#!/usr/bin/perl # # Version: 1.0 - 071301 # ##################################################################### # # # Copyright © 1999-2000 CGISCRIPTS.NET - All Rights Reserved # # # ##################################################################### # # # THIS COPYRIGHT INFORMATION MUST REMAIN INTACT # # AND MAY NOT BE MODIFIED IN ANY WAY # # # ##################################################################### # # When you downloaded this script you agreed to accept the terms # of this Agreement. This Agreement is a legal contract, which # specifies the terms of the license and warranty limitation between # you and CGISCRIPTS.NET. You should carefully read the following # terms and conditions before installing or using this software. # Unless you have a different license agreement obtained from # CGISCRIPTS.NET, installation or use of this software indicates # your acceptance of the license and warranty limitation terms # contained in this Agreement. If you do not agree to the terms of this # Agreement, promptly delete and destroy all copies of the Software. # # Versions of the Software # Only one copy of the registered version of CGISCRIPTS.NET # may used on one web site. # # License to Redistribute # Distributing the software and/or documentation with other products # (commercial or otherwise) or by other than electronic means without # CGISCRIPTS.NET's prior written permission is forbidden. # All rights to the CGISCRIPTS.NET software and documentation not expressly # granted under this Agreement are reserved to CGISCRIPTS.NET. # # Disclaimer of Warranty # THIS SOFTWARE AND ACCOMPANYING DOCUMENTATION ARE PROVIDED "AS IS" AND # WITHOUT WARRANTIES AS TO PERFORMANCE OF MERCHANTABILITY OR ANY OTHER # WARRANTIES WHETHER EXPRESSED OR IMPLIED. BECAUSE OF THE VARIOUS HARDWARE # AND SOFTWARE ENVIRONMENTS INTO WHICH CGISCRIPTS.NET MAY BE USED, NO WARRANTY # OF FITNESS FOR A PARTICULAR PURPOSE IS OFFERED. THE USER MUST ASSUME THE # ENTIRE RISK OF USING THIS PROGRAM. ANY LIABILITY OF CGISCRIPTS.NET WILL BE # LIMITED EXCLUSIVELY TO PRODUCT REPLACEMENT OR REFUND OF PURCHASE PRICE. # IN NO CASE SHALL CGISCRIPTS.NET BE LIABLE FOR ANY INCIDENTAL, SPECIAL OR # CONSEQUENTIAL DAMAGES OR LOSS, INCLUDING, WITHOUT LIMITATION, LOST PROFITS # OR THE INABILITY TO USE EQUIPMENT OR ACCESS DATA, WHETHER SUCH DAMAGES ARE # BASED UPON A BREACH OF EXPRESS OR IMPLIED WARRANTIES, BREACH OF CONTRACT, # NEGLIGENCE, STRICT TORT, OR ANY OTHER LEGAL THEORY. THIS IS TRUE EVEN IF # CGISCRIPTS.NET IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO CASE WILL # CGISCRIPTS.NET' LIABILITY EXCEED THE AMOUNT OF THE LICENSE FEE ACTUALLY PAID # BY LICENSEE TO CGISCRIPTS.NET. # # Credits: # Andy Angrick - Programmer - angrick@cgiscript.net # Mike Barone - Design - mbarone@cgiscript.net # # For information about this script or other scripts see # http://www.cgiscript.net # # Thank you for trying out our script. # If you have any suggestions or ideas for a new innovative script # please direct them to suggest@cgiscript.net. Thanks. # ##################################################################### # # # Configuration variables # # # ##################################################################### #the line below maybe we required on some windows NT servers. Change #/full/path/to/your/directory to point to the full path on your server #push(@INC,"/full/path/to/your/directory"); require("setup.cgi"); ##################################################################### # # # End Configuration Variables. # # # ##################################################################### require("libs.cgi"); $in{'cgiurl'} = $cgiurl; $datadir = $cgipath; $| = 1; # Flush Output Right Away eval { &main; }; # Trap any fatal errors so the program hopefully if ($@) { &cgierr("fatal error: $@"); } exit; sub main{ print "Content-type: text/html\n\n"; &getdata(1); ($in{'command'} eq '')&&(&View); ($in{'command'} eq 'view')&&(&View); ($in{'command'} eq 'login')&&(&Login); #all require password below &GetLogin; ($in{'command'} eq 'a')&&(&Add); ($in{'command'} eq 'sa')&&(&ShowAdd); ($in{'command'} eq 'manage')&&(&Manage); ($in{'command'} eq 'edit')&&(&Edit); ($in{'command'} eq 'delete')&&(&Delete); ($in{'command'} eq 'viewt')&&(&ViewT); exit; } sub Login{ &PageOut("$cgipath/t_login.htm"); exit; } sub GetLogin{ &GetCookies; $in{'UserName'} = $cookie{'UserName'}; $in{'PassWord'} = $cookie{'PassWord'}; if(!$in{'UserName'}){ &PageOut("$cgipath/t_login.htm"); exit; } else{ (($in{'UserName'} ne $username)||(($in{'PassWord'} ne $password)))&&(&PError("Error. Invalid username or password")); } } sub ViewT{ print "\n"; exit; } sub Edit{ open(DB,"$datadir/includes.dat"); while(){ chomp; (@f) = split("\t",$_); ($f[1] eq $in{'id'})&&($found=1)&&(last); } if($found){ ($in{'id'},$in{'identifier'},$in{'description'},$in{'line'}) = split("\t",$_); $in{'identifier'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'description'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'line'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'line'} =~ s/\\n/\n/g; ($f[4] eq 'YES')?($in{'YHTML'}='checked'):($in{'NHTML'}='checked'); ($f[5] eq 'R')?($in{'YR'}='checked'):($in{'NR'}='checked'); if($f[6] eq 'E'){ $in{'YE'} = 'checked'; } else{ $in{'NE'} = 'checked'; $in{'rdays'} = $f[6]; } &PageOut("$cgipath/t_add.htm"); } else{ &PError("Error. No record found with that identifier"); } exit; } sub View{ open(DB,"$datadir/includes.dat"); while(){ chomp; (@f) = split("\t",$_); ($f[1] eq $in{'id'})&&($found=1)&&(last); } close DB; if($found){ (@f) = split("\t",$_); $f[1] =~ s/&#(\d+);/pack("c",$1)/ge; $f[2] =~ s/&#(\d+);/pack("c",$1)/ge; $f[3] =~ s/&#(\d+);/pack("c",$1)/ge; #if wrapped with html, then don't change \n to br's if($f[4] eq 'YES'){ $f[3] =~ s/\\n/\n/g; } else{ $f[3] =~ s/\\n/
\n/g; ##turn spaces to nbsp $f[3] =~ s/\s\s/  /g; } @blocks = split(/###/,$f[3]); $numblocks = $#blocks+1; ##random each visit if(($f[5] eq 'R')&&($f[6] eq 'E')){ srand; $row_number=int(rand($numblocks)); } ##random..refresh nn days if(($f[5] eq 'R')&&($f[6] ne 'E')){ srand; $row_number=int(rand($numblocks)); if(! -e "$f[1].refresh.dat"){ $row_number=int(rand($numblocks)); open(REF,">$f[1].refresh.dat"); print REF $row_number; close REF; } else{ open(REF,"$f[1].refresh.dat"); $row_number = ; close REF; @info = stat("$f[1].refresh.dat"); if((time - $info[9]) > (86400 * $f[6])){ $row_number=int(rand($numblocks)); open(REF,">$f[1].refresh.dat"); print REF $row_number; close REF; } } } ##sequential order nn days if(($f[5] eq 'O')&&($f[6] ne 'E')){ if(! -e "$f[1].refresh.dat"){ $row_number=0; open(REF,">$f[1].refresh.dat"); print REF $row_number; close REF; } else{ open(REF,"$f[1].refresh.dat"); $row_number = ; close REF; @info = stat("$f[1].refresh.dat"); $t=time; if((time - $info[9]) > (86400 * $f[6])){ $row_number++; ($row_number >= $numblocks)&&($row_number=0); open(REF,">$f[1].refresh.dat"); print REF $row_number; close REF; } } } ##sequential order each visit if(($f[5] eq 'O')&&($f[6] eq 'E')){ &GetCookies; $row_number=$cookie{$f[1].'rto'}; $row_number++; ($row_number > $numblocks)&&($row_number=1); print <<"EOF"; var future = new Date(); future.setTime(future.getTime() + 60 * 60 * 1000 * 24 * 30); document.cookie="$f[1]rto=$row_number;expires="+future.toGMTString()+";path=/"; EOF $row_number--; } ##strip off first
or \n $blocks[$row_number] =~ s/^
//; $blocks[$row_number] =~ s/^\n//; $blocks[$row_number] =~ s/\"/\\"/g; $blocks[$row_number] =~ s/script/scr\"\+\"ipt/gsi; @mylines = split(/\r*\n/,$blocks[$row_number]); foreach $q (@mylines){ print qq| document.write("$q"); |; } } else{ print "Error. No record found with that identifier"; } exit; } sub Manage{ open(DB,"$datadir/includes.dat"); while(){ chomp; (@f) = split("\t",$_); $f[1] =~ s/&#(\d+);/pack("c",$1)/ge; $f[2] =~ s/&#(\d+);/pack("c",$1)/ge; $f[3] =~ s/&#(\d+);/pack("c",$1)/ge; $in{'ssi'} = $in{'cgiurl'}; $in{'ssi'} =~ s/http:\/\/.*?\//\//i; $in{'row'} .=" $f[1] $f[2]
\"Edit \"Delete \"Check
<script language=javascript src=\"$in{'cgiurl'}?id=$f[1]\"></script> "; } &PageOut("$cgipath/t_manage.htm"); } sub ShowAdd{ &PageOut("$cgipath/t_add.htm"); } sub Delete{ open(DB,"$datadir/includes.dat"); open(DBT,">$datadir/includes.dat.tmp"); while(){ (@f) = split("\t",$_); ($f[1] ne $in{'id'})&&(print DBT $_); } close DB; close DBT; rename("$datadir/includes.dat.tmp","$datadir/includes.dat"); print <<"EOF"; EOF exit; } sub SaveChanges{ &CheckVars; open(DB,"$datadir/includes.dat"); open(DBT,">$datadir/includes.dat.tmp"); while(){ (@f) = split("\t",$_); ($f[0] eq $in{'id'})?(print DBT "$in{'id'}\t$in{'identifier'}\t$in{'description'}\t$in{'line'}\t$in{'html'}\t$in{'type'}\t$in{'rd'}\n"):(print DBT $_); } close DB; close DBT; rename("$datadir/includes.dat.tmp","$datadir/includes.dat"); print <<"EOF"; EOF exit; } sub Add{ #short circuit ($in{'id'})&&(&SaveChanges); &CheckVars; #get uniqueid; open(DB,"$datadir/includes.dat"); while(){ (@f) = split("\t",$_); $exist{$f[1]}=1; ($f[0] > $id)&&($id = $f[0]); } close DB; (!$id)&&($id=1); $id++; ($exist{$in{'identifier'}})&&(&PError("Error. Identifier already exists.")); open(DB,">>$datadir/includes.dat"); print DB "$id\t$in{'identifier'}\t$in{'description'}\t$in{'line'}\t$in{'html'}\t$in{'type'}\t$in{'rd'}\n"; close DB; print <<"EOF"; EOF exit; } sub CheckVars{ (!$in{'identifier'})&&(&PError("Error. Please enter an identifier")); (!$in{'description'})&&(&PError("Error. Please enter a description")); (!$in{'line'})&&(&PError("Error. Please enter the code to include")); ($in{'identifier'} =~ /\W/)&&(&PError("Error. Identifier can only be one word and only include alpha-numeric characters.")); $in{'line'} =~ s/[\r]\n/\\n/g; #$in{'line'} =~ s/ /\\s/g; #unescape; $in{'identifier'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'description'} =~ s/&#(\d+);/pack("c",$1)/ge; $in{'line'} =~ s/&#(\d+);/pack("c",$1)/ge; #escape; $in{'identifier'} =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $in{'description'} =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $in{'line'} =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $in{'line'} =~ s/(\t)/'&#'.ord($1).';'/ge; ($in{'refresh'} eq 'D')?($in{'rd'} = $in{'rdays'}):($in{'rd'}='E'); }