PC Pro 1999 April

home *** CD-ROM | disk | FTP | other *** search

/ PC Pro 1999 April / DPPCPRO0499.ISO / April / Netobjs / Install.exe / data1.cab / Components / BBSComp / bbs / cgi-bin / bbs-submit.cgi next >

Wrap

Text File | 1998-12-16 | 7.0 KB | 223 lines

#!/bin/perl #!/usr/local/bin/perl $path = "$ENV{'PATH_TRANSLATED'}"; $path =~ s/bbs-submit.cgi//; $configFile = "config"; $configPath = $path.$configFile; require $configPath; print "Content-type: text/html\n\n"; # # This reads in the information sent when the user pressed Submit # if ($ENV{'REQUEST_METHOD'} eq "GET") { $buffer = $ENV{'QUERY_STRING'}; } else { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); } # # Now, using a little loop, we'll split up the data into name/value # pairs, which makes them easier to work with. # @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; } # # Once the name/value pairs have been created, you can work with # them by referring to the variable names you set up in the # original HTML, using $FORM{"varname"}. # # # First, we make sure that they actually gave an email address # #check for error -- REQUIRE ALL ¬complete unless $FORM{'thread'} && $FORM{'time'} && $FORM{'RealTime'}; #$FORM{'name'} =~ s/([\>\<\"\'])/\\$1/g; $FORM{'name'} =~ tr/\n//d; #$FORM{'email'} =~ s/([\>\<\"\'])/\\$1/g; $FORM{'email'} =~ tr/\n//d; # $FORM{'subject'} =~ s/([\>\<\"\'])/\\$1/g; $FORM{'subject'} =~ tr/\n//d; #$FORM{'body'} =~ s/([\>\<\"\'])/\\$1/g; $body = $FORM{'body'}; $body =~ s/\n\r/ /g; $body =~ s/\r\n/ /g; $body =~ s/\r/ /g; $body =~ s/\n/ /g; $name = $FORM{'name'}; $name =~ s/\r//g; $name =~ s/\n/ /g; $name2 = $name; $name2 =~ s/\\/\\\\/g; $name2 =~ s/\"/\\\"/g; $email = $FORM{'email'}; $email =~ s/\r//g; $email =~ s/\n/ /g; $subject = $FORM{'subject'}; $subject =~ s/\r//g; $subject =~ s/\n/ /g; $subject2 = $subject; $subject2 =~ s/\\/\\\\/g; $subject2 =~ s/\"/\\\"/g; ### The following 3 field is internal and self generating. user have no business ### to generate beyond the set allowed &invalidchar if $FORM{'RealTime'} =~ /([*\|\;\&\\\~\^\[\]\$\.\>\<\"\'\n\r])/; &invalidchar if $FORM{'thread'} =~ /([A-z*\|\;\&\\\~\^\[\]\$\.\>\<\"\'\,\n\r])/; &invalidchar if $FORM{'time'} =~ /([A-z*\|\;\&\\\~\^\[\]\$\.\>\<\"\'\,\n\r])/; &invalidchar if $FORM{'parent'} =~ /([A-z*\|\;\&\\\~\^\[\]\$\.\>\<\"\'\,\n\r])/; $realTime = $FORM{'RealTime'}; $realTime =~ s/_/ /g; &makeMessage; &addToIndex; &success; exit; ####################################################################### ############################ Add to data file ####################### ####################################################################### sub addToIndex { select(STDOUT); open(toINDEX,"$INDEX_FILE") || die "can't open $INDEX_FILE\n"; &lock(toINDEX); open(temp, "> $TMP") || die "can't open $TMP\n"; while(<toINDEX>){ if(//){ print temp "parent.addpbbsArray(\"$subject2\",$FORM{'time'},\"$realTime\",\"$name2\",$FORM{'thread'},\"message/$file_handle.html\",\"$FORM{'parent'}\",\"$file_handle\")\n\n"; } else { print temp $_; } } &unlock(toINDEX); close(toINDEX); close(temp); rename($TMP, $INDEX_FILE); } ###################################################################### ############################ Make .dat file ###################### ###################################################################### sub makeMessage { select(STDOUT); $file_handle = getToken(); open(NEW,">> $STORAGE_DIR/$file_handle.html") || die "can't open $STORAGE_DIR/$file_handle.html\n"; select(NEW); print <<"DONE"; <html> <META HTTP-EQUIV="Expires" CONTENT="Sat, 29 Sep 1973 23:59:00 GMT"> <head> <title>$subject</title> </head> <body bgcolor="#FFFFFF"> <script language="JavaScript">  </script><hr> <pre> Name: $name Email: <a href=mailto:$email>$email </a> Subject: $subject Thread: $FORM{'thread'} Time: $realTime </pre><hr>  $body </body> </html> DONE close(NEW); } ############################################################################### ############################ Get Token ####################################### sub getToken{ ###### #lock ###### open(TOKEN,"$TOKEN_FILE") || die "can't open $STORDIR/$file_handle.html\n"; &lock(TOKEN); while (<TOKEN>) { $tokenReturn = "$_"; chop($tokenReturn); } close(TOKEN); open(TOKEN,"> $TOKEN_FILE") || die "can't open $STORDIR/$file_handle.html\n"; $tokenNext = $tokenReturn + 1; select(TOKEN); print <<"DONE"; $tokenNext DONE &unlock(TOKEN); close(TOKEN); select(STDOUT); return $tokenReturn; ####### #unlock ####### } sub lock{ if ($flock_exists == 1){ local ($file_handle); foreach $file_handle (@_){ flock($file_handle, 2); } } } sub unlock{ if ($flock_exists == 1){ local ($file_handle); foreach $file_handle (@_){ flock($file_handle, 8); } } } ############################################################################### ############################ Complete/Success ############################### ############################################################################### sub success{ select(STDOUT); open(EP,"$SUCCESS"); while(<EP>){ $tk = "$_"; $tk =~ s/\#\#\#\#HOME-LOCATION\#\#\#\#/$BBS_HOME/; print "$tk"; } close(EP); exit; } ############################################################################### ############################ Incomplete Error ############################### ############################################################################### sub notcomplete { select(STDOUT); open(EP,"$ERROR"); while(<EP>){ print "$_"; } close(EP); exit; } ############################################################################### ############################ Invalid char ############################### ############################################################################### sub invalidchar { select(STDOUT); open(EP,"$ERROR_CHAR"); while(<EP>){ print "$_"; } close(EP); exit; }