U
UGS Völkerrat
Guest
An alle Perl Freaks, oder die, die es werden wollen, wie konfiguriere ich folgendes runtergeladenens Guestbook für folgenden Server:
Guestbook:
Guestbook:
#!/usr/bin/perl
#########################################################################
# Guestbook v1.5 #
# Copyright (c)2000 bp135 #
# URL: http://bp135.cjb.net #
# #
# This program is free software. It may be used and modified free #
# of charge for personal, academic or non-profit use. By using this #
# script you agree to indemnify bp135 from any liability. #
# Please do not remove this copyright notice. #
# #
# Administration: #
# http://www.host.com/cgi-bin/guestbook.pl?admin=enter #
# #
# For more stuff visit --> http://bp135.cjb.net #
#########################################################################
# url of script
= "http://localhost/~bp135/cgi-bin/guestbook.pl";
# administration password
= "123";
# base url to all guestbook files without trailing "/"
= "http://localhost/~bp135/book";
# base directory to all guestbook files without trailing "/"
= "/home/usr/bp135/book";
# guestbook entries per page;
= 20;
# use file locking; (=0 for Win32)
= 1;
# allow html tags - 0=no; 1=yes; 2=translate
= "2";
# time to redirect to guestbook after entry
= "3";
# time offset - add one hour = +1 ; subtract one hour = -1
= 0;
# entry bgcolor
= "#EFEFEF";
= "Verdana, Arial";
# name of guestbook files
= "guestbook.html";
= "guest_id.txt";
= "page_id.txt";
= "sample.html";
# name of thread pages -> guest-1.html, guest-2.html, etc.
= "guest-";
# this variable is used to find the jump menu
= "<option value=\"guestbook.html\" selected>Guestbook</option>";
# image files
= "point.gif"; # if not in same dir with guestbook.html
= "mail.gif"; # specify correct url for each file
= "url.gif";
# Send the new guestbook-entry as email to recipient
= "no";
= "/usr/sbin/sendmail"; # path to sendmail
= "bp135\@gmx.net"; # your email address
%required = (
username => "yes",
email => "no",
url => "no",
message => "yes"
);
= "yes";
@bad_words = ("fuck","cum","asshole","ficken","Arsch","porno");
# End of Setup
##################
&parse_form;
if ({\'add\'} eq "new") {
&check_input;
&check_words if ( eq "yes");
&add_entry;
&error("Cannot add entry to guestbook because the comment <br><!--begin --> was not found in ") if ( != 1);
&send_mail if ( eq "yes");
&success;
}
elsif ({\'admin\'} eq "enter") {
&validation;
}
elsif ({\'action\'} eq "delete") {
if ({\'admin\'} eq ) {
&delete_entry;
&show_entries;
}
else {
&error(\'You entered a wrong password!\');
}
}
elsif ({\'action\'} eq "show") {
if ({\'admin\'} eq ) {
&show_entries;
}
else {
&error(\'You entered a wrong password!\');
}
}
else {
&error(\'No Valid Command!\');
}
sub parse_form {
if ({\'REQUEST_METHOD\'} eq "GET") {
= {\'QUERY_STRING\'};
}
else {
read(STDIN, , {\'CONTENT_LENGTH\'});
}
@pairs = split(/&/, );
foreach (@pairs) {
(, ) = split(/=/, );
=~ tr/+/ /;
=~ s/%([a-f0-9]{2})/pack("C", hex($1))/egi;
=~ tr/+/ /;
=~ s/%([a-f0-9]{2})/pack("C", hex($1))/egi;
=~ s/<!--(.|\n)*-->//g;
=~ s/^\s+|\s*\n$//g;
=~ s/ +/ /g;
if ( eq "0") {
=~ s/<([^>]|\n)*>//g;
=~ s/<([^>]|\n)*//g;
}
elsif ( eq "2") {
=~ s/\"/\"\;/g;
=~ s/</\<\;/g;
=~ s/>/\>\;/g;
}
= ;
}
}
sub check_input {
my(,,,);
= {\'username\'};
= {\'email\'};
= {\'url\'};
{\'message\'} =~ s/\cM\n/<br>\n/g;
= {\'message\'};
if ( !~ /\S/) {
if ({\'username\'} eq "yes") {
&error(\'You forgot to fill in the <u>Name</u> field. Please correct it and re-submit!\');
}
{\'username\'} = "anonymous";
}
if ( !~ /[._a-z0-9-]+\@[._a-z0-9-]+\.[a-z]{2,3}$/i) {
if ({\'email\'} eq "yes") {
&error(\'The <u>e-mail</u> address seems not to be valid. Please correct it and re-submit!\');
}
{\'email\'} = "";
}
if ( !~ /^http:\/\/[._a-z0-9-]+\.[._a-z0-9-]+/i) {
if ({\'url\'} eq "yes") {
&error(\'The <u>URL</u> seems not to be valid. Please correct it and re-submit!\');
}
{\'url\'} = "";
}
if ( !~ /\S/) {
if ({\'message\'} eq "yes") {
&error(\'You forgot to fill in the <u>Message</u> field. Please correct it and re-submit!\');
}
{\'message\'} = "No Comments";
}
}
sub check_words {
foreach (@bad_words) {
{\'username\'} =~ s/\b\b/\#\@\*\%\!/ig;
{\'message\'} =~ s/\b\b/\#\@\*\%\!/ig;
}
}
sub get_host {
my (,,@numbers);
if ({\'REMOTE_HOST\'}) {
= {\'REMOTE_HOST\'};
}
else {
= {\'REMOTE_ADDR\'};
@numbers = split(/\./, );
= pack("C4", @numbers);
= (gethostbyaddr(, 2))[0];
}
if ( eq "") {
= "IP\: {\'REMOTE_ADDR\'}";
}
else {
= "Host\: ";
}
}
sub get_time {
my (,,,,,,@month,@days);
@months = (\'January\',\'February\',\'March\',\'April\',\'May\',\'June\',\'July\',\'August\',\'September\',\'October\',\'November\',\'December\');
@days = (\'Sunday\',\'Monday\',\'Tuesday\',\'Wednesday\',\'Thursday\',\'Friday\',\'Saturday\');
(,,,,,) = (localtime(time+(*3600)))[1,2,3,4,5,6];
= "0" if ( < 10);
= "0" if ( < 10);
= "0" if ( < 10);
+= 1900;
= (", , at :");
}
sub add_entry {
my (,,,,,,@lines,@filename,@foundlist,@booklines,@pages_id,@sublines);
&get_host;
&get_time;
if (-e "/") {
open (COUNTER,"+</") | | &error("Cannot open ID file in for writing!");
= <COUNTER>;
}
else {
open (COUNTER,">/") | | &error("Cannot create ID file in . Please check your base directory.","fatal");
=1;
}
close(COUNTER);
if (-e "/") {
open (PAGES,"+</") | | &error("Cannot open ID file in for writing!");
@pages_id = <PAGES>;
if ( =~ /<option.*-(\d+)<\/option>/) {
= $1;
= @pages_id;
}
else {
= 0;
}
}
else {
open (PAGES,">/") | | &error("Cannot create ID file in . Please check your base directory.","fatal");
= 0;
}
close(PAGES);
= - ( + );
if ( > 1) {
= % if ( > );
= 1 if ( == 1);
}
if ( == 1) {
= + 1;
= + 1;
= -;
= "<option value=\"/\.html\">-</option>";
open(FILE,"/");
@lines = <FILE>;
close(FILE);
open(FILE,">/\.html") | | &error("Cannot create files in . Chmod to 777!");
print FILE (@lines);
close(FILE);
opendir(HOMEDIR, "");
@filename = readdir(HOMEDIR);
closedir(HOMEDIR);
@foundlist = grep(/^\d+/, @filename);
if (-e "/") {
push (@foundlist,"");
}
else {
&error("Cannot find sample file in ");
}
foreach (@foundlist) {
open(SUBPAGE,"/");
@tmp_lines = <SUBPAGE>;
close(SUBPAGE);
if ( eq "") {
open(SUBPAGE,">/tmp.html");
= 1;
}
else {
open(SUBPAGE,">/");
}
foreach (@tmp_lines) {
if ( =~ /^.*.*/) {
(, ) = split(/\s*/,);
print SUBPAGE "";
print SUBPAGE "\n";
print SUBPAGE "\n";
print SUBPAGE (@pages_id) if ( ==1);
print SUBPAGE "";
= 1;
= 0;
}
else {
print SUBPAGE "";
}
}
close(SUBPAGE);
&error("Cannot add entry to guestbook because the html tag <br><xmp></xmp> was not found in some guestbook files.") if ( != 1);
= 0;
}
open (PAGES,"+</");
@sublines = <PAGES>;
seek(PAGES,0,0);
print PAGES "\n";
print PAGES (@sublines);
close(PAGES);
open(FILE,"/tmp.html") | | &error("Internal error!<br>Cannot open tmp.html in ");
}
else {
open(FILE,"/") | | &error("Cannot find in ");
}
@booklines = <FILE>;
close(FILE);
open(FILE,">/") | | &error("The directory requires mode 777!");
flock(FILE,2) if ( == 1);
foreach (@booklines) {
if ( =~ /^.*<!--begin -->.*/) {
(, ) = split(/<!--begin -->\s*/,);
print FILE "";
print FILE "<!--begin -->\n";
print FILE "<!--top-ID= -->\n";
print FILE "<tr bgcolor=\"\"><td width=\"32%\">\n<table border=0 cellspacing=0 cellpadding=2>\n";
print FILE "<tr><td><font face=\"\" size=1></font></td>\n";
print FILE "<td><b><font face=\"\" size=2>{\'username\'}</font></b></td></tr>";
if ({\'email\'}) {
print FILE "<tr><td><img src=\"\" width=20 height=17></td>\n";
print FILE "<td><font face=\"\" size=1><a href=\"mailto:{\'email\'}\">{\'email\'}</a></font></td></tr>\n";
}
if ({\'url\'}) {
print FILE "<tr><td><img src=\"\" width=20 height=20></td>\n";
print FILE "<td><font face=\"\" size=1><a href=\"{\'url\'}\" target=\"_blank\">{\'url\'}</a></font></td></tr>\n";
}
print FILE "</table>\n</td><td width=\"68%\"><font face=\"\" size=2>\n";
print FILE "{\'message\'}</font><hr size=1>\n";
print FILE "<font face=\"Arial\" size=\"1\"><img src=\"\" width=9 height=9><b> </b></font></td></tr>\n";
print FILE "<!--end-ID= -->\n";
print FILE "";
= 1;
}
else {
print FILE "";
}
}
close(FILE);
unlink("/tmp.html") if ( == 1);
if ( == 1) {
open (COUNTER,">/");
flock(COUNTER,2) if ( == 1) ;
++;
print COUNTER "";
close(COUNTER);
}
}
sub success {
print "Content-type: text/html\n\n";
print <<SuccessHTML;
<html>
<head>
<title>Guestbook</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="refresh" content=";URL=/">
<style type="text/css">
<!--
td { font-family: Verdana, Arial, Helvetica, sans-serif}
-->
</style>
</head>
<body bgcolor="#FFFFFF" text="#000000" link="#003399">
<table border="0" cellspacing="0" cellpadding="2" align="center" width="95%" height="156">
<tr>
<td height="46" colspan="2"><b><font size="4">Guestbook</font></b></td>
</tr>
<tr>
<td colspan="2"><font size="2"><u>Thank you <font color="#990033">{\'username\'}</font>
for signing the guestbook.<br>
</u><br>
Your entry was added successfully!<br>
You should be transfered back to the guestbook in seconds.<br>
Click <a href="/">here</a> if your browser does\'nt support
automatical reloading.</font></td>
</tr>
</table>
</body>
</html>
SuccessHTML
exit (0);
}
sub validation {
if ({\'password\'} eq ) {
&show_entries;
}
elsif ({\'password\'} eq "") {
&enterpass(\'Please enter a valid password:\');
}
else {
&enterpass(\'<font color="#CC3300">You have entered an invalid password. Please try again.</font>\');
}
}
sub show_entries {
my (,,@filename,@foundlist);
unless (@lines >0) {
if ({\'page\'} !~ /\d+\.html/) {
open(FILE,"/");
{\'page\'} = ;
}
else {
open(FILE,"/{\'page\'}");
}
@lines = <FILE>;
close(FILE);
}
print "Content-type: text/html\n\n";
print <<Header;
<html>
<head>
<title>Administration</title>
<base href="/">
<style type="text/css">
<!--
td { font-family: Verdana, Arial, Helvetica, sans-serif}
-->
</style>
<script language="Javascript">
<!--
function CheckForm() {
var found = 0;
if(document.guest.admin.value == "") {
alert("Please enter a password!");
document.guest.admin.focus();
return false;
}
if(!(document.guest.action.value == \'delete\' | | document.guest.action.value == \'show\')) {
alert("Invalid command!");
return false;
}
if(document.guest.action.value == \'delete\') {
id_val=document.guest.entry.value;
for (char_pos=0; char_pos<id_val.length; char_pos++) {
if (!(id_val.charAt(char_pos) >= \'0\' && id_val.charAt(char_pos) <= \'9\')) {
found = 1;
}
}
if (found == 0) {
return true;
} else {
alert("Wrong ID!");
return false;
}
}
}
function SetValue(id) {
document.guest.entry.value = id;
document.guest.action.value = \'delete\';
}
function JumpTo(page) {
document.guest.page.value = page.menu.options[page.menu.selectedIndex].value;
document.guest.action.value = \'show\';
document.guest.entry.value = "";
}
// -->
</script>
</head>
<body bgcolor="#DDDDDD" link="#003399">
<div align=center><font size="4" face="Verdana, Arial, Helvetica, sans-serif"><b>Administration</b></font></div>
<form method="post" action="" name="guest">
<table width="97%" border="0" cellspacing="0" cellpadding="3" bgcolor="#FFFFFF" align="center">
<tr bgcolor="#BCBCDE">
<td colspan="2">
<hr size="1">
<table border="0" cellspacing="0" cellpadding="4" align="center">
<tr>
<td><font size="1">Selected page:<br>
<input type="text" name="page" value="{\'page\'}" size="12"></font></td>
<td><font size="1">Action:<br>
<input type="text" name="action" size="6"></font></td>
<td><font size="1">Entry ID:<br>
<input type="text" name="entry" size="6"></font></td>
<td><font size="1">Password:<br>
<input type="password" name="admin" size="10">
<input type="submit" value="Submit" onclick="return CheckForm();">
<input type="reset" value="Reset"></font></td>
<td><font size="1">Jump to page:<br>
Header
opendir(HOMEDIR, "");
@filename = readdir(HOMEDIR);
closedir(HOMEDIR);
@foundlist = grep(/^\d+/, @filename);
print " <select name=menu onChange=\"JumpTo(this.form)\">\n <option value=\"\" selected>Guestbook</option>\n";
foreach (@foundlist) {
print " <option value=\"\"></option>\n";
}
print " </select>\n </font></td>\n";
print " </tr>\n </table>\n <hr size=1>\n";
print " <div align=right><img src=\"\" width=9 height=9><b><font size=1><a href=\"/\">Back To Guestbook</a></font></b></div>\n </td>\n </tr>\n";
=0;
=0;
foreach (@lines) {
if ( =~ /^.*<!--top-ID=(\d+) -->.*/ && ==0) {
= $1;
(, ) = split(/<!--top-ID= -->\s*/,);
print "<tr><td><input type=radio name=\"id\" value=\"\" onclick=\"SetValue(\'\');\"> <font size=2>ID: </font></td><td></td></tr>\n";
print if();
=1;
next;
}
elsif ( =~ /^.*<!--end-ID= -->.*/) {
(, ) = split(/<!--end-ID= -->\s*/,);
print if();
if ( =~ /<!--top-ID=(\d+) -->.*/) {
= $1;
(,) = split(/<!--top-ID= -->\s*/,);
print "<tr><td><input type=radio name=\"id\" value=\"\" onclick=\"SetValue(\'\');\"> <font size=2>ID: </font></td><td></td></tr>\n";
print if();
=1;
next;
}
=0;
=0;
next;
}
elsif (==1) {
print ;
}
}
print "</table>\n<br>\n<div align=\"center\"><font face=\"Arial, Helvetica, sans-serif\" size=1>This script can be found at <a href=\"http://bp135.cjb.net\" target=\"_blank\"><font color=\"#000000\">http://bp135.cjb.net</font></a>\n";
print " </font></div>\n</form>\n</body>\n</html>\n";
exit (0);
}
sub delete_entry {
my ();
if ({\'page\'} !~ /\d+\.html/) {
open(FILE,"/");
{\'page\'} = ;
}
else {
open(FILE,"/{\'page\'}");
}
@lines = <FILE>;
close(FILE);
=0;
foreach (@lines) {
if ( =~ /^.*<!--top-ID={\'entry\'} -->.*/) {
(, ) = split(/<!--top-ID={\'entry\'} -->\s*/,);
if () {
="";
}
else {
="";
}
=1;
next;
}
elsif ( =~ /^.*<!--end-ID={\'entry\'} -->.*/) {
(, ) = split(/<!--end-ID={\'entry\'} -->\s*/,);
if () {
="";
}
else {
="";
}
last;
}
elsif (==1) {
= "";
}
}
if (==1) {
open(FILE,">/{\'page\'}");
flock(FILE,2) if ( == 1);
print FILE (@lines);
close(FILE);
}
}
sub send_mail {
open (MAIL, "| -t");
print MAIL "To: \n";
print MAIL "From: {\'username\'}\n";
print MAIL "Subject: New Guestbook Entry\n";
print MAIL "Reply-to: {\'username\'} ({\'email\'})\n";
print MAIL "You have a new entry in your guestbook:\n\n";
print MAIL "From:{\'username\'}\n";
print MAIL "{\'message\'}\n";
print MAIL "";
close (MAIL);
}
sub enterpass {
print "Content-type: text/html\n\n";
print <<ENTERHTML ;
<html>
<head>
<title>Guestbook - Administration</title>
<base href="/">
</head>
<body bgcolor="#FFFFFF" link="#003399">
<table border="0" cellspacing="0" cellpadding="2" align="center" width="95%">
<tr>
<td height="45" width="55%"><b><font size="4" face="Verdana, Arial, Helvetica, sans-serif">Guestbook
- Administration</font></b></td>
<td height="45" width="45%"></td>
</tr>
<tr>
<td width="55%" valign="bottom"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Guestbook
- Administration Centre<br>
Before you can proceed you have to enter a valid password!</font></td>
<td width="45%" align="right" valign="bottom"> <b><font size="1" face="Verdana, Arial, Helvetica, sans-serif"><img src="point.gif" width="9" height="9"><a href="">Back
to Guestbook</a> | <img src="point.gif" width="9" height="9"><a href="addentry.html">Sign
the Guestbook</a></font></b></td>
</tr>
</table>
<form method="post" action="">
<table border="0" cellspacing="1" cellpadding="5" align="center" width="95%">
<tr bgcolor="#BCBCDE">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><b></b></font></td>
</tr>
<tr bgcolor="#EFEFEF">
<td width="30%" bgcolor="#EFEFEF"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Password:</font></td>
<td width="70%">
<input type="password" name="password" size="25">
<input type="hidden" name="admin" value="enter">
</td>
</tr>
<tr bgcolor="#EFEFEF">
<td width="30%" bgcolor="#EFEFEF"></td>
<td width="70%">
<input type="submit" value="Submit">
</td>
</tr>
</table>
</form>
<div align="center"><font face="Arial, Helvetica, sans-serif" color="#CCCCCC" size="1"><b>Guestbook
Version 1.5<br>
© 2000 bp135 - </b></font><b><a href="http://bp135.cjb.net"><font face="Arial, Helvetica, sans-serif" color="#CCCCCC" size="1">http://bp135.cjb.net</font></a></b></div>
</body>
</html>
ENTERHTML
exit (0);
}
sub error {
print "Content-type: text/html\n\n";
print <<ErrorHTML;
<html>
<head>
<title>Guestbook - Error</title>
<meta http-equiv="pragma" content="no-cache">
<style type="text/css">
<!--
td { font-family: Verdana, Arial, Helvetica, sans-serif}
-->
</style>
<base href="/">
<script language="JavaScript">
function goBack() {
history.go(-1);
}
</script>
</head>
<body bgcolor="#FFFFFF" link="#003399">
<table border="0" cellspacing="0" cellpadding="2" align="center" width="95%">
<tr>
<td width="55%" height="40"><font size="4"><b>Guestbook - Error</b></font></td>
<td width="45%" height="40"></td>
</tr>
<tr>
<td width="55%"><font size="2"></font></td>
<td width="45%" align="right"> <b><font size="1"><img src="" width="9" height="9"><a href="javascript:goBack()">Back
to submit form</a> | <img src="" width="9" height="9"><a href="">Back to Guestbook</a></font></b></td>
</tr>
</table><br>
ErrorHTML
if ( eq "fatal") {
print "<table width=\"95%\" border=0 cellspacing=1 cellpadding=5 align=center bgcolor=\"#FFFFFF\">\n";
print "<tr bgcolor=\"#BCBCDE\">\n <td colspan=\"2\"><b><font size=\"2\">Environment Variables</font></b></td>\n </tr>\n";
foreach (sort keys %ENV) {
print " <tr>\n <td bgcolor=\"#D1E0E0\"><font size=\"2\"></font></td>\n <td bgcolor=\"#EFEFEF\"><font size=\"2\"></font></td>\n </tr>\n";
}
print "</table>\n";
}
print "<p align=\"center\"><font face=\"Arial\" size=\"1\" color=\"#CCCCCC\"><b>Guestbook Version 1.5<br>\n";
print " © 2000 bp135 - </b></font><a href=\"http://bp135.cjb.net\" target=\"_blank\"><b><font face=\"Arial\" size=\"1\" color=\"#CCCCCC\">http://bp135.cjb.net</font></b></a></p>\n";
print "</body>\n</html>\n";
exit (0);
}