#!/usr/bin/perl # $ # $ (Guestbook version 3.6) # $ # $ Thank you for using my guestbook script, this has been popular with the web community # $ and I have noticed many people using it on the internet, especially 2 sites that I # $ know of that have been offering use of it for free. This means a lot to me because # $ they have chosen it over the many other guestbook scripts out there. # $ # $ This code is distributed in the hope that is will be useful but WITHOUT ANY # $ WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY DISCLAMED. This includes # $ but isn't limited to warranties of MERCHANTABILITY or FITNESS FOR A PARTICULAR # $ PURPOSE. The RESELLING of this code is STRICTLY PROHIBITED. # $ # $ $Revision: 3.6 # $ $Author: Paul Williams # $ $Email: paul@rainbow.nwnet.co.uk # $ $URL: http://scripts.marschall.net/ # $ $Created: 05/07/1996 17:16 # $ $Last Modified: 12/12/1998 17:03 [After Manchester United v's Spurs 'not in a good mood'] # $ # $ Copyright 1996, 1997, 1998 Cougasoft. All rights reserved. # $ # $ Set $US to a zero value or just comment it out if you are outside the # $ US this basically takes out the state textbox in the sign-guestbook section. $US = 1; # $ If you want to speed things up inside the script (mainly not on check each # $ run for the location of certain files) set $SLOW to zero or uncomment it, # $ the script will then run that little bit faster. $SLOW = 1; # $ I have noticed on the SunOS that perl can sometimes not locate the presence # $ of sendmail (could be like this on other Os's but..) if set to 0 or commented # $ out, the program will not check the existence of sendmail. $CHECK_MAILPROG = 1; # # $-------------------------------------------------------------------------------------------- # # M A I N P R O G R A M # # $-------------------------------------------------------------------------------------------- # # $ I have changed from using do to my own preference subroutine, it calls all the # $ data in as keys and data then places them in a %PREF hash. unless ( ($pref = &preferences("data/igb-pref.pref", 27) ) == 1 || ($pref2 = &preferences("igb-pref.pref", 27) ) == 1) { print "Content-type: text/plain\n\n"; print "Error initiating preference file(s);\n\n"; print "$pref\n$pref2\n"; exit; } # # $-------------------------------------------------------------------------------------------- # # S O R T F O R M I N P U T # # $-------------------------------------------------------------------------------------------- # # $ Only try to read input on STDIN if we have a CONTENT_LENGTH if ($ENV{'CONTENT_LENGTH'}) { read(STDIN, $input, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $input); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s/<([^>]|\n)*>//g if ($PREF{'html'}); $INPUT{$name} = $value; } } # # $-------------------------------------------------------------------------------------------- # # A C T I O N = S I G N G U E S T B O O K # # $-------------------------------------------------------------------------------------------- # if ($ENV{'QUERY_STRING'} eq "action=sign-guestbook") { &top_html("Sign in...", 2); print "
\n" . "\n" . "\n" . "\n\n" . "\n" . "\n\n" . "\n" . "\n\n" . "\n" . "\n\n" . "\n" . "\n\n"; print "
À̸§[Name]
Email
ȨÆäÀÌÁö[URL]*
³²±â½Ç ¸»¾¸[Comments]
 
\n"; &bottom(1); } # # $-------------------------------------------------------------------------------------------- # # A C T I O N = R A N D O M L I N K # # $-------------------------------------------------------------------------------------------- # elsif ($ENV{'QUERY_STRING'} eq "action=random-link") { open(DATA, "$PREF{'data'}") || ¬ify("501 Data Server Error", "I was not able to find the \$data file
upload it to and try again

If this is not admin, please let him/her
know about this problem.", 0); @data = ; close(DATA); srand(time ^ $$); for ($n = 0; $n < 3; $n++) { $l = $data[rand($#data)]; ($email, $name, $city, $state, $comment, $link, $date, $country) = split('\|\|', $l); if ($link =~ m`^http://`) { print "Location: $link\n\n"; exit(0); } print "Location: http://www.koreabonsai.com/\n\n" if ($n == 2); } } # # $-------------------------------------------------------------------------------------------- # # A C T I O N = S I G N E D G U E S T B O O K # # $-------------------------------------------------------------------------------------------- # elsif ($ENV{'QUERY_STRING'} eq "action=signed-guestbook") { # $ Prevents people posting from outside your server, its not a perfect check # $ but its good enough for checking where the post came from (in my opinion ;) ¬ify("500 Internal Server Error", "[BAD HTTP_REFERER !]", 2) if ($ENV{'HTTP_REFERER'} !~ /^http:\/\/$ENV{'HTTP_HOST'}$ENV{'SCRIPT_NAME'}/); &missing("FIRST NAME") unless $INPUT{'FIRST-NAME'}; &missing("COMMENTS") unless $INPUT{'comments'}; if ($INPUT{'LINK'}) { ¬ify("501 Data Server Error", "There is a problem with the URL.", 1) if ($INPUT{'LINK'} !~ /^http:\/\/[\w\W]+\.[\w\W]+$/); } $comments = $INPUT{'comments'}; $INPUT{'comments'} =~ s/\s/ /g; $INPUT{'EMAIL'} =~ tr/A-Z/a-z/; $INPUT{'comments'} =~ s/fuck|twat\b|dick|bellend\b|poes\b|chood\b|coochka\b|mrdat\b|prcat\b|hai\b|chao\b|kurat\b|vitt\b|vittu\b|encule\b|foutre\b|fick\b|pule\b|cunt\b|fitte\b|pikk\b|coor-va\b|foda-se\b|bastard\b|bollocks\b|clit\b|faggot\b|gangbang\b|tosser\b|wanker\b|tosspot\b|shit\b|whore\b|pillock\b|frigging\b|shite\b/[BAD]/gi; (@longwords) = split(/\s+/, $INPUT{'comments'}); $INPUT{'comments'} = ""; foreach (@longwords) { $INPUT{'comments'} .= "$_ " unless (length > 28); } &write(); &sendmail(); &top_html("Success !", 2); print "
\n\n"; print "\n\n" if ($INPUT{'FIRST-NAME'}); print "\n\n" if ($INPUT{'LAST-NAME'} !~ /--/); print "\n" if ($INPUT{'EMAIL'} !~ /--/); print "\n\n" if ($INPUT{'CITY'} !~ /--/); print "\n\n" if ($INPUT{'STATE'} !~ /--/); print "\n\n" if ($INPUT{'COUNTRY'} !~ /--/); print "\n\n" if ($INPUT{'LINK'} !~ /--/); print "\n\n" if ($INPUT{'comments'}); print "\n\n" if ($INPUT{'nopost'}); print "\n" if (!$INPUT{'nopost'}); print "\n" if ($INPUT{'nopost'}); print "
First Name$INPUT{'FIRST-NAME'}
Last Name$INPUT{'LAST-NAME'}
Email.Address\n$INPUT{'EMAIL'}
City$INPUT{'CITY'}
State$INPUT{'STATE'}
Country$INPUT{'COUNTRY'}
Link [URL]$INPUT{'LINK'}
Comments$INPUT{'comments'}
Posted ?This was not posted to the guestbook.

Thank you for signing my guestbook, please click here " . "to view your post! 

Thank you for your comment, please click here " . "to return to my site! 
\n"; &bottom(0); } # # $-------------------------------------------------------------------------------------------- # # A C T I O N = E L S E # # $-------------------------------------------------------------------------------------------- # else { &status() if $SLOW; open(DISPLAY, "$PREF{'data'}") || ¬ify("500 Internal Server Error", "I was unable to find the \$data file,
please upload it to the data directory and try again

If this is not administration, please let him/her
know about this problem.", 0); if ($PREF{'display'} == 2) { @lines = reverse(); } else { @lines = ; } close(DISPLAY); &top_html("Welcome !", 1); print "
\n"; foreach (@lines) { ($email, $name, $city, $state, $comment, $link, $date, $country) = split('\|\|'); print "\n\n\n\n"; print "\n\n\n\n"; } print "\n\n\n\n"; print "
 "; print "
"; print "$name - $date
\n"; print "$city " unless $city eq "--"; print "$state " unless $state eq "--"; print "($country)" if ($country ne "--" && !$country); print "
" unless $state eq "--" && $city eq "--"; print "$comment
\n\n"; print "$link\n" unless $link eq "--"; print ""; print "
 "; print "
\n"; # $ Please don't change this and claim you wrote the script, I have seen it # $ happen on quite a few websites, its a little dis-heartening, thank you :) print "

Script written by Paul Williams " . "CougaSoft

"; &bottom(1); } # # $-------------------------------------------------------------------------------------------- # # S U B R O T I N E S # # $-------------------------------------------------------------------------------------------- # sub top_html { print "Content-type: text/html\n\n" . # $ Please don't change this, people also seem to like to alter this which is # $ also a little dis-heartening, especially as its hidden inside the html output "\n" . "\n" . "\n" . " $PREF{'gbname'} Guestbook - $_[0]\n" . "\n" . "\n\n"; print "
\n\n"; print "
[Sign Guestbook]" . "

" if $_[1] == 1; print "
[View Guestbook]" . "

" if $_[1] == 2; } # # $-------------------------------------------------------------------------------------------- # # S U B - W R I T E G U E S T B O O K # # $-------------------------------------------------------------------------------------------- # sub write { $INPUT{'CITY'} = "--" unless $INPUT{'CITY'}; $INPUT{'STATE'} = "--" unless $INPUT{'STATE'}; $INPUT{'COUNTRY'} = "--" unless $INPUT{'COUNTRY'}; $INPUT{'LINK'} = "--" unless $INPUT{'LINK'}; open(FILE, "$PREF{'data'}") || ¬ify("500 Internal Server Error", "I was not able to find the \$data file
upload it to and try again

If this is not admin, please let him/her
know about this problem.", 0); @link = ; foreach (@link) { ($email, $name, $city, $state, $comment, $link, $date, $country) = split('\|\|'); ¬ify("500 Internal Server Error", "Your post has already been added to the database.
Please " . "click here to read it.", 0) if ($comment eq $INPUT{'comments'}); } close(FILE); if (!$INPUT{'nopost'}) { &date(); $init = 0; $PREF{'maximum'} -= 1; open(FILE, "> $PREF{'data'}") || ¬ify("500 Internal Server Error", "I was not able to write to the \$data file
chmod it to 666 and try again

If this is not admin, please let him/her
know about this problem.", 0); print FILE "$INPUT{'EMAIL'}||$INPUT{'FIRST-NAME'} $INPUT{'LAST-NAME'}||$INPUT{'CITY'}||" . "$INPUT{'STATE'}||$INPUT{'comments'}||$INPUT{'LINK'}||$date||$INPUT{'COUNTRY'}||\n"; while ($init != $PREF{'maximum'}) { print FILE "$link[$init]"; $init++; } close(FILE); } } # # $-------------------------------------------------------------------------------------------- # # S U B - S E N D M A I L # # $-------------------------------------------------------------------------------------------- # sub sendmail { if ($PREF{'email_you'}) { $PREF{'MAIL'} =~ s/%n/$INPUT{'FIRST-NAME'}/g; $PREF{'MAIL'} =~ s/%l/$INPUT{'LAST-NAME'}/g; $PREF{'MAIL'} =~ s/%e/$INPUT{'EMAIL'}/g; $PREF{'MAIL'} =~ s/%u/$INPUT{'LINK'}/g; $PREF{'MAIL'} =~ s/%c/$INPUT{'comments'}/g; $PREF{'MAIL'} =~ s/%g/http:\/\/$ENV{'SERVER_NAME'}$ENV{'SCRIPT_NAME'}/g; $PREF{'MAIL'} =~ s/\\n/\n/g; open(MAIL, "| $PREF{'mailpgrm'} -t") || ¬ify("500 Internal Server Error", "I was not able to pipe to the sendmail program
verify the location and try again

If this is not admin, please let him/her
know about this problem.", 0); print MAIL "To: $INPUT{'FIRST-NAME'} <$INPUT{'EMAIL'}>\n"; print MAIL "From: $PREF{'yourname'} <$PREF{'youremail'}>\n"; print MAIL "Subject: $PREF{'subject'}\n"; print MAIL "\n"; print MAIL "$PREF{'MAIL'}\n\n"; close(MAIL); } &date(); if ($INPUT{'nopost'}) { open(MAIL, "| $PREF{'mailpgrm'} -t") || ¬ify("500 Internal Server Error", "I was not able to pipe to the sendmail program
verify the location and try again

If this is not admin, please let him/her
know about this problem.", 0); print MAIL "To: $PREF{'yourname'} <$PREF{'youremail'}>\n"; print MAIL "From: webmaster\@koreabonsai.com\n"; print MAIL "Subject: New KoreaBonsaiAssociation signing [$date]\n"; print MAIL "\n"; print MAIL "Intended as comment:-\n"; print MAIL "\n"; print MAIL "Name : $INPUT{'FIRST-NAME'} $INPUT{'LAST-NAME'}\n"; print MAIL "E-mail : $INPUT{'EMAIL'}\n"; print MAIL "Original Comment :\n"; print MAIL " $comments\n\n\n"; print MAIL "\n"; print MAIL "\n\n\n"; print MAIL "---------------------------------------->>-\n"; close(MAIL); } if ($PREF{'notify'}) { open(MAIL, "| $PREF{'mailpgrm'} -t") || ¬ify("500 Internal Server Error", "I was not able to pipe to the sendmail program
verify the location and try again

If this is not admin, please let him/her
know about this problem.", 0); print MAIL "To: $PREF{'yourname'} <$PREF{'youremail'}>\n"; print MAIL "From: webmaster\@koreabonsai.com\n"; print MAIL "Subject: New KoreaBonsaiAssociation signing [$date]\n"; print MAIL "\n"; print MAIL "New posting:-\n"; print MAIL "\n"; print MAIL "Name : $INPUT{'FIRST-NAME'} $INPUT{'LAST-NAME'}\n"; print MAIL "E-mail : $INPUT{'EMAIL'}\n"; print MAIL "Comment :\n"; print MAIL " $comments\n\n\n"; print MAIL "\n"; print MAIL "\n\n\n"; print MAIL "---------------------------------------->>-\n"; close(MAIL); } } # # $-------------------------------------------------------------------------------------------- # # S U B - M A I L C H E C K # # $-------------------------------------------------------------------------------------------- # # $ Checks the argument $_[0] for correct email syntax, this little regexp # $ doesn't actually check everything but i think its good enough for now ;) sub mailcheck { if (($_[0] =~ /[,|\/\\]|(@.*@)|(\.\.)|(\.$)/) || ($_[0] !~/^[\w\-\.]+[\%\+]?[\w\-\.]*\@[0-9a-zA-Z\-]+\.[0-9a-zA-Z\-\.]+$/)) { ¬ify("E-mail address problem !", "There is a problem with your e-mail !", 1); } } # # $-------------------------------------------------------------------------------------------- # # S U B - D A T E # # $-------------------------------------------------------------------------------------------- # # $ simply concats the date format into the $date variable ready for inclusion in # $ the script, to initiate the variable $date, &date(); must be called before its use sub date { @days = ('Sun','Mon','Tues','Wed','Thur','Fri','Sat'); @months = ('Jan','Feb','Mar','Apr','May','Jun','Jul', 'Aug','Sept','Oct','Nov','Dec'); ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); $hour = "0$hour" if ($hour < 10); $min = "0$min" if ($min < 10); $sec = "0$sec" if ($sec < 10); # $ Alter this to however you want the data to appear, know what your doing ! $date = "$months[$mon] $mday 19$year - $hour.$min"; } # # $-------------------------------------------------------------------------------------------- # # S U B - S T A T U S ( C H E C K ) # # $-------------------------------------------------------------------------------------------- # # $ Check the status of the user, if the data file can't be found we let # $ the user know, this is part of my error checking coding, I try to make # $ it as easy as possible to catch errors with all of my scripts sub status { if (!-e "$PREF{'data'}" || ($CHECK_MAILPROG && !-e "$PREF{'mailpgrm'}")) { &top_html("500 Internal Server Error", 0); print "
\n" . "\n" . "\n"; print "\n
\n" . "
Currently -
"; print "
Guestbook Data File
\n" if (!-e "$PREF{'data'}"); print "
Mail Program [Sendmail]
" if ($CHECK_MAILPROG && !-e "$PREF{'mailpgrm'}"); print "
Can not be found.
\n" . "
Please update location(s) in Administration.
\n" . "
\n\n"; &bottom(1); } } # # $-------------------------------------------------------------------------------------------- # # S U B - N F R A M E # # $-------------------------------------------------------------------------------------------- # # $ notifying frame - just a simple subroutine that prints out a table with # $ the first argument you pass it embedded in it, saves me a lot of time ! sub nframe { print "
\n" . " \n\n \n"; print "
\n" . " $_[0]
\n\n"; } # # $-------------------------------------------------------------------------------------------- # # S U B - M I S S I N G # # $-------------------------------------------------------------------------------------------- # # $ subroutine I call when a variable is missing, in the future, I might # $ include this in the parsing function above which would save xxx time and # $ also let people change my scripts more successfully ? sub missing { &top_html("Missing Field", 0); &nframe("Missing Field [$_[0]]
Return to the " . " F O R M and try again."); &bottom(1); } # # $-------------------------------------------------------------------------------------------- # # S U B - N O T I F Y # # $-------------------------------------------------------------------------------------------- # # $ there are 3 arguments passed to this function, 1=TITLE, 2=DISPLAY_TEXT, 3=ADDITIONAL # $ the title is self explanatory, the display text is just the text you would like to # $ display to the user and the additional is which additional text to add to the nframe sub notify { local($xtra); $xtra = "
Return to the F O R M and try again." if $_[2] == 1; $xtra = "
Return to my S I T E and surf on." if $_[2] == 2; &top_html("$_[0]", 0); &nframe("$_[1] $xtra"); &bottom(1); } # # $-------------------------------------------------------------------------------------------- # # S U B - B O T T O M # # $-------------------------------------------------------------------------------------------- # # $ hmmmmm ? what does this do I hear you all cry, well I just don't know, I wrote # $ it a long time ago and took me about an hour but I don't know what its for ?!?! # $ [please note I was being sarcastic, no more emails about what it does] ;) sub bottom { printf("\n"); printf("\n"); exit(0) if ($_[0]); } # # $-------------------------------------------------------------------------------------------- # # S U B - P R E F E R E N C E S # # $-------------------------------------------------------------------------------------------- # sub preferences { local($no, $prefno); open(PREF, $_[0]) || return "$_[0]: Preference file can not be found"; for ($no = 1; (); $no++) { if (/^#|^;/) { $PREF{'__COMMENTS__'} .= $_ if (!$prefno); } elsif (/^(\w+)\s*=\s?(.*)$/) { $PREF{$1} = $2; $prefno++; } else { return "$_[0]:Line $no: incorrect preference structure."; } } close(PREF); return ($_[1] == $prefno) ? 1 : "$_[0]: Incorrect number of preferences."; } # # $-------------------------------------------------------------------------------------------- # =========================================================================================== # $-------------------------------------------------------------------------------------------- #