORM{'passwd'} ne ""; $adminappend = "?username=$FORM{'name'}"; $adminappend .= "&HTTP_REFERER=$FORM{'HTTP_REFERER'}&action=page_editor#Messages"; if ($GLOBAL_OPTIONS{'posting'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1) { &error_message($L{BPAUTHERROR}, $L{AUTHERROR_CLOSED}, 0, 1); } if ($ENV{'HTTP_REFERER'} =~ /(.*)\.$cgi_extension/i || $FORM{'HTTP_REFERER'}) { $_ = $FORM{'HTTP_REFERER'}; s/#(.*)//g; } else { $_ = $ENV{'HTTP_REFERER'}; $FORM{'HTTP_REFERER'} = $_; s/#(.*)//g; } &extract ($_) if $_ ne ""; $FORM{'name'} =~ s/[]//g; $username_input = $FORM{'name'}; $password_input = $FORM{'number'}; ($auth, $passwordline, $poster_type) = &ex('verify_postread_privileges', $topic_number, $username_input, $password_input, $password_input, "posting", 1); if ($pro) { &ex('get_preferences', "*", "*", $passwordline); } undef @file; undef $line; open (FILE, "$admin_dir/postoptions.txt"); @file = <FILE>; close (FILE); ($line) = grep(/^$topic_number:/, @file); chop $line if $line =~ /\n$/; ($tn, $anonymous_forbidden, $stamp_forbidden, $email_forbidden) = split(/:/, $line); if ($passwordline ne "") { $passwordline =~ s/\s+$//; ($file, $user, $pass, $email, $full, $foo1, $foo2, $foo3, $group) = split(/:/, $passwordline); $full = "\u$user" if ($full eq "fullname" || $full eq "" || $stamp_forbidden || ($GLOBAL_OPTIONS{'fullnames'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1)); $full .= " (\u$user)" if $GLOBAL_OPTIONS{'user_paren'} eq ""; $full .= " (\u$user)" if $GLOBAL_OPTIONS{'user_paren'} == 1; if ($group !~ /\S/) { $group_hold = "MODERATOR"; } else { $group_hold = $group; } if ($pro) { if (($GLOBAL_OPTIONS{'anonymous'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0) && $FORM{'Anon'} && !$anonymous_forbidden) { $postby = $L{BPANONYMOUS}; } else { $warn_anon = 1 if $FORM{'Anon'}; $filename = "$user-$group_hold.txt"; $filename = &getfn($filename); if (-e "$admin_dir/profiles/$filename" && !$email_forbidden && ($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0)) { $postby = "<A HREF=\"$script_url/board-profile.$cgi_extension?action=display_profile&profile=$user-$group_hold\">$full</A>"; } else { $postby = "<A HREF=mailto:$email>$full</A>" if ($PREF{'noemail'} == 0 && $email ne "" && $email ne "email" && !$email_forbidden && ($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0)); $postby = $full if ($PREF{'noemail'} == 1 || $email eq "" || $email eq "email" || $email_forbidden || !($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0)); } } } else { if (($GLOBAL_OPTIONS{'anonymous'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0) && $FORM{'Anon'} && !$anonymous_forbidden) { $postby = $L{BPANONYMOUS}; } else { $warn_anon = 1 if $FORM{'Anon'}; $postby = "<A HREF=mailto:$email>$full</A>" if ($email ne "" && $email ne "email" && !$email_forbidden && ($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0)); $postby = $full if ($email eq "" || $email eq "email" || $email_forbidden || !($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0)); } } $username = $user; } else { $postby = $username_input; if (($GLOBAL_OPTIONS{'anonymous'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0) && $FORM{'Anon'} && !$anonymous_forbidden) { $postby = $L{BPANONYMOUS}; $username_input = $L{BPANONYMOUS} if $username_input eq ""; } else { $warn_anon = 1 if $FORM{'Anon'}; if ($FORM{'email'} ne "") { $FORM{'email'} = &remove_html($FORM{'email'}); $postby = "<A HREF='mailto:$FORM{'email'}'>$username_input</A>"; } } $username = "PUBLIC"; $group_hold = "PUBLIC"; } if ($GLOBAL_OPTIONS{'ip_on_post'}) { $rh = $ENV{'REMOTE_HOST'}; $rh =~ s/[<>]//g; $ra = $ENV{'REMOTE_ADDR'}; $ra =~ s/[<>]//g; $postby .= " ($rh - $ra)" ; } $FORM{'message'} =~ s/\s+$//; $FORM{'message'} =~ s/^\s+//; $FORM{'message'} =~ s/\n{3,}/\n\n\n/g; if ($FORM{"message"} =~ m|^\{\\rtf| && $pro && $GLOBAL_OPTIONS{'RTF'}) { ($FORM{"message"}) = &ex('rtf_to_webtags', $FORM{"message"}); ($lint, $newmessage) = &ex('webtags', $FORM{"message"}, 0, 1); } $remove_swearing = 1 if ($GLOBAL_OPTIONS{'profanity'}); if ($FORM{"message"} !~ /\\(\S+)\{/ && $FORM{"message"} =~ m|<(\s*)([^>]*)(\s*)>| && $GLOBAL_OPTIONS{'html'}) { ($message_html) = &ex('html_to_webtags', $FORM{"message"}); $NEW_SOURCE = $message_html; $message_html =~ s/<([^>]*)>//g; ($message_html) = &ex('remove_swearing', $message_html) if ($remove_swearing); ($lint, $newmessage) = &ex('webtags', $message_html, 0, 1); } else { $NEW_SOURCE = ""; if ($FORM{"message"} !~ /\\(\S+)\{/ && $GLOBAL_OPTIONS{'active_links'}) { $FORM{"message"} = join("", " ", $FORM{"message"}, " "); $m = ""; $after = $FORM{"message"}; while ($after =~ m|(http://)([\w\-\.\+/~\%\?\&\=\:\,]+)|i) { $url = join("", $1, $2); $b4 = $`; $after = $'; if ($url =~ m|([\.\:\;\,])$|) { $url = $`; $after = "$1$after"; } $url_link = $url; $url_link =~ s/,(.)/\%2C$1/g; $m .= join("", $b4, "\\topurl\{$url_link,$url}"); } $FORM{"message"} = $m . $after; $m = ""; $after = $FORM{"message"}; while ($after =~ m|([\w\-\+\.]+)\@([\w\-\+\.]+)|i) { $url = join("", $1, "\@", $2); $b4 = $`; $after = $'; if ($url =~ m|([\.\:\;\,])$|) { $url = $`; $after = "$1$after"; } $url_link = $url; $url_link =~ s/,(.)/\%2C$1/g; $m .= join("", $b4, "\\mail\{$url_link,$url}"); } $FORM{"message"} = $m . $after; } $message_temp = $FORM{"message"}; ($message_temp) = &ex('remove_swearing', $FORM{"message"}) if ($remove_swearing); ($lint, $newmessage) = &ex('webtags', $message_temp, 0, 1); $error_observed = 1; } if ($FORM{'subject'} ne "") { $newsubject = ""; ($newsubject) = &ex('remove_swearing', $FORM{"subject"}, 3) if ($remove_swearing); $newsubject = $FORM{'subject'} if $newsubject eq ""; ($lint_subj, $newsubject) = &ex('webtags', $FORM{"subject"}, 3, 1); $newsubj = 1; $newsubject = "\u$newsubject" if $GLOBAL_OPTIONS{'capitalize'}; } ($postby) = &ex('remove_swearing', $postby, 0, 1) if ($remove_swearing); if ($auth == 0) { $newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{BPAUTHERRORINVALID}"; } elsif ($auth == 2) { $newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{AUTHERROR_BANNED}"; } elsif ($auth == 3) { $newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{AUTHERROR_CLOSED}"; } elsif ($postby eq "") { $newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{BPAUTHERRORNONAME}"; } elsif ($username_input !~ /\S/) { $newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{BPAUTHERRORNONAME}"; } elsif ($FORM{"message"} !~ /\S/) { $newmessage = "<H3>$L{BPADDMSGERROR}</H3>$L{BPADDMSGERRORDESC}"; } elsif ($FORM{"new_conversation"} == 1 && $FORM{"subject"} !~ /\S/) { $newmessage = "<H3>$L{BPCREATEERROR}</H3>$L{BPCREATEERRORDESC}"; } elsif ($poster_type == 8 && (length($FORM{'message'})/1000) > $GLOBAL_OPTIONS{'public_msgsize'} && $GLOBAL_OPTIONS{'options_used'} && $GLOBAL_OPTIONS{'public_msgsize'}) { $newmessage = "<H3>$L{BPADDMSGERROR}</H3>"; $toolong = $L{BP_MESSAGE_EXCEEDED_MAXLENGTH}; $mxs = $GLOBAL_OPTIONS{'public_msgsize'}; $toolong =~ s/\%maxsize/$mxs/g; $ys = length($FORM{'message'})/1000; $toolong =~ s/\%yoursize/$ys/g; $newmessage .= $toolong; } elsif ($poster_type != 8 && (length($FORM{'message'})/1000) > $GLOBAL_OPTIONS{'registered_msgsize'} && $GLOBAL_OPTIONS{'options_used'} && $GLOBAL_OPTIONS{'registered_msgsize'}) { $newmessage = "<H3>$L{BPADDMSGERROR}</H3>"; $toolong = $L{BP_MESSAGE_EXCEEDED_MAXLENGTH}; $mxs = $GLOBAL_OPTIONS{'registered_msgsize'}; $toolong =~ s/\%maxsize/$mxs/g; $ys = length($FORM{'message'})/1000; $toolong =~ s/\%yoursize/$ys/g; $newmessage .= $toolong; } else { $error_observed = 0; } $error_observed = 1 if $lint eq "!Error"; $error_observed = 1 if $lint_subj eq "!Error"; $newmessage = $newsubject if $lint_subj eq "!Error"; $message_hold = $FORM{'message'}; $message_hold =~ s/&/&/g; $message_hold =~ s/>/>/g; $message_hold =~ s/</</g; $message_hold =~ s/"/"/g; $subject_hold = $FORM{'subject'}; $subject_hold =~ s/&/&/g; $subject_hold =~ s/>/>/g; $subject_hold =~ s/</</g; $subject_hold =~ s/"/"/g; $p1 = $L{PREVIEW}; $p2 = $L{PREVIEW2}; $p1 = "x" x 100 if $L{PREVIEW} eq ""; $p2 = "x" x 100 if $L{PREVIEW2} eq ""; $p1 =~ s/^\s+//; $p1 =~ s/\s+$//; $p2 =~ s/^\s+//; $p2 =~ s/\s+$//; if ($pro) { $FORM{'submit'} = "" if ($PREF{'skip_preview'} == 1); } if ($FORM{'submit'} =~ /$p1/i || $FORM{'submit'} =~ /$p2/i || $error_observed == 1) { &header; ($bgcolor, $text, $link, $vlink, $alink, $face, $size, $image) = &ex('extract_colorsonly', 1); $str = "$L{BPNORMALTITLE}"; &ex('printuntil', 1, 1, $topic_number, "$L{BPNORMALTITLE}"); print "<FONT SIZE=+1><CENTER><B>$L{BPNORMALTITLE}</B></CENTER></FONT>\n" if $newsubj == 0; print "<FONT SIZE=+1><CENTER><B>$L{BPCREATETITLE}</B></CENTER></FONT>\n" if $newsubj == 1; print "<HR>\n"; &ex('printuntil', 3, 3, $topic_number, $title, 0, 1); $file = "$message_dir/$topic_number/$me_number.$ext" if -e "$message_dir/$topic_number/$me_number.$ext"; if (!-e "$message_dir/$topic_number/$me_number.$ext") { $file = "$secdir/$topic_number/$me_number.$ext"; $secure = 1; } open (FILE, $file); @file = <FILE>; close (FILE); if ($FORM{'isitok'} ne "okiedokie") { ($navbar) = &ex('prepare_navbar', @file); $navbar =~ m|^(.*)</A>: |; $pre = join("", $1, "</A>: "); $url = "$message_url/$topic_number/$me_number.$ext" if !$secure; $url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if $secure; $newsubj = 1 if $FORM{'new_conversation'} == 1; $javastr = &JavaScript_prepare($me_name); $pre .= "<A HREF=\"$url\" onMouseOver=\"return setStatus('$L{RETURNTO}$javastr')\"><FONT COLOR=$vlink>$me_name</FONT></A>: "; } else { &extract("$FORM{'HTTP_REFERER'}"); local (@array) = ("$topic_number:$topic_name"); foreach $key (sort by_number keys(%level_number)) { push (@array, "$level_number{$key}:$level_name{$key}"); } $pre = "<A HREF=\"$cgiurlm?username=$FORM{'name'}&action=mgr_1"; $pre .= "&HTTP_REFERER=$page_referer\" onMouseOver=\"return setStatus('"; $pre .= "Return to topic selection screen')\"><FONT COLOR=$link>Page Manager</FONT></A>: \n"; foreach $line (@array) { ($number,$name) = split(/:/, $line, 2); $pre .= "<A HREF=\"$cgiurlm?username=$FORM{'name'}&action=page_editor"; $pre .= "&HTTP_REFERER=//$topic_number/$number.$ext\" onMouseOver=\"return "; $str = &JavaScript_prepare($name); $pre .= "setStatus('Return to editing $str')\"><FONT COLOR=$link>$name</FONT></A>: "; } } $pre .= "$L{BPCREATEDISPLAY}" if $newsubj == 1; $pre .= "$L{BPNORMALDISPLAY}" if $newsubj == 0; &ex('printuntil', 5, 9, $topic_number, $title, 0, 1); print "<strong>$pre</strong>\n"; print "<HR>\n"; if (!($error_observed)) { print "<FONT SIZE=-1>$L{BPMESSAGEPOST}</FONT>" if $newsubj == 0; print "<FONT SIZE=-1>$L{BPCREATEPOST}</FONT>" if $newsubj == 1; print "<P>"; if ($warn_anon == 1) { print "$L{BPWARNANONYMOUS}<P>\n"; } if ($lint ne "") { print "<FONT SIZE=+1><B>$L{BPPOSSIBLEFORMATTINGERRORS}</B></FONT><P>"; print "<FONT SIZE=-1>$L{BPPOSSIBLEFORMATTINGERRORSDESC}"; print "<P>\n"; print "<OL>$lint</OL><P></FONT>\n"; } if ($pro && $PREF{'spellcheck'} == 1 && $dictionary ne "") { ($newmessage, $scmessage) = &ex('spellcheck', $newmessage); if ($scmessage ne "") { print $scmessage; } } &ex('printuntil', 11, 11, $topic_number, $title, 0, 1); print "<TABLE BORDER=1 WIDTH=97% HEIGHT=40%><TR><TD VALIGN=TOP><BASEFONT SIZE=$size><FONT FACE=\"$face\" SIZE=\"$size\" COLOR=$text>\n"; if ($newsubj == 1) { print "<B>$L{BPSUBJECTTAG}</B> $newsubject<HR SIZE=0>\n"; } $pb = $L{POSTBY}; $postby = join("", "<BLINK>", $postby, "</BLINK>") if $warn_anon == 1; ($datetime) = &ex('get_date_time', "long"); $pb =~ s/\%name/$postby/g; $pb =~ s/\%date/$datetime/g; print "$pb<P>\n"; } print "$newmessage"; if (!$error_observed) { print "</FONT></TD></TR>\n"; print "</TABLE>\n"; print "<FORM Method=Post Action=\"$script_url/board-post.$cgi_extension\">\n"; print "<INPUT Type=hidden name=\"HTTP_REFERER\" value=\"$FORM{'HTTP_REFERER'}\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"new_conversation\" value=\"1\">\n" if $FORM{'new_conversation'} == 1; print "<INPUT Type=hidden name=\"isitok\" value=\"okiedokie\">\n" if $FORM{'isitok'} eq "okiedokie"; print "<HR>\n"; print "<CENTER>\n"; print "<INPUT Type=\"submit\" Name=submit VALUE=\"$L{BPPOSTTHISMESSAGE}\">\n" if !$error_observed; print "<INPUT TYPE=\"button\" VALUE=\"$L{BPCANCELPOST}\" onClick=\"window.location="; if ($FORM{'isitok'} ne 'okiedokie') { $url = "$message_url/$topic_number/$me_number.$ext" if !$secure; $url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if $secure; print "'$url'\"> "; } else { print "'$cgiurlm$adminappend'\"> "; } print "</CENTER>\n"; } else { print "<BR><BR>\n"; print "<FORM Method=Post Action=\"$script_url/board-post.$cgi_extension\">\n"; print "<INPUT Type=hidden name=\"HTTP_REFERER\" value=\"$FORM{'HTTP_REFERER'}\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"new_conversation\" value=\"1\">\n" if $FORM{'new_conversation'} == 1; print "<INPUT Type=hidden name=\"isitok\" value=\"okiedokie\">\n" if $FORM{'isitok'} eq "okiedokie"; } print "<HR>\n"; &ex('printuntil', 13, 13, $topic_number, $title, 0, 1); open (POST, "$admin_dir/posting.txt"); @post = <POST>; close (POST); ($line) = grep(/^$topic_number:/, @post); ($t, $ip) = split(/:/, $line); if ($ip eq "") { $privpub = "private"; } else { $privpub = "public"; } open (POST, "$admin_dir/postoptions.txt"); @post = <POST>; close (POST); ($line) = grep(/^$topic_number:/, @post); ($t, $af) = split(/:/, $line); $af = 1 if ($GLOBAL_OPTIONS{'anonymous'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1); if (open(FILExx, "$message_dir/$topic_number/addmessage.conf")) { @file = <FILExx>; } elsif (open(FILExx, "$secdir/$topic_number/addmessage.conf")) { @file = <FILExx>; } else { open (FILExx, "$admin_dir/addmessage-$privpub.conf"); @file = <FILExx>; } close (FILExx); foreach $line (@file) { $line =~ s/<!-FONT-!>/<FONT FACE="$face" SIZE="$size">/g; $line = "" if $line =~ m|FORM>|; $line = "" if ($af && $line =~ m|^<!-Anon-!>|); } $am = $L{ADDMESSAGE}; if ($newsubj == 1) { $flag = 0; foreach $line (@file) { if ($line =~ m|$am|i && $flag == 0) { print join("", $`, "$L{BPREVISESUBJECT}", $'); $flag = 1; } } print "<H3>$L{BPREVISESUBJECT}</H3>\n" if $flag == 0; print "$L{BPFSUBJECT}<BR><BR>\n"; print "<TABLE><TR><TD><INPUT TYPE=TEXT NAME=\"subject\" VALUE=\"$subject_hold\" SIZE=53></TD></TR></TABLE><P>\n"; print "<HR>\n"; } $flag = 0; $message_hold =~ s/^\s+//; $message_hold =~ s/\s+$//; foreach $line (@file) { if ($line =~ /<!-Conversation - LEAVE THIS HERE!-!>/) { $flag = 1; } elsif ($line =~ /<!-\/Identification/) { $flag = 0; } elsif ($line =~ /<!-Skip next line-!>/) { $flag = 2+$flag; } elsif ($flag >= 2) { $flag -= 2; } elsif ($line =~ /<!-Submit button included-!>/) { $submit_included = 1; } elsif ($flag == 1) { if ($line =~ /NAME="name" VALUE=""/i) { $line = join("", $`, "NAME=\"name\" VALUE=\"$username_input\"", $'); } elsif ($line =~ /NAME="number" VALUE=""/i) { $line = join("", $`, "NAME=\"number\" VALUE=\"$FORM{'number'}\"", $'); $line = "" if $FORM{'isitok'} eq "okiedokie"; } elsif ($line =~ /NAME="Anon"/i) { $line = join("", $`, "NAME=\"Anon\" CHECKED", $') if $FORM{'Anon'} eq "on"; } elsif ($line =~ /NAME="username" VALUE=""/i) { $line = join("", $`, "NAME=\"username\" VALUE=\"$username_input\"", $'); } elsif ($line =~ /NAME="passwd" VALUE=""/i) { $line = join("", $`, "NAME=\"passwd\" VALUE=\"$FORM{'number'}\"", $'); $line = "" if $FORM{'isitok'} eq "okiedokie"; } elsif ($line =~ /NAME="email" VALUE=""/i) { $line = join("", $`, "NAME=\"email\" VALUE=\"$FORM{'email'}\"", $'); } elsif ($line =~ /$am/i) { $line = join("", $`, "$L{BPREVISEMESSAGE}", $'); } if ($line =~ m|</TEXTAREA>|i) { $line = join("", $`, $message_hold, $&, $'); } print $line; } } print "<HR>\n"; if ($submit_included == 0) { print "<CENTER>\n"; print "<INPUT TYPE=\"submit\" Name=submit VALUE=\"$L{BPPREVIEWPOST}\">\n"; print "</CENTER><HR></FORM>\n"; } &ex('printuntil', 15, 17, $topic_number, $title, 0, 1); exit(0); } undef $!; &error_message ("Error", "This page ($me_number) does not allow for public posting of messages!") if $param !~ /Add/ && $newsubj == 0 && $FORM{'isitok'} ne "okiedokie"; &error_message ("Error", "This page does not allow for public creation of conversations!") if $param !~ /Create/ && $newsubj == 1; &error_message ("Error", "Your username/password combination was invalid, or you are not allowed to post to this topic.") if $passwordline eq "invalid"; if ($GLOBAL_OPTIONS{'double_post'}) { open (LOG, "$admin_dir/log.txt"); @LOG = <LOG>; close (LOG); $now = time; $mh = $newmessage; $mh = &JavaScript_prepare($mh); $mh =~ s/^\s+//; $mh =~ s/\s+$//; $mh = &escape($mh); foreach $line (reverse(@LOG)) { ($index,$by,$time,$where,$addr,$host,$mt,$who2) = split(/;/, $line); last if ($now - $double_post_threshold) > $time; $mt =~ s/\s+$//; ($by2) = ($by =~ m|^(.*):|); if ($by2 eq $username && substr($mh, 0, length($mt)) eq $mt) { if ($where eq "$topic_number/$me_number" || $newsubj == 1) { if ($FORM{'isitok'} ne 'okiedokie') { $url = "$message_url/$where.$ext"; ($ts) = &ex('extract_lastmodified', "$topic_number:$me_number"); $url .= "?$ts" if !$noqm; } else { $url = "$cgiurlm$adminappend"; } ($head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src) = &get_page(split(/\//, $where)); $flag = 0; $source = ""; @msgsrc = split(/\n/, $message_src); foreach $line2 (@msgsrc) { if ($line2 =~ m|<!-Source: $index-!>|) { $flag = 1; } elsif ($line2 =~ m|<!-/Source: (\d+)-!>|) { $flag = 0; } elsif ($flag == 1) { $source .= $line2; } } if ($NEW_SOURCE ne "") { $message_hold = $NEW_SOURCE; } $message_hold =~ s/\s+$//; $message_hold =~ s/^\s+//; $source = &unescape($source); $source =~ s/\s+$//; $source =~ s/^\s+//; if ($source eq $message_hold) { &error_message("$L{BPALREADYPOSTED}", "$L{BPALREADYPOSTEDDESC}<P><B><A HREF=\"$url\">$L{BPCLICKCONTINUE}</A></B><P>", 0, 1); } } } } } $message_hold = $message_html if $message_html; if ($pro) { ($queue) = &ex('check_queue_status', $topic_number, $poster_type); } if ($newsubj == 1 && !$queue) { ($num) = &ex('get_number', 1); $newnum = $num; $pagetitle = $newsubject; ($dt) = &ex('get_date_time', "long"); $dt =~ s/\W//g; $me_number_hold = $me_number; &ex('new_file', $topic_number, $num, $me_number, $owner, $pagetitle); &ex('change_layout', $topic_number, $num, "MessagesAdd"); $url = "$message_url/$topic_number/$num.$ext"; $url .= "?$dt" if !$noqm; $newpage = $newsubject; $str = &JavaScript_prepare($newpage); $strg = "onMouseOver=\"return setStatus('$str')\""; ($ts) = &ex('get_date_time', "short"); $linex = "<!-Top: $num-!><LI><A HREF=\"$url\" $strg>$newpage</A> <FONT SIZE=\"-1\">"; $linex .= "$ts</FONT></LI><P>\n"; &lock("$message_dir/$topic_number/$me_number.$ext"); ($head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src) = &get_page($topic_number, $me_number); @rs = split(/,/, $GLOBAL_OPTIONS{'reverse_subs'}); if (!grep(/^$topic_number$/, @rs)) { $sublist = join("",$sublist,$linex); } else { $sublist = join("",$linex,$sublist); } @sublist = split(/\n/, $sublist); @as = split(/,/, $GLOBAL_OPTIONS{'alphabet_subs'}); if (grep(/^$topic_number$/, @as)) { @sublist = sort alphabetical_sort @sublist; @sublist = reverse @sublist if grep(/^$topic_number$/, @rs); } @sublist = grep(/\S/, @sublist); $sublist = join("\n", @sublist); &set_page($topic_number, $me_number, $head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src); &unlock("$message_dir/$topic_number/$me_number.$ext"); &extract("//$topic_number/$num.$ext"); } elsif ($newsubj == 1 && $queue) { $subject_line = $newsubject; } if (!$queue) { ($postindex, $source_out) = &ex('post_message',$topic_number,$me_number,$message_hold,$newmessage,$postby,$username,$group_hold); ($dt) = &ex('get_date_time', "short"); ($ts) = &ex('get_date_time',"long"); $ts =~ s/\W//g; &ex('update_time', $topic_number, $newnum_number, $me_number, $ts, $dt, 0); &ex('email_notification', $topic_number, $me_number, $postby, $newmessage, $username, $group_hold) if ($GLOBAL_OPTIONS{'email'} && !$pro); &ex('email_notification_pro', $topic_number, $me_number, $postby, $newmessage, $username, $group_hold, 0) if ($GLOBAL_OPTIONS{'email'} && $pro); } else { ($queue_id, $source_out) = &ex('send_message_to_queue', $topic_number, $me_number, $message_hold, $newmessage, $postby, $username, $group_hold, $subject_line); &ex('email_notification_pro', $topic_number, $me_number, $postby, $newmessage, $username, $group_hold, 1) if ($GLOBAL_OPTIONS{'email'} && $pro); } $url = "$message_url/$topic_number/$me_number.$ext" if !$secure; $url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext&lm=$ts" if $secure; $url .= "?$ts" if (!$noqm && !$secure); if ($source_out =~ m|\\image_notuploaded\{| || $source_out =~ m|\\attachment_notuploaded\{|) { $string = $source_out; &header; ($bgcolor, $text, $link, $vlink, $alink, $face, $size, $image) = &ex('extract_colorsonly', 1); &ex('printuntil', 1, 1, $topic_number, "$L{BPIMGUPLOADTITLE3_00}"); print "<FONT SIZE=+1><CENTER><B>$L{BPIMGUPLOADTITLE3_00}</B></CENTER></FONT>\n<HR>\n"; for ($i = 3; $i <= 9; $i += 2) { &ex('printuntil', $i, $i, $topic_number, "$L{BPIMGUPLOADTITLE3_00}"); } print "$L{BPIMGUPLOADINSTR3_00}<P>\n"; print "<FORM ACTION=\"$script_url/board-image.$cgi_extension\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n"; print "<HR>\n"; for ($i = 11; $i <= 13; $i += 2) { &ex('printuntil', $i, $i, $topic_number); } $message = $string; while ($source_out =~ m|\\image_notuploaded\{(\d+),([^\}]*)\}|g) { $ctr = $1; $descr = $2; print "$L{BPPROVIDEFILE} <B>$descr</B>:<P>\n"; print "<TABLE><TR><TD><INPUT TYPE=FILE NAME=\"Image$ctr\" SIZE=40></TD></TR></TABLE>\n"; print "<HR>\n"; } while ($source_out =~ m|\\attachment_notuploaded\{(\d+),([^\}]*)\}|g) { $ctr = $1; $descr = $2; print "$L{BPPROVIDEFILE} <B>$descr</B>:<P>\n"; print "<TABLE><TR><TD><INPUT TYPE=FILE NAME=\"Attachment$ctr\" SIZE=40></TD></TR></TABLE>\n"; print "<HR>\n"; } print "<INPUT TYPE=SUBMIT VALUE=\"$L{BPIMGUPLOADBUTTON}\">\n"; print "<INPUT TYPE=HIDDEN NAME=name VALUE=\"$username_input\">\n"; print "<INPUT TYPE=HIDDEN NAME=number VALUE=\"$FORM{'number'}\">\n"; print "<INPUT TYPE=HIDDEN NAME=HTTP_REFERER VALUE=\"//$topic_number/$me_number.$ext\">\n"; print "<INPUT TYPE=HIDDEN NAME=postindex VALUE=\"$postindex\">\n"; print "<INPUT Type=hidden name=\"isitok\" value=\"okiedokie\">\n" if $FORM{'isitok'} eq "okiedokie"; print "<INPUT TYPE=HIDDEN NAME=queue VALUE=\"$queue_id\">\n"; print "<HR>\n"; print "</FORM>\n"; if ($FORM{'isitok'} ne "okiedokie") { print "$L{BPIMGUPLOADCANCEL13_00} <A HREF=\"$url\">\n"; } else { print "$L{BPIMGUPLOADCANCEL13_00} <A HREF=\"$cgiurlm$adminappend\">\n"; } print "$L{BPIMGUPLOADCANCEL2}</A>. "; print "$L{BPIMGUPLOADCANCEL33_00}\n"; print "<BR></FONT>\n"; for ($i = 15; $i <= 17; $i += 2) { &ex('printuntil', $i, $i, $topic_number); } exit(0); } else { &ex('queue_submitted', $topic_number, $me_number, $adminappend, $FORM{'isitok'}) if $queue; &seturl("$url") if $FORM{'isitok'} ne "okiedokie"; &seturl("$cgiurlm$adminappend") if $FORM{'isitok'} eq "okiedokie"; } sub verify_owner { local ($owner, $username) = @_; local (@group_data, $group, $usernames, @username, $groupname); open (GROUP, "$admin_dir/groups.txt") || &error_message("File Error", "Cannot open group file (groups.txt)!"); @group_data = <GROUP>; close (GROUP); foreach $group (@group_data) { chop ($group) if $group =~ /\n$/; ($groupname, $usernames) = split(/:/, $group); if ($groupname eq $owner) { @username = split(/,/, $usernames); if (grep (/^$username$/, @username)) { return 1; } else { return 0; } } } return 0; } sub alphabetical_sort { $a =~ m|<A[^>]+>(.*)</A>|i; $subnamea = $1; $b =~ m|<A[^>]+>(.*)</A>|i; $subnameb = $1; $subnamea =~ tr/A-Z/a-z/; $subnameb =~ tr/A-Z/a-z/; return 1 if $subnamea gt $subnameb; return -1 if $subnamea lt $subnameb; return 0; }