TeZt
braddick
Posts: 24,006 ✭✭✭✭✭
#!/usr/bin/perl
use POSIX qw(nice);
if(defined( POSIX::nice(10) )) {
# now we're nice
}
require "./cgi-lib.pl";
require "./html.pl";
require "./db.txt";
&ReadParse(%in,%cgi_cfn);
print "Content-type: text/html
";
&get_values;
&check_login;
$space_usage=0;
&get_space;
&update_config;
$space_usage/=1028;
$space_usage=int($space_usage+.5);
$space_available=$group_config{'space_limit'}-$space_usage;
$space_available=int($space_available+.5);
&actions;
$space_usage=0;
&get_space;
&update_config;
$space_usage/=1028;
$space_usage=int($space_usage+.5);
$space_available=$group_config{'space_limit'}-$space_usage;
$space_available=int($space_available+.5);
&print_html;
################################
# MANAGER HTML
sub manager_html {
my $output;
if ($current_dir eq $root_dir) {
$current_dir = $url_dir ;
}
$extra_html="";
#if ($group_config{'forum'} eq "yes" && $group_config{'guestbook'} eq "yes") {
# $extra_html = "
Your Forums & Guestbook are active and operational.
"
#}
###if ($user_config{group} eq "default") {
### $extra_html = "
Tired of SPAM? Worried about E-Mail worms & viruses?
<A href=https://secure.boomspeed.com/secure/boomspeed/order.htm>Upgrade your account</a> for an avg of only $6/month and get a full 100Megs of webspace
and FREE <A href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> with Spam Filtering & Virus Protection.
Your <A href=mailto:" . $in{'loginName'} . "@boomspeed.com>" . $in{'loginName'} . "@boomspeed.com</a> email address is already reserved for you!
<font size=-2>(Boomspeed Webmail is available ONLY to Premium Account Holders.)</font>"
###}
###if ($user_config{group} eq "100Meg") {
### $extra_html = "
Try our new <A target="_top" href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> service. It's INCLUDED with your 100Meg account!
Your <A HREF=mailto:" . $in{'loginName'} . "@boomspeed.com>" . $in{'loginName'} . "@boomspeed.com</a> email address is already active!
"
$extra_html = "
Try our new <A target="_top" href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> service. It's INCLUDED with your account!
Your <A HREF=mailto:" . $in{'loginName'} . "@boomspeed.com>" . $in{'loginName'} . "@boomspeed.com</a> email address is already active!
";
$extra_html2 = "<!-- comment -->";
if ($user_config{group} eq "default") {
$extra_html2 = "<script type='text/javascript' src='http://pagead2.googlesyndication.com/pagead/show_ads.js'> </script>";
}
###}
$output = qq~
<html>
<head><title>Boomspeed.Com</title></head>
<body bgcolor="#FFFFFF">
<center>
<p><big><big><strong><font face="Arial"><a href="http://www.boomspeed.com/host/"><img src="http://www.boomspeed.com/host/boombanner.jpg" border=0></a></font></strong></big></big></p>
$header
<p><small><font face="Arial">Welcome, $user_config{'real_name'}, Your website url is <a
href="$config{'root_url'}$url_dir/" target=_new>$config{'root_url'}$url_dir/</a>
$extra_html
</font></small>
<table><TR><TD valign="top">
<script type="text/javascript"><!--
google_ad_client = "pub-6254931735458207";
google_ad_width = 120;
google_ad_height = 600;
google_ad_format = "120x600_as";
google_ad_type = "text_image";
google_ad_channel ="";
google_color_border = "B4D0DC";
google_color_bg = "ECF8FF";
google_color_link = "0000CC";
google_color_url = "008000";
google_color_text = "6F6F6F";
//--></script>
$extra_html2
</TD>
<TD><img src=/host/clear.gif width=25></TD><TD>
<form method="POST" name="files">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">My Files</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF">
~;
($actual_dir = substr($current_dir, 0, 1)."/".substr($current_dir, 0, 2)."/".$current_dir) if ($config{'hashdirectories'} eq "yes");
opendir(DIR,"$config{'root_dir'}/$actual_dir");
@dir=readdir(DIR);
@dir = sort {uc($a) cmp uc($b)} @dir;
closedir(DIR);
foreach $line (@dir) {
if (-f "$config{'root_dir'}/$actual_dir/$line" && $line ne "." && $line ne "..") {
$files_found = "TRUE";
}
}
if ($files_found) {
$output .= qq~
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="60"><small><strong><font face="Arial">Type</font></strong></small></td>
<td width="200"><small><strong><font face="Arial">Name</font></strong></small></td>
<td width="100"><small><strong><font face="Arial">Size</font></strong></small></td>
<td nowrap><small><strong><font face="Arial">Date</font></strong></small></td>
</tr>
~;
@dir = sort {lc($a) cmp lc($b)} @dir;
foreach $line (@dir) {
if (-f "$config{'root_dir'}/$actual_dir/$line") {
@stat=stat("$config{'root_dir'}/$actual_dir/$line");
$file_name=$line;
($name,$ext)=split(/./,$file_name);
$ext=lc($ext);
# This is the section I changed things in Greg. Image extensions here
if ($ext eq "png" || $ext eq "gif" || $ext eq "jpg" || $ext eq "bmp" || $ext eq "art") { $file_type = "image";
# Bandwidth intensive $file_type = qq~<img src="$config{'root_url'}$current_dir/$file_name" height=100 width=100>~; }
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~; }
# Text Here
elsif ($ext eq "htm" || $ext eq "html" || $ext eq "shtm" || $ext eq "shtml" || $ext eq "txt" || lc($file_name) eq "readme") {
$file_type = "text";
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~; }
# To undo the Images Change above replace the $file_type= qq line with a copy of the one right above this line. - JFL
# Sounds here
elsif ($ext eq "mid" || $ext eq "wav" || $ext eq "ra" || $ext eq "ram") {
$file_type = "sound";
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~;}
# This is good old unknown. Can't have people being malicious
else { $file_type = "unknown";
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~; }
$file_size=$stat[7];
$file_date=localtime($stat[9]);
$output .= qq~
<tr>
<td width="60"><font face="Arial"><input type="radio" name="file" value="$file_name" onclick="document.files.file_input.value='$file_name'">$file_type</font></td>
<td width="200"><font face="Arial"><a href="$config{'root_url'}$current_dir/$file_name" target="_window">$file_name</a></font></td>
<td width="100"><font face="Arial">$file_size</font></td>
<td nowrap><font face="Arial">$file_date</font></td>
</tr>
~;
}
}
$output .= qq~
</table>
<p><input type="submit" name="edit_file" value="Edit"> <input type="submit" value="Delete"
name="delete_file"> <input type="submit" value="Rename" name="rename_file"> <input type="submit" value="Create" name="create_file"> <input type="text" name="file_input">
~;
} else {
$output .= qq~
<font face="Arial">There are currently no files in this directory</font><p>
<input type="submit" value="Create" name="create_file"> <input type="text" name="file_input">
~;
}
$output .= qq~
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
opendir(TEMPLATES,"$config{'data_dir'}/templates");
@templates=readdir(TEMPLATES);
closedir(TEMPLATES);
foreach $line (@templates) {
if (-f "$config{'data_dir'}/templates/$line") {
@line=split(/./,$line,2);
$good_line=$line[0];
$good_line =~ s/[_|-]/ /g;
$template_list .= qq~<option value="$line">$good_line</option>
~;
}
}
if ($template_list) {
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center>
<table border="0" cellpadding="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td><font face="Arial"><strong>HTML Editor</strong></font></td>
</tr>
<tr>
<td bgcolor="#F0F8FF" valign="middle">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><div align="right"><p><font face="Arial">New filename</font></td>
<td> <input type="text" name="filename" size="20" value="filename.html"></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><div align="right"><p><font face="Arial">Title</font></td>
<td> <input type="text" name="title" size="20" value="$user_config{'name'}'s Homepage"></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><div align="right"><p><font face="Arial">Template</font></td>
<td> <select name="template">
$template_list
</select>
</td>
</tr>
</table>
<p><input type="submit" value="Edit HTML" name="html_editor"></p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
$output .= qq~
<form method="POST" enctype="multipart/form-data">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Upload</font></strong> (1 file or up to 10 files at a time!)</td>
</tr>
<tr>
<td bgcolor="#F0F8FF">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td>
~;
if ($space_available !~ /-/) {
$uploads_count=0;
while ($uploads_count < $config{'upload_fields'}) {
$uploads_count++;
$output .= qq~
<input type="file" name="file$uploads_count" size="35">
~;
}
$output .= qq~ <p><input type="submit" size="40" value="Upload" name="upload_cmd">~;
} else {
$output .= qq~
<font face="Arial">You are currently at or over your alotted disk space limit. If you <a target=_top href=https://secure.boomspeed.com/secure/boomspeed/order.htm>Upgrade your account</a> now, for an avg of only $6/month, you will get a full 100Megs of webspace and FREE <A href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> with Spam Filtering & Virus Protection.
~;
}
$output .= qq~
</td>
<td width="50%"><p align="center"><font face="Arial">Usage: <strong>$space_usage KB</strong>
Available: <strong>$space_available KB</strong>
Total: <strong>$group_config{'space_limit'} KB</strong></font></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center>
<table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600">
<tr>
~;
if ($group_config{'create_directories'}) {
$output .= qq~
<td><table border="0" cellpadding="0" cellspacing="0">
<tr>
<td><strong><font face="Arial">Directories</font></strong></td>
</tr>
<tr><td>Currently: /$current_dir </td></tr>
<tr>
<td bgcolor="#F0F8FF" nowrap>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
~;
$actual_dir=$current_dir;
($actual_dir = substr($current_dir, 0, 1)."/".substr($current_dir, 0, 2)."/".$current_dir) if ($config{'hashdirectories'} eq "yes");
if ($current_dir ne $user_dir) {
$output .= qq~
<tr>
<td width="60"><input type="radio" name="dir" value=".."><img src="$config{'root_url'}images/folder.gif"></td>
<td width="200"><font face="Arial">Back..</font></td>
</tr>
~;
}
opendir(DIR,"$config{'root_dir'}/$actual_dir");
@dir=readdir(DIR);
closedir(DIR);
foreach $line (@dir) {
if (-d "$config{'root_dir'}/$actual_dir/$line" && $line ne "." && $line ne "..") {
$output .= qq~
<tr>
<td width="60"><input type="radio" name="dir" value="$line"><img src="$config{'root_url'}images/folder.gif"></td>
<td width="200"><font face="Arial"><a href="$config{'root_url'}$current_dir/$line/" target="_window">$line</a></font></td>
</tr>
~;
}
}
$output .= qq~
</table><center><input type="submit" value="Change" name="change_dir"> <input type="submit" value="Remove" name="remove_dir">
<input type="submit" value="Add" name="add_dir"> <input type="text" name="add_dir_name" size="20" style="background-color: rgb(255,255,255)"></center></td>
</tr>
</table>
</td>
~;
}
$output .= qq~
<td valign="top" width="90%"><div align="right"><p><font face="Arial"><big><big><strong>Did
you know?</strong></big></big>
<small>$did_you_know</small></font></td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
if (($in{'edit_file'} && $in{'file'} && $in{'file'} !~ /\|//) || ($in{'create_file'} && $in{'file_input'} && $in{'file_input'} !~ /\|//)) {
if ($in{'file_input'} && $in{'file_input'} !~ /^[a-zA-Z0-9.-_]*$/) { print &manager_error_html("Invalid file name"); exit; }
if ($in{'file'} && $in{'file'} !~ /^[a-zA-Z0-9.-_]*$/) { print &manager_error_html("Invalid file name"); exit; }
if ($in{'create_file'}) { $in{'file'} = $in{'file_input'}; }
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<input type="hidden" name="file" value="$in{'file'}">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Edit</font></strong></td>
</tr>
<tr>
<td bgcolor="#FFFFCC">
<center><textarea rows="11" name="file_text" cols="72">~;
if ($in{'create_file'}) { $output .= qq~<html>
<head>
<title>Title goes here</title>
</head>
<body>
Content goes here..
</body>
</html>~; }
else {
open (FILE,"$config{'root_dir'}/$actual_dir/$in{'file'}");
while (<FILE> { $file_content.=$_; }
$file_content =~ s/<!-- START HEADER -->(.*)<!-- END HEADER -->//s;
$file_content =~ s/<!-- START FOOTER -->(.*)<!-- END FOOTER -->//s;
$file_content =~ s/<img src="$config{'script_url'}/counter.cgi?([^"]*)">/!!counter!!/gi;
$file_content =~ s/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/!!forum!!/gi;
$file_content =~ s/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/!!guestbook!!/gi;
$file_content =~ s/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/!!links!!/gi;
$file_content =~ s/</textarea>/<?textarea>/ig;
$output .= $file_content;
close (FILE);
}
$output .= qq~</textarea></center>
<input type="submit" name="edit_file_finish" value="Finish"> <input type="submit" name="edit_file_save" value="Save and keep working">
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Preferences</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><strong><font face="Arial">Change your password..</font></strong>$password_error<table
border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Password</font></td>
<td><font face="Arial"><input type="password" name="password1" size="20"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Retype</font></td>
<td><font face="Arial"><input type="password" name="password2" size="20"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"></td>
<td><input type="submit" value="Change" name="change_password"></td>
</tr>
</table>
<p><strong><font face="Arial">Personal Information</font></strong></p>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Email</font></td>
<td><font face="Arial"><input type="text" name="email" size="20" value="$user_config{'email'}"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Real name</font></td>
<td><font face="Arial"><input type="text" name="real_name" size="20" value="$user_config{'real_name'}"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Site description</font></td>
<td><font face="Arial"><input type="text" name="site_description" size="20" value="$user_config{'site_description'}"></font></td>
</tr>
</table>
~;
foreach $line (@questions) {
@line=split(/|/,$line);
$line_name = $line[0];
$line[0] = lc($line[0]);
$line[0] =~ s/ /_/g;
$output .= qq~
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">$line_name</font></td>
<td><font face="Arial"><input type="text" name="$line[0]" size="20" value="$user_config{$line[0]}"></font></td>
</tr>
</table>
~;
}
$output .= qq~
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"></td>
<td><input type="submit" value="Change" name="change_personal_info"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
if ($group_config{'forum'} eq "yes") {
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Forum</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><div align="center"><center><p><small><font face="Arial">Your forum
is located at <a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">$config{'script_url'}/forum.cgi?u=$user_config{'name'}</a></font></small></p>
</center></div><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td nowrap><font face="Arial">Add a forum
<input type="text" name="add_forum_name" size="20"></font> <input type="submit" value="Add" name="add_forum">
<p><font face="Arial">Remove a forum</font>
<select name="remove_forum_name" size="1">
~;
# open (FORUMS,"$config{'data_dir'}/users_new/$user_config{'name'}/forums.txt");
open (FORUMS,"$config{'data_dir'}/users_new/$actual_dir/forums.txt");
@forums=<FORUMS>;
close (FORUMS);
@forums = sort {uc($a) cmp uc($b)} @forums;
foreach $line (@forums) {
chop $line if ($line =~ /
/);
$output .= qq~<option value="$line">$line</option>
~;
}
$output .= qq~
</select><input type="submit" value="Remove" name="remove_forum"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
if ($group_config{'guestbook'} eq "yes") {
$output .= qq~
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Guestbook</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><div align="center"><center><p><small><font face="Arial">Your
guestbook is located at <a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}" target="_newwindow">$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}</a></font></small></p>
</center></div>
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<font face="Arial">Remove a Guest</font>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="100"><font face="Arial">Date</font></td>
<td><select name="date">
~;
# open (GUESTBOOK,"$config{'data_dir'}/users_new/$user_config{'name'}/guestbook.txt");
open (GUESTBOOK,"$config{'data_dir'}/users_new/$actual_dir/guestbook.txt");
while (<GUESTBOOK> {
@line=split(/|/,$_);
$poster=($line[0]);
# if ($line[2] < 967041835 ) {$line[2]=967041835}
$full_date=localtime($line[2]);
$output .= qq~<option value="$line[2]">$poster - $full_date
~; }
close (GUESTBOOK);
$output .= qq~
</select></td>
</tr>
</table>
<input type="submit" name="remove_guest" value="Remove">
</form>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
~;
}
if ($group_config{'links'} eq "yes") {
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Links</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><div align="center"><center><p><small><font face="Arial">Your links script is located at <a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">$config{'script_url'}/links.cgi?u=$user_config{'name'}</a></font></small></p>
</center></div><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td nowrap><font face="Arial">Add a category
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Name</font></td>
<td><input type="text" name="add_link_category_name" size="20"></td>
</tr>
<tr>
<td width="120"><font face="Arial">Description</font></td>
<td><input type="text" name="add_link_category_description" size="20"></td>
</tr>
</table>
</font> <input type="submit" value="Add" name="add_link_category"><p><font face="Arial">Remove a Category</font>
<select name="remove_link_category_name" size="1">
~;
open (CATEGORIES,"$config{'data_dir'}/users_new/$user_config{'name'}/link_categories.txt");
@categories=<CATEGORIES>;
close (CATEGORIES);
@categories = sort {uc($a) cmp uc($b)} @categories;
foreach $line (@categories) {
@line=split(/|/,$line);
$output .= qq~<option value="$line[0]">$line[0]</option>
~;
}
$output .= qq~
</select> <input type="submit" value="Remove" name="remove_link_category">
<p><font face="Arial">Remove a Link</font>
<select name="link_url" size="1">
~;
open (LINKS,"$config{'data_dir'}/users_new/$user_config{'name'}/link_links.txt");
@links=<LINKS>;
close (LINKS);
@links = sort {uc($a) cmp uc($b)} @links;
foreach $line (@links) {
@line=split(/|/,$line);
$output .= qq~<option value="$line[1]">$line[1]</option>
~;
}
$output .= qq~
</select> <input type="submit" value="Remove" name="remove_link"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
$output .= qq~
$footer
<hr width="500" noshade size="1" color="#000000">
<!-- <center><IMG src="http://rocketrylist.com/index.php?img=54&img_set=RocketryList" width=1 height=1 border=0></CENTER> -->
<!-- <center><IMG src="http://rocketrylist.com/index.php?vote=54&c=" width=1 height=1 border=0></CENTER> -->
<!-- <center><a href="http://www3.clustrmaps.com/counter/maps.php?url=http://manager.boomspeed.com/host/cgi-bin/manager.cgi" id="clustrMapsLink"><img border=0 width=100 src="http://www3.clustrmaps.com/counter/index2.php?url=http://manager.boomspeed.com/host/cgi-bin/manager.cgi" /> -->
</a></center>
</TD></TR></TABLE>
</body>
</html>
~;
&hash_fix_from(@output);
return $output;
}
####################
# get values
sub get_values {
$current_date=time;
# script config...
if (open(CONFIG_TXT,"config.txt")) {
@config=<CONFIG_TXT>;
close (CONFIG);
foreach $line (@config) {
chop $line if ($line =~ /
/);
($name,$value)=split(/=/,$line,2);
$config{$name}=$value;
}
} else {
print &manager_error_html("could not load config");
exit;
}
# print login screen
unless ($in{'loginName'} && $in{'loginPass'}) {
$header = "<!-- START HEADER -->";
open (HEADERFILE,"$config{'data_dir'}/header.txt");
while (<HEADERFILE> { $header .= $_; }
close (HEADERFILE);
$header .= "<!-- END HEADER -->";
$footer = "<!-- START FOOTER -->";
open (FOOTERFILE,"$config{'data_dir'}/footer.txt");
while (<FOOTERFILE> { $footer .= $_; }
close (FOOTERFILE);
$footer .= "<!-- END FOOTER -->";
print &manager_login_html;
exit;
}
#============
$hash = "";
($hash = substr($in{'loginName'}, 0, 1)."/".substr($in{'loginName'}, 0, 2)."/") if($config{'hashdirectories'} eq "yes");
#============
# user config...
if (open(USER_CONFIG_TXT,"$config{data_dir}/users_new/$hash$in{'loginName'}/config.txt")) {
@user_config=<USER_CONFIG_TXT>;
close (USER_CONFIG_TXT);
foreach $line (@user_config) {
chop $line if ($line =~ /
/);
($name,$value)=split(/=/,$line,2);
$user_config{$name}=$value;
}
} else {
print &manager_error_html("user not found");
exit;
}
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$in{'loginName'}});
&dbConnect;
$sth = $dbh->query("SELECT user,pw,email,info,date,status,cgroup,name,comm,size FROM accounts WHERE user='$in{'loginName'}'") || &error("Could not open database");
@user_db_config = $sth->fetchrow();
shift(@user_db_config);
# Convert back from CGI Representation
&array_fix_from(@user_db_config);
$user_config{'name'}=$in{'loginName'};
$user_config{'password'}=$user_db_config[0];
$user_config{'email'}=$user_db_config[1];
$user_config{'site_description'}=$user_db_config[2];
$user_config{'last_action'}=$user_db_config[3];
$user_config{'status'}=$user_db_config[4];
$user_config{'group'}=$user_db_config[5];
$user_config{'real_name'}=$user_db_config[6];
$user_config{'community'}=$user_db_config[7];
# untie(%users);
&hash_fix_from($user_config);
if ($user_config{'community'}) {
$user_dir = "$user_config{'community'}/$hash$user_config{'name'}";
$url_dir = $user_config{'community'}/$user_config{'name'};
if ($in{'current_dir'}) { $current_dir = $in{'current_dir'}; }
else { $current_dir="$user_dir"; }
} else {
$user_dir="$hash$user_config{'name'}";
$url_dir = $user_config{'name'};
if ($in{'current_dir'}) { $current_dir = $in{'current_dir'}; }
else { $current_dir=$user_config{'name'}; }
}
# group config
if (open(GROUP_CONFIG_TXT,"$config{data_dir}/groups/$user_config{group}/config.txt")) {
@group_config=<GROUP_CONFIG_TXT>;
close (GROUP_CONFIG_TXT);
foreach $line (@group_config) {
chop $line if ($line =~ /
/);
($name,$value)=split(/=/,$line,2);
$group_config{$name}=$value;
}
} else {
print &manager_error_html("group not found");
exit;
}
open (QUESTIONS,"$config{'data_dir'}/questions.txt");
@questions=<QUESTIONS>;
close (QUESTIONS);
open (TIPS,"$config{'data_dir'}/tips.txt");
@tips=<TIPS>;
close (TIPS);
$total_tips=0;
foreach $line (@tips) { $total_tips++ if ($line ne "
"); }
$total_tips--;
$tip_number=int(rand($total_tips));
$total_tips=0;
foreach $line (@tips) {
if ($total_tips eq $tip_number) { $did_you_know=$line; }
$total_tips++;
}
$badfiletypes = $config{'bad_file_types'};
}
####################
# check login
sub check_login {
if ($user_config{'password'}) {
# WebHome 3.0 user
unless ($in{'loginPass'} eq $user_config{'password'}) {
print &manager_error_html("wrong password");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} entered the wrong password from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
exit;
}
} else {
# WebHome 2.0 user
unless (crypt($in{'loginPass'}, as) eq $user_config{'encrypt_password'}) {
print &manager_error_html("wrong password. webhome 2.0 user");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} entered the wrong password from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
exit;
}
}
if ($config{'use_validation'} eq "yes" && $user_config{'status'} eq "validation") {
if ($in{'valNumber'} eq $user_config{'val_number'}) {
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$user_config{'name'}});
# $users{$user_config{'name'}} = "$user_db_config[0]|$user_db_config[1]|$user_db_config[2]|$user_db_config[3]|enabled|$user_db_config[5]|$user_db_config[6]|$user_db_config[7]|";
&dbConnect;
$sth = $dbh->query("SELECT user,pw,email,info,date,status,cgroup,name,comm,size FROM accounts WHERE user='$in{'loginName'}'") || &error("Could not open database");
@user_db_config = $sth->fetchrow();
shift(@user_db_config);
# Convert back from CGI Representation
&array_fix_from(@user_db_config);
my $sqlquery = "UPDATE accounts SET status='enabled' WHERE user='$in{'loginName'}'";
$sth = $dbh->query($sqlquery);
$user_config{'name'}=$in{'loginName'};
$user_config{'password'}=$user_db_config[0];
$user_config{'email'}=$user_db_config[1];
$user_config{'site_description'}=$user_db_config[2];
$user_config{'last_action'}=$user_db_config[3];
$user_config{'status'}=$user_db_config[4];
$user_config{'group'}=$user_db_config[5];
$user_config{'real_name'}=$user_db_config[6];
$user_config{'community'}=$user_db_config[7];
# untie(%users);
#password|email|site_description|last_action|status|group|real_name|community|
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} validated their account from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
} else {
print &manager_error_html("wrong validation number");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} entered the wrong validation number from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
exit;
}
}
if ($user_config{'status'} eq "failedpmt" ) {
print &manager_error_html("When our system attempted to charge your credit card and/or PayPal account for your pre-approved billing amount, the payment was declined. Please visit our credit card update system to submit your updated billing information to Boomspeed so we may re-activate your account. Please click <a href=https://secure.boomspeed.com/secure/boomspeed/updatecc.htm>HERE</a> to go to the update page.");
exit;
}
if ($user_config{'status'} eq "trialend" ) {
print &manager_error_no_title_html("FREE TRIALS HAVE ENDED
Thank you for using Boomspeed.
Free trials from the years 2001-2006 ended on January 1st, 2007.
Due to rising costs we must apply a small reasonable fee to free accounts that we have offered and continued to host for free these last 6 years. All of your data is safe and can be restored very quickly by visiting this secure order form:
<a href=https://secure.boomspeed.com/secure/boomspeed/2008.htm>https://secure.boomspeed.com/secure/boomspeed/2008.htm</a>
Ordering the 'Boomspeed 2008' service will not only give you a special low rate until the summer, it will also reactivate your account, and it will start serving your files again right way.
We thank you for using Boomspeed and hope to have you stay for 2008!");
exit;
}
if ($user_config{'status'} eq "disabled" ) {
print &manager_error_html("Your account has been disabled.
Please visit our <A href=http://support.boomspeed.com/scripts/board_show.pl?bid=1>Latest News</a> page for possible details as to why.");
exit;
}
if ($user_config{'status'} eq "delete") {
print &manager_error_html("Your account has been disabled");
exit;
}
}
####################
# get space used
sub get_space {
my ($path)=@_;
opendir(DIR,"$config{'root_dir'}/$user_dir/$path");
my @dir=readdir(DIR);
closedir(DIR);
foreach $line (@dir) {
if (-f "$config{'root_dir'}/$user_dir/$path/$line") {
@stat=stat("$config{'root_dir'}/$user_dir/$path/$line");
$space_usage+=$stat[7];
}
}
foreach $line (@dir) {
if (-d "$config{'root_dir'}/$user_dir/$path/$line" && $line ne "." && $line ne "..") { &get_space("$path/$line"); }
}
}
####################
# update config
sub update_config {
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$user_config{'name'}});
&dbConnect;
$sth = $dbh->query("SELECT user,pw,email,info,date,status,cgroup,name,comm,size FROM accounts WHERE user='$in{'loginName'}'") || &error("Could not open database");
@user_db_config = $sth->fetchrow();
shift(@user_db_config);
# Convert to CGI Representation
&array_fix_to(@user_db_config);
my $sqlquery = "UPDATE accounts SET pw='$user_db_config[0]',email='$user_db_config[1]',info='$user_db_config[2]',date=$current_date,status='$user_db_config[4]',cgroup='$user_db_config[5]',name='$user_db_config[6]',comm='$user_db_config[7]',size=$space_usage WHERE user='$user_config{'name'}'";
$sth = $dbh->query($sqlquery) || &error("Could not update database");
# $users{$user_config{'name'}} = "$user_db_config[0]|$user_db_config[1]|$user_db_config[2]|$current_date|$user_db_config[4]|$user_db_config[5]|$user_db_config[6]|$user_db_config[7]|$space_usage";
# untie(%users);
}
sub current_date {
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
if ($mon < 10) { $mon = "0$mon"; }
if ($mday < 10) { $mday = "0$mday"; }
if ($year < 90) { $year = "20".$year; }
if ($year ne "90" && $year > "90") { $year = "19".$year; }
$month = ($mon + 1);
$date = "$month/$mday/$year";
chop($date) if ($date =~ /
$/);
return $date;
}
# If no errors.. print out the html
sub print_html {
# Show the template!
if ($in{'edit_html'}) {
if (!$in{'file'} || $in{'filename'} !~ /^[a-zA-Z0-9-_.]*$/) { print &manager_error_html("Invalid or missing filename"); exit; }
$count=0;
open (HTML,"$config{'root_dir'}/$current_dir/$in{'file'}");
while (<HTML> {
$count2=$count+1;
if ($_ =~ s/<!-- WH TEXT(([^)]*)) -->(.*)<!-- WH TEXT_END -->/<input type="text" name="$count" size="$1" value="$2">/i) { $count++; }
elsif ($_ =~ s/<!-- WH IMAGE -->/<input type="file" name="$count">
/i) { $count++; }
elsif ($_ =~ s/<!-- WH LINK --><a href="([^"]*)">(.*)</a>/URL: <input type="text" name="$count" value="$1">
TITLE: <input type="text" name="$count2" value="$2">/i) { $count+=2; }
elsif ($_ =~ /<!-- WH TEXTAREA(([^,]*),([^)]*)) --><font face="([^"]*)">(.*)</font><!-- WH TEXTAREA_END -->/i) {
$temp_font = $3;
$temp_text = $4;
$temp_text =~ s/<p>/
/gi;
$temp_text =~ s/
/
/gi;
@fonts=("Arial","Courier New","Helvetica","Times New Roman","Verdana");
foreach $font (@fonts) {
$fonts .= "<option";
$fonts .= " selected" if (lc($font) eq lc($temp_font));
$fonts .= ">$font";
}
$_ =~ s/<!-- WH TEXTAREA(([^,]*),([^)]*)) -->(.*)<!-- WH TEXTAREA_END -->/<select name="font_$count">$fonts</select>
<textarea name="$count" cols="$1" rows="$2">$temp_text</textarea>/i;
$count++;
} else { $_ =~ s/<!-- WH (.*) -->//i; $count++; }
$html.=$_;
}
close (HTML);
$html =~ s/<body([^>]*)>/<body$1><form method="POST" enctype="multipart/form-data">/i;
$html =~ s/</body>/<input type="hidden" name="loginName" value="$in{'loginName'}"><input type="hidden" name="loginPass" value="$in{'loginPass'}"><input type="hidden" name="current_dir" value="$current_dir"><input type="hidden" name="title" value="$in{'title'}"><input type="hidden" name="filename" value="$in{'file'}"><input type="submit" name="edit_template_html" value="Edit"></form></body>/i;
print $html;
exit;
} elsif ($in{'html_editor'}) {
if (!$in{'filename'} || $in{'filename'} !~ /^[a-zA-Z0-9-_.]*$/) {
print &manager_error_html("Invalid or missing filename");
exit;
}
if (!$in{'template'} || $in{'template'} !~ /^[a-zA-Z0-9-_.]*$/) {
print &manager_error_html("Invalid or missing template");
exit;
}
$count=0;
open (HTML,"$config{'data_dir'}/templates/$in{'template'}");
while (<HTML> {
$count2=$count+1;
$template.=$_;
if ($_ =~ s/<!-- WH TEXT(([^)]*)) -->(.*)<!-- WH TEXT_END -->/<input type="text" name="$count" size="$1" value="$2">/i) { $count++; }
elsif ($_ =~ s/<!-- WH IMAGE -->/<input type="file" name="$count">
/i) { $count++; }
elsif ($_ =~ s/<!-- WH LINK --><a href="([^"]*)">(.*)</a>/URL: <input type="text" name="$count" value="$1">
TITLE: <input type="text" name="$count2" value="$2">/i) { $count+=2; }
elsif ($_ =~ /<!-- WH TEXTAREA(([^,]*),([^)]*)) --><font face="([^"]*)">(.*)</font><!-- WH TEXTAREA_END -->/i) {
$temp_font = $3;
$temp_text = $4;
$temp_text =~ s/<p>/
/gi;
$temp_text =~ s/
/
/gi;
@fonts=("Arial","Courier New","Helvetica","Times New Roman","Verdana");
foreach $font (@fonts) {
$fonts .= "<option";
$fonts .= " selected" if (lc($font) eq lc($temp_font));
$fonts .= ">$font";
}
$_ =~ s/<!-- WH TEXTAREA(([^,]*),([^)]*)) -->(.*)<!-- WH TEXTAREA_END -->/<select name="font_$count">$fonts</select>
<textarea name="$count" cols="$1" rows="$2">$temp_text</textarea>/i;
$count++;
} else { $_ =~ s/<!-- WH (.*) -->//i; $count++; }
$html.=$_;
}
close (HTML);
$html =~ s/<body([^>]*)>/<body$1><form method="POST" enctype="multipart/form-data">/i;
$html =~ s/</body>/<input type="hidden" name="loginName" value="$in{'loginName'}"><input type="hidden" name="loginPass" value="$in{'loginPass'}"><input type="hidden" name="current_dir" value="$current_dir"><input type="hidden" name="title" value="$in{'title'}"><input type="hidden" name="filename" value="$in{'filename'}"><input type="submit" name="edit_template_html" value="Edit"></form></body>/i;
$html =~ s/!!title!!/$in{'title'}/gi;
$html =~ s/<title>(.*)</title>/<title>$in{'title'}</title>/i;
open (HTML,">$config{'root_dir'}/$current_dir/$in{'filename'}");
print HTML $template;
close (HTML);
print $html;
exit;
}
&hash_fix_from($in);
print &manager_html;
}
sub actions {
# Fix current_dir hack
if($config{'hashdirectories'} eq "yes") {
$actual_dir1 = "".substr($current_dir, 0, 1);
$actual_dir2 = "$actual_dir1/".substr($current_dir, 0, 2);
$actual_dir = "$actual_dir2/$current_dir";
}
if ($actual_dir ne $user_dir && $actual_dir !~ /$user_dir/(.*)/) {
print &manager_error_html("You may not leave your directory [$current_dir] != [$user_dir]");
exit;
}
if ($current_dir =~ /./) {
print &manager_error_html("Current dir can not contain . in it.");
exit;
}
# Convert WebHome 2.0 user to WebHome 3.0 user
if ($user_config{'encrypt_password'}) {
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$user_config{'name'}});
# $users{$user_config{'name'}} = "$in{'loginPass'}|$user_db_config[1]|$user_db_config[2]|$user_db_config[3]|enabled|$user_db_config[5]|$user_db_config[6]|$user_db_config[7]|$user_db_config[8]";
# untie(%users);
&dbConnect;
$sth = $dbh->query("UPDATE accounts SET pw='$in{'loginPass'}' WHERE user='$user_config{'name'}'");
open (USER_CONFIG,">$config{'data_dir'}/users_new/$hash$user_config{'name'}/config.txt") || print "Cant open user config";
foreach $line (@user_config) {
@line=split(/=/,$line);
print USER_CONFIG $line."
" if ($line[0] ne "encrypt_password");
}
close (USER_CONFIG);
}
$header = "<!-- START HEADER -->
";
$footer = "<!-- START FOOTER -->
";
if ($user_config{'community'}) {
if (open (HEADER,"$config{'data_dir'}/communities/$user_config{'community'}/header.txt")) {
while (<HEADER> { $header.=$_; }
close (HEADER);
} else { print &manager_error_html("Could not open header: $!"); exit }
if (open (FOOTER,"$config{'data_dir'}/communities/$user_config{'community'}/footer.txt")) {
while (<FOOTER> { $footer.=$_; }
close (FOOTER);
} else { print &manager_error_html("Could not open footer: $!"); exit }
} else {
open (HEADER,"$config{'data_dir'}/header.txt");
while (<HEADER> { $header.=$_; }
close (HEADER);
open (FOOTER,"$config{'data_dir'}/footer.txt");
while (<FOOTER> { $footer.=$_; }
close (FOOTER);
}
$header .= "
<!-- END HEADER -->";
$footer .= "
<!-- END FOOTER -->";
# Upload files
if ($in{'upload_cmd'} && ($space_available =~ /-/) ) {
while ($file_count < $config{'upload_fields'}) {
$file_count++;
if ($in{"file$file_count"}) {
# Get file name
if ($cgi_cfn{"file$file_count"} =~ /\/) {
# Windows Upload
@filepath=split(/\/, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} elsif ($cgi_cfn{"file$file_count"} =~ ///) {
# Unix Upload
@filepath=split(///, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} else {
# Mac Upload
$file_name{$file_count}=$cgi_cfn{"file$file_count"};
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} attempted to upload $file_name{$file_count} and is OVER DISK SPACE from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
}
}
if ($in{'upload_cmd'} && ($space_available !~ /-/) ) {
while ($file_count < $config{'upload_fields'}) {
$file_count++;
if ($in{"file$file_count"}) {
# Get file name
if ($cgi_cfn{"file$file_count"} =~ /\/) {
# Windows Upload
@filepath=split(/\/, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} elsif ($cgi_cfn{"file$file_count"} =~ ///) {
# Unix Upload
@filepath=split(///, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} else {
# Mac Upload
$file_name{$file_count}=$cgi_cfn{"file$file_count"};
}
# Check for bad file types
@badfiles=split(/,/,$badfiletypes);
foreach $type (@badfiles) {
$type =~ s/.//g;
@ext=split(/./,$file_name{$file_count});
foreach $line (@ext) { $ext=$line; }
$file_bad{$file_count} = "TRUE" if (lc($ext) eq lc($type));
}
unless ($file_bad{$file_count}) {
# Add header, footer, counter to html files
if ($file_name{$file_count} =~ /.htm/ || $file_name{$file_count} =~ /.shtm/) {
if ($group_config{'use_header'} eq "yes") { if ($in{"file$file_count"} =~ /<body([^>]*)>/i) { $in{"file$file_count"} =~ s/<body([^>]*)>/<body$1>$header/i; } else { $in{"file$file_count"} = $header.$in{"file$file_count"}; } }
if ($group_config{'use_footer'} eq "yes") { if ($in{"file$file_count"} =~ /</body>/i) { $in{"file$file_count"} =~ s/</body>/$footer</body>/i; } else { $in{"file$file_count"} .= $footer; } }
$in{"file$file_count"} =~ s/!!counter!!/<img src="$config{'script_url'}/counter.cgi?$current_dir/$file_name{$file_count}">/ig;
$in{"file$file_count"} =~ s/!!forum!!/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/gi;
$in{"file$file_count"} =~ s/!!guestbook!!/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/gi;
$in{"file$file_count"} =~ s/!!links!!/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/gi;
}
# Create file
if ($file_name{$file_count} =~ /^[a-zA-Z0-9.-_]*$/) {
open (FILE,">$config{'root_dir'}/$actual_dir/$file_name{$file_count}");
binmode (FILE);
print FILE $in{"file$file_count"};
close (FILE);
$size= -s "$config{'root_dir'}/$actual_dir/$file_name{$file_count}";
if ( $size > ($space_available*1024)) {
unlink("$config{'root_dir'}/$actual_dir/$file_name{$file_count}");
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} TRIED to upload $file_name{$file_count} size $size but file was TOO LARGE for quota from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
#system "/home/httpd/www.boomspeed.com/image.csh $file_name{$file_count} $config{'root_dir'}/$actual_dir $user_config{'group'} >/tmp/test8 2>&1";
}
if (($config{'use_log'} eq "yes") && ($size < ($space_available*1024))) {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} uploaded $file_name{$file_count} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
# Now adjust $space_available for the successful file to ensure other files are checked against actual real-time usage
if ($size < ($space_available*1024)) {
$space_available=((($space_available*1024)-$size)/1024);
}
}
}
}
}
# Rename a file
if ($in{'rename_file'} && $in{'file_input'} && $in{'file'}) {
if ($in{'file_input'} =~ /^[a-zA-Z0-9.-_]*$/) {
@badfiles=split(/,/,$badfiletypes);
foreach $type (@badfiles) {
$type =~ s/.//g;
@ext=split(/./,$in{'file_input'});
foreach $line (@ext) { $ext=$line; }
$newname_is_bad = "TRUE" if (lc($ext) eq lc($type));
}
rename("$config{'root_dir'}/$actual_dir/$in{'file'}","$config{'root_dir'}/$actual_dir/$in{'file_input'}") unless $newname_is_bad;
if ($in{'file_input'} =~ /.htm/i || $in{'file_input'} =~ /.shtm/i) {
$file="";
open (FILE,"$config{'root_dir'}/$actual_dir/$in{'file_input'}");
while (<FILE> { $file.=$_; }
close (FILE);
$file =~ s/<img src="$config{'script_url'}/counter.cgi?([^"]*)">/<img src="$config{'script_url'}/counter.cgi?$current_dir/$in{'file_input'}">/gi;
if ($in{'file'} !~ /.htm/i && $in{'file'} !~ /.shtm/i) {
if ($group_config{'use_header'} eq "yes") { $file =~ s/<body([^>]*)>/<body$1>$header/i; }
if ($group_config{'use_footer'} eq "yes") { $file .= "
".$footer; }
}
open (FILE,">$config{'root_dir'}/$actual_dir/$in{'file_input'}");
print FILE $file;
close (FILE);
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} renamed file $in{'file'} to $in{'file_input'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
}
# Delete a file
if ($in{'delete_file'} && $in{'file'}) {
unlink ("$config{'root_dir'}/$actual_dir/$in{'file'}");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} deleted file $in{'file'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Change the current directory
if ($in{'change_dir'} && $in{'dir'}) {
if ($in{'dir'} eq ".." && $current_dir ne $user_dir) {
$current_dir =~ /(.*)/(.*)/;
$current_dir=$1;
} else {
$current_dir = "$current_dir/$in{'dir'}";
}
}
# Add a directory
if ($in{'add_dir'} && $in{'add_dir_name'}) {
if ($in{'add_dir_name'} =~ /^[a-zA-Z0-9-_]*$/) {
mkdir("$config{'root_dir'}/$actual_dir/$in{'add_dir_name'}", 0755);
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} added directory $in{'add_dir_name'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Remove a directory
if ($in{'remove_dir'} && $in{'dir'} && $in{'dir'} ne "..") {
if ($in{'remove_dir_name'} =~ /^[a-zA-Z0-9-_]*$/) {
rmdir("$config{'root_dir'}/$actual_dir/$in{'dir'}");
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} removed directory $in{'dir'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Finish Editing a file
if ($in{'edit_file_finish'} && $in{'file'} && $in{'file_text'}) {
if ($in{'file'} =~ //|\/) { print &manager_error_html("Stop trying to hack WebHome"); exit; }
if ($in{'file'} =~ /.htm/ || $in{'file'} =~ /.shtm/) {
if ($group_config{'use_header'} eq "yes") { if ($in{'file_text'} =~ /<body([^>]*)>/i) { $in{'file_text'} =~ s/<body([^>]*)>/<body$1>$header/i; } else { $in{'file_text'} = $header.$in{'file_text'}; } }
if ($group_config{'use_footer'} eq "yes") { if ($in{'file_text'} =~ /</body>/i) { $in{'file_text'} =~ s/</body>/$footer</body>/i; } else { $in{'file_text'} .= $footer; } }
$in{'file_text'} =~ s/!!counter!!/<img src="$config{'script_url'}/counter.cgi?$current_dir/$in{'file'}">/ig;
$in{'file_text'} =~ s/!!forum!!/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/gi;
$in{'file_text'} =~ s/!!guestbook!!/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/gi;
$in{'file_text'} =~ s/!!links!!/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/gi;
$in{'file_text'} =~ s/<?textarea>/</textarea>/gi;
}
open (FILE,">$config{'root_dir'}/$actual_dir/$in{'file'}");
print FILE $in{'file_text'};
close (FILE);
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} edited file $in{'file'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Save and keep editing a file
if ($in{'edit_file_save'} && $in{'file'} && $in{'file_text'}) {
if ($in{'file'} =~ //|\/) { print &manager_error_html("Stop trying to hack WebHome"); exit; }
if ($in{'file'} =~ /.htm/ || $in{'file'} =~ /.shtm/) {
if ($group_config{'use_header'} eq "yes") { if ($in{'file_text'} =~ /<body([^>]*)>/i) { $in{'file_text'} =~ s/<body([^>]*)>/<body$1>$header/i; } else { $in{'file_text'} = $header.$in{'file_text'}; } }
if ($group_config{'use_footer'} eq "yes") { if ($in{'file_text'} =~ /</body>/i) { $in{'file_text'} =~ s/</body>/$footer</body>/i; } else { $in{'file_text'} .= $footer; } }
$in{'file_text'} =~ s/!!counter!!/<img src="$config{'script_url'}/counter.cgi?$current_dir/$in{'file'}">/ig;
$in{'file_text'} =~ s/!!forum!!/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/gi;
$in{'file_text'} =~ s/!!guestbook!!/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/gi;
$in{'file_text'} =~ s/!!links!!/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/gi;
$in{'file_text'} =~ s/<?textarea>/</textarea>/gi;
}
open (FILE,">$config{'root_dir'}/$actual_dir/$in{'file'}");
print FILE $in{'file_text'};
close (FILE);
$in{'edit_file'} = "Edit";
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} edited file $in{'file'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Change your password
if ($in{'change_password'} && $in{'password1'} && $in{'password2'} && $in{'password1'} eq $in{'password2'}) {
if (length($in{'password1'}) >= $config{'min_password'} && length($in{'password1'}) <= $config{'max_password'}) {
### $flags = O_CREAT | O_RDWR;
### $db = "$config{'data_dir'}/users";
### tie(%users, 'AnyDBM_File', $db , $flags
use POSIX qw(nice);
if(defined( POSIX::nice(10) )) {
# now we're nice
}
require "./cgi-lib.pl";
require "./html.pl";
require "./db.txt";
&ReadParse(%in,%cgi_cfn);
print "Content-type: text/html
";
&get_values;
&check_login;
$space_usage=0;
&get_space;
&update_config;
$space_usage/=1028;
$space_usage=int($space_usage+.5);
$space_available=$group_config{'space_limit'}-$space_usage;
$space_available=int($space_available+.5);
&actions;
$space_usage=0;
&get_space;
&update_config;
$space_usage/=1028;
$space_usage=int($space_usage+.5);
$space_available=$group_config{'space_limit'}-$space_usage;
$space_available=int($space_available+.5);
&print_html;
################################
# MANAGER HTML
sub manager_html {
my $output;
if ($current_dir eq $root_dir) {
$current_dir = $url_dir ;
}
$extra_html="";
#if ($group_config{'forum'} eq "yes" && $group_config{'guestbook'} eq "yes") {
# $extra_html = "
Your Forums & Guestbook are active and operational.
"
#}
###if ($user_config{group} eq "default") {
### $extra_html = "
Tired of SPAM? Worried about E-Mail worms & viruses?
<A href=https://secure.boomspeed.com/secure/boomspeed/order.htm>Upgrade your account</a> for an avg of only $6/month and get a full 100Megs of webspace
and FREE <A href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> with Spam Filtering & Virus Protection.
Your <A href=mailto:" . $in{'loginName'} . "@boomspeed.com>" . $in{'loginName'} . "@boomspeed.com</a> email address is already reserved for you!
<font size=-2>(Boomspeed Webmail is available ONLY to Premium Account Holders.)</font>"
###}
###if ($user_config{group} eq "100Meg") {
### $extra_html = "
Try our new <A target="_top" href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> service. It's INCLUDED with your 100Meg account!
Your <A HREF=mailto:" . $in{'loginName'} . "@boomspeed.com>" . $in{'loginName'} . "@boomspeed.com</a> email address is already active!
"
$extra_html = "
Try our new <A target="_top" href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> service. It's INCLUDED with your account!
Your <A HREF=mailto:" . $in{'loginName'} . "@boomspeed.com>" . $in{'loginName'} . "@boomspeed.com</a> email address is already active!
";
$extra_html2 = "<!-- comment -->";
if ($user_config{group} eq "default") {
$extra_html2 = "<script type='text/javascript' src='http://pagead2.googlesyndication.com/pagead/show_ads.js'> </script>";
}
###}
$output = qq~
<html>
<head><title>Boomspeed.Com</title></head>
<body bgcolor="#FFFFFF">
<center>
<p><big><big><strong><font face="Arial"><a href="http://www.boomspeed.com/host/"><img src="http://www.boomspeed.com/host/boombanner.jpg" border=0></a></font></strong></big></big></p>
$header
<p><small><font face="Arial">Welcome, $user_config{'real_name'}, Your website url is <a
href="$config{'root_url'}$url_dir/" target=_new>$config{'root_url'}$url_dir/</a>
$extra_html
</font></small>
<table><TR><TD valign="top">
<script type="text/javascript"><!--
google_ad_client = "pub-6254931735458207";
google_ad_width = 120;
google_ad_height = 600;
google_ad_format = "120x600_as";
google_ad_type = "text_image";
google_ad_channel ="";
google_color_border = "B4D0DC";
google_color_bg = "ECF8FF";
google_color_link = "0000CC";
google_color_url = "008000";
google_color_text = "6F6F6F";
//--></script>
$extra_html2
</TD>
<TD><img src=/host/clear.gif width=25></TD><TD>
<form method="POST" name="files">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">My Files</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF">
~;
($actual_dir = substr($current_dir, 0, 1)."/".substr($current_dir, 0, 2)."/".$current_dir) if ($config{'hashdirectories'} eq "yes");
opendir(DIR,"$config{'root_dir'}/$actual_dir");
@dir=readdir(DIR);
@dir = sort {uc($a) cmp uc($b)} @dir;
closedir(DIR);
foreach $line (@dir) {
if (-f "$config{'root_dir'}/$actual_dir/$line" && $line ne "." && $line ne "..") {
$files_found = "TRUE";
}
}
if ($files_found) {
$output .= qq~
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="60"><small><strong><font face="Arial">Type</font></strong></small></td>
<td width="200"><small><strong><font face="Arial">Name</font></strong></small></td>
<td width="100"><small><strong><font face="Arial">Size</font></strong></small></td>
<td nowrap><small><strong><font face="Arial">Date</font></strong></small></td>
</tr>
~;
@dir = sort {lc($a) cmp lc($b)} @dir;
foreach $line (@dir) {
if (-f "$config{'root_dir'}/$actual_dir/$line") {
@stat=stat("$config{'root_dir'}/$actual_dir/$line");
$file_name=$line;
($name,$ext)=split(/./,$file_name);
$ext=lc($ext);
# This is the section I changed things in Greg. Image extensions here
if ($ext eq "png" || $ext eq "gif" || $ext eq "jpg" || $ext eq "bmp" || $ext eq "art") { $file_type = "image";
# Bandwidth intensive $file_type = qq~<img src="$config{'root_url'}$current_dir/$file_name" height=100 width=100>~; }
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~; }
# Text Here
elsif ($ext eq "htm" || $ext eq "html" || $ext eq "shtm" || $ext eq "shtml" || $ext eq "txt" || lc($file_name) eq "readme") {
$file_type = "text";
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~; }
# To undo the Images Change above replace the $file_type= qq line with a copy of the one right above this line. - JFL
# Sounds here
elsif ($ext eq "mid" || $ext eq "wav" || $ext eq "ra" || $ext eq "ram") {
$file_type = "sound";
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~;}
# This is good old unknown. Can't have people being malicious
else { $file_type = "unknown";
$file_type = qq~<img src="$config{'root_url'}images/$file_type.gif">~; }
$file_size=$stat[7];
$file_date=localtime($stat[9]);
$output .= qq~
<tr>
<td width="60"><font face="Arial"><input type="radio" name="file" value="$file_name" onclick="document.files.file_input.value='$file_name'">$file_type</font></td>
<td width="200"><font face="Arial"><a href="$config{'root_url'}$current_dir/$file_name" target="_window">$file_name</a></font></td>
<td width="100"><font face="Arial">$file_size</font></td>
<td nowrap><font face="Arial">$file_date</font></td>
</tr>
~;
}
}
$output .= qq~
</table>
<p><input type="submit" name="edit_file" value="Edit"> <input type="submit" value="Delete"
name="delete_file"> <input type="submit" value="Rename" name="rename_file"> <input type="submit" value="Create" name="create_file"> <input type="text" name="file_input">
~;
} else {
$output .= qq~
<font face="Arial">There are currently no files in this directory</font><p>
<input type="submit" value="Create" name="create_file"> <input type="text" name="file_input">
~;
}
$output .= qq~
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
opendir(TEMPLATES,"$config{'data_dir'}/templates");
@templates=readdir(TEMPLATES);
closedir(TEMPLATES);
foreach $line (@templates) {
if (-f "$config{'data_dir'}/templates/$line") {
@line=split(/./,$line,2);
$good_line=$line[0];
$good_line =~ s/[_|-]/ /g;
$template_list .= qq~<option value="$line">$good_line</option>
~;
}
}
if ($template_list) {
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center>
<table border="0" cellpadding="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td><font face="Arial"><strong>HTML Editor</strong></font></td>
</tr>
<tr>
<td bgcolor="#F0F8FF" valign="middle">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><div align="right"><p><font face="Arial">New filename</font></td>
<td> <input type="text" name="filename" size="20" value="filename.html"></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><div align="right"><p><font face="Arial">Title</font></td>
<td> <input type="text" name="title" size="20" value="$user_config{'name'}'s Homepage"></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><div align="right"><p><font face="Arial">Template</font></td>
<td> <select name="template">
$template_list
</select>
</td>
</tr>
</table>
<p><input type="submit" value="Edit HTML" name="html_editor"></p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
$output .= qq~
<form method="POST" enctype="multipart/form-data">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Upload</font></strong> (1 file or up to 10 files at a time!)</td>
</tr>
<tr>
<td bgcolor="#F0F8FF">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td>
~;
if ($space_available !~ /-/) {
$uploads_count=0;
while ($uploads_count < $config{'upload_fields'}) {
$uploads_count++;
$output .= qq~
<input type="file" name="file$uploads_count" size="35">
~;
}
$output .= qq~ <p><input type="submit" size="40" value="Upload" name="upload_cmd">~;
} else {
$output .= qq~
<font face="Arial">You are currently at or over your alotted disk space limit. If you <a target=_top href=https://secure.boomspeed.com/secure/boomspeed/order.htm>Upgrade your account</a> now, for an avg of only $6/month, you will get a full 100Megs of webspace and FREE <A href=http://www.boomspeed.com/webmail/>Boomspeed Webmail</a> with Spam Filtering & Virus Protection.
~;
}
$output .= qq~
</td>
<td width="50%"><p align="center"><font face="Arial">Usage: <strong>$space_usage KB</strong>
Available: <strong>$space_available KB</strong>
Total: <strong>$group_config{'space_limit'} KB</strong></font></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center>
<table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600">
<tr>
~;
if ($group_config{'create_directories'}) {
$output .= qq~
<td><table border="0" cellpadding="0" cellspacing="0">
<tr>
<td><strong><font face="Arial">Directories</font></strong></td>
</tr>
<tr><td>Currently: /$current_dir </td></tr>
<tr>
<td bgcolor="#F0F8FF" nowrap>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
~;
$actual_dir=$current_dir;
($actual_dir = substr($current_dir, 0, 1)."/".substr($current_dir, 0, 2)."/".$current_dir) if ($config{'hashdirectories'} eq "yes");
if ($current_dir ne $user_dir) {
$output .= qq~
<tr>
<td width="60"><input type="radio" name="dir" value=".."><img src="$config{'root_url'}images/folder.gif"></td>
<td width="200"><font face="Arial">Back..</font></td>
</tr>
~;
}
opendir(DIR,"$config{'root_dir'}/$actual_dir");
@dir=readdir(DIR);
closedir(DIR);
foreach $line (@dir) {
if (-d "$config{'root_dir'}/$actual_dir/$line" && $line ne "." && $line ne "..") {
$output .= qq~
<tr>
<td width="60"><input type="radio" name="dir" value="$line"><img src="$config{'root_url'}images/folder.gif"></td>
<td width="200"><font face="Arial"><a href="$config{'root_url'}$current_dir/$line/" target="_window">$line</a></font></td>
</tr>
~;
}
}
$output .= qq~
</table><center><input type="submit" value="Change" name="change_dir"> <input type="submit" value="Remove" name="remove_dir">
<input type="submit" value="Add" name="add_dir"> <input type="text" name="add_dir_name" size="20" style="background-color: rgb(255,255,255)"></center></td>
</tr>
</table>
</td>
~;
}
$output .= qq~
<td valign="top" width="90%"><div align="right"><p><font face="Arial"><big><big><strong>Did
you know?</strong></big></big>
<small>$did_you_know</small></font></td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
if (($in{'edit_file'} && $in{'file'} && $in{'file'} !~ /\|//) || ($in{'create_file'} && $in{'file_input'} && $in{'file_input'} !~ /\|//)) {
if ($in{'file_input'} && $in{'file_input'} !~ /^[a-zA-Z0-9.-_]*$/) { print &manager_error_html("Invalid file name"); exit; }
if ($in{'file'} && $in{'file'} !~ /^[a-zA-Z0-9.-_]*$/) { print &manager_error_html("Invalid file name"); exit; }
if ($in{'create_file'}) { $in{'file'} = $in{'file_input'}; }
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<input type="hidden" name="file" value="$in{'file'}">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Edit</font></strong></td>
</tr>
<tr>
<td bgcolor="#FFFFCC">
<center><textarea rows="11" name="file_text" cols="72">~;
if ($in{'create_file'}) { $output .= qq~<html>
<head>
<title>Title goes here</title>
</head>
<body>
Content goes here..
</body>
</html>~; }
else {
open (FILE,"$config{'root_dir'}/$actual_dir/$in{'file'}");
while (<FILE> { $file_content.=$_; }
$file_content =~ s/<!-- START HEADER -->(.*)<!-- END HEADER -->//s;
$file_content =~ s/<!-- START FOOTER -->(.*)<!-- END FOOTER -->//s;
$file_content =~ s/<img src="$config{'script_url'}/counter.cgi?([^"]*)">/!!counter!!/gi;
$file_content =~ s/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/!!forum!!/gi;
$file_content =~ s/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/!!guestbook!!/gi;
$file_content =~ s/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/!!links!!/gi;
$file_content =~ s/</textarea>/<?textarea>/ig;
$output .= $file_content;
close (FILE);
}
$output .= qq~</textarea></center>
<input type="submit" name="edit_file_finish" value="Finish"> <input type="submit" name="edit_file_save" value="Save and keep working">
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Preferences</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><strong><font face="Arial">Change your password..</font></strong>$password_error<table
border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Password</font></td>
<td><font face="Arial"><input type="password" name="password1" size="20"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Retype</font></td>
<td><font face="Arial"><input type="password" name="password2" size="20"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"></td>
<td><input type="submit" value="Change" name="change_password"></td>
</tr>
</table>
<p><strong><font face="Arial">Personal Information</font></strong></p>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Email</font></td>
<td><font face="Arial"><input type="text" name="email" size="20" value="$user_config{'email'}"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Real name</font></td>
<td><font face="Arial"><input type="text" name="real_name" size="20" value="$user_config{'real_name'}"></font></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Site description</font></td>
<td><font face="Arial"><input type="text" name="site_description" size="20" value="$user_config{'site_description'}"></font></td>
</tr>
</table>
~;
foreach $line (@questions) {
@line=split(/|/,$line);
$line_name = $line[0];
$line[0] = lc($line[0]);
$line[0] =~ s/ /_/g;
$output .= qq~
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">$line_name</font></td>
<td><font face="Arial"><input type="text" name="$line[0]" size="20" value="$user_config{$line[0]}"></font></td>
</tr>
</table>
~;
}
$output .= qq~
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"></td>
<td><input type="submit" value="Change" name="change_personal_info"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
if ($group_config{'forum'} eq "yes") {
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Forum</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><div align="center"><center><p><small><font face="Arial">Your forum
is located at <a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">$config{'script_url'}/forum.cgi?u=$user_config{'name'}</a></font></small></p>
</center></div><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td nowrap><font face="Arial">Add a forum
<input type="text" name="add_forum_name" size="20"></font> <input type="submit" value="Add" name="add_forum">
<p><font face="Arial">Remove a forum</font>
<select name="remove_forum_name" size="1">
~;
# open (FORUMS,"$config{'data_dir'}/users_new/$user_config{'name'}/forums.txt");
open (FORUMS,"$config{'data_dir'}/users_new/$actual_dir/forums.txt");
@forums=<FORUMS>;
close (FORUMS);
@forums = sort {uc($a) cmp uc($b)} @forums;
foreach $line (@forums) {
chop $line if ($line =~ /
/);
$output .= qq~<option value="$line">$line</option>
~;
}
$output .= qq~
</select><input type="submit" value="Remove" name="remove_forum"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
if ($group_config{'guestbook'} eq "yes") {
$output .= qq~
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Guestbook</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><div align="center"><center><p><small><font face="Arial">Your
guestbook is located at <a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}" target="_newwindow">$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}</a></font></small></p>
</center></div>
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<font face="Arial">Remove a Guest</font>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="100"><font face="Arial">Date</font></td>
<td><select name="date">
~;
# open (GUESTBOOK,"$config{'data_dir'}/users_new/$user_config{'name'}/guestbook.txt");
open (GUESTBOOK,"$config{'data_dir'}/users_new/$actual_dir/guestbook.txt");
while (<GUESTBOOK> {
@line=split(/|/,$_);
$poster=($line[0]);
# if ($line[2] < 967041835 ) {$line[2]=967041835}
$full_date=localtime($line[2]);
$output .= qq~<option value="$line[2]">$poster - $full_date
~; }
close (GUESTBOOK);
$output .= qq~
</select></td>
</tr>
</table>
<input type="submit" name="remove_guest" value="Remove">
</form>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
~;
}
if ($group_config{'links'} eq "yes") {
$output .= qq~
<form method="POST">
<input type="hidden" name="loginName" value="$in{'loginName'}">
<input type="hidden" name="loginPass" value="$in{'loginPass'}">
<input type="hidden" name="current_dir" value="$current_dir">
<div align="center"><center><table border="0" cellpadding="0" cellspacing="2" width="600" bgcolor="#AFEEEE">
<tr>
<td><table border="0" cellpadding="1" cellspacing="0" width="600" bgcolor="#AFEEEE">
<tr>
<td><strong><font face="Arial">Links</font></strong></td>
</tr>
<tr>
<td bgcolor="#F0F8FF"><div align="center"><center><p><small><font face="Arial">Your links script is located at <a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">$config{'script_url'}/links.cgi?u=$user_config{'name'}</a></font></small></p>
</center></div><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td nowrap><font face="Arial">Add a category
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120"><font face="Arial">Name</font></td>
<td><input type="text" name="add_link_category_name" size="20"></td>
</tr>
<tr>
<td width="120"><font face="Arial">Description</font></td>
<td><input type="text" name="add_link_category_description" size="20"></td>
</tr>
</table>
</font> <input type="submit" value="Add" name="add_link_category"><p><font face="Arial">Remove a Category</font>
<select name="remove_link_category_name" size="1">
~;
open (CATEGORIES,"$config{'data_dir'}/users_new/$user_config{'name'}/link_categories.txt");
@categories=<CATEGORIES>;
close (CATEGORIES);
@categories = sort {uc($a) cmp uc($b)} @categories;
foreach $line (@categories) {
@line=split(/|/,$line);
$output .= qq~<option value="$line[0]">$line[0]</option>
~;
}
$output .= qq~
</select> <input type="submit" value="Remove" name="remove_link_category">
<p><font face="Arial">Remove a Link</font>
<select name="link_url" size="1">
~;
open (LINKS,"$config{'data_dir'}/users_new/$user_config{'name'}/link_links.txt");
@links=<LINKS>;
close (LINKS);
@links = sort {uc($a) cmp uc($b)} @links;
foreach $line (@links) {
@line=split(/|/,$line);
$output .= qq~<option value="$line[1]">$line[1]</option>
~;
}
$output .= qq~
</select> <input type="submit" value="Remove" name="remove_link"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center></div>
</form>
~;
}
$output .= qq~
$footer
<hr width="500" noshade size="1" color="#000000">
<!-- <center><IMG src="http://rocketrylist.com/index.php?img=54&img_set=RocketryList" width=1 height=1 border=0></CENTER> -->
<!-- <center><IMG src="http://rocketrylist.com/index.php?vote=54&c=" width=1 height=1 border=0></CENTER> -->
<!-- <center><a href="http://www3.clustrmaps.com/counter/maps.php?url=http://manager.boomspeed.com/host/cgi-bin/manager.cgi" id="clustrMapsLink"><img border=0 width=100 src="http://www3.clustrmaps.com/counter/index2.php?url=http://manager.boomspeed.com/host/cgi-bin/manager.cgi" /> -->
</a></center>
</TD></TR></TABLE>
</body>
</html>
~;
&hash_fix_from(@output);
return $output;
}
####################
# get values
sub get_values {
$current_date=time;
# script config...
if (open(CONFIG_TXT,"config.txt")) {
@config=<CONFIG_TXT>;
close (CONFIG);
foreach $line (@config) {
chop $line if ($line =~ /
/);
($name,$value)=split(/=/,$line,2);
$config{$name}=$value;
}
} else {
print &manager_error_html("could not load config");
exit;
}
# print login screen
unless ($in{'loginName'} && $in{'loginPass'}) {
$header = "<!-- START HEADER -->";
open (HEADERFILE,"$config{'data_dir'}/header.txt");
while (<HEADERFILE> { $header .= $_; }
close (HEADERFILE);
$header .= "<!-- END HEADER -->";
$footer = "<!-- START FOOTER -->";
open (FOOTERFILE,"$config{'data_dir'}/footer.txt");
while (<FOOTERFILE> { $footer .= $_; }
close (FOOTERFILE);
$footer .= "<!-- END FOOTER -->";
print &manager_login_html;
exit;
}
#============
$hash = "";
($hash = substr($in{'loginName'}, 0, 1)."/".substr($in{'loginName'}, 0, 2)."/") if($config{'hashdirectories'} eq "yes");
#============
# user config...
if (open(USER_CONFIG_TXT,"$config{data_dir}/users_new/$hash$in{'loginName'}/config.txt")) {
@user_config=<USER_CONFIG_TXT>;
close (USER_CONFIG_TXT);
foreach $line (@user_config) {
chop $line if ($line =~ /
/);
($name,$value)=split(/=/,$line,2);
$user_config{$name}=$value;
}
} else {
print &manager_error_html("user not found");
exit;
}
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$in{'loginName'}});
&dbConnect;
$sth = $dbh->query("SELECT user,pw,email,info,date,status,cgroup,name,comm,size FROM accounts WHERE user='$in{'loginName'}'") || &error("Could not open database");
@user_db_config = $sth->fetchrow();
shift(@user_db_config);
# Convert back from CGI Representation
&array_fix_from(@user_db_config);
$user_config{'name'}=$in{'loginName'};
$user_config{'password'}=$user_db_config[0];
$user_config{'email'}=$user_db_config[1];
$user_config{'site_description'}=$user_db_config[2];
$user_config{'last_action'}=$user_db_config[3];
$user_config{'status'}=$user_db_config[4];
$user_config{'group'}=$user_db_config[5];
$user_config{'real_name'}=$user_db_config[6];
$user_config{'community'}=$user_db_config[7];
# untie(%users);
&hash_fix_from($user_config);
if ($user_config{'community'}) {
$user_dir = "$user_config{'community'}/$hash$user_config{'name'}";
$url_dir = $user_config{'community'}/$user_config{'name'};
if ($in{'current_dir'}) { $current_dir = $in{'current_dir'}; }
else { $current_dir="$user_dir"; }
} else {
$user_dir="$hash$user_config{'name'}";
$url_dir = $user_config{'name'};
if ($in{'current_dir'}) { $current_dir = $in{'current_dir'}; }
else { $current_dir=$user_config{'name'}; }
}
# group config
if (open(GROUP_CONFIG_TXT,"$config{data_dir}/groups/$user_config{group}/config.txt")) {
@group_config=<GROUP_CONFIG_TXT>;
close (GROUP_CONFIG_TXT);
foreach $line (@group_config) {
chop $line if ($line =~ /
/);
($name,$value)=split(/=/,$line,2);
$group_config{$name}=$value;
}
} else {
print &manager_error_html("group not found");
exit;
}
open (QUESTIONS,"$config{'data_dir'}/questions.txt");
@questions=<QUESTIONS>;
close (QUESTIONS);
open (TIPS,"$config{'data_dir'}/tips.txt");
@tips=<TIPS>;
close (TIPS);
$total_tips=0;
foreach $line (@tips) { $total_tips++ if ($line ne "
"); }
$total_tips--;
$tip_number=int(rand($total_tips));
$total_tips=0;
foreach $line (@tips) {
if ($total_tips eq $tip_number) { $did_you_know=$line; }
$total_tips++;
}
$badfiletypes = $config{'bad_file_types'};
}
####################
# check login
sub check_login {
if ($user_config{'password'}) {
# WebHome 3.0 user
unless ($in{'loginPass'} eq $user_config{'password'}) {
print &manager_error_html("wrong password");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} entered the wrong password from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
exit;
}
} else {
# WebHome 2.0 user
unless (crypt($in{'loginPass'}, as) eq $user_config{'encrypt_password'}) {
print &manager_error_html("wrong password. webhome 2.0 user");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} entered the wrong password from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
exit;
}
}
if ($config{'use_validation'} eq "yes" && $user_config{'status'} eq "validation") {
if ($in{'valNumber'} eq $user_config{'val_number'}) {
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$user_config{'name'}});
# $users{$user_config{'name'}} = "$user_db_config[0]|$user_db_config[1]|$user_db_config[2]|$user_db_config[3]|enabled|$user_db_config[5]|$user_db_config[6]|$user_db_config[7]|";
&dbConnect;
$sth = $dbh->query("SELECT user,pw,email,info,date,status,cgroup,name,comm,size FROM accounts WHERE user='$in{'loginName'}'") || &error("Could not open database");
@user_db_config = $sth->fetchrow();
shift(@user_db_config);
# Convert back from CGI Representation
&array_fix_from(@user_db_config);
my $sqlquery = "UPDATE accounts SET status='enabled' WHERE user='$in{'loginName'}'";
$sth = $dbh->query($sqlquery);
$user_config{'name'}=$in{'loginName'};
$user_config{'password'}=$user_db_config[0];
$user_config{'email'}=$user_db_config[1];
$user_config{'site_description'}=$user_db_config[2];
$user_config{'last_action'}=$user_db_config[3];
$user_config{'status'}=$user_db_config[4];
$user_config{'group'}=$user_db_config[5];
$user_config{'real_name'}=$user_db_config[6];
$user_config{'community'}=$user_db_config[7];
# untie(%users);
#password|email|site_description|last_action|status|group|real_name|community|
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} validated their account from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
} else {
print &manager_error_html("wrong validation number");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} entered the wrong validation number from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
exit;
}
}
if ($user_config{'status'} eq "failedpmt" ) {
print &manager_error_html("When our system attempted to charge your credit card and/or PayPal account for your pre-approved billing amount, the payment was declined. Please visit our credit card update system to submit your updated billing information to Boomspeed so we may re-activate your account. Please click <a href=https://secure.boomspeed.com/secure/boomspeed/updatecc.htm>HERE</a> to go to the update page.");
exit;
}
if ($user_config{'status'} eq "trialend" ) {
print &manager_error_no_title_html("FREE TRIALS HAVE ENDED
Thank you for using Boomspeed.
Free trials from the years 2001-2006 ended on January 1st, 2007.
Due to rising costs we must apply a small reasonable fee to free accounts that we have offered and continued to host for free these last 6 years. All of your data is safe and can be restored very quickly by visiting this secure order form:
<a href=https://secure.boomspeed.com/secure/boomspeed/2008.htm>https://secure.boomspeed.com/secure/boomspeed/2008.htm</a>
Ordering the 'Boomspeed 2008' service will not only give you a special low rate until the summer, it will also reactivate your account, and it will start serving your files again right way.
We thank you for using Boomspeed and hope to have you stay for 2008!");
exit;
}
if ($user_config{'status'} eq "disabled" ) {
print &manager_error_html("Your account has been disabled.
Please visit our <A href=http://support.boomspeed.com/scripts/board_show.pl?bid=1>Latest News</a> page for possible details as to why.");
exit;
}
if ($user_config{'status'} eq "delete") {
print &manager_error_html("Your account has been disabled");
exit;
}
}
####################
# get space used
sub get_space {
my ($path)=@_;
opendir(DIR,"$config{'root_dir'}/$user_dir/$path");
my @dir=readdir(DIR);
closedir(DIR);
foreach $line (@dir) {
if (-f "$config{'root_dir'}/$user_dir/$path/$line") {
@stat=stat("$config{'root_dir'}/$user_dir/$path/$line");
$space_usage+=$stat[7];
}
}
foreach $line (@dir) {
if (-d "$config{'root_dir'}/$user_dir/$path/$line" && $line ne "." && $line ne "..") { &get_space("$path/$line"); }
}
}
####################
# update config
sub update_config {
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$user_config{'name'}});
&dbConnect;
$sth = $dbh->query("SELECT user,pw,email,info,date,status,cgroup,name,comm,size FROM accounts WHERE user='$in{'loginName'}'") || &error("Could not open database");
@user_db_config = $sth->fetchrow();
shift(@user_db_config);
# Convert to CGI Representation
&array_fix_to(@user_db_config);
my $sqlquery = "UPDATE accounts SET pw='$user_db_config[0]',email='$user_db_config[1]',info='$user_db_config[2]',date=$current_date,status='$user_db_config[4]',cgroup='$user_db_config[5]',name='$user_db_config[6]',comm='$user_db_config[7]',size=$space_usage WHERE user='$user_config{'name'}'";
$sth = $dbh->query($sqlquery) || &error("Could not update database");
# $users{$user_config{'name'}} = "$user_db_config[0]|$user_db_config[1]|$user_db_config[2]|$current_date|$user_db_config[4]|$user_db_config[5]|$user_db_config[6]|$user_db_config[7]|$space_usage";
# untie(%users);
}
sub current_date {
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
if ($mon < 10) { $mon = "0$mon"; }
if ($mday < 10) { $mday = "0$mday"; }
if ($year < 90) { $year = "20".$year; }
if ($year ne "90" && $year > "90") { $year = "19".$year; }
$month = ($mon + 1);
$date = "$month/$mday/$year";
chop($date) if ($date =~ /
$/);
return $date;
}
# If no errors.. print out the html
sub print_html {
# Show the template!
if ($in{'edit_html'}) {
if (!$in{'file'} || $in{'filename'} !~ /^[a-zA-Z0-9-_.]*$/) { print &manager_error_html("Invalid or missing filename"); exit; }
$count=0;
open (HTML,"$config{'root_dir'}/$current_dir/$in{'file'}");
while (<HTML> {
$count2=$count+1;
if ($_ =~ s/<!-- WH TEXT(([^)]*)) -->(.*)<!-- WH TEXT_END -->/<input type="text" name="$count" size="$1" value="$2">/i) { $count++; }
elsif ($_ =~ s/<!-- WH IMAGE -->/<input type="file" name="$count">
/i) { $count++; }
elsif ($_ =~ s/<!-- WH LINK --><a href="([^"]*)">(.*)</a>/URL: <input type="text" name="$count" value="$1">
TITLE: <input type="text" name="$count2" value="$2">/i) { $count+=2; }
elsif ($_ =~ /<!-- WH TEXTAREA(([^,]*),([^)]*)) --><font face="([^"]*)">(.*)</font><!-- WH TEXTAREA_END -->/i) {
$temp_font = $3;
$temp_text = $4;
$temp_text =~ s/<p>/
/gi;
$temp_text =~ s/
/
/gi;
@fonts=("Arial","Courier New","Helvetica","Times New Roman","Verdana");
foreach $font (@fonts) {
$fonts .= "<option";
$fonts .= " selected" if (lc($font) eq lc($temp_font));
$fonts .= ">$font";
}
$_ =~ s/<!-- WH TEXTAREA(([^,]*),([^)]*)) -->(.*)<!-- WH TEXTAREA_END -->/<select name="font_$count">$fonts</select>
<textarea name="$count" cols="$1" rows="$2">$temp_text</textarea>/i;
$count++;
} else { $_ =~ s/<!-- WH (.*) -->//i; $count++; }
$html.=$_;
}
close (HTML);
$html =~ s/<body([^>]*)>/<body$1><form method="POST" enctype="multipart/form-data">/i;
$html =~ s/</body>/<input type="hidden" name="loginName" value="$in{'loginName'}"><input type="hidden" name="loginPass" value="$in{'loginPass'}"><input type="hidden" name="current_dir" value="$current_dir"><input type="hidden" name="title" value="$in{'title'}"><input type="hidden" name="filename" value="$in{'file'}"><input type="submit" name="edit_template_html" value="Edit"></form></body>/i;
print $html;
exit;
} elsif ($in{'html_editor'}) {
if (!$in{'filename'} || $in{'filename'} !~ /^[a-zA-Z0-9-_.]*$/) {
print &manager_error_html("Invalid or missing filename");
exit;
}
if (!$in{'template'} || $in{'template'} !~ /^[a-zA-Z0-9-_.]*$/) {
print &manager_error_html("Invalid or missing template");
exit;
}
$count=0;
open (HTML,"$config{'data_dir'}/templates/$in{'template'}");
while (<HTML> {
$count2=$count+1;
$template.=$_;
if ($_ =~ s/<!-- WH TEXT(([^)]*)) -->(.*)<!-- WH TEXT_END -->/<input type="text" name="$count" size="$1" value="$2">/i) { $count++; }
elsif ($_ =~ s/<!-- WH IMAGE -->/<input type="file" name="$count">
/i) { $count++; }
elsif ($_ =~ s/<!-- WH LINK --><a href="([^"]*)">(.*)</a>/URL: <input type="text" name="$count" value="$1">
TITLE: <input type="text" name="$count2" value="$2">/i) { $count+=2; }
elsif ($_ =~ /<!-- WH TEXTAREA(([^,]*),([^)]*)) --><font face="([^"]*)">(.*)</font><!-- WH TEXTAREA_END -->/i) {
$temp_font = $3;
$temp_text = $4;
$temp_text =~ s/<p>/
/gi;
$temp_text =~ s/
/
/gi;
@fonts=("Arial","Courier New","Helvetica","Times New Roman","Verdana");
foreach $font (@fonts) {
$fonts .= "<option";
$fonts .= " selected" if (lc($font) eq lc($temp_font));
$fonts .= ">$font";
}
$_ =~ s/<!-- WH TEXTAREA(([^,]*),([^)]*)) -->(.*)<!-- WH TEXTAREA_END -->/<select name="font_$count">$fonts</select>
<textarea name="$count" cols="$1" rows="$2">$temp_text</textarea>/i;
$count++;
} else { $_ =~ s/<!-- WH (.*) -->//i; $count++; }
$html.=$_;
}
close (HTML);
$html =~ s/<body([^>]*)>/<body$1><form method="POST" enctype="multipart/form-data">/i;
$html =~ s/</body>/<input type="hidden" name="loginName" value="$in{'loginName'}"><input type="hidden" name="loginPass" value="$in{'loginPass'}"><input type="hidden" name="current_dir" value="$current_dir"><input type="hidden" name="title" value="$in{'title'}"><input type="hidden" name="filename" value="$in{'filename'}"><input type="submit" name="edit_template_html" value="Edit"></form></body>/i;
$html =~ s/!!title!!/$in{'title'}/gi;
$html =~ s/<title>(.*)</title>/<title>$in{'title'}</title>/i;
open (HTML,">$config{'root_dir'}/$current_dir/$in{'filename'}");
print HTML $template;
close (HTML);
print $html;
exit;
}
&hash_fix_from($in);
print &manager_html;
}
sub actions {
# Fix current_dir hack
if($config{'hashdirectories'} eq "yes") {
$actual_dir1 = "".substr($current_dir, 0, 1);
$actual_dir2 = "$actual_dir1/".substr($current_dir, 0, 2);
$actual_dir = "$actual_dir2/$current_dir";
}
if ($actual_dir ne $user_dir && $actual_dir !~ /$user_dir/(.*)/) {
print &manager_error_html("You may not leave your directory [$current_dir] != [$user_dir]");
exit;
}
if ($current_dir =~ /./) {
print &manager_error_html("Current dir can not contain . in it.");
exit;
}
# Convert WebHome 2.0 user to WebHome 3.0 user
if ($user_config{'encrypt_password'}) {
# $flags = O_CREAT | O_RDWR;
# $db = "$config{'data_dir'}/users";
# tie(%users, 'AnyDBM_File', $db , $flags, 0666) || print &manager_error_html("Cant open user database");
# @user_db_config=split(/|/,$users{$user_config{'name'}});
# $users{$user_config{'name'}} = "$in{'loginPass'}|$user_db_config[1]|$user_db_config[2]|$user_db_config[3]|enabled|$user_db_config[5]|$user_db_config[6]|$user_db_config[7]|$user_db_config[8]";
# untie(%users);
&dbConnect;
$sth = $dbh->query("UPDATE accounts SET pw='$in{'loginPass'}' WHERE user='$user_config{'name'}'");
open (USER_CONFIG,">$config{'data_dir'}/users_new/$hash$user_config{'name'}/config.txt") || print "Cant open user config";
foreach $line (@user_config) {
@line=split(/=/,$line);
print USER_CONFIG $line."
" if ($line[0] ne "encrypt_password");
}
close (USER_CONFIG);
}
$header = "<!-- START HEADER -->
";
$footer = "<!-- START FOOTER -->
";
if ($user_config{'community'}) {
if (open (HEADER,"$config{'data_dir'}/communities/$user_config{'community'}/header.txt")) {
while (<HEADER> { $header.=$_; }
close (HEADER);
} else { print &manager_error_html("Could not open header: $!"); exit }
if (open (FOOTER,"$config{'data_dir'}/communities/$user_config{'community'}/footer.txt")) {
while (<FOOTER> { $footer.=$_; }
close (FOOTER);
} else { print &manager_error_html("Could not open footer: $!"); exit }
} else {
open (HEADER,"$config{'data_dir'}/header.txt");
while (<HEADER> { $header.=$_; }
close (HEADER);
open (FOOTER,"$config{'data_dir'}/footer.txt");
while (<FOOTER> { $footer.=$_; }
close (FOOTER);
}
$header .= "
<!-- END HEADER -->";
$footer .= "
<!-- END FOOTER -->";
# Upload files
if ($in{'upload_cmd'} && ($space_available =~ /-/) ) {
while ($file_count < $config{'upload_fields'}) {
$file_count++;
if ($in{"file$file_count"}) {
# Get file name
if ($cgi_cfn{"file$file_count"} =~ /\/) {
# Windows Upload
@filepath=split(/\/, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} elsif ($cgi_cfn{"file$file_count"} =~ ///) {
# Unix Upload
@filepath=split(///, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} else {
# Mac Upload
$file_name{$file_count}=$cgi_cfn{"file$file_count"};
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} attempted to upload $file_name{$file_count} and is OVER DISK SPACE from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
}
}
if ($in{'upload_cmd'} && ($space_available !~ /-/) ) {
while ($file_count < $config{'upload_fields'}) {
$file_count++;
if ($in{"file$file_count"}) {
# Get file name
if ($cgi_cfn{"file$file_count"} =~ /\/) {
# Windows Upload
@filepath=split(/\/, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} elsif ($cgi_cfn{"file$file_count"} =~ ///) {
# Unix Upload
@filepath=split(///, $cgi_cfn{"file$file_count"});
foreach $_ (@filepath) { $file_name{$file_count}=$_; }
} else {
# Mac Upload
$file_name{$file_count}=$cgi_cfn{"file$file_count"};
}
# Check for bad file types
@badfiles=split(/,/,$badfiletypes);
foreach $type (@badfiles) {
$type =~ s/.//g;
@ext=split(/./,$file_name{$file_count});
foreach $line (@ext) { $ext=$line; }
$file_bad{$file_count} = "TRUE" if (lc($ext) eq lc($type));
}
unless ($file_bad{$file_count}) {
# Add header, footer, counter to html files
if ($file_name{$file_count} =~ /.htm/ || $file_name{$file_count} =~ /.shtm/) {
if ($group_config{'use_header'} eq "yes") { if ($in{"file$file_count"} =~ /<body([^>]*)>/i) { $in{"file$file_count"} =~ s/<body([^>]*)>/<body$1>$header/i; } else { $in{"file$file_count"} = $header.$in{"file$file_count"}; } }
if ($group_config{'use_footer'} eq "yes") { if ($in{"file$file_count"} =~ /</body>/i) { $in{"file$file_count"} =~ s/</body>/$footer</body>/i; } else { $in{"file$file_count"} .= $footer; } }
$in{"file$file_count"} =~ s/!!counter!!/<img src="$config{'script_url'}/counter.cgi?$current_dir/$file_name{$file_count}">/ig;
$in{"file$file_count"} =~ s/!!forum!!/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/gi;
$in{"file$file_count"} =~ s/!!guestbook!!/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/gi;
$in{"file$file_count"} =~ s/!!links!!/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/gi;
}
# Create file
if ($file_name{$file_count} =~ /^[a-zA-Z0-9.-_]*$/) {
open (FILE,">$config{'root_dir'}/$actual_dir/$file_name{$file_count}");
binmode (FILE);
print FILE $in{"file$file_count"};
close (FILE);
$size= -s "$config{'root_dir'}/$actual_dir/$file_name{$file_count}";
if ( $size > ($space_available*1024)) {
unlink("$config{'root_dir'}/$actual_dir/$file_name{$file_count}");
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} TRIED to upload $file_name{$file_count} size $size but file was TOO LARGE for quota from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
#system "/home/httpd/www.boomspeed.com/image.csh $file_name{$file_count} $config{'root_dir'}/$actual_dir $user_config{'group'} >/tmp/test8 2>&1";
}
if (($config{'use_log'} eq "yes") && ($size < ($space_available*1024))) {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} uploaded $file_name{$file_count} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
# Now adjust $space_available for the successful file to ensure other files are checked against actual real-time usage
if ($size < ($space_available*1024)) {
$space_available=((($space_available*1024)-$size)/1024);
}
}
}
}
}
# Rename a file
if ($in{'rename_file'} && $in{'file_input'} && $in{'file'}) {
if ($in{'file_input'} =~ /^[a-zA-Z0-9.-_]*$/) {
@badfiles=split(/,/,$badfiletypes);
foreach $type (@badfiles) {
$type =~ s/.//g;
@ext=split(/./,$in{'file_input'});
foreach $line (@ext) { $ext=$line; }
$newname_is_bad = "TRUE" if (lc($ext) eq lc($type));
}
rename("$config{'root_dir'}/$actual_dir/$in{'file'}","$config{'root_dir'}/$actual_dir/$in{'file_input'}") unless $newname_is_bad;
if ($in{'file_input'} =~ /.htm/i || $in{'file_input'} =~ /.shtm/i) {
$file="";
open (FILE,"$config{'root_dir'}/$actual_dir/$in{'file_input'}");
while (<FILE> { $file.=$_; }
close (FILE);
$file =~ s/<img src="$config{'script_url'}/counter.cgi?([^"]*)">/<img src="$config{'script_url'}/counter.cgi?$current_dir/$in{'file_input'}">/gi;
if ($in{'file'} !~ /.htm/i && $in{'file'} !~ /.shtm/i) {
if ($group_config{'use_header'} eq "yes") { $file =~ s/<body([^>]*)>/<body$1>$header/i; }
if ($group_config{'use_footer'} eq "yes") { $file .= "
".$footer; }
}
open (FILE,">$config{'root_dir'}/$actual_dir/$in{'file_input'}");
print FILE $file;
close (FILE);
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} renamed file $in{'file'} to $in{'file_input'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
}
# Delete a file
if ($in{'delete_file'} && $in{'file'}) {
unlink ("$config{'root_dir'}/$actual_dir/$in{'file'}");
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} deleted file $in{'file'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Change the current directory
if ($in{'change_dir'} && $in{'dir'}) {
if ($in{'dir'} eq ".." && $current_dir ne $user_dir) {
$current_dir =~ /(.*)/(.*)/;
$current_dir=$1;
} else {
$current_dir = "$current_dir/$in{'dir'}";
}
}
# Add a directory
if ($in{'add_dir'} && $in{'add_dir_name'}) {
if ($in{'add_dir_name'} =~ /^[a-zA-Z0-9-_]*$/) {
mkdir("$config{'root_dir'}/$actual_dir/$in{'add_dir_name'}", 0755);
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} added directory $in{'add_dir_name'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Remove a directory
if ($in{'remove_dir'} && $in{'dir'} && $in{'dir'} ne "..") {
if ($in{'remove_dir_name'} =~ /^[a-zA-Z0-9-_]*$/) {
rmdir("$config{'root_dir'}/$actual_dir/$in{'dir'}");
}
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} removed directory $in{'dir'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Finish Editing a file
if ($in{'edit_file_finish'} && $in{'file'} && $in{'file_text'}) {
if ($in{'file'} =~ //|\/) { print &manager_error_html("Stop trying to hack WebHome"); exit; }
if ($in{'file'} =~ /.htm/ || $in{'file'} =~ /.shtm/) {
if ($group_config{'use_header'} eq "yes") { if ($in{'file_text'} =~ /<body([^>]*)>/i) { $in{'file_text'} =~ s/<body([^>]*)>/<body$1>$header/i; } else { $in{'file_text'} = $header.$in{'file_text'}; } }
if ($group_config{'use_footer'} eq "yes") { if ($in{'file_text'} =~ /</body>/i) { $in{'file_text'} =~ s/</body>/$footer</body>/i; } else { $in{'file_text'} .= $footer; } }
$in{'file_text'} =~ s/!!counter!!/<img src="$config{'script_url'}/counter.cgi?$current_dir/$in{'file'}">/ig;
$in{'file_text'} =~ s/!!forum!!/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/gi;
$in{'file_text'} =~ s/!!guestbook!!/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/gi;
$in{'file_text'} =~ s/!!links!!/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/gi;
$in{'file_text'} =~ s/<?textarea>/</textarea>/gi;
}
open (FILE,">$config{'root_dir'}/$actual_dir/$in{'file'}");
print FILE $in{'file_text'};
close (FILE);
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} edited file $in{'file'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Save and keep editing a file
if ($in{'edit_file_save'} && $in{'file'} && $in{'file_text'}) {
if ($in{'file'} =~ //|\/) { print &manager_error_html("Stop trying to hack WebHome"); exit; }
if ($in{'file'} =~ /.htm/ || $in{'file'} =~ /.shtm/) {
if ($group_config{'use_header'} eq "yes") { if ($in{'file_text'} =~ /<body([^>]*)>/i) { $in{'file_text'} =~ s/<body([^>]*)>/<body$1>$header/i; } else { $in{'file_text'} = $header.$in{'file_text'}; } }
if ($group_config{'use_footer'} eq "yes") { if ($in{'file_text'} =~ /</body>/i) { $in{'file_text'} =~ s/</body>/$footer</body>/i; } else { $in{'file_text'} .= $footer; } }
$in{'file_text'} =~ s/!!counter!!/<img src="$config{'script_url'}/counter.cgi?$current_dir/$in{'file'}">/ig;
$in{'file_text'} =~ s/!!forum!!/<a href="$config{'script_url'}/forum.cgi?u=$user_config{'name'}">Forum</a>/gi;
$in{'file_text'} =~ s/!!guestbook!!/<a href="$config{'script_url'}/guestbook.cgi?u=$user_config{'name'}">Guestbook</a>/gi;
$in{'file_text'} =~ s/!!links!!/<a href="$config{'script_url'}/links.cgi?u=$user_config{'name'}">Links</a>/gi;
$in{'file_text'} =~ s/<?textarea>/</textarea>/gi;
}
open (FILE,">$config{'root_dir'}/$actual_dir/$in{'file'}");
print FILE $in{'file_text'};
close (FILE);
$in{'edit_file'} = "Edit";
if ($config{'use_log'} eq "yes") {
open (LOG,">>$config{'data_dir'}/log.txt");
$time=localtime(time);
print LOG "[$time] $user_config{'name'} edited file $in{'file'} from $ENV{'REMOTE_ADDR'}
";
close (LOG);
}
}
# Change your password
if ($in{'change_password'} && $in{'password1'} && $in{'password2'} && $in{'password1'} eq $in{'password2'}) {
if (length($in{'password1'}) >= $config{'min_password'} && length($in{'password1'}) <= $config{'max_password'}) {
### $flags = O_CREAT | O_RDWR;
### $db = "$config{'data_dir'}/users";
### tie(%users, 'AnyDBM_File', $db , $flags
peacockcoins
0
Comments
Lincoln set Colorless Set