ftp.sunet.sepub/pictures

home *** CD-ROM | disk | FTP | other *** search

/ ftp.sunet.sepub/pictures / 2014.11.ftp.sunet.se-pictures.tar / ftp.sunet.se / pub / pictures / ACiD-artpacks / www / mirrors / hirez / cgi-bin / discus / board-admin.cgi < prev next >

Wrap

Text File | 1999-02-12 | 12KB | 279 lines

#!/usr/bin/perl $discus_conf = '/usr/local/www/www.hirez.org/discus_admin_149349189/discus.conf'; #Discus board administration script (board-admin.cgi) #------------------------------------------------------------------------------- # This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved. # Its use is subject to the license agreement that can be found at the following # URL: http://www.chem.hope.edu/discus/license #------------------------------------------------------------------------------- if (open (FILE, "$discus_conf")) { @file = <FILE>; close (FILE); $evals = ""; foreach $line (@file) { if ($line =~ /^(\w+)=(.*)/) { $varname = $1; $value = $2; $value =~ s/'/\\'/g; $value =~ s/\r//g; $evals .= "\$$varname='$value'; "; } } eval($evals); require "$admin_dir/source/src-board-subs-common"; } else { print "Content-type: text/html\n\n"; print "<HTML><HEAD><TITLE>Script Execution Error</TITLE></HEAD>\n"; print "<BODY BGCOLOR=#ffffff TEXT=#000000>\n"; print "<H1>Script Execution Error</H1>\n"; print "Discus scripts could not execute because the discus.conf file\n"; print "could not be opened."; print "Reason: $!" if $!; print "This generally indicates a setup error of some kind.\n"; print "Consult the <A HREF=\"http://www.chem.hope.edu/discus/rc\">Discus "; print "Resource Center</A> for troubleshooting information.</BODY></HTML>\n"; exit(0); } require "$admin_dir/source/src-board-subs-admin"; &parse_form; &read_cookie; if ($FORM{'action'} eq "profile_editor") { &check_passwd; &ex("profile_editor_screen", "passwd", $FORM{"username"}, "", $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor"); } if ($FORM{'action'} eq "manual_restore") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this!") if $FORM{'username'} ne $superuser; &ex('manual_restore', $FORM{'file'}, $FORM{'perform'}, $FORM{'selection'}); exit(0); } if ($FORM{'action'} eq "auto_restore") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this!") if $FORM{'username'} ne $superuser; &ex('manual_restore', $FORM{'file'}, "rest2", "*"); exit(0); } if ($FORM{'action'} eq "analyze_log") { &check_passwd; &ex('log_analysis_access', $FORM{'username'}, $FORM{'analyze'}) if $FORM{'perform'} == 1; &ex('log_analysis_by_user', $FORM{'username'}, $FORM{'analyze'}) if $FORM{'perform'} == 2; exit(0); } if ($FORM{'action'} eq "create_backup") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this!") if $FORM{'username'} ne $superuser; &ex('create_backup', $FORM{'filename'}, $FORM{'element1'}, $FORM{'element2'}, $FORM{'element3'}, $FORM{'element4'}, $FORM{'element5'}); &ex('backup_mgr', 1); exit(0); } if ($FORM{'action'} eq "bumgr") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this!") if $FORM{'username'} ne $superuser; &ex('bumgr', 1); &ex('backup_mgr', 1); exit(0); } if ($FORM{'action'} eq "profile_fields") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this!") if $FORM{'username'} ne $superuser; &ex('profile_fields_save', 1) if $FORM{'save'}; &ex('profile_fields', 1); exit(0); } if ($FORM{'action'} eq "email_list") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this!") if $FORM{'username'} ne $superuser; &ex('email_list', $FORM{'prm'}); exit(0); } if ($FORM{'action'} eq "data_recovery") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access the data recovery utility") if $FORM{'username'} ne $superuser; &ex("data_recovery_action", $FORM{'topic'}, $FORM{'fixem'}); exit(0); } if ($FORM{'action'} eq "data_recovery_top") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access the data recovery utility") if $FORM{'username'} ne $superuser; &ex("data_recovery_top", $FORM{'rectype'}); exit(0); } if ($FORM{'action'} eq "archive_options") { &check_passwd; &error_message("Permissions Error", "Only the superuser may save options that affect archiving") if $FORM{'username'} ne $superuser; &ex('save_archive_options', 1); &ex('archive_mgr', 1); } if ($FORM{'action'} eq "options_save") { &check_passwd; &error_message("Permissions Error", "Only the superuser may save options that affect the entire board") if $FORM{'username'} ne $superuser; &ex('options_save', 1); &ex('options_mgr', 1); } else { if ($GLOBAL_OPTIONS{'admin'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1) { &error_message("Administration Disabled", "Administration has been disabled on this board for all moderators except the superuser.") if $FORM{'username'} ne $superuser; } } if ($FORM{'action'} eq "email_save") { &check_passwd; &error_message("Permissions Error", "Only the superuser may save options that affect the entire board", 0, 1) if $FORM{'username'} ne $superuser; &error_message("Permissions Error", "The e-mail notification settings are read-only. To remove this restriction, move the email.txt file from the $admin_dir/source directory into your $admin_dir directory.", 0, 1) if -e "$admin_dir/source/email.txt"; &ex('email_configuration', 1); &ex('email_configurator', 1); } if ($FORM{'action'} eq "prune_board") { &check_passwd; &error_message("Permissions Error", "Only the superuser may access this option") if $FORM{'username'} ne $superuser; $FORM{'prune_days'} =~ s/\D//g; &error_message("Archive/Prune Error", "The number of days you specified is invalid") if $FORM{'prune_days'} <= 0; foreach $key (keys(%FORM)) { if ($key =~ m|prune_(\d+)|) { $topic = $1; &ex('prune_messages', $topic, $FORM{'prune_days'}, $FORM{'dowhat'}); } } &ex('archive_mgr', 1); } if ($FORM{'action'} eq "cuss_save") { &check_passwd; &error_message("Permissions Error", "Only the superuser may save options that affect the entire board") if $FORM{'username'} ne $superuser; &ex('cuss_save', $FORM{'cusswords'}); &ex('profanity_editor', 1); } if ($FORM{'action'} eq "queue_edit") { &check_passwd; @q = &ex('check_queue', $FORM{'username'}); $FORM{'number'} =~ s/\D//g; foreach $line (@q) { $line =~ m|^(\d+)/(\d+)|; if ($1 == $FORM{'number'}) { &ex('queue_edit', $FORM{'username'}, $FORM{'number'}, $FORM{'submit'}, $FORM{'subject'}, $FORM{'message'}, $2); } } &error_message("Queue Error", "The message you attempted to edit is no longer in the queue."); } if ($FORM{'action'} eq "queue_action") { &check_passwd; @q = &ex('check_queue', $FORM{'username'}); if ($FORM{'SELECTION'} =~ /((approve)|(refuse))(\w+)/) { $todo = $4; $action = $1; if ($todo ne "all") { $todo =~ s/\D//g; if ($todo != 0) { &ex('queue_action', $FORM{'username'}, $todo, $action, $FORM{'form'}); } } else { @mark = split(/,/, $FORM{'MARK'}); foreach $num (@mark) { $num =~ s/\D//g; &ex('queue_action', $FORM{'username'}, $num, $action, $FORM{'form'}, 1); } } } &ex('queue_mgr_1', $FORM{'username'}, 1); exit(0); } if ($FORM{'action'} eq 'show_secure_graphic') { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!"); &ex('show_secure_image', $FORM{'file'}, $FORM{'type'}); exit(0); } if ($FORM{'action'} eq "access_edit_simple") { &check_passwd; &extract("/$FORM{'topic'}/$FORM{'topic'}.$ext"); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit access in this topic!"); &ex('posting_options', $FORM{'topic'}, $FORM{'anondisable'}, $FORM{'stampdisable'}, $FORM{'emaildisable'}); &ex('access_edit_simple', $FORM{'topic'}, "posting", $FORM{'publicbox'}, $FORM{'modgroup'}, $FORM{'usergroup'}, $FORM{'modall'}, $FORM{'userall'}, $owner, $FORM{'kill'}); &ex('access_mgr_2', $FORM{'topic'}, $FORM{'username'}); exit(0); } if ($FORM{'action'} eq "access_pro") { &check_passwd; &extract("/$FORM{'topic'}/$FORM{'topic'}.$ext"); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit access in this topic!"); &ex('access_edit_configure', $FORM{'word'}, $FORM{'do'}); exit(0); } if ($FORM{'action'} eq "access_edit_pro") { &check_passwd; &extract("/$FORM{'topic'}/$FORM{'topic'}.$ext"); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit access in this topic!"); $file = ""; $file = "security" if $FORM{'privs'} eq "reading"; $file = "posting" if $file eq ""; &ex('aedit_pro', $topic_number, $file); &ex('access_mgr_2_pro', $FORM{'topic'}, $FORM{'username'}); exit(0); } if ($FORM{'action'} eq "access_edit_advanced") { &check_passwd; &extract("/$FORM{'topic'}/$FORM{'topic'}.$ext"); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit access in this topic!"); $file = ""; $file = "security" if $FORM{'privtype'} eq "reading"; $file = "posting" if $file eq ""; &ex('advanced_access_editor', $file, $FORM{'do'}, $topic_number); &ex('access_mgr_2_pro', $FORM{'topic'}, $FORM{'username'}); exit(0); } if ($FORM{'action'} =~ m|^reg_config_save|) { &check_passwd; &error_message("Permissions Error", "You must be the superuser to access this function!") if $FORM{'username'} ne $superuser; &ex('save_selfreg_config', $FORM{'banned'}) if $FORM{'action'} eq "reg_config_save"; &ex('save_selfreg_config_rs', 1) if $FORM{'action'} eq "reg_config_save_rs"; if ($FORM{'action'} eq "reg_config_save_welcome") { $FORM{'message'} =~ s/^\s+//; $FORM{'message'} =~ s/\s+$//; ($lint_subj, $new_message) = &ex('webtags', $FORM{'message'}, 1, 1); $FORM{'submit'} = "Preview" if $lint_subj eq "!Error"; if ($FORM{'submit'} =~ /Preview/) { $FORM{'message'} =~ s/&/&/g; $FORM{'message'} =~ s/</</g; $FORM{'message'} =~ s/>/>/g; $FORM{'message'} =~ s/"/"/g; &ex('preview_admin_message', $FORM{"message"}, $new_message, $FORM{"username"}, "", "reg_config_save_welcome", "Welcome Message"); exit(0); } else { &ex('save_selfreg_config_welcome', $FORM{'message'}, $new_message); } } &ex('reg_configurator', 1); exit(0); } ########################################################################## # SET INITIAL PASSWORD FOR THE SUPERUSER ########################################################################## if ($FORM{'action'} eq "password") { &check_passwd(0,1); &error_message("Permissions Error", "You must be the superuser to access this function!") if $FORM{'username'} ne $superuser; &lock("$admin_dir/passwd.txt"); open (PASS, "$admin_dir/passwd.txt") || &error_message("File Read Error", "Cannot read your passwd.txt file."); @pass = <PASS>; close (PASS); open (PASS, ">$admin_dir/passwd.txt") || &error_message("File Write Error", "Cannot write to your passwd.txt file. Check that you have set permissions properly on that file."); print PASS @pass; close (PASS); &unlock("$admin_dir/passwd.txt"); ($result) = grep(/^$superuser:/, @pass); $result = "PASSWD:$result"; @result = ($result); $p1 = $FORM{'pass1'}; $p2 = $FORM{'pass2'}; $p1 =~ tr/A-Z/a-z/; $p2 =~ tr/A-Z/a-z/; &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_ALPHA}) if $p1 =~ /\W/; &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_MATCH}) if $p1 ne $p2; &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_LENGTH}) if length($p1) < 2; srand(time); undef (@salt); for ($i=1; $i<=4; $i++) { push (@salt, int(rand(26))+65); } $salt = pack('c4', @salt); $new_password = crypt($p1, $salt); &ex('save_profile_information', $new_password, "", "", "", "", "", "", @result); &ex('register_discus', 1); exit(0); } ########################################################################## # GENERAL FUNCTIONS ########################################################################## &error_message("Unexplained Error", "The script form values passed to the board administration program produced an unexplained error.");