#!/usr/bin/perl -w
$| = 1;
#####################################
# #
# RobBoard v1.0b #
# Copyright 1999 by Rob Eisler #
# rob@robplanet.com #
# http://www.robplanet.com #
# #
# Last modified on Jun. 7, '99 #
# #
#####################################
#
# Copyright Notice:
# Copyright 1999 Robert S. Eisler. All Rights Reserved.
#
# This code may be used and modified by anyone so long as this header and
# copyright information remains intact. By using this code you agree to
# indemnify Robert S. Eisler from any liability that might arise from its
# use. You must obtain written consent before selling or redistributing
# this code.
#
#####################################
# declare the variables
$boarddir = '.';
$boardurl = 'http://www.moscow.byx.ru/forum/';
$cgi = 'http://www.moscow.byx.ru/forum/robboard.cgi';
$indexcgi = 'http://www.moscow.byx.ru/forum/index.cgi';
$queryswitch = '?';
$html = 1; # 0 = remove all html, 1 = show html as text, 2 = show html as html
$datetype = 4;
$useban = 0;
$encrypt = 1;
$style = 0;
$threaded = 1;
$fontface = 'arial';
$fontsize = 2;
$tablecolor1 = 'black';
$tablecolor2 = 'white';
$tablecolor3 = 'white';
$fontcolor1 = 'white';
$fontcolor2 = 'black';
$fontcolor3 = 'black';
#########################################################################
# Don't change anything below here unless you know what you're doing :) #
#########################################################################
$datadir = "$boarddir/data";
$datafile = "$boarddir/data.txt";
$index_t = "$boarddir/index_t.html";
$page_t = "$boarddir/page_t.html";
$thread_t = "$boarddir/thread_t.html";
$numfile = "$boarddir/number.txt";
$banfile = "$boarddir/ban.txt";
$pwdfile = "$boarddir/pwd.txt";
$use_cgi = 1;
$LOCK_EX = 2;
$LOCK_UN = 8;
print "Content-type: text/html\n\n";
&get_date;
&readform;
&post if ($action eq 'post');
&display if ($action eq 'display');
&viewthread if ($action eq 'viewthread');
&admin if ($action eq 'admin');
&remove if ($action eq 'remove');
&remove2 if ($action eq 'remove2');
&ban if ($action eq 'ban');
&ban2 if ($action eq 'ban2');
&unban if ($action eq 'unban');
&unban2 if ($action eq 'unban2');
&password if ($action eq 'password');
&password2 if ($action eq 'password2');
&fatal_error("This page was called incorrectly. Try this instead.");
sub post {
&bancheck if ($useban == 1);
$follow = $INFO{'follow'};
$name = $FORM{'name'};
$email = $FORM{'email'};
$subject = $FORM{'subject'};
$message = $FORM{'message'};
&post_error("The Name field was not filled out. It is required.") unless($name);
&post_error("The E-Mail field was not filled out. It is required.") unless($email);
&post_error("The Subject field was not filled out. It is required.") unless($subject);
&post_error("The Message Body was not filled out. It is required.") unless($message);
$name =~ s/`/\'/g;
$email =~ s/`/\'/g;
$message =~ s/`/\'/g;
$subject =~ s/`/\'/g;
$name =~ s/\&/\&/g;
$email =~ s/\&/\&/g;
$subject =~ s/\&/\&/g;
$message =~ s/\&/\&/g;
$name =~ s/"/\"/g;
$email =~ s/"/\"/g;
$subject =~ s/"/\"/g;
$message =~ s/"/\"/g;
$name =~ s/ / \ /g;
$email =~ s/ / \ /g;
$subject =~ s/ / \ /g;
$message =~ s/ / \ /g;
if ($html == 0) {
$name =~ s/<([^>]|\n)*>//g;
$email =~ s/<([^>]|\n)*>//g;
$subject =~ s/<([^>]|\n)*>//g;
$message =~ s/<([^>]|\n)*>//g;
}
elsif ($html == 1) {
$name =~ s//>/g;
$email =~ s//>/g;
$subject =~ s//>/g;
$message =~ s//>/g;
}
$message =~ s/\t/ \ \ \ /g;
$message =~ s/\n\n/\n\n/g;
$message =~ s/\n/
\n/g;
$message =~ s/\cM//g;
open (FILE, "$numfile") || &fatal_error("Unable to open $numfile");
&lock(FILE);
@info = ;
&unlock(FILE);
close(FILE);
($postnum,$chop) = split(/``/,$info[0]);
$postnum++;
open (FILE, ">$numfile") || &fatal_error("Unable to open $numfile");
&lock(FILE);
print FILE "$postnum";
print FILE "``xx";
&unlock(FILE);
close (FILE);
open (FILE, "$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
@messages = ;
&unlock(FILE);
close (FILE);
open (FILE, ">$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
if ($follow eq 'no') {
print FILE "$postnum``$subject``1``$name``$email``$date``$ENV{REMOTE_ADDR}``$ENV{HTTP_USER_AGENT}``xx\n";
print FILE @messages;
}
else {
$followto = $FORM{'followto'};
$level = $FORM{'level'} + 1;
for ($a = 0; $a < @messages; $a++) {
($checknum,@junk) = split(/``/,$messages[$a]);
print FILE "$messages[$a]";
if ($checknum == $followto) {
$level = $junk[1] + 1;
print FILE "$postnum``$subject``$level``$name``$email``$date``$ENV{REMOTE_ADDR}``$ENV{HTTP_USER_AGENT}``xx\n";
}
}
}
&unlock(FILE);
close(FILE);
open(FILE, ">$datadir/$postnum\.txt") || &fatal_error("Unable to open $postnum\.txt");
&lock(FILE);
print FILE $message;
&unlock(FILE);
close (FILE);
print "\n";
print " Success! \n";
print "\n";
print "\n";
print "Сообщение успешно размещено да доске объявлений
\n";
print "\n";
print "Ваше сообщение, $subject, отправлено.\n";
if ($style == 0) {
print "Посмотреть Ваше сообщение
\n";
print "Вернуться на главную
\n";
} elsif ($threaded == 0) {
print "На главную страницу
\n";
} else {
print "Просмотреть эту тему
\n";
print "На главную страницу
\n";
}
print "
\n";
print "";
print "\n";
exit;
}
sub display {
$viewnum = $INFO{'num'};
$viewnum = int ( $viewnum );
&fatal_error("This function has been called incorrectly. ( you weren't trying to hack this, were you? )") unless ($viewnum > 0);
open (FILE, "$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
@messages = ;
&unlock(FILE);
close(FILE);
for ($a = 0; $a < @messages; $a++) {
($mnum[$a],$msub[$a],$mfollow[$a],$mname[$a],$memail[$a],$mdate[$a],$mip[$a],$mbrowser[$a],$chop) = split(/``/,$messages[$a]);
if ($viewnum == $mnum[$a]) {
$idnum = $a;
}
}
open (FILE, "$datadir/$viewnum\.txt") || &fatal_error("Unable to open $viewnum\.txt");
&lock(FILE);
@body = ;
&unlock(FILE);
close(FILE);
open (FILE, "$page_t") || &fatal_error("Unable to open $page_t");
&lock(FILE);
@template = ;
&unlock(FILE);
close(FILE);
for ($a = 0; $a < @template; $a++) {
$_ = $template[$a];
if (//) {
print @body;
}
elsif (//) {
print "\n\n";
}
elsif (//) {
if ($mfollow[$idnum] >= $mfollow[$idnum+1]) {
print "Никто пока не ответил на Ваше сообщение.";
}
else {
print "\n";
$last = $mfollow[$idnum+1];
for ($d = $idnum+1; $d < @messages; $d++) {
if ($mfollow[$d] <= $mfollow[$idnum]) {
$d = @messages;
$count = $last - $mfollow[$idnum];
}
else {
if ($mfollow[$d] > $last) {
print "\n";
}
elsif ($mfollow[$d] < $last) {
for ($e = 0; $e < $last - $mfollow[$d]; $e++) {
print "
\n";
}
}
print "- \n";
print "$msub[$d] ";
print "- $mname[$d], $mdate[$d]
\n";
}
$last = $mfollow[$d];
}
for ($b = 0; $b < $count; $b++) {
print "
\n";
}
}
}
elsif (//) {
print "$msub[$idnum]\n";
}
elsif (//) {
print "$mname[$idnum]\n";
}
elsif (//) {
print "$mname[$idnum]\n";
}
elsif (//) {
print "$memail[$idnum]\n";
}
elsif (//) {
print "$mdate[$idnum]\n";
}
elsif (//) {
print "$mbrowser[$idnum]\n";
}
elsif (//) {
print "$mip[$idnum]\n";
}
else {
print "$_";
}
}
exit;
}
sub viewthread {
$viewnum = $INFO{'num'};
$viewnum = int ( $viewnum );
&fatal_error("This function has been called incorrectly. ( you weren't trying to hack this, were you? )") unless ($viewnum > 0);
open (FILE, "$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
@messages = ;
&unlock(FILE);
close(FILE);
for ($a = 0; $a < @messages; $a++) {
($mnum[$a],$msub[$a],$mfollow[$a],$mname[$a],$memail[$a],$mdate[$a],$mip[$a],$mbrowser[$a],$chop) = split(/``/,$messages[$a]);
if ($viewnum == $mnum[$a]) {
$idnum = $a;
}
}
while ($mfollow[$idnum] > 1) {
$idnum--;
}
$depth = 1;
$messcount = -1;
for ($a = $idnum+1; $a < @messages; $a++) {
if ($mfollow[$a] == 1) {
$messcount = $a - $idnum;
$a = @messages;
} elsif ($mfollow[$a] > $depth) {
$depth = $mfollow[$a];
}
}
$messcount = @messages - $idnum if ($messcount == -1);
open (FILE, "$thread_t") || &fatal_error("Unable to open $thread_t");
&lock(FILE);
@template = ;
&unlock(FILE);
close(FILE);
for ($a = 0; $a < @template; $a++) {
$_ = $template[$a];
if (//) {
print "\n";
for ($b = $idnum; $b < $idnum + $messcount; $b++) {
open (FILE, "$datadir/$mnum[$b]\.txt") || &fatal_error("Unable to open $mnum[$b]\.txt");
&lock(FILE);
@body = ;
&unlock(FILE);
close(FILE);
$colspan = $depth - $mfollow[$b] + 2;
$colspan2 = $colspan - 1;
print "";
for ($c = 1; $c < $mfollow[$b]; $c++) {
print " | \n";
}
print "$mdate[$b] |
\n";
print "";
for ($c = 1; $c < $mfollow[$b]; $c++) {
print " | \n";
}
print "Отправитель: | \n";
print "$mname[$b] |
\n";
print "";
for ($c = 1; $c < $mfollow[$b]; $c++) {
print " | \n";
}
print "Тема сообщения: | \n";
print "$msub[$b] |
\n";
print "";
for ($c = 1; $c < $mfollow[$b]; $c++) {
print " | \n";
}
print "Текст сообщения: | \n";
print "@body |
\n";
print "";
for ($c = 1; $c < $mfollow[$b]; $c++) {
print " | \n";
}
print "Тема сообщения: | \n";
print "Ответте на сообщение. |
\n";
}
print "
\n";
}
elsif (//) {
print "\n\n";
}
elsif (//) {
print "$msub[$idnum]\n";
}
elsif (//) {
print "$mname[$idnum]\n";
}
elsif (//) {
print "$mname[$idnum]\n";
}
elsif (//) {
print "$memail[$idnum]\n";
}
elsif (//) {
print "$mdate[$idnum]\n";
}
elsif (//) {
print "$mbrowser[$idnum]\n";
}
elsif (//) {
print "$mip[$idnum]\n";
}
else {
print "$_";
}
}
exit;
}
sub bancheck {
open (FILE, "$banfile") || &fatal_error("Unable to open $banfile");
&lock(FILE);
@banlist = ;
&unlock(FILE);
close(FILE);
($this1,$this2,$this3,$this4) = split(/\./,$ENV{REMOTE_ADDR});
for ($x = 0; $x < @banlist; $x++) {
($ip1,$ip2,$ip3,$ip4,$chop) = split(/``/,$banlist[$x]);
if ( ("$this1" eq "$ip1" && "$this2" eq "$ip2" && "$this3" eq "$ip3" && "$this4" eq "$ip4") ||
("$this1" eq "$ip1" && "$this2" eq "$ip2" && "$this3" eq "$ip3" && "$ip4" eq 'X') ||
("$this1" eq "$ip1" && "$this2" eq "$ip2" && "$ip3" eq 'X') ||
("$this1" eq "$ip1" && "$ip2" eq 'X') ) {
&fatal_error("You cannot post to this message board. Your IP has been banned.");
}
}
}
sub admin {
print "\n";
print " RobBoard Administration \n";
print "\n";
print "\n";
print "RobBoard Administration
\n";
print "Let's do some administrating!\n";
print "Remove Messages
\n";
print "Ban a User
\n";
print "Unban User(s)
\n";
print "Change Password
\n";
print "
\n";
print "| Current Option Settings |
|---|
\n\n";
print "| Variable | \n";
print "Value | \n";
print "Comments |
|---|
\n\n";
print "\n";
print "| \$useban | \n";
print "$useban | \n";
print "";
if ($useban == 1) {
print "Users with IPs on the ban list cannot post.";
} else {
print "The ban list is not in use. Anyone can post.";
}
print " |
\n";
print "\n";
print "| \$html | \n";
print "$html | \n";
print "";
if ($html == 0) {
print "All HTML is removed from posts.";
} elsif ($html == 1) {
print "HTML appears as plain text.";
} else {
print "HTML functions as HTML (can be dangerous).";
}
print " |
\n";
print "\n";
print "| \$datetype | \n";
print "$datetype | \n";
print "Example: $date | ";
print "
\n";
print "\n";
print "| \$encrypt | \n";
print "$encrypt | \n";
print "";
if ($encrypt == 1) {
print "The password will use the crypt function.";
} else {
print "The password will not be encrypted.";
}
print " |
\n";
print "| ";
print "These variables can be changed in robboard.cgi | \n";
print "
\n";
print "Or...
\n";
print "Back to the Message Board
\n";
print "Rob's Freeware Perl\n";
print "
\n";
print "\n";
exit;
}
sub remove {
open (FILE, "$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
@messages = ;
&unlock(FILE);
close(FILE);
for ($a = 0; $a < @messages; $a++) {
($mnum[$a],$msub[$a],$mfollow[$a],$mname[$a],$memail[$a],$mdate[$a],$mip[$a],$mbrowser[$a],$chop) = split(/``/,$messages[$a]);
if ($viewnum == $mnum[$a]) {
$idnum = $a;
}
}
print "\n";
print " RobBoard - Remove Messages \n";
print "\n";
print "\n";
print "RobBoard - Remove Messages
\n";
print "\n";
print "\n";
print "\n";
exit;
}
sub remove2 {
&checkpass;
$something = 0;
$delcounter = 0;
for ($x = 0; $x < $FORM{'total'}; $x++) {
$okiedokie[$x] = $FORM{"line$x"};
$something = 1 if ($okiedokie[$x] eq "yes");
}
if ($something == 1) {
open (FILE, "$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
@messages = ;
&unlock(FILE);
close(FILE);
for ($a = 0; $a < @messages; $a++) {
($mnum[$a],$msub[$a],$mfollow[$a],$mname[$a],$memail[$a],$mdate[$a],$mip[$a],$mbrowser[$a],$chop) = split(/``/,$messages[$a]);
}
open (FILE, ">$datafile") || &fatal_error("Unable to open $datafile");
&lock(FILE);
for ($x = 0; $x < @messages; $x++) {
if ($okiedokie[$x] eq 'yes') {
$y = $x;
while ( $x==$y || ( $mnum[$x] > $mnum[$y] && $x < @messages ) ) {
unlink("$datadir/$mnum[$x]\.txt");
$delcounter++;
$x++;
}
$x--;
}
else {
print FILE $messages[$x];
}
}
&unlock (FILE);
close (FILE);
}
print "\n";
print " RobBoard - Remove Messages \n";
print "\n";
print "\n";
print "RobBoard - Remove Messages
\n";
print "$delcounter message(s) removed.\n\n";
print "RobBoard Admin
\n";
print "Back to the Message Board\n\n";
print "
\n";
print "\n";
exit;
}
sub ban {
print "\n";
print " RobBoard - Ban a User \n";
print "\n";
print "\n";
print "RobBoard - Ban a User
\n";
print "\n";
print "\n";
print "| \n";
print "Enter the IP you want to ban in the boxes above. You can ban a range of\n";
print "IPs by entering a single upper-case X in a box. For example, entering\n";
print "123 234 345 123 will ban only the IP 123.234.345.123, but entering\n";
print "123 234 345 X will ban 123.234.345.* - all IPs with 123 234 345 as their first\n";
print "three numbers. Similarly, 123 234 X will ban 123.234.*.* . You can also ban people by editing the ban.txt file\n";
print "by hand, but you must be very careful. If you're not sure how the ban.txt\n";
print "holds the ban data, you should stick to using this form.\n";
print " |
\n";
print "
\n";
print "\n";
exit;
}
sub ban2 {
&checkpass;
open (FILE, ">>$banfile") || &fatal_error("Unable to open $banfile");
&lock(FILE);
print FILE "$FORM{'box1'}``$FORM{'box2'}``$FORM{'box3'}``$FORM{'box4'}``xx\n";
&unlock(FILE);
close(FILE);
print "\n";
print " RobBoard - Ban User(s) \n";
print "\n";
print "\n";
print "RobBoard - Ban User(s)
\n";
print "$FORM{'box1'}\.$FORM{'box2'}\.$FORM{'box3'}\.$FORM{'box4'} has been added to the ban list.\n\n";
print "RobBoard Admin
\n";
print "Back to the Message Board\n\n";
print "
\n";
print "\n";
exit;
}
sub unban {
open (FILE, "$banfile") || &fatal_error("Unable to open $banfile");
&lock(FILE);
@banlist = ;
&unlock(FILE);
close(FILE);
print "\n";
print " RobBoard - Unban User(s) \n";
print "\n";
print "\n";
print "RobBoard - Unban User(s)
\n";
print "\n\n";
print "\n";
print "\n";
exit;
}
sub unban2 {
&checkpass;
$something = 0;
$delcounter = 0;
for ($x = 0; $x < $FORM{'total'}; $x++) {
$okiedokie[$x] = $FORM{"line$x"};
$something = 1 if ($okiedokie[$x] eq "yes");
}
if ($something == 1) {
open (FILE, "$banfile") || &fatal_error("Unable to open $banfile");
&lock(FILE);
@banlist = ;
&unlock(FILE);
close(FILE);
open (FILE, ">$banfile") || &fatal_error("Unable to open $banfile");
&lock(FILE);
for ($x = 0; $x < @banlist; $x++) {
if ($okiedokie[$x] eq 'yes') {
$delcounter++;
} else {
print FILE $banlist[$x];
}
}
&unlock(FILE);
close (FILE);
}
print "\n";
print " RobBoard - Unban User(s) \n";
print "\n";
print "\n";
print "RobBoard - Unban User(s)
\n";
print "$delcounter entrie(s) were removed from the ban list.\n\n";
print "RobBoard Admin
\n";
print "Back to the Message Board\n\n";
print "
\n";
print "\n";
exit;
}
sub password {
print "\n";
print " RobBoard - Change Admin Password \n";
print "\n";
print "\n";
print "RobBoard - Change Admin Password
\n";
print "\n";
print "\n";
print "\n";
exit;
}
sub password2 {
&checkpass;
&fatal_error("The two new password fields don't match") if ($FORM{'new1'} ne $FORM{'new2'});
&fatal_error("No new password was entered") unless ($FORM{'new1'});
open(FILE, "$pwdfile") || &fatal_error("Can't find $pwdfile");
@lines = ;
close(FILE);
($p, $nochop) = split(/``/,$lines[0]);
($p2, $nochop) = split(/``/,$lines[1]);
if ($encrypt == 1) {
$new = crypt($FORM{'new1'}, substr($p, 0, 2));
} else {
$new = $FORM{'new1'};
}
open (FILE, ">$pwdfile") || &fatal_error("Can't find $pwdfile");
if ($encrypt == 1) {
print FILE "$new``xx\n";
print FILE "$p2``xx";
} else {
print FILE "$p``xx\n";
print FILE "$new``xx";
}
close (FILE);
print "\n";
print " RobBoard - Change Password \n";
print "\n";
print "\n";
print "RobBoard - Change Password
\n";
print "The admin password has been changed successfully.\n";
print "RobBoard Admin
\n";
print "Back to the Message Board\n\n";
print "
\n";
print "\n";
exit;
}
sub checkpass {
open(FILE, "$pwdfile") || &fatal_error("Can't find $pwdfile");
@lines = ;
close(FILE);
($p, $nochop) = split(/``/,$lines[0]);
($p2, $nochop) = split(/``/,$lines[1]);
&fatal_error("Invalid Password") if ($p ne crypt($FORM{'pass'}, substr($p, 0, 2)) && $encrypt == 1);
&fatal_error("Invalid Password") if ($p2 ne $FORM{'pass'} && $encrypt != 1);
}
sub post_error {
local($e) = @_;
print "\n";
print " RobBoard Posting Error \n";
print "\n";
print "\n";
print "RobBoard Posting Error
\n";
print "\n";
print "RobBoard experienced an problem in posting your message. The error seems\n";
print "to be:\n";
print "$e
\n\n";
print "You can use the back button on your browser to fix the problem.
\n";
print "RobBoard Main
\n";
print "
\n";
print "";
print "\n";
exit;
}
sub fatal_error {
local($e) = @_;
print "\n";
print " RobBoard Fatal Error \n";
print "\n";
print "\n";
print "RobBoard Fatal Error
\n";
print "\n";
print "RobBoard experienced an unrecoverable error. The error seems\n";
print "to be:\n";
print "$e
\n\n";
print "If this error continues, you should contact the administrator.
\n";
print "RobBoard Main
\n";
print "
\n";
print "";
print "\n";
exit;
}
sub readform {
read(STDIN, $input, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $input);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}
@vars = split(/&/, $ENV{QUERY_STRING});
foreach $var (@vars) {
($v,$i) = split(/=/, $var);
$v =~ tr/+/ /;
$v =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$i =~ tr/+/ /;
$i =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$i =~ s///g;
$INFO{$v} = $i;
}
$action = $INFO{'action'};
}
sub get_date {
@days = ('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday');
@months = ('January','February','March','April','May','June','July','August','September','October','November','December');
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$mon_num = $mon+1;
$savehour = $hour;
$hour = "0$hour" if ($hour < 10);
$min = "0$min" if ($min < 10);
$sec = "0$sec" if ($sec < 10);
$saveyear = ($year % 100);
$year = 1900 + $year;
if ($datetype == 1) {
$date = "$days[$wday], $months[$mon] $mday, $year at $hour\:$min\:$sec";
} elsif ($datetype == 2) {
$date = "$months[$mon] $mday, $year at $hour\:$min\:$sec";
} elsif ($datetype == 3) {
$xxx3 = substr($months[$mon],1,3);
$date = "$xxx3\. $mday, $year - $hour\:$min\:$sec";
} elsif ($datetype == 4) {
$mon_num = "0$mon_num" if ($mon_num < 10);
$mday = "0$mday" if ($mday < 10);
$saveyear = "0$saveyear" if ($saveyear < 10);
$date = "$mday/$mon_num/$saveyear - $hour\:$min\:$sec";
}
}
sub lock {
local($file)=@_;
flock($file, $LOCK_EX);
}
sub unlock {
local($file)=@_;
flock($file, $LOCK_UN);
}