#!/usr/bin/perl ################ # basic set up # ################ $pswd = "password"; $seed = "ob"; #$addrss = 'nobody@visitware.com'; $smpath = "/usr/sbin/sendmail"; $html = "http://localhost/bbs.html"; $dfile = "data.txt"; $tfile = "temp.dat"; $arch = "A-"; $max = 512; $wait = 3; $lexp = 15; $dname = "Guest"; $dttle = "Hello"; $dcmmt = "I just want to say hello."; $chck = "delete / archive checked"; $aok = "All OK"; $aall = "Archive all"; $dall = "Delete all"; $erro0 = "This is not CGI error."; $erro1 = "Fail to handle data/temp file."; $erro2 = "Someone is writing on Board right now."; $erro3 = "If it persists, please inform the admin."; $erro4 = "The CGI stalled. This may be serious."; $erro5 = "Fail to handle directory."; ($bfile = $html) =~ s/(.*)\///; $cgi = "http://$ENV{'SERVER_NAME'}$ENV{'SCRIPT_NAME'}"; #chdir "/home/httpd/html/" or &error1("LINE-32",$erro5,$erro3,$!); ############### # main script # ############### if ($ENV{'REQUEST_METHOD'} ne 'POST') { &strts; } else { read(STDIN, $input, $ENV{'CONTENT_LENGTH'}); @pair = split(/&/, $input); foreach (@pair) { ($name, $value) = split(/=/); $value =~ tr/+/ /; $value =~ s/%0D%0A/
/g; $value =~ s/%0A/
/g; $value =~ s/%0D/
/g; $value =~ s/%09/     /g; $value =~ s/%3C/</g; $value =~ s/%3E/>/g; $value =~ s/%(..)/pack("c", hex($1))/ge; $data{$name} = $value; } if ($data{'from'} eq "login") {&login;} elsif ($data{'from'} eq "edit") {&edit;} } &bbs; ########## # to bbs # ########## sub tobbs { open (BBSF, ">$bfile") or &error2("LINE-67",$erro1,$erro3,$!); print BBSF <<"HTML_HEAD"; DoubleMessageBoard

DoubleMessageBoard

Your Name:
Email Address:
Title:

Comments: (If no message is sent, standard greeting is automatically registered.)

HTML_HEAD open (DATAF, "<$dfile") or &error1("LINE-96",$erro1,$erro3,$!); while ($dataf = ) {print BBSF $dataf;} close DATAF; print BBSF <<"HTML_FOOT";

DoubleMessageBoard
is visitware, pay me visit! HTML_FOOT close BBSF; } ###################### # new message to bbs # ###################### sub bbs { if (-e $tfile) { if (-M $tfile > ($lexp/1440)) { utime time, time, $tfile; } else { &error1($erro0,$erro2,$erro3,$!); } } open(LOCK, ">$tfile") or &error1("LINE-125",$erro1,$erro3,$!); $time = time; $posted = gmtime($time); if ($data{'name'} eq "") {$data{'name'} = $dname;} if ($data{'email'}) { $gname = "$data{'name'}"; } else { $gname = $data{'name'}; } if ($data{'title'} eq "") {$data{'title'} = $dttle;} $data{'comments'} =~ s/(https?:\/\/[\w\/\.\-\~\?\=\&\+\%#_]+)/$1<\/a>/g; $size = length $data{'comments'}; if ($size < 1) {$data{'comments'} = $dcmmt;} elsif ($max < $size) {&dent;} ### new data ### $msg = <<"NEW_DATA";

$gname ($posted)

$data{'title'}

$data{'comments'} NEW_DATA $msg =~ tr/\n/ /s; print LOCK "\t$msg\n"; open(DATAF, "<$dfile") or &error2("LINE-154",$erro1,$erro3,$!); while ($dataf = ) {print LOCK $dataf;} close DATAF; close LOCK; rename ($tfile, $dfile) or &error1("LINE-159",$erro1,$erro3,$!); &tobbs; &thank; ### mail notice start ### if ($addrss) { open (MAIL, "|$smpath -t -oi"); print MAIL <<"MAIL_NOTICE"; To: $addrss Subject: New Entry to your Message Board $data{'title'} MAIL_NOTICE close MAIL; } exit; } ####################### # daughterboard entry # ####################### sub dent { open(DFL, ">$time.html") or &error2("LINE-184",$erro1,$erro3,$!); print DFL <<"HTML_DAUG"; DaughterBoard $data{'title'}

$data{'comments'} HTML_DAUG close DFL; $data{'comments'} = substr($data{'comments'}, 0, $max); $op = $data{'comments'} =~ tr//>/; if ($op > $cl) {$data{'comments'} =~ s/(.*)<.*/$1/s;} $op = $data{'comments'} =~ s/ $cl) {$data{'comments'} =~ s/(.*)<.*/$1/s;} $cutoff = ($size - (length $data{'comments'})); ### link to daughterboard ### $data{'comments'} .= "

$cutoff more byte(s), click here!"; } ##################### # thank you message # ##################### sub thank { print <<"THANK_YOU"; REFRESH: $wait;URL=$html Content-type: text/html Thank you :-)

Dear $data{'name'},

Your comments have been successfully added.
Now, you will be back to the MessageBoard.

THANK_YOU } ################## # edit data file # ################## sub edit { $pswd = crypt($pswd,$seed); if ($data{'pswd'} ne $pswd) { die("Corrupted password. $!"); } unless (-e $tfile) { die "The operation time allowance is expired. Please re-try. $!"; } if ($data{'submit'} eq $aok) { unlink $tfile; } else { open (LOCK, ">$tfile") or die "Check the permission of $tfile or its directory $!"; open (DATAF, "<$dfile") or die "Check the permission of $dfile or its directory $!"; $time = time(); $arch .= $time.".html"; open (ARCH, ">$arch") or die "Check the permission of your directory $!"; ### archive page ### print ARCH <<"ARCH_HEAD"; Archives

DoubleMessageBoard Archives

back to the message board top page. ARCH_HEAD $posi = tell(ARCH); while ($dataf = ) { ++$i; if ($dataf =~ /^\t/\n/; print ARCH $dataf; } else { print LOCK $dataf; } } else { if ($data{'submit'} eq $dall) { $data{$i} = "D"; } elsif ($data{'submit'} eq $aall) { $data{$i} = "A"; } if ($data{$i} eq "D") { ($daugh,$tail) = split(/\t/,$dataf); $daugh =~ s//$1.html/; if (-e $daugh) {unlink $daugh or $msg .= "
$daugh";} } elsif ($data{$i} eq "A") { $dataf =~ s/^\t/\n/; print ARCH $dataf; } else { print LOCK $dataf; } } } close DATAF; if ($posi < (tell(ARCH))) { print ARCH <<"ARCH_FOOT";

DoubleMessageBoard
is visitware, pay me visit! ARCH_FOOT close ARCH; ### link to archives ### print LOCK "\t

... more articles, click here!\n"; } else { close ARCH; unlink $arch; } close LOCK; rename ($tfile, $dfile) or die "Re-try or use FTP to overwrite $dfile by $tfile $!"; &tobbs; } if ($msg) { &error1("Following file(s) can not be deleted:",$msg,$!); } else { print "Content-type: text/plain\n\nThe operation is completed."; } exit; } ################ # starts login # ################ sub strts { print <<"HTML_LOGIN"; Cache-Control: no-cache Pragma: no-cache Content-type: text/html Webmaster Only!

This is the webmaster's administrative page.

If you are here by mistake,
DoubleMessageBoard is Here.

PLEASE ENTER


If you are here to hack the site, please don't.

Password:
HTML_LOGIN exit; } ############## # admin page # ############## sub login { if ($data{'pswd'} ne $pswd) { die "Wrong password."; } unless (-e $dfile) { open(DATAF, ">>$dfile") or die "Check the permission of MessageBoard directory $!"; print DATAF "\t
\n"; close DATAF; &tobbs; print "Location: $html\n\n"; exit; } if (-e $tfile) { if (-M $tfile > (1/1440)) { utime time, time, $tfile; } else { die $erro2; } } else { open(TFILE, ">$tfile") or die "Check the permission of message board directory $!"; close TFILE; } $day = gmtime($lexp*60 + time); $day =~ s/ / 0/; ($wday,$mon,$day,$hms,$year) = split(/ /,$day); $pswd = crypt($pswd,$seed); ### editor page head ### print <<"HTML_HEAD"; Expires: $wday, $day $mon $year $hms GMT Content-type: text/html Webmaster Only!

DoubleMessageBoard

Welcome to the webmaster's tool!
HTML_HEAD ### editor page body ### open(DATAF, "<$dfile") or die "Check the permission of $dfile or its directory $!"; while ($dataf = ) { if ($dataf =~ /^