#!/usr/local/bin/perl ################################################################################################# #Guestbook 1.54 -- January 7, 1998 # #Created by Bernard Sowa # #This is a simple perl guestbook script that can be used by multiple users. It is written #to create visually-attractive guestbooks and to allow users to customize their guestbooks #by adding their own inputs in addition to the ones that must be present. It also allows #users' to have multiple guestbooks as long as they are in the same directory. # # DISCLAIMER: I AM IN NO WAY RESPONSIBLE TO ANY DAMAGE THIS SCRIPT MAY CAUSE TO YOU OR ANY # OF YOUR PROPERTY ################################################################################################# ################################################################################################# #Configuration Section # #$basedir # # 1. Multiple User Setup: # # If script is being set up for use by multiple users, $basedir is the base # directory onto which all user directories are appended (ie. set $basedir to # the part of the directory structure that is common for all users). # # Example: # # Two typical users, jdoe and eodj have the following home directories(respectively) # # /root/users/jdoe # /root/users/eodj # # $basedir would be: $basedir='/root/users'; # # Every user must Set "logon" in the form (form.html) to his username # (eg. jdoe or eodj). The script will make sure, then, that users only # add links to pages in their own directories. It will look for # # $basedir$pub/$username # # and it will make sure that the URL for the form that the user filled # out to add a link (form.html) matches # # $baseurl/$tilde$username # # In this way, if jdoe has his form at "http://your.site/jdoe/form.html", and # sets "logon" to "eodj", then the script will see that the URL for "form.html" # includes "jdoe", but the username specified in the form, "eodj" doesn't match # that. The script will not add the link. # # If, however, jdoe specifies "jdoe" as the username, then the server will see # that the URL for "form.html" included "jdoe" and the username specified in # "form.html" is also "jdoe". The user will be able to add the link. # # 2. Single User Setup # # If you are setting it up for your own personal use only, set $basedir to your # home directory. Suppose that your home directory is "/root/users/you' and that # all of your web-accessible data goes in "/root/users/you/public_html". Your # $basedir would be set as follows: # # $basedir = '/root/users/you/public_html'; # # Include "public_html" in $basedir and leave $pub (found later in the configuration # section, empty. # # Set "logon" in the form (form.html) to "" (empty). # # ***No trailing slash ("/") on $basedir*** # # #$baseurl # The URL for the $basedir. # # ***No trailing slash ("/") on $baseurl*** # # # 1. Multiple user setup: # # If your system uses a special directory for user's web-accessible # directories then set this to the name of the web-accessible # directory (eg.'public_html' or "web-public"). Otherwise leave it empty (""). # # 2. Single user setup: # # If you are setting it up for your own personal use only, set $basedir to your # home directory, include "public_html" in it and leave $pub empty (""). # # #$pub # 1. Multiple user setup: # # If your system uses a special directory for user's web-accessible # directories then set this to the name of the web-accessible # directory (eg.'public_html' or "web-public"). Otherwise leave it empty (""). # # 2. Single user setup: # # If you are setting it up for your own personal use only, set $basedir to your # home directory, include "public_html" in it and leave $pub empty (""). # # #$tilde # 1. Multiple-user setup: # # If your server uses tilde expansions (if your URL has "~" in it as in # "http://www.your.isp/~you/") in URLs then set this to '~'. # # eg. If users have addresses such as # # http://yourhost.here/~jdoe/ # and # http://yourhost.here/~eodj/ # # then set this to '~'. If not, leave it as-is. # # 2. Single user setup: # # If you are setting the script up for your own personal use only and you have a # tilde ("~") in your address, include the tilde in $baseurl and leave $tilde # empty. An example: # # $baseurl = "http://yourhost.here/~jdoe"; # $tilde = ""; # # #@required # Array containing a list of all of the fields that must be present in a form and which # must be filled in by a person signing the guestbook in order for the entry to be # added to the guestbook(required inputs from your form...) ################################################################################################# $basedir='/usr/local/www/bernard/html/worldhost'; $baseurl='http://www.zonecoaster.com/worldhost'; $pub=''; #'' or 'public_html' or 'whatever' $tilde=''; #'' or '~'; @required=('realname','email'); ################################################################################################# #Get Form Data ################################################################################################# &get_form_data; foreach $rfield (@required) #Check if required fields are filled out. If not, quit. { if($formdata{$rfield} eq "") { ++$bad; } } if($bad != "0") #if one or more of the required fields isn't filled in { print "Content-type: text/html\n\n"; print "\nError\n"; print "\n\n"; print "

At least one of the required fields was left blank or your email address was not accepted.\n"; print "

The required inputs are:\n"; print "

\n
\n"; exit 0; } ################################################################################################# #Do stuff with it...ie. open the user's guestbook file and add the new entry to the top ################################################################################################# #check if logon matches Referer URL if($ENV{'HTTP_REFERER'} !~ /$baseurl\/$tilde$formdata{'logon'}/) { print "Content-type: text/html\n\n"; print "\nError\n"; print "\n\n"; print "Bad username. You are only allowed to edit your own pages.\n"; print "\n
\n"; exit 0; } $logon="$formdata{'logon'}/"; #find out user's logon $bookname=$formdata{'bookname'}; #find out path to user's guestbook $bookurl=$formdata{'bookurl'}; #find out URL for guestbook if($logon ne "") { $book="$basedir/$logon$pub/$bookname"; } else { $book="$basedir/$bookname"; } open(BOOK, "$book") || die "Content-type: text/plain\n\n Could not open $book"; @contents=; #get contents of Guestbook so you can add this entry to it. close(BOOK); open(BOOK2, ">$book"); foreach $line (@contents) { if($line =~ //) #print new entry after this line { print BOOK2 "$line\n\n"; print BOOK2 "<\!\-\-Begin Entry\-\->\n"; print BOOK2 "

\n
\n"; print BOOK2 "\"*\"$formdata{'message'}\-\-\- From $formdata{'realname'}\n
\n"; print BOOK2 "[Mail Me"; &get_date; $nicedate="$nicedate"; if ($formdata{'homepage'} ne "") { print BOOK2 " \| Visit My Homepage][$nicedate]\n
\n"; } else { print BOOK2 "][$nicedate]\n
\n\n"; } #now print each of the input names and the user's input if it isn't empty #then print the comments last. print BOOK2 "\n

\n"; if($formdata{'separator'} ne "") { print BOOK2 "\n
\n

\n\n

\n


\n\n"; } else { print BOOK2 "\n

\n

\n

\n


\n\n"; } print BOOK2 "<\!\-\-End Entry\-\->\n"; } else { print BOOK2 $line; } } close(BOOK2); print "Content-type: text/html\n\n"; print "\nThank you\n"; print "\n\n"; print "Thank you for signing my guestbook. You can click "; if($formdata{'logon'} ne "") { print "here to see it."; } print "
You may need to reload it to get an updated version which includes your entry."; print ""; exit; ################################################################################################# #Subroutines ################################################################################################# sub get_form_data { $buffer = ""; read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs=split(/&/,$buffer); foreach $pair (@pairs) { @a = split(/=/,$pair); $name=$a[0]; $value=$a[1]; $name =~ s/\+/ /g; $deniedfile='/usr/local/www/bernard/denied.txt'; if($value=~/