#!/usr/bin/perl ########################################################################################## # # Script: GuestBook.pl (Version 1.5) Monday, January 18, 1999 # Author: Brewster # Url : www.somethingsbrewing.com # Mail : brewster@somethingsbrewing.com # ########################################################################################## ########################################################################################## # # Use of Script and Supporting HTML Agreement... # # You agree that the use of this Perl script and supporting html documents constitutes # acceptance of this script and supporting html documents in an as is condition. There # are no warranties with regard to this script or supporting html documents. # # In no event will the author be liable for any damages whatsoever arising out of or in # connection with the use of this script or supporting html documents. # # Any use of this script and supporting html documents is at your own risk. # # You also agree not to distribute this script or supporting html documents without the # express permission of the author. # # However, at your own risk, you can modify this script and supporting html documents to # match your needs. :-) # ########################################################################################## ########################################################################################## # # Beginning of the configuration section - all items must be configured. # ########################################################################################## # # The system path to the header html used to sign the Guestbook. # $sign_header = "/home/xenios/halkidiki-www/signheader.html"; # # The system path to the footer html used to sign the Guestbook. # $sign_footer = "/home/xenios/halkidiki-www/signfooter.html"; # # The system path to the header html used to view Guestbook entries. # $view_header = "/home/xenios/halkidiki-www/viewheader.html"; # # The system path to the Guestbook entries. # $guests = "/home/xenios/halkidiki-www/cgi-bin/guestbook/GuestBook.txt"; # # The system path to the footer html used to view Guestbook entries. # $view_footer = "/home/xenios/halkidiki-www/viewfooter.html"; # # The location of where "home" is. # $home = "http://halkidiki.com"; # # The location of this script. # $script = "http://halkidiki.com/cgi-bin/GuestBook.pl"; # # The redirect location. # $view_entries = "http://halkidiki.com/cgi-bin/GuestBook.pl?view_entries"; # # The action statement that the preview, sign and edit forms will take. # $process_entry = "http://halkidiki.com/cgi-bin/GuestBook.pl?process_entry"; # # The action that the no Guestbook entries form will take. # $sign_form = "http://halkidiki.com/cgi-bin/GuestBook.pl?sign_form"; # # The first message displayed when signing the Guestbook. # $sign_guestbook_message_1 = "

Sign Our Guestbook

"; # # The second message displayed when signing the Guestbook. # $sign_guestbook_message_2 = "If you would like to see what others have said, we can help with that, too."; # # The third message displayed when signing the Guestbook. # $sign_guestbook_message_3 = "Now for some important instructions."; # # The fourth message displayed when signing the Guestbook. # $sign_guestbook_message_4 = "Be sure to leave your Name and a Message, as they are required!"; # # The first message displayed when viewing the Guestbook. # $view_guestbook_message_1 = "

View Our Guestbook

"; # # The second message displayed when viewing the Guestbook. # $view_guestbook_message_2 = "Gee! Look at what others have had to say about..."; # # The header message displayed when required fields are missing. # $required_message_header = "You Are Missing At Least One Required Field."; # # The footer message displayed when required fields are missing. # $required_message_footer = "Please Try Again."; # # The first message displayed when there are no Guestbook entries. # $no_guestbook_entries_1 = "Whoa! There are no current Guestbook entries. :-("; # # The second message displayed when there are no Guestbook entries. # $no_guestbook_entries_2 = "When Ready, Go Ahead And Sign My Guestbook. :-)"; # # The width of tables, expressed as a percent or in pixels. # $table_width = "750"; # # The maximum number of Guestbook entries displayed on each page. # $max_entries = 5; # # The example of what to place in the url field. # $web_example = "http://www.halkidiki.com"; # # The number of rows displayed in the message field. # $rows = 10; # # The number of columns displayed in the message field. # $columns = 50; # # The primary size associated with all form fields. # $field_length = 50; # # The primary font used throughout the Guestbook. # $font_face = "Comic Sans MS"; # # The primary style associated with the Guestbook form fields. # $style = "font-family: Comic Sans MS"; # # Enable (1) or disable (0) censorship. # $apply_censorship = 1; # # Unacceptable words list. # @censorship_list = ('up yours', 'fuck you', 'fuck', 'shit', 'damn', 'dick', 'pussy', 'cunt', 'spyware', 'diabetes','adipex','phentermine','zoloft','meridia','butalbital','poker','xanax','casino','debt','insurance','dating','gambling','casino','nobody@nohost.com','infectedhost.net'); # # Enable (1) or disable (0) a new window opening when a link is clicked. # $target_top = 0; # # The name of the frame that "home" will reside in when that link is clicked. # $target_frame = "main"; # # Where the mail program is located. # $mailprogram = '/usr/sbin/sendmail'; # # To whom the email notification is mailed. # $recipient = 'guestbook@halkidiki.com'; # # Enable (1) or disable (0) email notification. # $email_notification = 1; # # Email subject. # $subject = "A New Guestbook Entry!"; # # Signed by. # $signed_by = "NIKOS"; # # Enable (1) or disable (0) http referrer checking. # $check_referrer = 1; # # Acceptable list of http referrers (domains) which can run this script. # @referrer_list = ('www.halkidiki.com', 'halkidiki.com'); # # Enable (1) or disable (0) file locking. # $file_locking = 0; ########################################################################################## # # End of the configuration section - any changes below this point will... ;-) Oooo... # ########################################################################################## # # The beginning of the Guestbook script. # &read_standard_input(); &check_referrer() unless $check_referrer == 0; &apply_censorship() unless $apply_censorship == 0; &process_guestbook_entry(); # # Read standard input from the forms. # sub read_standard_input { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s///g; $value =~ s/<([^>]|\n)*>//g; $INPUT{$name} = $value; } } # # Determine if an acceptable http referrer is being used. # sub check_referrer { if ($ENV{'HTTP_REFERER'} =~ /http:\/\/([^\/]+)/) { $referrer_name = $1; $referrer_found = 0; foreach $item (@referrer_list) { if ($referrer_name =~ /$item/i) { $referrer_found = 1; last; } } if ($referrer_found == 0) { print "Content-type: text/html\n\n"; print "

Error: You are not allowed to steal this script. So, stop it!

"; exit; } } } # # Remove unacceptable words. # sub apply_censorship { foreach $item (@censorship_list) { $INPUT{'name'} =~ s/$item/xxxxxxxx/gi; $INPUT{'email'} =~ s/$item/xxxxxxxx/gi; $INPUT{'url'} =~ s/$item/xxxxxxxx/gi; $INPUT{'message'} =~ s/$item/xxxxxxxx/gi; } } # # Determine what to do next based on the query parameter passed to the script. # sub process_guestbook_entry { if ($ENV{'QUERY_STRING'} eq "sign_form") { &display_sign_header(); &display_sign_form(); &display_sign_footer(); } elsif ($ENV{'QUERY_STRING'} eq "process_entry") { &gather_input(); &preview_edit_sign(); } elsif ($ENV{'QUERY_STRING'} eq "view_entries") { &display_view_header(); &display_guests(); &display_view_footer(); } else { &display_view_header(); &display_guests(); &display_view_footer(); } } # # Displays the header portion of the html used to sign the Guestbook. # sub display_sign_header { print "Content-type: text/html\n\n"; open (HEADER, "$sign_header") or die "Can't open file $sign_header: $!\n"; @HEADER =

; close (HEADER); foreach $item (@HEADER) { print "$item\n"; } print "\n"; print "

$sign_guestbook_message_1

\n"; } # # Displays the form portion of the html used to preview a Guestbook entry. # sub display_preview_form { print "\n"; } # # Displays the form portion of the html used to sign the Guestbook. # sub display_sign_form { print "\n"; } # # Displays the form portion of the html used to edit a Guestbook entry. # sub display_edit_form { print "\n"; } # # Displays the footer portion of the html used to sign the Guestbook. # sub display_sign_footer { open (FOOTER, "$sign_footer") or die "Can't open file $sign_footer: $!\n"; @FOOTER =

Name:
E-Mail:
Web Page URL:
Your Comments:

Name:
E-Mail:
Web Page URL: