# FILE: src-board-subs-100 #------------------------------------------------------------------------------- # DISCUS VERSION 3.10 COPYRIGHT NOTICE # # Discus 3.10 is copyright (c) 2000 by DiscusWare, LLC, all rights reserved. # The use of Discus is governed by the Discus License Agreement which is # available from the Discus WWW site at: # http://www.discusware.com/discus/license # # Pursuant to the Discus License Agreement, this copyright notice may not be # removed or altered in any way. #------------------------------------------------------------------------------- # # -------------------------------------------------------------------------------- # ATTENTION! THIS FILE IS PART OF THE DISCUS PRO DISTRIBUTION AND IS COMMERCIAL # SOFTWARE. REDISTRIBUTION OF THIS FILE IS STRICTLY PROHIBITED AND WILL RESULT IN # PROSECUTION TO THE MAXIMUM EXTENT OF THE LAW. YOU ARE NOT PERMITTED TO REMOVE # THIS NOTICE UNDER ANY CIRCUMSTANCES. # -------------------------------------------------------------------------------- #---SEPARATOR---# #REQ:get_authorized_topics #REQ:validate_auths sub log_authorization { my (@log, @topic_seen, @file, $line, $o, @auth, @forbid, $t); @topics = @_; undef @topic_seen; @auth = &get_authorized_topics; foreach $o (@topics) { if (!-e "$message_dir/$o") { @auth = &validate_auths($o); push (@forbid, $o) if !grep(/^$o$/, @auth); push (@secure, $o); push (@topic_seen, $o) if grep(/^$o$/, @auth); } else { push (@topic_seen, $o); } } return @topic_seen; } #---SEPARATOR---# sub get_authorized_topics { my (@auth, $line, @keys, $key, $topic, @file, $key_save); undef @auth; @keys = keys(%COOKIE); foreach $key (@keys) { if ($key =~ m|^auth(\d+)$COOKIE_ID|) { $topic = $1; if (open (FILE, "$secdir/$topic/passwd.txt")) { @file = ; close (FILE); $line = $file[0]; $line =~ s/\s+$//; $guess = crypt($line, "cookie"); if ($COOKIE{$key} eq $guess) { push (@auth, $topic); } } } } return @auth; } #---SEPARATOR---# sub userapp_result { &header; print "User Queue\n"; print "\n"; print "\n"; print "$fs
User Queue
\n"; print "\n"; print "User Manager: "; print "User Queue (Account Approved)

\n"; print "This server is not configured to send automatic notice to approved user(s)\n"; print "containing their initial login information. The text of these notices, and\n"; print "their intended recipients, are contained on this page for your convenience.\n"; print "To notify these new users of their accounts, you need to send these messages\n"; print "to each user.

\n"; foreach $line (@MESSAGE_OUT) { ($email, $text) = split(/\t/, $line, 2); print "
$fs\n"; print "$email

\n"; print "

$text

\n"; } print "

After sending these messages to the approved user(s), you can return to\n"; print "your User Queue.\n"; print "\n"; exit(0); } #---SEPARATOR---# #REQ:change_board_colors sub topic_security { my ($topic) = @_; open (FILE, "$admin_dir/security.txt"); @file = ; close (FILE); ($tl) = grep(/^$topic:/, @file); ($tn, $ip) = split(/:/, $tl); if ($ip eq "~") { $public = 1; $sourcedir = "$secdir/$topic"; $destdir = "$message_dir/$topic"; } else { $public = 0; $destdir = "$secdir/$topic"; $sourcedir = "$message_dir/$topic"; } if (-e $destdir && -e $sourcedir) { if ($topic eq "") { $FORMPARAM = ""; foreach $key (sort(keys(%FORM))) { $FORMPARAM .= "$key=$FORM{$key}\n"; } &error_message("Directory Error", "Unable to change public/private reading. This error should never occur. Please note the following parameters:

$FORMPARAM
", 0, 1); } &error_message("Directory Error", "Unable to change public/private reading because $destdir and $sourcedir both exist. One of these directories must be removed manually by telnet or FTP."); } return 0 if ($public == 1 && -e "$message_dir/$topic"); return 0 if ($public == 0 && -e "$secdir/$topic"); undef @files; &lock("topic_security", "*"); if ($platform eq "NT" || $NT || $platform =~ m|NT|i) { $code = 0; } else { $code = rename($sourcedir, $destdir); } if ($code == 1) { &unlock("topic_security", "*"); } else { undef @errors; opendir(SRC, "$sourcedir"); while ($name = readdir(SRC)) { push (@files, $name); } closedir(SRC); if (!-e $destdir) { if (!(mkdir("$destdir", oct($perms0777)))) { &unlock("topic_security", "*"); &error_message("Directory Creation Error", "Could not create destination directory $destdir ($!)."); } else { chmod (oct($perms0777), "$destdir"); } } foreach $file (@files) { next if $file =~ m|^\.+$|; open (SRC, "$sourcedir/$file") || push (@errors, "Could not open $sourcedir/$file. Reason: $!"); binmode(SRC); open (DEST, ">$destdir/$file") || push (@errors, "Could not write $destdir/$file. Reason: $!"); binmode(DEST); while () { print DEST; } close (SRC); close (DEST); if (-e "$destdir/$file") { unlink("$sourcedir/$file") || push (@errors, "Could not delete $sourcedir/$file. Reason: $!"); chmod(oct($perms0666), "$destdir/$file"); } } &unlock("topic_security", "*"); if (rmdir("$sourcedir")) { # All is well } else { opendir(DIR, "$sourcedir"); while ($file = readdir(DIR)) { next if $file =~ m|^\.+|; if (opendir(DIR2, "$sourcedir/$file")) { while ($file2 = readdir(DIR2)) { if ($file2 !~ m|^\.+|) { unlink("$sourcedir/$file/$file2"); } } closedir(DIR2); } rmdir("$sourcedir/$file"); } closedir(DIR); if (rmdir("$sourcedir")) { # All is well } else { &error_message("Directory Removal Error", "Could not remove old directory ($sourcedir) when copying files to destination directory ($destdir).

To recover from this:

  1. Make sure $sourcedir is empty (delete anything that might still be there).

  2. Delete $sourcedir.

  3. Use the Board Manager to regenerate your topic list.
", 0, 1); } } } unlink ("$sourcedir/passwd.txt"); unlink ("$destdir/passwd.txt"); $time = join("", $$, time); if (open (PASS, ">$secdir/$topic/passwd.txt")) { print PASS $time; close (PASS); } my ($head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src, $description_src) = &get_page($topic,$topic); if ($DP{'icons'} == 1 && $public == 0) { $DP{'icons'} = 2; } elsif ($DP{'icons'} == 2 && $public == 1) { $DP{'icons'} = 1; } elsif ($DP{'icons'} == 0) { $DP{'icons'} = 1 if $public == 1; $DP{'icons'} = 2 if $public == 0; } &set_page($topic, $topic, $head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src, $description_src); &change_board_colors("*"); if (-e "$sourcedir" && scalar(@errors)) { $e = join("
", @errors); &error_message("File move errors", "The following errors occurred while moving files from source to destination directories:

$e", 0, 1); } } #---SEPARATOR---# sub access_edit { my ($topic, $file, $modgroup, $usergroup, $gpass, $banned_ips, $allowed_ips) = @_; &lock("access_edit", "$admin_dir/$file.txt"); open (FILE, "$admin_dir/$file.txt") || &error_message("File open error", "Could not open $admin_dir/$file.txt!"); @file = ; close (FILE); @file = grep(/\S/, @file); if (grep(/^$topic:/, @file)) { ($line) = grep(/^$topic:/, @file); @file = grep(!/^$topic:/, @file); ($tn, $ip, $usr, $mod, $pas) = split(/:/, $line); } else { $line = "$topic::::"; $ip = ""; $usr = ""; $mod = ""; $pas = "\n"; } $was_public = 0; $was_public = 1 if $ip ne ""; $was_public = 2 if $line =~ /::::\s*$/; if ($banned_ips ne "***") { @ip = split(/,/, $banned_ips); foreach $ip (@ip) { $ip =~ s/~//g; $ip =~ s/\*/~/g; $ip =~ s/[^\w\.\-~]//g; $ip = "!$ip" if $ip ne ""; } @ip_final = @ip; } if ($allowed_ips ne "***") { @ip = split(/,/, $allowed_ips); foreach $ip (@ip) { $ip =~ s/~//g; $ip =~ s/\*/~/g; $ip =~ s/[^\w\.\-~]//g; push (@ip_final, $ip); } @ip_final = grep(/\S/, @ip_final); } if ($allowed_ips ne "***" || $banned_ips ne "***") { $ip = join(",", @ip_final); } if ($usergroup ne "***") { if ($usergroup ne "~") { @ug = split(/,/, $usergroup); foreach $u (@ug) { $u =~ s/\W//g; } $usr = join(",", @ug); } else { $usr = "~"; } } if ($modgroup ne "***") { if ($modgroup ne "~") { @ug = split(/,/, $modgroup); foreach $u (@ug) { $u =~ s/\W//g; } $mod = join(",", @ug); } else { $mod = "~"; } } if ($gpass ne "***") { if ($gpass ne "" && $gpass ne "*" && $gpass =~ /\S/) { srand(time); undef (@salt); for ($i=1; $i<=2; $i++) { push (@salt, int(rand(26))+65); } $salt = pack('c2', @salt); $pas = crypt($gpass, $salt); } elsif ($gpass eq "" || $gpass !~ /\S/) { $pas = ""; } } $line = join(":", $topic, $ip, $usr, $mod, $pas); $line .= "\n"; push (@file, $line); open (FILE, ">$admin_dir/$file.txt") || &error_message("File write error", "Could not write $admin_dir/$file.txt because: $!!"); print FILE @file; close (FILE); &unlock("access_edit", "$admin_dir/$file.txt"); } #---SEPARATOR---# #REQ:send_email_message #REQ:notification_message sub email_notification_pro { my ($topic, $page, $postby, $message_in, $username, $groupname, $modonly, $postnum) = @_; my ($user); undef @addresses; undef %addresses; require "$admin_dir/source/src-board-subs-admin"; &extract("//$topic/$page.$ext", "", "email_notification_pro[1]"); undef @parents; $lev1 = $level_number{'1'}; open (PASSWD, "$admin_dir/passwd.txt"); @passwd = ; close (PASSWD); if (!$modonly && !$GLOBAL_OPTIONS{send_mail_only_admins} == 1) { open (USERS, "$admin_dir/users.txt"); @users = ; close (USERS); } else { undef @users; } foreach $line (@passwd) { $line =~ s/\s*$//; if ($modonly) { $user = (split(/:/, $line))[0]; next if !&verify_owner($owner, $user); } push (@users, "$line:MODERATOR\n"); } @user = grep(/^$username:/, @users); ($uline) = grep(/:$groupname\s*$/, @user); if ($uline) { $line = $uline; $line =~ s/\s*$//; ($user, $pass, $email, $full, $edit, $notify, $last, $group) = split(/:/, $line); $mod = 0; $mod = 1 if $group eq "MODERATOR"; if ($email =~ m|^([\w\-\.\+]+)\@([\w\-\.\+]+)$|) { $t = $2; if ($t !~ m|^\.| && $t !~ m|\.$|) { $addresses{$email} = 1; @emt = split(/,/, $notify); if (grep(/^0$/, @emt)) { push (@addresses, "$email||$user||$pass||$mod"); } } } } undef %seenusr; open (LOG, "$admin_dir/msg_index/$topic-log.txt"); while () { @c = split(/;/); if ($c[3] eq "$topic/$page") { $seenusr{$c[1]} = 1; } } close (LOG); foreach $line (@users) { $line =~ s/\s*$//; ($user, $pass, $email, $full, $edit, $notify, $last, $group) = split(/:/, $line); next if $addresses{$email}; next if $email !~ m|^([\w\-\.\+]+)\@([\w\-\.\+]+)$|; $email =~ m|^([\w\-\.\+]+)\@([\w\-\.\+]+)$|; $t = $2; next if $t =~ m|^\.|; next if $t =~ m|\.$|; $group =~ s/\s*$//; @emt = split(/,/, $notify); $ul = "$user:$group"; if (grep(/^00$/, @emt)) { if ($seenusr{$ul} == 1) { push (@addresses, "$email||$user||$pass||$mod") if $addresses{$email} != 1; $addresses{$email} = 1; next; } } $flag = 0; Q: foreach $l (@emt) { if ($l =~ m|^(\d+)/|) { next Q if $1 != $topic; $flag = 1; $extra = $'; last Q; } else { next Q if $l != $topic; $flag = 1; $extra = ""; last Q; } } next if $flag == 0; $mod = 0; $mod = 1 if $group eq "MODERATOR"; if ($extra eq "") { push (@addresses, "$email||$user||$pass||$mod"); $addresses{$email} = 1; } else { @spl = split(/&/, $extra); $flag = 0; Q: foreach $k (@spl) { if ($k == $lev1) { push (@addresses, "$email||$user||$pass||$mod"); $addresses{$email} = 1; last Q; } } } } if (scalar(@addresses)) { $addresses = join(",", @addresses); open (CFG, "$admin_dir/email.txt"); @cfg = ; close (CFG); foreach $line (@cfg) { if ($line =~ m|^(\w+)=(.*)|) { $o = $1; $t = $2; $t = &unescape($t) if $t !~ /\s/; $email{$o} = $t; } } &extract("//$topic/$page.$ext"); $topic_temp = $topic_name; $titlestr = "$title: $topic_temp"; $emts = "$topic_temp"; foreach $key (sort {$a <=> $b} keys(%level_number)) { $topic_temp = $level_name{$key}; $titlestr .= ": $topic_temp"; $emts .= ": $topic_temp"; } $emts = $me_name if $email{'subjectline'} == 2; $emts_result = &prepare_variable($emts); $titlestr_result = &prepare_variable($titlestr); if ($email{'subjectline'} != 1) { $subject_result = &prepare_variable($emts_result, 1) if $email{'subjectaddress'} != 0; $subject_result = &prepare_variable($emts_result) if $email{'subjectaddress'} == 0; } elsif ($email{'subjectline'} == 1) { $subject_result = &prepare_variable($email{'static'}, 1) if $email{'subjectaddress'} != 0; $subject_result = &prepare_variable($email{'static'}) if $email{'subjectaddress'} == 0; } $subject_result = $L{EMAIL_TO_QUEUE_SUBJ} . " " . $subject_result if $modonly; $postby_result = &prepare_variable($postby); $message_result = $message_in; $message_result = "$L{EMAIL_TO_QUEUE}\n\n$message_result" if $modonly; if ($email{'sendtext'} == 0 && $modonly == 0) { $message_result = $L{EMAIL_NOTIFY_NOTEXT}; } $pb = $L{POSTBY}; ($datetime) = &get_date_time("long"); $pb =~ s/\%name/$postby_result/g; $pb =~ s/\%date/$datetime/g; $pb = &prepare_variable($pb); ($text_out) = ¬ification_message($titlestr_result, $pb, $message_result, 0, $topic_number, $me_number, "", "", $postnum); &send_email_message($addresses, $subject_result, $text_out, "", $topic_number, $me_number); } } sub prepare_variable { my ($msg, $remove_metachar) = @_; $msg =~ s/
/\n/g; $msg =~ s/([^/$1/g; $msg =~ s/

  • /\n\* /g; $msg =~ s/<\/UL>/\n\n/g; $msg =~ s/<[^>]*>//g; $msg = &char_convert($msg, 1); $msg =~ s/>/>/g; $msg =~ s/</Log Analysis\n"; print '$fs\n"; print "
    Log Analysis
    \n"; print "
    \n"; $flag = 0; if ($GLOBAL_OPTIONS{'access_log'}) { $g = $GLOBAL_OPTIONS{'access_log'}; $g =~ s/\\/\//g; if ($g !~ m|^([\w\-\.\+\/\:]+)$|) { $flag = 1; } elsif (!-r $g) { $flag = 1; } } else { $flag = 1; } print "
    \n"; print "

    Analyze"; print " Access Log or" if $flag == 0; print " Posting Log

    \n"; print "
    $fs"; print "Topic(s) to Analyze:

      \n"; open (FILE, "$message_dir/$board_topics_file"); @lines = ; close(FILE); $ts = 0; foreach $line (@lines) { if ($line =~ //) { $filenumber = $1; $tc += 1; $string = "//$filenumber/$filenumber.$ext"; &extract("$string"); if (&verify_owner($owner,$username)) { print " $topic_name
      \n"; $ts = 1; } } } if ($ts == 0) { print "You are not authorized to analyze the log for any topics.\n"; print "
    \n"; print "
    \n"; exit(0); } print "

    \n"; print "Select Analysis to Perform:

    \n"; print "

      \n"; if ($flag == 0) { print " Count "hits" on pages from server access log

      \n"; print "

        \n"; @d = ("", "_1", "_2", "_3", "_4"); foreach $d (@d) { $dp = $d; $dp = "P" if $d eq ""; print " ", $GLOBAL_OPTIONS{"access_log$d"} if ($GLOBAL_OPTIONS{"access_log$d"} ne "" && $GLOBAL_OPTIONS{"access_log$d"} ne "0"); print "
        \n" if ($GLOBAL_OPTIONS{"access_log$d"} ne "" && $GLOBAL_OPTIONS{"access_log$d"} ne "0"); } print "

      \n"; } print " Count posts by users
      \n"; print "

    \n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; exit(0); } #---SEPARATOR---# #REQ:build_graphical_tree sub log_analysis_access { my ($username, $topiclist) = @_; @topics = split(/,/, $topiclist); undef @auth; foreach $filenumber (@topics) { $string = "//$filenumber/$filenumber.$ext"; &extract("$string"); if (&verify_owner($owner,$username)) { push (@auth, $filenumber); } } $flag = 0; if ($GLOBAL_OPTIONS{'access_log'}) { $g = $GLOBAL_OPTIONS{'access_log'}; $g =~ s/\\/\//g; if ($g !~ m|^([\w\-\.\+\/\:]+)$|) { $flag = 1; } elsif (!-r $g) { $flag = 1; } } else { $flag = 1; } if ($flag) { &error_message("Log Analysis Error", "Could not open server's primary access log file!"); } $ht_url = $html_url; $ht_url =~ m|http://([^/]+)(.*)|; $ht_url = "$2/messages"; $cg_url = $script_url; $cg_url =~ m|http://([^/]+)(.*)|; $cg_url = "$2/board-auth.$cgi_extension"; undef %ph; @d = ("P", "_1", "_2", "_3", "_4"); undef @files; foreach $d (reverse(@d)) { $key = "log$d"; next if !$FORM{$key}; $dp = $d; $dp = "" if $d eq "P"; $filename = $GLOBAL_OPTIONS{"access_log$dp"}; $filename =~ s/\\/\//g; if ($filename =~ m|^([\w\-\.\+\/\:]+)$|) { if (-r $filename) { push (@files, $filename); } } } foreach $file (@files) { open (LOG, "$file"); while () { $l1 = $_ if $l1 eq ""; if (m|GET $ht_url/(\d+)/(\d+)\.$ext|) { $t = $1; $p = $2; $ph{"$t/$p"} += 1; } elsif (m|GET $cg_url(\S+)file=/(\d+)/(\d+)\.$ext|) { $t = $2; $p = $3; $ph{"$t/$p"} += 1; } elsif (m|GET $ht_url/$board_topics_file|) { $ph{"main"} += 1; } } close (LOG); } &header; print "Log Analysis Results - Access Log\n"; print '$fs\n"; print "

    Log Analysis Results - Access Log
    \n"; print "
    "; print "Log Analysis: "; print "Log Analysis Results - Access Log"; print "

    \n"; if (scalar(@files) == 0) { print "You did not select any log files to analyze!\n"; print "\n"; exit(0); } if (scalar(keys(%ph)) == 0) { print "No Pages Found\n"; print "

    This access log is probably not in NCSA format!

    \n"; print "\n"; exit(0); } if ($l1 =~ m|\[(\S+)|) { print "The first entry in the access log was made at $1. This is important to\n"; print "note, because servers occasionally rotate their logs. All results listed below are\n"; print "those results occurring after the time shown here.

    \n"; } &build_graphical_tree($username, join(",", @auth), "*", "", "", 0, 0, "", 0, 1); print "\n"; exit(0); } #---SEPARATOR---# sub log_analysis_by_user { my ($username, $topiclist) = @_; @topics = split(/,/, $topiclist); undef @auth; foreach $filenumber (@topics) { $string = "//$filenumber/$filenumber.$ext"; &extract("$string"); if (&verify_owner($owner,$username)) { push (@auth, $filenumber); } } undef @final; foreach $line (@topics) { if (grep(/^$line$/, @auth)) { push (@final, $line); } } foreach $file (@final) { open (POSTLOG, "$admin_dir/msg_index/$file-log.txt"); while () { ($index, $user, $date, $where) = split(/;/); next if ($index =~ m|\D| || $where eq ""); ($t, $p) = split(/\//, $where); if ($user eq "public user" || $user eq "public user:MODERATOR" || $user eq "public::public" || $user eq "PUBLIC:PUBLIC") { $user = "PUBLIC"; $posts{'PUBLIC'} += 1; } elsif ($user =~ m|^([^:]+):|) { $user = "$1:MODERATOR"; $modpost += 1; } elsif ($user eq "unknown") { $posts{'UNKNOWN'} += 1; $user = ""; } elsif ($user !~ m|:|) { $user = "$user:REGISTERED"; $userpost += 1; } elsif ($user =~ m|:MODERATOR|) { $modpost += 1; } elsif ($user =~ m|^([^:]+):(\w+)|) { $userpost += 1; $user = "$1:REGISTERED"; } if ($user =~ m|:|) { $x_usr = $`; $x_oth = $'; $x_usr =~ s/(\W)/"&#".ord($1).";"/ge; $user = "$x_usr:$x_oth"; $posts{$user} += 1; $time{$user} = $date if $date > $time{$user}; } } close (POSTLOG); } &header; print "Log Analysis Results - Posting Log\n"; print '$fs\n"; print "

    Log Analysis Results - Posting Log
    \n"; print "
    "; print "Log Analysis: "; print "Log Analysis Results - Posting Log"; print "

    \n"; print "Following is a summary of records of all messages posted to the selected topics:

    \n"; print "

      \n"; print "\n"; print "\n"; print "\n"; print "\n" if $posts{'UNKNOWN'}; print "
      $fsType$fsPosts
      $fs", "Moderator Posts   $fs$modpost
      $fs", "User Posts$fs$userpost
      $fs", "Public Posts$fs$posts{'PUBLIC'}
      $fs", "Unknown Posts*$fs$posts{'UNKNOWN'}
      $fs", "Total Posts$fs"; print ($posts{'PUBLIC'} + $userpost + $modpost); print "
      "; if ($posts{'UNKNOWN'}) { print "

      * "Unknown" posts result if the posting logs were corrupted\n"; print "and needed to be rebuilt through this program's data recovery tools. These posts may have been\n"; print "made by users, moderators, or the public.

      \n"; } print "

    \n"; print "

    Following is a list of moderators and users who have posted to the selected topics:

    \n"; print "

      \n"; foreach $k (sort keys(%posts)) { next if $k eq "PUBLIC"; if ($k =~ m|([^:]+):(\w+)|) { print "" if ($2 ne "MODERATOR" && $2 eq "REGISTERED"); print "User (\u$2)" if ($2 ne "MODERATOR" && $2 ne "REGISTERED"); print "Moderator" if $2 eq "MODERATOR"; print " "; print "\n"; } } print "
      $fsUsername$fsStatus$fsPosts$fsMost Recent
      $fs\u$1$fs"; print "User$fs$posts{$k}"; print "$fs", &get_date_time("long", $time{$k}), "" if $time{$k} > 0; print " " if $time{$k} <= 0; print "
    \n"; print "\n"; exit(0); } #---SEPARATOR---# sub check_notification_hold { my ($poster_binary) = @_; $x = substr($poster_binary, 1, 1); return 0 if $x == 0; return 1 if $FORM{'username'} eq $superuser; return 1 if $GLOBAL_OPTIONS{'moderator_turn_off_email'}; return 0; } #---SEPARATOR---# #REQ:remove_page #REQ:change_layout #REQ:remove_message #REQ:get_number #REQ:move_message_form #REQ:move_subtopic_form sub quickbutton { $FORM{'username'} = $COOKIE{"admuser$COOKIE_ID"} if $FORM{'username'} eq ""; $FORM{'username'} = $COOKIE{"user$COOKIE_ID"} if $FORM{'username'} eq ""; $FORM{'username'} =~ tr/A-Z/a-z/; $code = &check_passwd(0, 0, 592); if ($FORM{'username'} ne "" && $FORM{'password'} ne "" && $code == -1) { &lock("quickbutton", "$admin_dir/adminlog.txt"); $ts = time; $host = $ENV{'REMOTE_HOST'}; $addr = $ENV{'REMOTE_ADDR'}; open (LOG, ">>$admin_dir/adminlog.txt"); print LOG "$username;$host;$addr;$ts;WRONG\n"; close (LOG); $rh = $host; $rh = $addr if $rh eq ""; &unlock("quickbutton", "$admin_dir/adminlog.txt"); } elsif ($code != -1) { $host = $ENV{'REMOTE_HOST'}; $addr = $ENV{'REMOTE_ADDR'}; $host = "$host ($addr)" if $host ne ""; $host = "unknown host name ($addr)" if $host eq ""; &lock("quickbutton", "$admin_dir/adminlog.txt"); open (ADMINLOG, "$admin_dir/adminlog.txt"); @a = ; close (ADMINLOG); $USER_mod = $FORM{'username'}; foreach $line (@a) { if ($line =~ m|^$USER_mod;([^;]*);([^;]*);(\d*);(.*)|) { ($rh, $ra, $dt, $ok) = ($1, $2, $3, $4); if ($ok !~ m|ok|) { next; } else { $line = ""; } } } @a = grep(/\S/, @a); $ts = time; push (@a, "$USER_mod;$host;$addr;$ts;ok\n"); open (ADMINLOG, ">$admin_dir/adminlog.txt"); print ADMINLOG @a; close (ADMINLOG); &unlock("quickbutton", "$admin_dir/adminlog.txt"); } if (!&verify_owner($owner,$FORM{'username'})) { $code = -1; } if ($code == -1) { &header; $urlpush = "$message_url/$topic_number/$me_number.$ext" if -e "$message_dir/$topic_number"; $urlpush = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if !-e "$message_dir/$topic_number"; print <$title Administration $fs
    $title Administration
    Enter your username and password to access the administration program. All attempts to access administration are logged! If you are not a moderator, click the "Cancel" button below.

    $fs Username:
    $fs Password:

    End_Login_Form exit(0); } elsif ($FORM{'confirm'} == 0) { $code = crypt($code, "cookie"); $COOKIE_STRING = ""; $COOKIE_STRING .= "Set-Cookie: admuser$COOKIE_ID=$FORM{'username'}; path=/\n" if ($FORM{'username'} ne "" && $COOKIE{"admuser$COOKIE_ID"} ne $FORM{'username'}); $COOKIE_STRING .= "Set-Cookie: pass$COOKIE_ID=$code; path=/\n" if $FORM{'password'} ne ""; &header if $FORM{'do'} ne "editpost"; $urlpush = "$message_url/$topic_number/$me_number.$ext" if -e "$message_dir/$topic_number"; $urlpush = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if !-e "$message_dir/$topic_number"; $okbutton = ""; $cancelbutton = ""; $action = "The requested action was not recognized. Please click "Cancel" to continue."; $action = "Do you want to remove the page entitled $me_name, along with all of its subtopics and messages?" if $FORM{'do'} eq "delpage"; $action = "Do you want to turn off all new posting to the page entitled $me_name?" if $FORM{'do'} eq "close"; $action = "Do you want to delete the selected post from this page?" if $FORM{'do'} eq "delpost"; $action = "Do you want to ban users from the IP ranges according to your settings in the dialog box above?" if $FORM{'do'} eq "ban"; $extrastuff = ""; if ($FORM{'do'} eq "select") { print <$title Administration $fs
    $title Administration

    Please select the administrative option you wish to perform:

    Actions for this page

      Go to the Page Manager
      Close this conversation
      Delete this conversation
      Move this conversation

    End_Login_Form if ($FORM{'postindex'} != 0) { print "Actions for this message

      \n"; print " Delete this post
      \n"; print " Edit this post
      \n"; print " IP banning
      \n"; print " IP information
      \n"; print " Move this post
      \n"; print "
    \n"; } print "\n$cancelbutton\n"; print "
    \n"; exit(0); } if ($FORM{'do'} eq "admhere") { print "Administer From Here\n"; print "\n"; print "$fs
    Go to Page Manager

    \n"; print "In order to access administration in the proper frameset, please click the following link"; print " (this will open in a new window and take you to the Page Manager).

    \n"; print "

    \n"; print "When you are done with administration, close that window. Then click the following link"; print " to return to the conversation you were reading.

    \n"; print "

    \n"; print "\n"; exit(0); } if ($FORM{'do'} eq "editpost") { &seturl("$script_url/board-profile.$cgi_extension?action=editpost&postid=$FORM{'postindex'}&page=$topic_number/$me_number"); } if ($FORM{'do'} eq "IP") { $cancelbutton = ""; $okbutton = ""; $poster_ip = "The IP address of the person posting this message was not recorded in the log file."; open (LOG, "$admin_dir/msg_index/$topic_number-log.txt"); while () { @c = split(/;/); if ($c[0] == $FORM{'postindex'}) { close (LOG); $action = "Poster ID: $c[1]
    \n"; $action .= "IP Address: $c[4]
    \n"; $action .= "IP Host: $c[5]
    \n" if $c[5] ne ""; $closeflag = 1; last; } } close (LOG) if $closeflag == 0; } if ($FORM{'do'} eq "ban") { open (LOG, "$admin_dir/msg_index/$topic_number-log.txt"); while () { @c = split(/;/); if ($c[0] == $FORM{'postindex'}) { close (LOG); $closeflag = 1; last; } } close (LOG) if $closeflag == 0; if ($closeflag == 0) { $FORM{'do'} = "IP"; $cancelbutton = ""; $okbutton = ""; $poster_ip = "The IP address of the person posting this message was not recorded in the log file."; } else { $extrastuff = '

    '; $extrastuff .= "$fsBan IP Addresses...

    \n"; $extrastuff .= ""; if ($c[5] ne "") { $extrastuff .= "\n"; } if ($c[4] ne "") { $extrastuff .= "\n"; } $extrastuff .= "
    "; $extrastuff .= "$fs"; $extrastuff .= "Ban IP host:"; $extrastuff .= "
    $fs"; $extrastuff .= "Ban IP address:"; $extrastuff .= "

    \n"; $extrastuff .= " Ban from entire board"; $extrastuff .= "*" if $FORM{'username'} ne $superuser; $extrastuff .= "
    "; $extrastuff .= " Ban from public posting to this topic"; $extrastuff .= "

    \n"; if ($FORM{'username'} ne $superuser) { $extrastuff .= "* You must be the superuser to ban this individual from\n"; $extrastuff .= "the entire board. If you wish to do this, type the superuser's password below.\n"; $extrastuff .= "Otherwise, select the option to ban from public posting to this topic; if you select\n"; $extrastuff .= "this option, you don't have to type the superuser's password.

    \n"; $extrastuff .= "Superuser's Password: \n"; } else { $extrastuff .= "\n"; } $extrastuff .= "

    \n"; } } if ($FORM{'do'} eq "movemsg") { $tomove = $FORM{'postindex'}; $tomove =~ s/\D//g; &move_message_form($topic_number, $tomove, "", "", $FORM{"HTTP_REFERER"}, $FORM{"username"}, "", 5); } if ($FORM{'do'} eq "movepage") { $tomove = $FORM{'postindex'}; $tomove =~ s/\D//g; if ($topic_number == $me_number) { &success("Sorry, but you can't move a top-level topics page."); } &move_subtopic_form($topic_number, $parent_number, $FORM{'username'}, "", 592, "//$topic_number/$parent_number.$ext", "", $me_number); } print <$title Administration $fs

    $title Administration
    $extrastuff

    $fs$action

    $okbutton    $cancelbutton
    End_Login_Form exit(0); } else { $topic_number_HOLD = $topic_number; $me_number_HOLD = $me_number; if ($FORM{'do'} eq "delpage") { &error_message("Delete Page Error", "The main topic page can be deleted only by the board administrator using the Board Manager.", 0, 1) if $topic_number == $me_number; &remove_page($topic_number, $parent_number, $me_number); $me_number_HOLD = $parent_number; } elsif ($FORM{'do'} eq "close") { $param =~ s/Add//g; $param =~ s/Create//g; &change_layout($topic_number, $me_number, $param); } elsif ($FORM{'do'} eq "delpost") { $FORM{'postindex'} =~ s/\D//g; &remove_message($topic_number, $me_number, $FORM{'postindex'}); } elsif ($FORM{'do'} eq "ban") { if ($FORM{'username'} ne $superuser && $FORM{'banwhere'} == 1) { $uhold = $FORM{'username'}; $FORM{'username'} = $superuser; $phold = $FORM{'password'}; $FORM{'password'} = $FORM{'supass'}; $code = &check_passwd(1, 0, 592); if ($code == -1) { &success("Only the superuser can ban someone from the entire board. You may have entered the superuser's password incorrectly. If you are not the superuser, choose the option to ban this individual from public posting to this topic. Click OK to return to the board; otherwise, use the browser's back button to get back to the previous screen."); } } if ($FORM{'banwhere'} != 1 && $FORM{'banwhere'} != 2) { &success("You didn't select an action (ban from entire board or ban from posting here). No IP banning took place."); } if ($FORM{'banwhere'} == 1) { $change = 0; $flag = 0; if ($FORM{'banh'} && $FORM{"banhimhost"} =~ m|[\*\w\-\.]|) { $FORM{'banhimhost'} =~ s/[^\*\w\-\.]//g; foreach $num (keys(%GLOBAL_OPTIONS)) { if ($num =~ m|^ip_banned_(\d+)|) { $x = $GLOBAL_OPTIONS{$num}; if ($x eq $FORM{'banhimhost'}) { $flag = 1; last; } } } if ($flag == 0) { $num = &get_number; if ($GLOBAL_OPTIONS{'ip_banned_list'}) { $GLOBAL_OPTIONS{'ip_banned_list'} .= ",$num"; } else { $GLOBAL_OPTIONS{"ip_banned_list"} = $num; } $GLOBAL_OPTIONS{"ip_banned_$num"} = $FORM{"banhimhost"}; $change = 1; } } if ($FORM{'bana'} && $FORM{"banhimaddr"} =~ m|[\*\w\-\.]|) { $FORM{'banhimaddr'} =~ s/[^\*\w\-\.]//g; foreach $num (keys(%GLOBAL_OPTIONS)) { if ($num =~ m|^ip_banned_(\d+)|) { $x = $GLOBAL_OPTIONS{$num}; if ($x eq $FORM{'banhimaddr'}) { $flag += 2; last; } } } if ($flag < 2) { $num = &get_number; if ($GLOBAL_OPTIONS{'ip_banned_list'}) { $GLOBAL_OPTIONS{'ip_banned_list'} .= ",$num"; } else { $GLOBAL_OPTIONS{"ip_banned_list"} = $num; } $GLOBAL_OPTIONS{"ip_banned_$num"} = $FORM{"banhimaddr"}; $change = 1; } } if ($change == 1) { &lock("quickbutton", "$admin_dir/options.txt"); open (OPTIONS, ">$admin_dir/options.txt") || &success("Save Options Error", "Could not write to file $admin_dir/options.txt"); foreach $key (sort(keys(%GLOBAL_OPTIONS))) { print OPTIONS "$key=$GLOBAL_OPTIONS{$key}\n" if $GLOBAL_OPTIONS{$key} ne ""; } close (OPTIONS); &unlock("quickbutton", "$admin_dir/options.txt"); &success("IP Banning Succeeded."); } else { $msg = "NOTE: The " if $flag; $msg .= "IP host " if $flag % 2 == 1; $msg .= "and " if $flag == 3; $msg .= "IP address " if $flag >= 2; $msg .= "you selected "; $msg .= "was " if ($flag == 1 || $flag == 2); $msg .= "were " if $flag == 3; $msg .= "already banned prior to you submitting this form."; &success("IP Banning Failed: Either you didn't select any addresses to ban, or your banned addresses were not valid. Click OK to return to the page; otherwise, click your browser's back button to go back to the previous form to fix your entries. $msg"); } } &lock("quickbutton", "$admin_dir/posting.txt"); open (POSTING, "$admin_dir/posting.txt"); @posting = ; close (POSTING); ($pline) = grep(/^$topic_number:/, @posting); @posting = grep(!/^$topic_number:/, @posting); chomp $pline; ($topic, $public, $hold1, $hold2, $hold3) = split(/:/, $pline); @public = split(/,/, $public); undef %naughty; foreach $line (@public) { if ($line =~ m|^\!(.*)|) { $o = $1; $o =~ tr/A-Z/a-z/; $naughty{$o} = 1; } } if ($FORM{'banh'} && $FORM{"banhimhost"} =~ m|[\*\w\-\.]|) { $FORM{'banhimhost'} =~ s/[^\*\w\-\.]//g; $FORM{'banhimhost'} =~ tr/A-Z/a-z/; $bhh = $FORM{'banhimhost'}; if (!$naughty{$bhh}) { $bhh =~ s/\*/~/g; push (@public, "!$bhh"); } } if ($FORM{'bana'} && $FORM{"banhimaddr"} =~ m|[\*\w\-\.]|) { $FORM{'banhimaddr'} =~ s/[^\*\w\-\.]//g; $FORM{'banhimaddr'} =~ tr/A-Z/a-z/; $bhh = $FORM{'banhimaddr'}; if (!$naughty{$bhh}) { $bhh =~ s/\*/~/g; push (@public, "!$bhh"); } } $public = join(",", @public); $pline = join(":", $topic, $public, $hold1, $hold2, $hold3); $pline .= "\n"; push (@posting, $pline); open (POSTING, ">$admin_dir/posting.txt"); print POSTING @posting; close (POSTING); &unlock("quickbutton", "$admin_dir/posting.txt"); &success("Your IP settings for this topic were successfully written. The IP ranges you selected on the previous page will no longer be permitted to post messages publicly in this topic."); } else { &error_message("Administration Action Error", "The action [$FORM{'do'}] is not valid!", 0, 1); } $topic_number = $topic_number_HOLD; $me_number = $me_number_HOLD; &seturl("$message_url/$topic_number/$me_number.$ext") if -e "$message_dir/$topic_number"; &seturl("$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext") if !-e "$message_dir/$topic_number"; } } sub success { my ($message) = @_; &header; $url = "$message_url/$topic_number/$me_number.$ext" if -e "$message_dir/$topic_number"; $url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if !-e "$message_dir/$topic_number"; print <$title Administration $fs
    $title Administration

    $fs$message

    End_Login_Form exit(0); } # END - FILE IS CORRECTLY UPLOADED #