home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.sunet.sepub/pictures
/
2014.11.ftp.sunet.se-pictures.tar
/
ftp.sunet.se
/
pub
/
pictures
/
ACiD-artpacks
/
www
/
mirrors
/
hirez
/
cgi-bin
/
discus
/
board-admin-1.cgi
next >
Wrap
Text File
|
1999-02-12
|
15KB
|
342 lines
#!/usr/bin/perl
$discus_conf = '/usr/local/www/www.hirez.org/discus_admin_149349189/discus.conf';
#Discus board administration script (board-admin-1.cgi)
#-------------------------------------------------------------------------------
# This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved.
# Its use is subject to the license agreement that can be found at the following
# URL: http://www.chem.hope.edu/discus/license
#-------------------------------------------------------------------------------
if (open (FILE, "$discus_conf")) {
@file = <FILE>;
close (FILE);
$evals = "";
foreach $line (@file) {
if ($line =~ /^(\w+)=(.*)/) {
$varname = $1;
$value = $2;
$value =~ s/'/\\'/g; $value =~ s/\r//g;
$evals .= "\$$varname='$value'; ";
}
}
eval($evals);
require "$admin_dir/source/src-board-subs-common";
} else {
print "Content-type: text/html\n\n";
print "<HTML><HEAD><TITLE>Script Execution Error</TITLE></HEAD>\n";
print "<BODY BGCOLOR=#ffffff TEXT=#000000>\n";
print "<H1>Script Execution Error</H1>\n";
print "Discus scripts could not execute because the discus.conf file\n";
print "could not be opened.";
print "<P>Reason: <FONT COLOR=#ff0000><B>$!</B></FONT>" if $!;
print "<P>This generally indicates a setup error of some kind.\n";
print "Consult the <A HREF=\"http://www.chem.hope.edu/discus/rc\">Discus ";
print "Resource Center</A> for troubleshooting information.</BODY></HTML>\n";
exit(0);
}
require "$admin_dir/source/src-board-subs-admin";
&parse_form;
&read_cookie;
#-------------------------------------------------------------------------------
# PAGE MANAGER ACTIONS AND OTHER RELATED FUNCTIONS
#-------------------------------------------------------------------------------
if ($FORM{'action'} eq 'add_subtopic') {
&check_passwd;
&extract ($FORM{'HTTP_REFERER'});
&verify_owner($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!");
&error_message("Add Subtopic Error", "You did not specify a title for the new subtopic!") if $FORM{'subtopic'} eq "";
($newtitle) = &ex("webtags", $FORM{'subtopic'},3);
&error_message("Add Subtopic Error", "Formatting tags returned the following error: <P>$newtitle") if $newtitle =~ /<H3>Formatting/i;
$param = "Sublist" if $FORM{'pagetype'} eq "privateindex";
$param = "SublistCreate" if $FORM{'pagetype'} eq "publicindex";
$param = "MessagesAdd" if $FORM{'pagetype'} eq "message";
$target = "Main" if $FORM{'linktype'} eq "rightframe";
$target = "_parent" if $FORM{'linktype'} eq "top";
$target = "_blank" if $FORM{'linktype'} eq "new";
$param = "LINK" if $FORM{'type'} eq "link";
if ($param eq "LINK") {
$url = $FORM{'url'};
&error_message('Add Subtopic Error', "The URL you specified was not valid") if $FORM{'url'} eq "";
}
($newnum_number) = &ex("add_page", $newtitle,$param,$url,$target);
($dt) = &ex("get_date_time", "short");
($ts) = &ex("get_date_time", "long");
$ts =~ s/\W//g;
&ex("update_time", $topic_number, $newnum_number, $me_number, $ts, $dt);
$append = "?username=$FORM{'username'}";
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}) if ($FORM{'jumpin'} == 0 || $param eq "LINK");
&ex("page_mgr_2", "//$topic_number/$newnum_number.$ext", $FORM{"username"}) if $FORM{'jumpin'} == 1;
exit(0);
}
if ($FORM{'action'} eq "subtopics") {
&check_passwd;
&extract($FORM{'HTTP_REFERER'});
&verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this topic!");
if ($FORM{'SELECTION'} =~ /^delete(\w+)/) {
$todo = $1;
if ($todo eq "all") {
$todo = $FORM{'MARK'};
}
&ex("remove_page", $topic_number, $me_number, $todo);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
} elsif ($FORM{'SELECTION'} =~ /move(\w+)/) {
if ($1 =~ /^(\d+)$/) {
$tomove = $1;
$plural = ""; $singular = "a ";
} else {
$tomove = $FORM{'MARK'};
$plural = "s"; $singular = "";
}
&ex('move_subtopic_form', $topic_number, $me_number, $FORM{'username'}, $plural, $singular, $FORM{'HTTP_REFERER'});
exit(0);
} elsif ($FORM{'SELECTION'} =~ /properties(\d+)/) {
$torename = $1;
if ($torename =~ /^0/) {
$torename =~ s/^0//g;
&ex("rename_link_form", $FORM{"HTTP_REFERER"},$torename,$FORM{"username"});
} else {
&ex("rename_subtopic_form", $FORM{"HTTP_REFERER"}, $torename, $FORM{"username"});
}
exit(0);
} elsif ($FORM{'SELECTION'} =~ /reorder/) {
undef @data;
undef @datakeys;
foreach $key (keys(%FORM)) {
$key2 = $key;
$keystr .= "$key2=$FORM{$key2}<BR>";
if ($key2 =~ /^ORDER/) {
$key2 =~ s/^ORDER//g;
$key2 =~ s/^0//g;
push (@data, $key2);
push (@dataval, $FORM{$key});
}
}
@array = @data[sort {$dataval[$a] <=> $dataval[$b]} $[..$#data];
$arraystr = join(":", @array);
&ex("reorder_subtopics", $FORM{"HTTP_REFERER"}, $arraystr);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
}
if ($FORM{'action'} eq 'rename_a_subtopic' || $FORM{'action'} eq 'rename_a_link') {
&check_passwd;
&extract ($FORM{'HTTP_REFERER'});
&verify_owner ($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permissions to rename subtopics on this page!");
($newname) = &ex('webtags', $FORM{"newname"}, 3);
$newname = &remove_links($newname);
&error_message("Rename Error", "You didn't specify a new subtopic/link name!") if $newname eq "";
&error_message("Formatting Error", "The following formatting error was returned:<BR><BR>$newname<BR><BR>") if $newname =~ /<H3>FORMATTING/i;
if ($FORM{'action'} eq "rename_a_subtopic") {
$subtopic = $FORM{'subtopic'};
$subtopic =~ s/\D//g;
&error_message("Rename Error", "You didn't specify a valid initial subtopic!") if $subtopic == 0;
&ex("rename_subtopic", $FORM{"HTTP_REFERER"}, $subtopic, $newname);
} else {
$linknum = $FORM{'link'};
$url = &remove_html($FORM{'url'});
if ($FORM{'frame'} eq "top") {
$target = "_parent";
} elsif ($FORM{'frame'} eq "new") {
$target = "_blank";
} else {
$target = "Main";
}
&ex("rename_link", $FORM{"HTTP_REFERER"}, $linknum, $newname, $url, $target);
}
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
if ($FORM{'action'} eq "move_subtopic") {
&check_passwd;
&extract ($FORM{'HTTP_REFERER'});
&verify_owner ($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permissions to move subtopics from this page!");
$oldtopic = $topic_number;
$oldparent = $me_number;
&extract("//$FORM{'click'}.$ext");
&verify_owner ($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permissions to move subtopics to this page!");
$newtopic = $topic_number;
$newtopic_hold = $newtopic;
$newhome = $me_number;
$newhome_hold = $newhome;
@tomove = split(/,/, $FORM{'move'});
foreach $page (@tomove) {
$page =~ s/^0//;
}
$tomove = join(",", @tomove);
&ex('move_page', $oldtopic, $tomove, $oldparent, $newtopic, $newhome);
&extract("//$newtopic_hold/$newhome_hold.$ext");
if ($param !~ /Sublist/) {
&ex('change_layout', $newtopic_hold, $newhome_hold, $param . "Sublist");
}
($dt) = &ex('get_date_time', "short");
($ts) = &ex('get_date_time', "long");
$ts =~ s/\W//g;
&ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); exit(0);
}
if ($FORM{'action'} eq "messages") {
&check_passwd;
&extract($FORM{'HTTP_REFERER'});
&verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this topic!");
if ($FORM{'SELECTION'} =~ /delete(\w+)/) {
$todo = $1;
if ($todo ne "all") {
$todo =~ s/\D//g;
if ($todo != 0) {
&ex('remove_message', $FORM{"HTTP_REFERER"}, $todo);
}
} else {
&ex('remove_message', $FORM{"HTTP_REFERER"}, $FORM{'MARK'});
}
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
} elsif ($FORM{'SELECTION'} =~ /move(\w+)/) {
$tomove = $1;
&ex('move_message_form', $topic_number, $tomove, $FORM{"move"}, $FORM{"MARK"}, $FORM{"HTTP_REFERER"}, $FORM{"username"});
exit(0);
} elsif ($FORM{'SELECTION'} =~ /edit(\d+)/) {
$toedit = $1;
&ex('edit_message_form', $topic_number, $me_number, $toedit, "", "", $FORM{"username"});
exit(0);
} elsif ($FORM{'SELECTION'} =~ /reorder/) {
undef @data;
undef @datakeys;
foreach $key (keys(%FORM)) {
$key2 = $key;
$keystr .= "$key2=$FORM{$key2}<BR>";
if ($key2 =~ /^ORDER/) {
$key2 =~ s/^ORDER//g;
push (@data, $key2);
push (@dataval, $FORM{$key});
}
}
@array = @data[sort {$dataval[$a] <=> $dataval[$b]} $[..$#data];
$arraystr = join(":", @array);
&ex('reorder_messages', $FORM{"HTTP_REFERER"}, $arraystr);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
}
if ($FORM{'action'} eq "edit_message") {
&check_passwd;
&extract($FORM{'HTTP_REFERER'});
&verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit messages in this topic!");
$source = $FORM{"message"};
($lint, $message) = &ex('webtags', $source, 0, 1);
&error_message ("Edit Message Error", "You cannot specify a blank message!") if $message eq "";
$FORM{'submit'} = "Preview" if $lint eq "!Error";
$error_force = 1 if $lint eq "!Error";
if ($pro) {
($removed, $added) = &ex('compare_source', $source, $topic_number, $me_number, $FORM{'postindex'});
if ($added) {
$FORM{'submit'} = "Preview";
$message = "<H3>Editing Error</H3>The following references to images or attachments have been modified:<P><UL>";
@added = split(/\n/, $added);
foreach $line (@added) {
$message .= "<LI>$line\n";
}
$message .= "</UL><P>Repair or remove these references, or cancel your editing.";
}
}
if ($FORM{'submit'} =~ /Preview/) {
&ex('edit_message_form', $topic_number, $me_number, $FORM{"postindex"}, $source, $message, $FORM{"username"}, $error_force);
exit(0);
}
&ex('save_edited_message', $topic_number, $me_number, $FORM{"postindex"}, &escape($source), $message, $FORM{"username"});
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
if ($FORM{'action'} eq "move_message") {
&check_passwd;
&extract($FORM{'HTTP_REFERER'});
&verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to move messages from this topic!");
($old_topic,$old_page) = ($topic_number, $me_number);
if ($FORM{'click'}) {
&extract ("//$FORM{'click'}.$ext");
&verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to move messages to this topic!");
($new_topic, $new_page) = ($topic_number, $me_number);
$page_num = $new_page;
} else {
$new_topic = "Create";
$new_page = $FORM{'newname'};
}
($new_page, $new_topic) = &ex('move_message', $old_topic, $old_page, $FORM{"move"}, $new_topic, $new_page, $FORM{"parm"});
if ($new_page != 0) {
$page_num = $new_page;
$new_topic = $old_topic if $new_topic =~ /\D/;
&extract ("//$new_topic/$new_page.$ext");
$param =~ s/noneset//g;
if ($param !~ /Messages/) {
&ex('change_layout', $new_topic, $page_num, $param . "Messages");
$param .= "Messages";
if ($param !~ /Add/ && $FORM{"parm"} == 1) {
&ex('change_layout', $new_topic, $page_num, $param . "Add");
}
}
}
&extract("//$new_topic/$new_page.$ext");
($dt) = &ex('get_date_time', "short");
($ts) = &ex('get_date_time', "long");
$ts =~ s/\W//g;
&ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
if ($FORM{'action'} eq 'about_message') {
&check_passwd;
&extract ($FORM{'HTTP_REFERER'});
&verify_owner ($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!");
$FORM{'message'} =~ s/^\s+//; $FORM{'message'} =~ s/\s+$//;
($lint_subj, $new_message) = &ex('webtags', $FORM{'message'}, 1, 1);
$FORM{'submit'} = "Preview" if $lint_subj eq "!Error";
if ($FORM{'submit'} =~ /Preview/) {
$FORM{'message'} =~ s/&/&/g;
$FORM{'message'} =~ s/</</g;
$FORM{'message'} =~ s/>/>/g;
$FORM{'message'} =~ s/"/"/g;
&ex('preview_admin_message', $FORM{"message"}, $new_message, $FORM{"username"}, $FORM{"HTTP_REFERER"}, "about_message", "About Message");
exit(0);
} else {
$file = "$message_dir/$topic_number/$me_number.$ext";
&ex('change_about_message', $file, $FORM{"message"}, $new_message);
($dt) = &ex('get_date_time', "short");
($ts) = &ex('get_date_time', "long"); $ts =~ s/\W//g;
&ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
}
if ($FORM{'action'} eq 'announce_message') {
&check_passwd;
&extract ($FORM{'HTTP_REFERER'});
&verify_owner ($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!");
$FORM{'message'} =~ s/^\s+//; $FORM{'message'} =~ s/\s+$//;
($lint_subj, $new_message) = &ex('webtags', $FORM{'message'}, 1, 1);
$FORM{'submit'} = "Preview" if $lint_subj eq "!Error";
if ($FORM{'submit'} =~ /Preview/) {
$FORM{'message'} =~ s/&/&/g;
$FORM{'message'} =~ s/</</g;
$FORM{'message'} =~ s/>/>/g;
$FORM{'message'} =~ s/"/"/g;
&ex('preview_admin_message', $FORM{"message"}, $new_message, $FORM{"username"}, $FORM{"HTTP_REFERER"}, "announce_message", "Announcement");
exit(0);
} else {
$file = "$message_dir/$topic_number/$me_number.$ext";
&ex('change_announce_message', $file, $FORM{"message"}, $new_message);
($dt) = &ex('get_date_time', "short");
($ts) = &ex('get_date_time', "long"); $ts =~ s/\W//g;
&ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt);
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
}
}
if ($FORM{'action'} eq "change_layout") {
&check_passwd;
&extract ($FORM{'HTTP_REFERER'});
&verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!");
$layout = "";
$layout .= "Sublist" if $FORM{'element1'} eq "on";
$layout .= "Create" if $FORM{'element2'} eq "on";
$layout .= "About" if $FORM{'element3'} eq "on";
$layout .= "Messages" if $FORM{'element4'} eq "on";
$layout .= "Add" if $FORM{'element5'} eq "on";
$layout .= "Announcement" if $FORM{'element6'} eq "on";
$layout .= "Archive" if $param =~ m|Archive|;
&ex('change_layout', $topic_number, $me_number, $layout);
$append = "?username=$FORM{'username'}";
&ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"});
exit(0);
}
&error_message("Invalid Query", "The form action $FORM{action} is not valid for this script");