ftp.sunet.sepub/pictures

home *** CD-ROM | disk | FTP | other *** search

/ ftp.sunet.sepub/pictures / 2014.11.ftp.sunet.se-pictures.tar / ftp.sunet.se / pub / pictures / ACiD-artpacks / www / mirrors / hirez / cgi-bin / discus / board-profile.cgi < prev next >

Wrap

Text File | 1999-02-12 | 12KB | 315 lines

#!/usr/bin/perl $discus_conf = '/usr/local/www/www.hirez.org/discus_admin_149349189/discus.conf'; #Discus user profile editor script (board-profile.cgi) #------------------------------------------------------------------------------- # This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved. # Its use is subject to the license agreement that can be found at the following # URL: http://www.chem.hope.edu/discus/license #------------------------------------------------------------------------------- if (open (FILE, "$discus_conf")) { @file = <FILE>; close (FILE); $evals = ""; foreach $line (@file) { if ($line =~ /^(\w+)=(.*)/) { $varname = $1; $value = $2; $value =~ s/'/\\'/g; $value =~ s/\r//g; $evals .= "\$$varname='$value'; "; } } eval($evals); require "$admin_dir/source/src-board-subs-common"; } else { print "Content-type: text/html\n\n"; print "<HTML><HEAD><TITLE>Script Execution Error</TITLE></HEAD>\n"; print "<BODY BGCOLOR=#ffffff TEXT=#000000>\n"; print "<H1>Script Execution Error</H1>\n"; print "Discus scripts could not execute because the discus.conf file\n"; print "could not be opened."; print "<P>Reason: <FONT COLOR=#ff0000><B>$!</B></FONT>" if $!; print "<P>This generally indicates a setup error of some kind.\n"; print "Consult the <A HREF=\"http://www.chem.hope.edu/discus/rc\">Discus "; print "Resource Center</A> for troubleshooting information.</BODY></HTML>\n"; exit(0); } &parse_form; &read_cookie; #------------------------------------------------------------------------------- $FORM{'username'} =~ tr/A-Z/a-z/; $FORM{'password'} =~ tr/A-Z/a-z/; if ($FORM{'action'} eq "clear_cookie") { print "Set-Cookie: user$COOKIE_ID=nobody; expires=Sunday, 06-Sep-1998 00:00:00 GMT; path=/\n"; print "Set-Cookie: cpwd$COOKIE_ID=nobody; expires=Sunday, 06-Sep-1998 00:00:00 GMT; path=/\n"; print "Set-Cookie: rpwd$COOKIE_ID=nobody; expires=Sunday, 06-Sep-1998 00:00:00 GMT; path=/\n"; print "Set-Cookie: pass$COOKIE_ID=nobody; expires=Sunday, 06-Sep-1998 00:00:00 GMT; path=/\n"; $COOKIE{'user' . $COOKIE_ID} = ""; $COOKIE{'cpwd' . $COOKIE_ID} = ""; $COOKIE{'rpwd' . $COOKIE_ID} = ""; $FORM{'action'} = ""; $script_url =~ m|^http://([^/]+)|; $aft = $'; foreach $key (keys(%COOKIE)) { if ($key =~ m|^auth(\d+)|) { print "Set-Cookie: $key=none; expires=Sunday, 06-Sep-1998 00:00:00 GMT; path=$aft\n"; $COOKIE{$key} = ""; } } } if ($FORM{'action'} eq "") { &header; ($bg, $tx, $li, $vl, $al, $face, $size, $image) = &ex('extract_colorsonly', 1); &ex('printuntil', 1, 1, 0, $L{PROFEDIT_TITLE}); print "<CENTER><FONT SIZE=+1><B>$L{PROFEDIT_TITLE}</B></FONT></CENTER><HR>\n"; print $L{PROFILE_LOGIN}; $ucid = "user$COOKIE_ID"; print "<FORM ACTION=\"$script_url/board-profile.$cgi_extension\" METHOD=POST>\n"; print "<TABLE><TR><TD><FONT FACE=\"$face\" SIZE=$size><B>$L{PROFILE_USERNAME}</B></FONT></TD>\n"; print "<TD><INPUT TYPE=TEXT NAME=username VALUE=\""; print $COOKIE{$ucid} if $COOKIE{$ucid} ne ""; print "\" SIZE=15></TD></TR>\n"; print "<TR><TD><FONT FACE=\"$face\" SIZE=$size><B>$L{PROFILE_PASSWORD}</B></FONT></TD>\n"; print "<TD><INPUT TYPE=PASSWORD NAME=password VALUE=\"\" SIZE=15></TD></TR>\n"; print "</TABLE><P><INPUT TYPE=SUBMIT VALUE=\"$L{PROFILE_LOGIN_BUTTON}\">\n"; print "<INPUT TYPE=HIDDEN NAME=action VALUE=profile_editor_screen>\n"; print "</FORM>\n"; if ($COOKIE{$ucid} ne "") { $ts = $L{LOGIN_YOUARELOGGEDIN}; $cu = $COOKIE{$ucid}; $ts =~ s/\%user/$cu/g; print "<FORM ACTION=\"$script_url/board-profile.$cgi_extension\" METHOD=POST>\n"; print "<HR><INPUT TYPE=HIDDEN NAME=action VALUE=clear_cookie>\n"; print $ts; print "<P>\n"; print "<INPUT TYPE=SUBMIT VALUE=\"$L{LOGIN_CLEARBUTTON}\">\n"; print "</FORM>\n"; } if ($GLOBAL_OPTIONS{'allow_selfreg'}) { print "<FORM ACTION=\"$script_url/board-profile.$cgi_extension\" METHOD=POST>\n"; print "<HR>$L{REG_FRONTSCREEN}<P>\n"; print "<INPUT TYPE=SUBMIT VALUE=\"$L{REG_FRONTSCREEN_BUTTON}\">\n"; print "<INPUT TYPE=HIDDEN NAME=action VALUE=register>\n"; print "</FORM>\n"; } &ex('printuntil', 3, 17, 0, "", 0, 1); exit(0); } if ($FORM{'action'} eq "display_profile") { $profile = $FORM{'profile'}; if ($pro) { &ex('display_profile', $profile); } else { &error_message("$L{FEATURE_NOT_SUPPORTED}", "$L{FEATURE_NOT_SUPPORTED_DESCR}"); } exit(0); } if ($FORM{'action'} eq "register") { &ex('register_1', 1); } if ($FORM{'action'} eq "register_2") { &ex('register_2', 1); } if ($FORM{'action'} eq "display_picture") { $profile = $FORM{'picture'}; &ex('display_picture', $profile); exit(0); } if ($FORM{'action'} eq "sync") { ($result) = &ex('verify_user_password', $FORM{'username'}, $FORM{'password'}, 1); @result = split(/\n/, $result); @result_save = @result; foreach $line (@result) { $line =~ s/\s+$//; ($file, $user, $pass, $email, $full, $edit) = split(/:/, $line); $line = "" if $edit == 0; } @result = grep(/\S/, @result); $s = join("\n", @result); foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit, $notify, $last, $group) = split(/:/, $line); if ($edit == 2 || $edit == 4) { $EMAIL_FORCE = $email; } } foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit, $notify, $last, $group) = split(/:/, $line); if ($file eq $FORM{'file'}) { if ($group eq $FORM{'group'}) { $email = $EMAIL_FORCE if $EMAIL_FORCE; $notify = "*" if $notify eq ""; &ex('save_profile_information', $pass, $email, $full, "", $notify, $last, "", @result_save); &ex('synchronize_PRO', $file, $user, $s) if $pro; last; } } } $FORM{'action'} = "profile_editor_screen"; } if ($FORM{'action'} eq "profile_editor_screen") { ($result) = &ex('verify_user_password', $FORM{'username'}, $FORM{'password'}, 1); @result = split(/\n/, $result); foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit) = split(/:/, $line); $line = "" if $edit == 0; $LINE_FORCE = $line if ($edit == 2 || $edit == 4); } @result = grep(/\S/, @result); if (scalar(@result) == 0) { &error_message($L{PROFILE_AUTHERROR}, $L{PROFILE_AUTHERROR_DESCR}, 0, 1); } $r = $result[0]; $r = $LINE_FORCE if $LINE_FORCE; $r =~ s/\n$//; $s = join("\n", @result); @result_save = @result; ($differences) = &ex('compare_profiles', $s) if !$pro; ($differences) = &ex('compare_profiles_PRO', $s) if $pro; &ex('display_profile_differences', $FORM{'username'}, $FORM{'password'}, $s) if ($differences && !$pro); &ex('display_profile_differences_PRO', $FORM{'username'}, $FORM{'password'}, $s) if ($differences && $pro); ($file, $user, $pass, $email, $full, $edit, $notify, $last, $group) = split(/:/, $r); $file =~ tr/A-Z/a-z/; &ex("profile_editor_screen", $file, $FORM{"username"}, $group, $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor") if !$pro; &ex("profile_editor_screen_PRO", $file, $FORM{"username"}, $group, $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor") if $pro; exit(0); } if ($FORM{'action'} eq "register_info") { $user = $FORM{'username'}; $user =~ s/://g; @group = split(/,/, $FORM{'group'}); undef @result; open (USERS, "$admin_dir/users.txt"); @users = <USERS>; close (USERS); @u = grep(/^$user:/, @users); foreach $line (@u) { chop $line if $line =~ m|\n|; ($u, $p, $e, $f, $d, $n, $l, $g) = split(/:/, $line); if (grep(/^$g$/, @group) || $p eq "*Q*") { push (@result, "USERS:$line\n"); } } @result_save = @result; &ex('info_save_pro', 1); &ex('register_thanks', 1); } if ($FORM{'action'} eq "profile_editor") { ($result) = &ex('verify_user_password', $FORM{'username'}, $FORM{'password'}, 1); @result = split(/\n/, $result); foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit) = split(/:/, $line); $EMAIL_FORCE = $email if ($edit == 2 || $edit == 4); $line = "" if $edit == 0; } @result = grep(/\S/, @result); @result_save = @result; if (scalar(@result) == 0) { &error_message($L{PROFILE_AUTHERROR}, $L{PROFILE_AUTHERROR_DESCR}, 0, 1); } if ($FORM{'action2'} eq "infosave") { $email = $FORM{'profile_email'}; $email = substr($email, 0, 40) if length($email) > 40; $full = $FORM{'profile_fullname'}; $full = substr($full, 0, 40) if length($full) > 40; if ($email =~ m|^([\w\-\+\.]+)\@([\w\-\+\.]+)$|) { $email_new = $email; } else { $email_new = "email"; } if ($full eq "") { $full = "fullname"; } else { $full =~ s/\n//g; $full =~ s/[:<>]//g; } $email_new = $EMAIL_FORCE if $EMAIL_FORCE; &ex('save_profile_information', "", $email_new, $full, "", "", "", "", @result); } if ($FORM{'action2'} eq "notifysave") { if (!$pro) { undef @em; foreach $key (keys(%FORM)) { if ($key =~ m|^notify_(\d+)|) { push (@em, $1); } } $emr = join(",", @em); $emr = "*" if $emr eq ""; &ex('save_profile_information', "", "", "", "", $emr, "", "", @result); } else { &ex('notify_save_pro', 1) if $FORM{'submit'} ne $L{PRED_FIRSTLEVEL}; &ex('select_by_subtopics', $file, $FORM{"username"}, $group, $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor") if $FORM{'submit'} eq $L{PRED_FIRSTLEVEL}; } } if ($FORM{'action2'} eq "preferences") { &ex('prefs_save_pro', 1); } if ($FORM{'action2'} eq "infosection") { &ex('info_save_pro', 1); } if ($FORM{'action2'} eq "changepass") { $p1 = $FORM{'pass_1'}; $p2 = $FORM{'pass_2'}; $p1 =~ tr/A-Z/a-z/; $p2 =~ tr/A-Z/a-z/; while ($p1 =~ m|(\W)|g) { $o = ord($1); $m = $1; &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_ALPHA}) if $o < 126; } &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_MATCH}) if $p1 ne $p2; &error_message($L{PROFILE_CHPASS_ERROR}, $L{PROFILE_CHPASS_ERROR_LENGTH}) if (length($p1) < 1 || length($p2) > 20); srand(time); undef (@salt); for ($i=1; $i<=4; $i++) { push (@salt, int(rand(26))+65); } $salt = pack('c4', @salt); $new_password = crypt($p1, $salt); &ex('save_profile_information', $new_password, "", "", "", "", "", "", @result); if ($FORM{'password'} eq "adminlogin" && $COOKIE{'pass' . $COOKIE_ID} ne "") { print "Set-Cookie: pass", $COOKIE_ID, "=", crypt($new_password, "cookie"), "; path=/\n"; &seturl("$script_url/board-profile.$cgi_extension?action=profile_editor_screen&password=adminlogin&username=$FORM{'username'}"); exit(0); } &header; &ex('printuntil', 1, 1, 0, $L{PROFILE_CHANGEDPASSWORD}); print "<CENTER><FONT SIZE=4><B>$L{PROFILE_CHANGEDPASSWORD}</B></FONT></CENTER><HR>\n"; $l = $L{PROFILE_CHANGEDPASSWORD_DESCR}; print $l if $FORM{'password'} ne "adminlogin"; $l = $L{BPCLICKCONTINUE}; print "<P><CENTER><A HREF=\"$script_url/board-profile.$cgi_extension\">$l</A></CENTER>\n"; &ex('printuntil', 3, 17, 0, "", 0, 1); exit(0); } if ($FORM{'action2'} eq "editpost") { ($key) = grep(/^(\d+)$/, keys(%FORM)); &ex('edit_post_form', 0, 0, $key, "", "", $FORM{'username'}); exit(0); } ($result) = &ex('verify_user_password', $FORM{'username'}, $FORM{'password'}, 1); @result = split(/\n/, $result); foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit, $email, $time, $group) = split(/:/, $line); $line = "" if $edit == 0; } foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit, $email, $time, $group) = split(/:/, $line); if ($edit == 2) { last; } } @result = grep(/\S/, @result); @result_save = @result; &ex("profile_editor_screen", $file, $FORM{"username"}, $group, $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor") if !$pro; &ex("profile_editor_screen_PRO", $file, $FORM{"username"}, $group, $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor") if $pro; } if ($FORM{'action'} eq "edit_message") { ($result) = &ex('verify_user_password', $FORM{'username'}, $FORM{'password'}, 1); @result = split(/\n/, $result); foreach $line (@result) { ($file, $user, $pass, $email, $full, $edit) = split(/:/, $line); $line = "" if $edit == 0; } @result = grep(/\S/, @result); @result_save = @result; if (scalar(@result) == 0) { &error_message($L{PROFILE_AUTHERROR}, $L{PROFILE_AUTHERROR_DESCR}, 0, 1); } &ex('edit_message_action', 1); $file =~ tr/A-Z/a-z/; &ex("profile_editor_screen_PRO", $file, $FORM{"username"}, $group, $FORM{"username"}, "$script_url/board-profile.$cgi_extension", "profile_editor"); } &error_message("Unrecognized action");