#!/usr/bin/perl ############################################################################ # # (c) Philip Chinery, 2001 # ############################################################################ # # guestbook.pl 1.2 # COPYRIGHT NOTICE # Copyright 2001 Philip Chinery # All Rights Reserved. # eMail: philip@chinery.de # URL : http://www.sector7g.de.vu # # Das Gästebuch darf von jedem kostenlos benutzt und geändert werden, solange # dieser Copyright-Verweis und die restlichen Kommentare erhalten bleiben. Mit # dem Einsatz dieses Skripts akzeptieren Sie, daß Philip Chinery von jeglicher # Haftung und Gewährleistung hinsichtlich des Einsatzes befreit ist. # # Der Verkauf dieses Skripts, auch in modifizierter Form, ist ohne vorherige # Absprache ausdrücklich untersagt. # (Mit anderen Worten: Bitte fragen Sie mich, bevor Sie versuchen, mit meinem # Skript Geld zu verdienen.) # # Um dieses Skript über das Internet oder irgendein anderes Medium # weiterzuverbreiten, benötigen Sie vorher meine Erlaubnis. In jeden Fall # müssen der Copyright-Verweis und die restlichen Kommentare erhalten bleiben. # ############################################################################ # # In diesem Script muß normalerweise nichts geändert werden. # ############################################################################ require "settings.pl"; ############################################## # # ToDo: Admin Konfiguration per WebInterface # Badword Filter, Duplikate finden, Autowrap # PageBar, Umlaute codieren # ############################################## $admin = 0; $passwd = &GetPasswd; my @entry; my $num_entries; my $first_entry; my $page; my @data; my $content; my $fix_entries_per_page = $entries_per_page; # Flock detection. # Flock is not supported by Windows Machines. my $useflock = 1; if ($ENV{"OS"} =~ /Windows/gi) {$useflock = 0;} my @template = &ReadTemplate("page.htmlt"); my $glob_tmpl = "@template"; &GetFormInput; if ($field{'passwd'}) { if (&CheckPasswd($field{'passwd'})) { $admin = 1; } else { print "Content-type: text/html\n\n"; print "Falsches Passwort:$field{'passwd'}"; exit 0; } } if ($field{'cwrite'}) { $cwrite = $field{'cwrite'} ; $Name = $field{'Name'} ; $EMail = $field{'EMail'} ; $Homepage = $field{'Homepage'} ; $Text = $field{'Text'} ; $ip = $ENV{'REMOTE_ADDR'}; $time = &GetTimeSpec; &CheckForm; &SaveData; $page = 1; $first_entry = 1 + (($page-1) * $entries_per_page); $content = &ShowEntries; &ShowPage ("$content", 1); } elsif ($field{'action'} eq "submit") { &PrintSubmitForm } elsif ($field{'action'} eq "view") { $page = $field{'page'}; $first_entry = 1 + (($page-1) * $entries_per_page); $content = &ShowEntries; &ShowPage ("$content"); } elsif ($field{'action'} eq "admin") { &ShowLoginForm; } elsif ($field{'action'} eq "changepasswd") { &QueryChangePasswd($field{'passwd'}); } elsif ($field{'action'} eq "execchangepasswd") { &ChangePasswd($field{'old_passwd'}, $field{'new_passwd1'}); } elsif ($field{'action'} eq "delete") { &QueryDeleteEntry($field{'entry'}, $field{'passwd'}); } elsif ($field{'action'} eq "execdelete") { &ChangeEntry($field{'entry'}, "delete") } elsif ($field{'action'} eq "comment") { &QueryCommentEntry($field{'entry'}, $field{'passwd'}); } elsif ($field{'action'} eq "writecomment") { &ChangeEntry($field{'entry'}, "comment", $field{'Comment'}) } else { $page = 1; $first_entry = 1 + (($page-1) * $entries_per_page); $content = &ShowEntries; &ShowPage ("$content"); } ############################################################################### ## ## Begin Subroutines ## ############################################################################### sub ChangeEntry { my $di = 0; my @emptyarray; my @tarray; my @temparray; &GetData("norev"); $entry_nr = $_[0] - 1; #$num_entries - ($_[0]); if ($_[1] eq "delete"){$num_entries--;} foreach $entryline (@data) { if ($di != $entry_nr) { push (@tarray,$entryline) } else { if ($_[1] eq "comment") { @entry = split /\|/, $entryline; $_[2] =~ s/\n/ 
/g; $_[2] =~ tr/|/ /; $entry[$field_comment] = "$_[2]\n"; $entryline = join "\|", @entry; $entryline = $entryline; push (@tarray,$entryline) } } $di++; } @data = @tarray; @tarray = 0; &SaveAll; for ($i = $#data ; $i >= 0; --$i) { push @temparray, $data[$i]; } @data = @temparray; $page = 1; $first_entry = 1 + (($page-1) * $entries_per_page); $content = &ShowEntries(1); &ShowPage ("$content"); } sub QueryChangePasswd { my $adminline1 = ""; my $adminline2 = ""; my $adminline3 = ""; $adminline1 = "Passwort ändern:"; $adminline2 .= ""; $adminline2 .= "
Altes Passwort:
Neues Passwort:
Wiederholung:
"; $adminline3 = ""; &ShowAdminPage($adminline1, $adminline2, $adminline3); } sub QueryDeleteEntry { my $adminline1 = ""; my $adminline2 = ""; my $adminline3 = ""; $adminline1 = "Eintrag löschen:"; $adminline2 = "Soll der Eintrag $_[0] wirklich gelöscht werden?"; $adminline3 = "Ja  Nein"; &ShowAdminPage($adminline1, $adminline2, $adminline3); } sub QueryCommentEntry { my $adminline1 = ""; my $adminline2 = ""; my $adminline3 = ""; $adminline1 = "Kommentar eingeben:"; $adminline2 .= ""; $adminline2 .= "Kommentar: "; $adminline3 = ""; &ShowAdminPage($adminline1, $adminline2, $adminline3); } sub ShowLoginForm { my $adminline1 = ""; my $adminline2 = ""; my $adminline3 = ""; $adminline1 = "Passwort eingeben:"; $adminline2 .= "Passwort: "; $adminline3 = ""; &ShowAdminPage($adminline1, $adminline2, $adminline3); } sub SaveAll { unless(open (DATA, "> $data_file")) { &ShowError("$data_file"); }; if ($useflock) { flock(DATA, 2) ; seek(DATA, 0, 2) ; } foreach $line (@data) { print DATA "$line" ; } if ($useflock) { flock(DATA, 8) ; } close (DATA) ; } sub CheckPasswd { #$_[0] = "geheim"; my $enc_pass = $_[0]; if (substr($passwd,0,2) ne substr($_[0],0,2)) { $enc_pass = crypt($_[0], $passwd); #substr($passwd,0,2)); } #print "Content-type: text/html\n\n"; #print "pass:$passwd\n$enc_pass\n$_[0]\n"; if ($enc_pass eq $passwd) { return 1; } else { return 0; } } sub GetPasswd { my @admin_pass = &ReadTemplate("../../passwd.txt"); return $admin_pass[0]; } sub ChangePasswd { $new_passwd = crypt($_[1], substr($passwd,0,2)); $passwd = $new_passwd; unless(open(PASS,">passwd.txt")) { &ShowError("passwd.txt"); }; if ($useflock) { flock(PASS, 2) ; seek(PASS, 0, 2) ; } print PASS "$new_passwd"; if ($useflock){flock(PASS, 8);} close(PASS); print "Location:$guestbook_name?passwd=$new_passwd \n\n"; } sub ShowAdminPage { my @template = &ReadTemplate("admin.htmlt"); foreach $row (@template) { $row =~ s/\[ADMINLINE1\]/$_[0]/g; $row =~ s/\[ADMINLINE2\]/$_[1]/g; $row =~ s/\[ADMINLINE3\]/$_[2]/g; } print "Pragma: no-cache\n"; print "Expires: now\n"; print "Content-type: text/html\n\n"; print "@template"; } sub ShowPage { my $body = $_[0]; my $pagetmpl = $glob_tmpl; my $row; my $admin_data; my $start_backlink; my $end_backlink; my $start_nextlink; my $end_nextlink; if ($page == 1) { $start_backlink = ""; $end_backlink = ""; } else { if ($admin){ $start_backlink = ""; } else{ $start_backlink = ""; } $end_backlink = "<\/a>"; } $entrymax = ($page * $fix_entries_per_page) + 1; if (($num_entries >= $entrymax) && ($entrymax >= 0)) { if ($admin){ $start_nextlink = ""; } else{ $start_nextlink = ""; } $end_nextlink = "<\/a>"; } $pagetmpl =~ s/\[GBNAME\]/$guestbook_title/g; $pagetmpl =~ s/\[NUMENTRIES\]/$num_entries/g; $pagetmpl =~ s/\[SUBMITHREF\]/$guestbook_name\?action=submit/g; $pagetmpl =~ s/\[PAGENUMBER\]/$page/g; $pagetmpl =~ s/\[STARTBACKLINK\]/$start_backlink/g; $pagetmpl =~ s/\[ENDBACKLINK\]/$end_backlink/g; $pagetmpl =~ s/\[STARTNEXTLINK\]/$start_nextlink/g; $pagetmpl =~ s/\[ENDNEXTLINK\]/$end_nextlink/g; if ($_[1]){$pagetmpl =~ s/\[THANXMSG\]/$thanx_msg/g;} else {$pagetmpl =~ s/\[THANXMSG\]/\ /g;} if ($admin){ $admin_data = "
Passwort ändern"; } $pagetmpl =~ s/\[ADMINDATA\]/$admin_data/g; $pagetmpl =~ s/\[DATA\].*?\[ENDDATA\]/$body/s; print "Pragma: no-cache\n"; print "Expires: now\n"; print "Content-type: text/html\n\n"; print "$pagetmpl"; } sub ShowEntries { if (!$_[0]) { &GetData; } my $i; my $rev_i; my $admin_bar; my @entry; my @template = &ReadTemplate("page.htmlt"); my $tmpl = "@template"; my $comtmpl; my $ttemplate; my $tcommenttemplate; $tmpl =~ s/.*\[DATA\]//s ; $tmpl =~ s/\[ENDDATA\].*//s ; $comtmpl = $tmpl; $comtmpl =~ s/.*\[COMMENTSPACE\]//s ; $comtmpl =~ s/\[ENDCOMMENTSPACE\].*//s ; if ($first_entry == 0) {$first_entry = 1}; if (($num_entries - ($first_entry-1)) < $entries_per_page) {$entries_per_page = ($num_entries - ($first_entry-1))} for ($i = $first_entry ; $i < ($first_entry + $entries_per_page); ++$i) { $line=$data[$i - 1]; chomp $line; @entry = split /\|/,$line; $ttemplate = $tmpl; $tcommenttemplate = $comtmpl; $rev_i = $num_entries - $i + 1; $ttemplate =~ s/\[ENTRYNUMBER\]/$rev_i/g; $ttemplate =~ s/\[NAME\]/$entry[$field_name]/g; $ttemplate =~ s/\[EMAIL\]/$entry[$field_email]/g; $datetime=""; if ($show_time){$datetime = &GetTime($entry[$field_time]);} $datetime .= " ".&GetDate($entry[$field_time]); $ttemplate =~ s/\[TIME\]/$datetime/g; if ($admin) { $admin_bar = "Löschen<\/a>  Kommentar<\/a>"; $ttemplate =~ s/\[IP\]/$entry[$field_ip]/g; } else { $ttemplate =~ s/\[IP\]//g; } $ttemplate =~ s/\[ADMINBAR\]/$admin_bar/g; if ( length( $entry[$field_homepage] ) > 9) { $ttemplate =~ s/\[HOMEPAGE\]/$entry[$field_homepage]/g;} else { $ttemplate =~ s/\[HOMEPAGE\]//g;} $ttemplate =~ s/\[TEXT\]/$entry[$field_text]/g; if ($entry[$field_comment]) { $mycomment = $entry[$field_comment]; $tcommenttemplate =~ s/\[COMMENT\]/$mycomment/g; } else {$tcommenttemplate=""; } $ttemplate =~ s/\[COMMENTSPACE\].*\[ENDCOMMENTSPACE\]/$tcommenttemplate/s; $content .= "$ttemplate"; } return $content; } sub ReadTemplate { my @content; unless(open(TEMPLATE,"<$template_dir\/$desgin_nr\/$_[0]")) { &ShowError("$template_dir\/$design_nr\/$_[0]"); } while(