#!/usr/local/bin/perl ######################################################## # # # DO NOT REMOVE THIS HEADER # # # ######################################################## # # # For Unix/Unix Compatible/Linux/FreeBSD servers. # # # # This script will NOT work on MSWin32 servers. # # # ######################################################## # # # Try changing the first line to #!/usr/local/bin/perl # # if the script does not work for you. # # # ######################################################## # # # COPYRIGHT NOTICE # # Copyright 2000 by Thomas J. Delorme # # All Rights Reserved. # # # # This script may be used provided that it is not # # changed beyond the configuration section. Failure to # # comply voids any and all support privledges. By # # using this script you agree to release the author # # from any liability or damages that might arise from # # its use. Redistributing/selling the code for this # # script without prior written consent is expressly # # forbidden. # # # ######################################################## # # # If you would like to make money with this script, # # please join The Psychosys Perl Affiliate program. # # Details are available at the Psychosys Perl website. # # # ######################################################## # # # EasyGuest v1.1 by Thomas J. Delorme # # Website : http://www.getperl.com # # E-mail : webmaster@getperl.com # # Created : Tuesday, December 14, 1999 # # Revised : Saturday, January 29, 2000 # # # ######################################################## ############ ADJUST THESE VARIABLES ################ # You may not need to change the $mailprog variable. # Try it as is first. If it doesn't work try putting a # in # front of the first line below and remove the # on the # second line. If that fails, try the removing the # on # the third line and put a # in front of the other two. # If that fails, ask your administrator where the sendmail # program is on your system. $mailprogram = '/usr/lib/sendmail'; # $mailprogram = '/usr/lib/sendmail'; # $mailprogram = '/usr/bin/sendmail'; # The date command for your server - try it as is. # Otherwise ask your administrator where it is on your # system. Two popular configs are shown. $datecommand = '/bin/date'; # $datecommand = '/usr/bin/date'; # Name of your website $mysite = 'Studyoversea'; # URL of your website $homepage = 'http://www.yoyoo.com/'; # If you use my EasyList mailing list script, any # e-mail addresses collected by EasyGuest can also # be added to your EasyList mailing list. # Do you want to collect e-mail addresses for # use with the EasyList mailing list program? $useeasylist = 'no'; # If you answered 'yes' above, enter the # PATH of the EasyList log file - include the filename $listpath = '/services/webpages/y/o//yoyoo.com/cgi-bin/testguestth/guestth/emaildata.log'; # PATH of header file - include the filename $headfile = '/services/webpages/y/o/yoyoo.com/cgi-bin/testguestth/guestth/head.txt'; # PATH of footer file - include the filename $footfile = '/services/webpages/y/o//yoyoo.com/cgi-bin/testguestth/guestth/foot.txt'; # PATH of smut file - include the filename $smut = '/services/webpages/y/o//yoyoo.com/cgi-bin/testguestth/guestth/smut.txt'; # PATH to guestbook log - include the filename $guestpath = '/services/webpages/y/o//yoyoo.com/cgi-bin/testguestth/guestth/easyguest.log'; # URL of this script - include the filename $scripturl = 'http://www.yoyoo.com/cgi-bin/testguestth/guestth/easyguest.cgi'; # Password to access admin screen - CHANGE THIS IMMEDIATELY $adminpass = 'studyoversea'; # Change this to your e-mail address # If you're not using PERL 5 on your system ie. version 4 # or earlier, you will need to escape the @ sign like this : # ( \@ instead of just @ ) # # Perl 5 users should be able to enter their straight e-mail address $myemail = 'studyove@samart.co.th'; # Do you want to be notified if anyone tries to guess your admin password? $hacknotify = 'yes'; # Do you want to be notified if someone makes an entry in your guestbook? $entrynotify = 'yes'; # If you want to use file-locking for a more secure database # keep this line as is...if you don't want to use file-locking # or can't use 'flock' change the 1 to 0 # If you have a high-traffic site, I strongly suggest you use # file-locking. $uselock = '1'; # Do you want to disable HTML in the entries? $nohtml = 'yes'; # Do you want to censor adult language in the entries? $nosmut = 'yes'; # Edit this one to choose the font for the guestbook entries # DO NOT use " or any special characters # Use below for an example of what is allowed # Also do not set a font size as the script does this automatically $font = 'FACE=arial,helvetica,sans-serif COLOR=000000'; # Enter the HTML Hex color for the Entry Title Block $titlecolor = '#FF3300'; # Enter the HTML Hex color for the Entry Info Block $infocolor = 'BBBBBB'; # Enter the HTML Hex color for the Entry Comment Block $commentcolor = 'DDDDDD'; # Enter the number of entries to show per page $perpage = '100'; #################### STOP HERE! #################### # # # You may now upload this file to your server, using # # the instructions you received in the readme.txt file # # # ######################################################## # # # WARNING : Changing anything in this box or below # # may damage the script. # # # ######################################################## # Get the form variables if ($ENV{'REQUEST_METHOD'} eq 'GET') { $buffer = $ENV{'QUERY_STRING'}; } else { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); } # Break em up into a format the script can read @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; } $datenow = `$datecommand +"%D"`; $timenow = `$datecommand +"%T (%Z)"`; chomp ($datenow); chomp ($timenow); open (FILE, "$headfile"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } @header = ; if ($uselock eq '1') { flock FILE, 8; } close (FILE); open (FILE, "$footfile"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } @footer = ; if ($uselock eq '1') { flock FILE, 8; } close (FILE); # Decide which part of the script we need if ($FORM{'action'} eq 'showform') { &showform; } if ($FORM{'action'} eq 'enterguest') { &enterguest; } if ($FORM{'action'} eq 'admin') { &admin; } &guestread; sub guestread { open (FILE, "$guestpath"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } @guestfile = ; if ($uselock eq '1') { flock FILE, 8; } close (FILE); $entrynumber = @guestfile; ++$entrynumber; print "Content-type: text/html\n\n"; &header; print "

$mysite Guestbook

\n"; print "

\n"; if (!$FORM{'start'}) { for ($x = 0; $x < $perpage; $x++) { if ($guestfile[$x] ne "") { @entry = split (/::/,$guestfile[$x]); print "

\n \n \n \n \n \n \n \n \n \n \n \n
\n $entry[2]\n \n Entry : $entry[10]\n
\n City : $entry[3]\n \n State/Prov. :ѧѴ $entry[4]\n \n Country : $entry[5]\n
\n Date :ѹ $entry[0]\n \n Time : $entry[1]\n \n Site Rating :ṹ䫵 $entry[8] out of 10\n
\n URL :䫵ͧس $entry[6]\n
\n E-mail :ʹ $entry[7]
\n Comments :ӵԪ (ѡ䫵ҧ)

\n \n $entry[9]\n

\n

\n"; } else { print "
End Of Entries.

\n"; print "
Powered by yoyoo guestbook
Provide By yoyoo.com
All Rights Reserved.
\n"; &footer; exit; } } $newstart = $perpage + 1; print "

\n"; print "
Powered by yoyoo guestbook
Provide By Thomas yoyoo.com
All Rights Reserved.
\n"; } if ($FORM{'start'}) { for ($x = $FORM{'start'} - 1; $x < $perpage + $FORM{'start'} - 1; $x++) { if ($guestfile[$x] ne "") { @entry = split (/::/,$guestfile[$x]); print "

\n \n \n \n \n \n \n \n \n \n \n \n
\n $entry[2]\n \n Entry : $entry[10]\n
\n City : $entry[3]\n \n State/Prov. : $entry[4]\n \n Country : $entry[5]\n
\n Date : $entry[0]\n \n Time : $entry[1]\n \n Site Rating : $entry[8] out of 10\n
\n URL : $entry[6]\n
\n E-mail : $entry[7]
\n Comments :

\n \n $entry[9]\n

\n

\n"; } else { print "
End Of Entries.

\n"; print "
Powered by EasyGuest
Copyright 1999 By Thomas J. Delorme
All Rights Reserved.
\n"; &footer; exit; } } $newstart = $FORM{'start'} + $perpage; print "

\n"; print "
Powered by EasyGuest
Copyright 1999 By Thomas J. Delorme
All Rights Reserved.
\n"; } &footer; exit; } sub showform { print "Content-type: text/html\n\n"; &header; print "

\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
\n"; print "
Add Guestbook Entry
\n"; print "Please fill out the following information and press the SUBMIT button.
\n"; print "ԭͤ͡ǡ SUBMIT button.
\n"; print "
Your Name :
City :
State/Prov. :ѧѴ
Country :
Your URL :䫵ͧس
Your E-Mail :ʹ
Rate This Site :ṹ䫵
(10 being best)

Comments :ӵԪ (ѡ䫵ҧ)

\n"; print "\n"; print "\n"; print "\n"; print "


\n"; print "\n"; print "Powered by yoyoo guestbook
\n"; print "Provide By yoyoo.com
\n"; print "All Rights Reserved.
\n"; print "\n"; print "
\n"; &footer; exit; } sub enterguest { if ($useeasylist eq 'yes') { if ($FORM{'email'} =~ /\@/) { open (FILE, ">>$listpath"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 2; } print FILE "$FORM{'email'}\n"; if ($uselock eq '1') { flock FILE, 8; } close (FILE); } } open (FILE, "$guestpath"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } @guestfile = ; if ($uselock eq '1') { flock FILE, 8; } close (FILE); $entrynumber = @guestfile; ++$entrynumber; if ($nohtml eq 'yes') { &htmlfilter; } if ($nosmut eq 'yes') { &smutfilter; } open (FILE, ">$guestpath"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } print FILE "$FORM{'date'}::$FORM{'time'}::$FORM{'name'}::$FORM{'city'}::$FORM{'state'}::$FORM{'country'}::$FORM{'url'}::$FORM{'email'}::$FORM{'rating'}::$FORM{'comments'}::$entrynumber\n"; foreach $line (@guestfile) { print FILE "$line"; } if ($uselock eq '1') { flock FILE, 8; } close (FILE); if ($entrynotify eq 'yes') { open (MAIL,"|$mailprogram -t"); print MAIL "To: $myemail\n"; print MAIL "From: $myemail\n"; print MAIL "Subject: Guestbook Entry\n"; print MAIL "Someone signed your guestbook!\n\n"; print MAIL "Here is what they entered in the guestbook: \n\n"; print MAIL "--------------------------------------------\n"; print MAIL "Name : $FORM{'name'}\n"; print MAIL "City : $FORM{'city'}\n"; print MAIL "State :ѧѴ $FORM{'state'}\n"; print MAIL "Country : $FORM{'country'}\n"; print MAIL "URL :䫵ͧس $FORM{'url'}\n"; print MAIL "E-Mail :ʹ $FORM{'email'}\n"; print MAIL "Rating : $FORM{'rating'} out of 10\n"; print MAIL "Comments :ṹ䫵 $FORM{'comments'}\n\n"; print MAIL "To view your guestbook, go here: 硢ͤ...\n"; print MAIL "$scripturl\n"; print MAIL "--------------------------------------------\n"; print MAIL "Powered by : yoyoo.com\n"; print MAIL "Provide by yoyoo.com\n"; print MAIL "Get it at : http://www.yoyoo.com\n"; print MAIL "--------------------------------------------\n"; close (MAIL); } if ($FORM{'email'} =~ /\@/) { open (MAIL,"|$mailprogram -t"); print MAIL "To: $FORM{'email'}\n"; print MAIL "From: $myemail\n"; print MAIL "Subject: Thanks! ͺسҡѺ\n"; print MAIL "Thank-you for signing my guestbook!\n\n"; print MAIL "ͺسҡѺ ѺӵԪй任Ѻا Ѻ աФѺ!\n\n"; print MAIL "Please visit $mysite again located at\n"; print MAIL "$homepage\n"; print MAIL "to see if anything new has been added\n"; print MAIL "since your last visit!\n\n"; print MAIL "Here is what you entered in the guestbook: \n\n"; print MAIL "--------------------------------------------\n"; print MAIL "Name : $FORM{'name'}\n"; print MAIL "City : $FORM{'city'}\n"; print MAIL "State :ѧѴ $FORM{'state'}\n"; print MAIL "Country : $FORM{'country'}\n"; print MAIL "URL :䫵ͧس $FORM{'url'}\n"; print MAIL "E-Mail :ʹ $FORM{'email'}\n"; print MAIL "Rating :ṹ䫵 $FORM{'rating'} out of 10\n"; print MAIL "Comments ::ӵԪ $FORM{'comments'}\n"; print MAIL "--------------------------------------------\n"; print MAIL "Thanks,\n\n"; print MAIL "$mysite staff\n\n"; print MAIL "--------------------------------------------\n"; print MAIL "Powered by : yoyoo.com\n"; print MAIL "Copyright 1999 by Thomas J. Delorme\n"; print MAIL "Get it at : http://www.getperl.com\n"; print MAIL "--------------------------------------------\n"; close (MAIL); } print "Content-type: text/html\n\n"; &header; print ""; print "
\n"; print "Thanks for your entry!

\n"; print "ͺسҡѺ!

\n"; print "硢ͤѺ View Your Entry.\n"; print "

\n"; &footer; exit; } sub header { foreach $line (@header) { print "$line\n"; } } sub footer { foreach $line (@footer) { print "$line\n"; } } sub htmlfilter { $FORM{'name'} =~ s/<([^>]|\n)*>//g; $FORM{'city'} =~ s/<([^>]|\n)*>//g; $FORM{'state'} =~ s/<([^>]|\n)*>//g; $FORM{'url'} =~ s/<([^>]|\n)*>//g; $FORM{'email'} =~ s/<([^>]|\n)*>//g; $FORM{'comments'} =~ s/<([^>]|\n)*>//g; } sub smutfilter { open (FILE, "$smut"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } @smutfile = ; if ($uselock eq '1') { flock FILE, 8; } close (FILE); $censored = $smutfile[0]; @smutwords = split(/::/,$censored); foreach $word (@smutwords) { $FORM{'name'} =~ s/$word/****/gi; $FORM{'city'} =~ s/$word/****/gi; $FORM{'state'} =~ s/$word/****/gi; $FORM{'url'} =~ s/$word/****/gi; $FORM{'email'} =~ s/$word/****/gi; $FORM{'comments'} =~ s/$word/****/gi; } } sub admin { if ($FORM{'password'}) { if ($FORM{'password'} eq $adminpass) { if ($FORM{'erase'}) { open (FILE, "$guestpath"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } @guestfile = ; if ($uselock eq '1') { flock FILE, 8; } close (FILE); open (FILE, ">$guestpath"); if ($uselock eq '1') { flock FILE, 2; seek FILE, 0, 0; } foreach $line (@guestfile) { chomp ($line); @thisentry = split (/::/,$line); if ($thisentry[10] ne $FORM{'erase'}) { print FILE "$line\n"; } } if ($uselock eq '1') { flock FILE, 8; } close (FILE); print "Content-type: text/html\n\n"; &header; print "

\n"; print "
\n"; print "

Administration

\n"; print "Entry Number $FORM{'erase'} erased!

\n"; print "Next Entry Number to erase : \n"; print "

\n"; print "Click here to Return

\n"; print "

\n"; &footer; exit; } else { print "Content-type: text/html\n\n"; &header; print "

\n"; print "
\n"; print "

Administration

\n"; print "Entry Number to erase : \n"; print "

\n"; print "Click here to Return

\n"; print "

\n"; &footer; exit; } } if ($FORM{'password'} ne $adminpass) { print "Content-type: text/html\n\n"; print "Administration - PASSWORD BREACH\n"; print "\n"; print "

PASSWORD BREACH - WEBMASTER HAS BEEN NOTIFIED

\n"; print "You have been identified as : $ENV{'REMOTE_ADDR'}\n"; print "\n"; if ($hacknotify eq 'yes') { open (MAIL,"|$mailprogram -t"); print MAIL "To: $myemail\n"; print MAIL "From: $myemail\n"; print MAIL "Subject: Attempted Hack!\n"; print MAIL "Someone has attempted to hack into your\n"; print MAIL "Admin area.\n\n"; print MAIL "Their IP was : $ENV{'REMOTE_ADDR'}\n"; print MAIL "Their guess was : $FORM{'password'}\n\n"; print MAIL "If they were close you should change your password now!\n\n"; print MAIL "This message is a security feature of your Script!\n\n"; print MAIL "--------------------------------------------\n"; print MAIL "Powered by : yoyoo.com\n"; print MAIL "Provide by yoyoo.com\n"; print MAIL "Get it at : http://www.yoyoo.com\n"; print MAIL "--------------------------------------------\n"; close (MAIL); } } } if (!$FORM{'password'}) { print "Content-type: text/html\n\n"; &header; print "

Administration

\n"; print "\n"; print "\n"; print "
Admin Password :
\n"; print "Click here to Return.

\n"; &footer; } exit; }