#!/usr/bin/perl unless ($noheader eq "on") { print "Content-type: text/html\n\n"; } $os = $^O; if ($os eq "MSWin32") { $os = "nt"; } else { $os = "unix"; } ####################################################################### # Path Variable # ####################################################################### unless ($path) { $path = $0; $path =~ s/\\\\/\\/g; $path =~ s/\\/\//g; $path =~ s/(\/)(\w*)(\.*)(\w+)$//g; unless ($path =~ /\//) { $path = $ENV{'SCRIPT_FILENAME'}; $path =~ s/\\\\/\\/g; $path =~ s/\\/\//g; $path =~ s/(\/)(\w*)(\.*)(\w+)$//g; } unless ($path =~ /\//) { if ($os eq "unix") { $path = `pwd`; } } $path = "/home/baywid/public_html/cgi/classifieds"; unless ($path =~ /\//) { &path_error; } } # $path = "../home/baywid/public_html/cgi/classifieds"; ####################################################################### # Read and Parse Form Data # ####################################################################### &require_supporting_libraries (__FILE__, __LINE__, "$path/user.cfg", "$path/classifieds.cfg", "$path/library/cgi-lib.pl", "$path/library/main-html.pl", "$path/library/date.pl"); sub require_supporting_libraries { local ($file, $line, @require_files) = @_; local ($require_file); foreach $require_file (@require_files) { if (-e "$require_file" && -r "$require_file") { require "$require_file"; } else { $required_file_error_message = "We're sorry, but the script was unable to require $require_file at line $line in $file. Please make sure that these files exist, that you have the path set correctly, and that the permissions are set properly. This message could also indicate that a syntax error has been introduced into $require_file."; print "$required_file_error_message"; exit; } } } sub send_mail { if ($disable_email) { return 1; } $mail_lib = "$mail_program.pl"; &require_supporting_libraries (__FILE__, __LINE__, "$path/library/$mail_lib"); &send_message; } &ReadParse(*form_data); &get_os; sub check_ip_kill { $kill=off; foreach $blocked_ip_address (@blocked_ip_addresses) { if ($ENV{'REMOTE_ADDR'} =~ /$blocked_ip_address/gi) { $kill="on"; last; } } if ($kill eq "on") { &kill_error; } } sub check_badwords { $badwords=off; @check_fields = ("name", "street", "city", "state", "zip", "country", "phone", "email", "url", "caption", "text", "caption_header"); foreach $badword (@badwords) { foreach $check_field (@check_fields) { if ($form_data{$check_field} =~ /$badword/gi) { $badwords="on"; $form_data{$check_field} =~ s/($badword)/$1<\/B>/gi; } } } if ($badwords eq "on") { &badwords_error; } } ##################################### # First, we need to account for possible situations where the # search_and_display_for_modification_button or # search_and_display_for_deletion_button fields have come in with the # display_modification_form_button or submit_deletion_button fields. In # these cases, we strip out the "search_and_display..." values. if (($form_data{'search_and_display_for_deletion_button'} ne "") && ($form_data{'submit_deletion_button'} ne "")) { $form_data{'search_and_display_for_deletion_button'} = ""; } if ($form_data{'admin'} ne "") { if ($form_data{'action'} eq "modify") { $form_data{'modify_item_button'} = "on"; } if ($form_data{'action'} eq "delete") { $form_data{'delete_item_button'} = "on"; } if ($form_data{'action'} eq "photo") { $form_data{'upload_form'} = "on"; } if ($form_data{'action'} eq "autonotify") { $form_data{'autonotify_form'} = "on"; } if ($form_data{'action'} eq "warn") { $form_data{'warn_form'} = "on"; } if ($form_data{'action'} eq "purge") { $form_data{'purge_form'} = "on"; } if ($form_data{'action'} eq "delete_all") { $form_data{'delete_all_form'} = "on"; } if ($form_data{'action'} eq "autonotify_purge") { $form_data{'autonotify_purge_form'} = "on"; } if ($form_data{'action'} eq "preview") { $form_data{'preview_ads'} = "on"; } if ($form_data{'action'} eq "view") { $form_data{'view_maillist_form'} = "on"; } if ($form_data{'action'} eq "clear") { $form_data{'clear_maillist_form'} = "on"; } if ($form_data{'action'} eq "send") { $form_data{'send_maillist_form'} = "on"; } } # Now we go through the main logic of the program. if ($form_data{'add_item_button'} ne "") { $helptopic = "post_ad_form"; &pagesetup("Post Classified Ad Form"); &generic_form_header; &add_form_header; &add_modify_data_entry_form; &add_form_footer; &pageclose; exit; } elsif ($form_data{'preview_ad_button'} ne "") { $helptopic = "post_ad_form"; &display_preview_ad; exit; } elsif ($form_data{'submit_addition'} ne "") { &check_ip_kill; &check_badwords; &submit_addition; exit; } elsif ($form_data{'modify_item_button'} ne "") { $helptopic = "modify_form"; &modify_search_form; exit; } elsif ($form_data{'display_modification_form_button'} ne "") { $helptopic = "modify_form"; &display_modification_form; exit; } elsif ($form_data{'submit_modification_button'} ne "") { &check_badwords; &submit_modification; exit; } elsif ($form_data{'delete_item_button'} ne "") { $helptopic = "delete_form"; &delete_search_form; exit; } elsif ($form_data{'search_and_display_for_deletion_button'} ne "") { $helptopic = "delete_form"; &search_and_display_for_deletion; exit; } elsif ($form_data{'submit_deletion_button'} ne "") { &submit_deletion; exit; } elsif ($form_data{'view_database_button'} ne "") { $helptopic = "advanced_search"; &view_database_form; exit; } elsif ($form_data{'search_and_display_db_button'} ne "") { &search_and_display_db_for_view; exit; } elsif ($form_data{'display_reply_form_button'} ne "") { &display_reply_form; exit; } elsif ($form_data{'send_reply_button'} ne "") { &send_reply; exit; } elsif ($form_data{'print_autonotify_options_button'} ne "") { $helptopic = "autonotify_options"; &print_autonotify_options_page; exit; } elsif ($form_data{'autonotify_add_form_button'} ne "") { &pagesetup("Keyword Notify Setup Form"); &autonotify_add_form; &pageclose; exit; } elsif ($form_data{'autonotify_submit_addition'} ne "") { &autonotify_submit_addition; exit; } elsif ($form_data{'autonotify_modify_search_button'} ne "") { &autonotify_search_form; exit; } elsif ($form_data{'autonotify_modify_form_button'} ne "") { &autonotify_get_info; &pagesetup("Keyword Notify Modify Form"); &autonotify_add_form; &pageclose; exit; } elsif ($form_data{'autonotify_submit_modification'} ne "") { &autonotify_submit_modification; exit; } elsif ($form_data{'autonotify_delete_search_button'} ne "") { &autonotify_search_form; exit; } elsif ($form_data{'autonotify_delete_form_button'} ne "") { &autonotify_get_info; &pagesetup("Keyword Notify Delete Form"); &autonotify_delete_form; &pageclose; exit; } elsif ($form_data{'autonotify_submit_deletion'} ne "") { &autonotify_submit_deletion; exit; } elsif ($form_data{'preview_ads'} ne "") { &preview_ads_form; exit; } elsif ($form_data{'display_new_ads_button'} ne "") { &preview_ads; exit; } elsif ($form_data{'approve_button'} ne "") { &approve_ads; exit; } elsif ($form_data{'print_help_page_button'} ne "") { $helptopic = "faq"; &print_help_page; exit; } elsif ($form_data{'print_guidelines_page_button'} ne "") { &print_guidelines_page; exit; } elsif ($form_data{'print_tips_page_button'} ne "") { &print_tips_page; exit; } elsif ($form_data{'warn_button'} ne "") { &warn; exit; } elsif ($form_data{'purge_button'} ne "") { &purge; exit; } elsif ($form_data{'delete_all_button'} ne "") { &delete_all; exit; } elsif ($form_data{'autonotify_button'} ne "") { &autonotify; exit; } elsif ($form_data{'autonotify_purge_button'} ne "") { &autonotify_purge; exit; } elsif ($form_data{'upload_form'} ne "") { $helptopic = "upload_form"; &upload_form; exit; } elsif ($form_data{'upload'} ne "") { &upload; exit; } elsif ($form_data{'admin_button'} ne "") { $helptopic = "admin"; &admin_form; exit; } elsif ($form_data{'view_maillist_form'} ne "") { &view_maillist_form; exit; } elsif ($form_data{'view_maillist'} ne "") { &view_maillist; exit; } elsif ($form_data{'clear_maillist_form'} ne "") { &pagesetup; &clear_maillist_form; &pageclose; exit; } elsif ($form_data{'clear_maillist'} ne "") { &clear_maillist; exit; } elsif ($form_data{'send_maillist_form'} ne "") { &pagesetup; &send_maillist_form; &pageclose; exit; } elsif ($form_data{'send_maillist'} ne "") { &send_maillist; exit; } elsif ($form_data{'warn_form'} ne "") { &warn_form; exit; } elsif ($form_data{'purge_form'} ne "") { &purge_form; exit; } elsif ($form_data{'delete_all_form'} ne "") { &delete_all_form; exit; } elsif ($form_data{'autonotify_form'} ne "") { &autonotify_form; exit; } elsif ($form_data{'autonotify_purge_form'} ne "") { &autonotify_purge_form; exit; } elsif ($form_data{'print_control_panel_help'} ne "") { &print_control_panel_help; exit; } elsif ($form_data{'print_popup_help'} ne "") { &print_popup_help; exit; } else { &pagesetup("$classifieds_name"); &display_frontpage; &pageclose; &maintenance_routines; exit; } ####################################################################### # Display Preview Ad # ####################################################################### sub display_preview_ad { # Check for valid e-mail address if ($form_data{'email'} ne "") { unless ($form_data{'email'} =~ /.*\@.*\..*/) { &email_error; } } # Check for valid URL if ($form_data{'url'} ne "") { unless ($form_data{'url'} =~ /http:\/\/.*\..*/) { &url_error; } } if (($form_data{'name'} eq "") || ($form_data{'city'} eq "") || ($form_data{'state'} eq "") || ($form_data{'email'} eq "") || ($form_data{'category'} eq "") || ($form_data{'caption'} eq "") || ($form_data{'text'} eq "") || ($form_data{'password'} eq "") || ($form_data{'ad_duration'} eq "")) { &required_error; } $usertext = $form_data{'text'}; $usertext =~ s/~nl~/\n/g; $usertext =~ s/(\W+)/\|/g; @ad_words = split (/\|/, $usertext); $number_of_words = @ad_words; if ($number_of_words > $maxwords) { &word_limit_error; } @ad_categories = &SplitParam($form_data{'category'}); foreach $item (@ad_categories) { # chop ($item) if ($item =~ /\W$/); $ad_categories .= "$item&&"; } $ad_categories =~ s/\&\&$//g; $number_of_ads = @ad_categories; if ($number_of_ads > $max_ads) { &ad_limit_error; } # unless ($verified eq "on") { # exit; # } if ($fee eq "on") { $unformatted_total_cost = $first_ad_cost + (($number_of_ads - 1) * $multiple_ad_cost); $total_cost = sprintf ("%.2f", $unformatted_total_cost); } &preview_ad_form; exit; } ####################################################################### # Submit an Addition # ####################################################################### sub submit_addition { # Check for valid e-mail address if ($form_data{'email'} ne "") { unless ($form_data{'email'} =~ /.*\@.*\..*/) { &email_error; } } # Check for valid URL if ($form_data{'url'} ne "") { unless ($form_data{'url'} =~ /http:\/\/.*\..*/) { &url_error; } } if (($form_data{'name'} eq "") || ($form_data{'city'} eq "") || ($form_data{'state'} eq "") || ($form_data{'email'} eq "") || ($form_data{'category'} eq "") || ($form_data{'caption'} eq "") || ($form_data{'text'} eq "") || ($form_data{'password'} eq "") || ($form_data{'ad_duration'} eq "")) { &required_error; } $usertext = $form_data{'text'}; $usertext =~ s/~nl~/\n/g; $usertext =~ s/(\W+)/\|/g; @ad_words = split (/\|/, $usertext); $number_of_words = @ad_words; if ($number_of_words > $maxwords) { &word_limit_error; } @ad_categories = &SplitParam($form_data{'category'}); foreach $item (@ad_categories) { # chop ($item) if ($item =~ /\W$/); $ad_categories .= "$item&&"; } $ad_categories =~ s/\&\&$//g; $number_of_ads = @ad_categories; if ($number_of_ads > $max_ads) { &ad_limit_error; } unless ($verified eq "on") { exit; } $duration_match = "off"; foreach $duration (@ad_duration) { if ($form_data{'ad_duration'} eq "$duration") { $duration_match = "on"; last; } } if ($duration_match ne "on") { $form_data{'ad_duration'} = $ad_duration[0]; } if ($fee eq "on") { $unformatted_total_cost = $first_ad_cost + (($number_of_ads - 1) * $multiple_ad_cost); $total_cost = sprintf ("%.2f", $unformatted_total_cost); } if ($check_duplicates eq "on") { &check_duplicates; } sub check_duplicates { $form_data{'results_format'} = "off"; $form_data{'as_a_phrase'} = "off"; $form_data{'exact_match'} = "off"; $form_data{'case_sensitive'} = "off"; $display_results_html = "off"; $searchall = "on"; $form_data{'category'} = "@ad_categories"; &search_and_display_db; if ($total_row_count > 0) { &duplicate_error; } } &get_file_lock("$location_of_lock_file"); open (COUNTER_FILE, "$location_of_counter_file") || die "can't open counter file\n"; while () { $current_counter = $_; } close (COUNTER_FILE); $current_counter++; $new_counter = $current_counter; open (COUNTER_FILE, ">$location_of_counter_file") || die "can't open counter file\n"; print COUNTER_FILE "$new_counter"; close (COUNTER_FILE); open (DATABASE, ">>$data_file_path") || die "can't open data file\n"; if ($require_admin_approval eq "on") { $new_status = "temp"; } else { $new_status = "ok"; } $new_row .= "$form_data{'name'}|$form_data{'street'}|$form_data{'city'}|$form_data{'state'}|$form_data{'zip'}|$form_data{'country'}|$form_data{'phone'}|$form_data{'email'}|$form_data{'url'}|$ad_categories|$form_data{'caption'}|$form_data{'text'}|$current_date|0|$new_status|$form_data{'password'}|$form_data{'ad_duration'}|$form_data{'caption_header'}|$form_data{'display_address'}||$new_counter\n"; print DATABASE $new_row; close (DATABASE); if ($uselogs) { open (LOG_FILE, ">>$location_of_log_file") || die "can't open log file\n"; print LOG_FILE "ADD\|$ENV{'REMOTE_ADDR'}\|$new_row"; close (LOG_FILE); } &release_file_lock("$location_of_lock_file"); # The following code allows you to harvest e-mail addresses from the ads by # adding the name and e-mail address of the poster to a text file. This should # be done only with the user's permission, through the usage of a checkbox # on the ad submission form. Otherwise, it's SPAM! if (($form_data{'add_to_mailing_list'} eq "on") && ($collect_email_addresses eq "on")) { &get_file_lock("$location_of_mailinglist_lock_file"); open (MAILINGLIST_FILE, "$location_of_email_list") ; @maillines = ; foreach $mailline (@maillines) { chop ($mailline) if ($mailline =~ /\n$/); @fields = split (/\|/, $mailline); if ($form_data{'email'} eq $fields[0]) { $mailmatch = "yes"; } } close (MAILINGLIST_FILE); if ($mailmatch ne "yes") { open(MAILINGLIST_FILE,"$location_of_email_list") ; @oldlines = ; close(MAILINGLIST_FILE); open(MAILINGLIST_FILE,">$location_of_email_list"); foreach $oldline (@oldlines) {print MAILINGLIST_FILE "$oldline"; } print MAILINGLIST_FILE "$form_data{'email'}\|$form_data{'name'}\n"; close (MAILINGLIST_FILE); } &release_file_lock("$location_of_mailinglist_lock_file"); } # The following code causes the script to notify the admin anytime someone # adds an entry. $user_email = $form_data{'email'}; if ($notify_add eq "on") { &add_email_message; if ($require_admin_from_address) { $from = $master_admin_email_address; } else { $from = $user_email; } &send_mail($from, $master_admin_email_address, $subject, $message); } # The following code causes the script to send an e-mail message to the person # who just posted a classified ad. # First, it checks to see whether they entered an e-mail address on the form. If not, # it skips this section and doesn't send them the e-mail message. if (($form_data{'email'} ne "") && ($reply_user eq "on")) { &user_response_email_message; &send_mail($master_admin_email_address, $user_email, $subject, $message); } &successful_addition_message; if ($use_instant_autonotify eq "on") { &instant_autonotify; } } ####################################################################### # Submit a Modification # ####################################################################### # The user might also be submitting a modification to the # database. sub submit_modification { # The first thing we must do is make sure that they # actually chose a database item to modify. If they did # not, we better warn them and stop processing. if ($form_data{'item_to_modify'} eq "") { &no_item_submitted_for_modification; exit; } # Check for valid e-mail address if ($form_data{'email'} ne "") { unless ($form_data{'email'} =~ /.*\@.*\..*/) { &email_error; } } # Check for valid URL if ($form_data{'url'} ne "") { unless ($form_data{'url'} =~ /http:\/\/.*\..*/) { &url_error; } } if (($form_data{'name'} eq "") || ($form_data{'city'} eq "") || ($form_data{'state'} eq "") || ($form_data{'email'} eq "") || ($form_data{'caption'} eq "") || ($form_data{'text'} eq "") || ($form_data{'password'} eq "")) { &required_error; } $usertext = $form_data{'text'}; $usertext =~ s/~nl~/\n/g; $usertext =~ s/(\W+)/\|/g; @ad_words = split (/\|/, $usertext); $number_of_words = @ad_words; if ($number_of_words > $maxwords) { &word_limit_error; } &get_file_lock("$location_of_lock_file"); open (DATABASE, "$data_file_path") || die "can't open data file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); if ($fields[20] ne $form_data{'item_to_modify'}) { $new_data .= "$line\n"; } else { $old_row = "$line"; if (($require_admin_approval eq "on") && ($form_data{'admin_password'} eq "$admin_password")) { $new_status = "ok"; } else { $new_status = "$fields[14]"; } if ($form_data{'renew_ad'} eq "on") { if ((($limit_renewals eq "on") && ($fields[13] < $max_renewals)) || ($limit_renewals ne "on")) { $ad_renewed = "on"; $new_renewals = $fields[13] + 1; $new_ad_duration = $fields[16] + $fields[16]; } else { $new_renewals = $fields[13]; $new_ad_duration = $fields[16]; } } else { $new_renewals = $fields[13]; $new_ad_duration = $fields[16]; } $new_row .= "$form_data{'name'}|$form_data{'street'}|$form_data{'city'}|$form_data{'state'}|$form_data{'zip'}|$form_data{'country'}|$form_data{'phone'}|$form_data{'email'}|$form_data{'url'}|$fields[9]|$form_data{'caption'}|$form_data{'text'}|$fields[12]|$new_renewals|$new_status|$form_data{'password'}|$new_ad_duration|$form_data{'caption_header'}|$form_data{'display_address'}|$fields[19]|$fields[20]"; $new_row =~ s/([\0-\37\177])/ /g; $new_row =~ s/\r\n/ /g; $new_data .= "$new_row\n"; # Define new variables here $user_modify = $fields[0]; $email_modify = $fields[7]; $url_modify = $fields[8]; $status = $fields[14]; $db_id_modify = $fields[20]; } # End of else } # End of while () close (DATABASE); open (DATABASE, ">$data_file_path") || die "can't open data file\n"; print DATABASE "$new_data"; close (DATABASE); if ($uselogs) { open (LOG_FILE, ">>$location_of_log_file") || die "can't open log file\n"; print LOG_FILE "MODIFY\|$ENV{'REMOTE_ADDR'}\|$new_row"; print LOG_FILE "MODIFY_OLD\|$old_row\n"; close (LOG_FILE); } &release_file_lock("$location_of_lock_file"); # The following code causes the script to notify the admin anytime # someone modifies an entry. # Again, make sure that you have properly defined the variables in the setup file. if ($notify_modify eq "on") { &modify_email_message; if ($require_admin_from_address) { $from = $master_admin_email_address; } else { $from = $email_modify; } &send_mail($from, $master_admin_email_address, $subject, $message); } if (($charge_for_renewals eq "on") && ($ad_renewed eq "on")) { &renew_response_email_message; &send_mail($master_admin_email_address, $email_modify, $subject, $message); } &successful_modification_message; } ####################################################################### # Submit a Deletion # ####################################################################### # Finally, the user might be asking to make an actual # deletion. sub submit_deletion { # As in the case of modification, we must make sure the # user actually chose an item to delete from the list. if ($form_data{'item_to_delete'} eq "") { &no_item_submitted_for_modification; exit; } &get_file_lock("$location_of_lock_file"); open (DATABASE, "$data_file_path") || die "can't open data file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); # Then, for each item in the delete list, we will delete it # if the current line's item id is equal to the id submitted. if ($fields[20] ne $form_data{'item_to_delete'}) { $new_data .= "$line\n"; } else { $deleted_row = "$line"; $user_delete = $fields[0]; $email_delete = $fields[7]; $url_delete = $fields[8]; $status = $fields[14]; $db_id_delete = $fields[20]; } } close (DATABASE); open (DATABASE, ">$data_file_path") || die "can't open data file\n"; print DATABASE "$new_data"; close (DATABASE); if ($uselogs) { open (LOG_FILE, ">>$location_of_log_file") || die "can't open log file\n"; print LOG_FILE "$deleted_row"; close (LOG_FILE); } &release_file_lock("$location_of_lock_file"); unlink("$upload_path/$db_id_delete.gif"); unlink("$upload_path/$db_id_delete.jpg"); # The following code causes the script to notify the admin anytime someone deletes an entry. # Again, make sure that you have properly defined the variables in the setup file. if ($notify_delete eq "on") { &delete_email_message; if ($require_admin_from_address) { $from = $master_admin_email_address; } else { $from = $email_delete; } &send_mail($from, $master_admin_email_address, $subject, $message); } &successful_deletion_message; $successful_deletion = "on"; } ####################################################################### # Approve Ads # ####################################################################### # The following routine updates the database for items that have been # approved by the administrator. sub approve_ads { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } if ($form_data{'db_id'} eq "") { &no_item_submitted_for_modification; exit; } &get_file_lock("$location_of_lock_file"); open (DATABASE, "$data_file_path") || die "can't open data file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); if ($fields[20] ne $form_data{'db_id'}) { $new_data .= "$line\n"; } else { $old_row = "$line"; $new_row .= "$fields[0]|$fields[1]|$fields[2]|$fields[3]|$fields[99]|$fields[4]|$fields[5]|$fields[6]|$fields[7]|$fields[8]|$fields[9]|$fields[10]|$fields[11]|$fields[12]|$fields[13]|ok|$fields[15]|$fields[16]|$fields[17]|$fields[18]|$fields[19]|$fields[20]"; $new_row =~ s/([\0-\37\177])/ /g; $new_row =~ s/\r\n/ /g; $new_data .= "$new_row\n"; } # End of else } # End of while () close (DATABASE); open (DATABASE, ">$data_file_path") || die "can't open data file\n"; print DATABASE "$new_data"; close (DATABASE); &release_file_lock("$location_of_lock_file"); &successful_approval_message; } ####################################################################### # Search and Display the Database # ####################################################################### sub search_and_display_db { $form_data{'keywords'} =~ s/~p~/\|/g; $form_data{'category'} =~ s/~p~/\|/g; $form_data{'text'} =~ s/~p~/\|/g; $form_data{'status'} =~ s/~p~/\|/g; $form_data{'password'} =~ s/~p~/\|/g; $form_data{'db_id'} =~ s/~p~/\|/g; if (($form_data{'display_new_ads_button'} ne "") || ($form_data{'show_temp_ads'} ne "")){ $form_data{'status'} = "temp"; } elsif (($form_data{'display_modification_form_button'} ne "") || ($form_data{'search_and_display_for_deletion_button'} ne "") || ($searchall eq "on")) { $form_data{'status'} = "temp|ok"; } else { $form_data{'status'} = "ok"; } # if (($form_data{'display_modification_form_button'} ne "") || # ($form_data{'search_and_display_for_deletion_button'} ne "")) { # if ($form_data{'password'} eq $admin_password) { $form_data{'password'} = ""; } # $form_data{'exact_match'} = "on"; } if ($form_data{'boolean'} eq "any terms") { $form_data{'keywords'} =~ s/\s+/\|/g; } if ($form_data{'boolean'} eq "as a phrase") { $form_data{'as_a_phrase'} = "on"; } if ($form_data{'days_ago'} ne "") { ($today_month,$today_day,$today_year) = split (/\//, &get_date); $today = &jday($today_month,$today_day,$today_year); $oldest_day = ($today - $form_data{'days_ago'}); ($beginmonth, $beginday, $beginyear, $beginweekday) = &jdate($oldest_day); $form_data{'date_begin'} = "$beginmonth/$beginday/$beginyear"; } # okay, now display the header and grab our lisdt of # database rows using &submit_query in db-lib.pl. Notice # that you need to redefine # $index_of_field_to_be_sorted_by "before" you display the # header because the header displays the hidden form field # which will carry that data throughout further # self-referencing screens. ($total_row_count) = &submit_query(*database_rows); unless ($display_results_html eq "off") { if ($total_row_count < 1) { &no_hits_message; exit; } } if ($form_data{'display_modification_form_button'} ne "") { $hits_seen = 0; } else { $hits_seen = $form_data{'new_hits_seen'}; } for ($i = 1;$i <= $hits_seen;$i++) { $seen_row = shift (@database_rows); } $length_of_database_rows = @database_rows; for ($i = $length_of_database_rows-1;$i >= $max_rows_returned;$i--) { $extra_row = pop (@database_rows); } $new_hits_seen = $hits_seen + $max_rows_returned; $old_hits_seen = $hits_seen - $max_rows_returned; unless ($display_results_html eq "off") { &search_results_body; &search_results_footer; } } ################### sub submit_query { local($row_count); $row_count = 0; if ($form_data{'query'} eq "browse") { &browse; } elsif ($form_data{'query'} eq "keyword") { &keyword_search; } elsif ($form_data{'query'} eq "category") { &category_search; } elsif ($form_data{'query'} eq "retrieval") { &retrieval; } elsif ($form_data{'query'} eq "edit") { &edit; } elsif ((!$form_data{'query'}) && ($disable_advanced_searching)) { &keyword_search; } else { &power_search; } sub browse { open(DATAFILE, "$data_file_path") || &file_open_error("$data_file_path", "Read Database",__FILE__,__LINE__); while(($line = )) { chop($line); @fields = split(/\|/, $line); unless ($fields[14] ne "ok") { &presort; $row_count++; } } # End of while datafile has data close(DATAFILE); &sort; return($row_count); } sub keyword_search { @word_list = split(/\s+/,$form_data{'keywords'}); open(DATAFILE, "$data_file_path") || &file_open_error("$data_file_path", "Read Database",__FILE__,__LINE__); while(($line = )) { chop($line); $line =~ s/\+/plussign/g; $line =~ s/[\+]+/\\\+/; $line =~ s/\*/starsymbol/g; $line =~ s/\?/questionmark/g; $line =~ s/\[/leftbracket/g; $line =~ s/\(/leftparen/g; $line =~ s/\)/rightparen/g; $line =~ s/\$/dollarsign/g; @fields = split(/\|/, $line); if ($fields[14] ne "ok") { next; } if (($form_data{'keywords'} eq "") && ($fields[14] eq "ok")) { foreach $field (@fields) { $field =~ s/plussign/\+/g; $field =~ s/\\\+/[\+]+/; $field =~ s/starsymbol/\*/g; $field =~ s/questionmark/\?/g; $field =~ s/leftbracket/\[/g; $field =~ s/leftparen/\(/g; $field =~ s/rightparen/\)/g; $field =~ s/dollarsign/\$/g; } &presort; $row_count++; next; } foreach $word (@word_list) { $word =~ s/ampersand/&/g; $word =~ s/equalsign/=/; $word =~ s/\+/plussign/g; $word =~ s/[\+]+/\\\+/; $word =~ s/\*/starsymbol/g; $word =~ s/\?/questionmark/g; $word =~ s/\[/leftbracket/g; $word =~ s/\(/leftparen/g; $word =~ s/\)/rightparen/g; $word =~ s/\$/dollarsign/g; if ($line =~ /$word/i) { foreach $field (@fields) { $field =~ s/plussign/\+/g; $field =~ s/\\\+/[\+]+/; $field =~ s/starsymbol/\*/g; $field =~ s/questionmark/\?/g; $field =~ s/leftbracket/\[/g; $field =~ s/leftparen/\(/g; $field =~ s/rightparen/\)/g; $field =~ s/dollarsign/\$/g; } &presort; $row_count++; last; } } } # End of while datafile has data close(DATAFILE); &sort; return($row_count); } sub category_search { open(DATAFILE, "$data_file_path") || &file_open_error("$data_file_path", "Read Database",__FILE__,__LINE__); while(($line = )) { chop($line); @fields = split(/\|/, $line); $form_data{'category'} =~ s/ampersand/&/g; $form_data{'category'} =~ s/equalsign/=/; $form_data{'category'} =~ s/\+/plussign/g; $form_data{'category'} =~ s/[\+]+/\\\+/; $form_data{'category'} =~ s/\*/starsymbol/g; $form_data{'category'} =~ s/\?/questionmark/g; $form_data{'category'} =~ s/\[/leftbracket/g; $form_data{'category'} =~ s/\(/leftparen/g; $form_data{'category'} =~ s/\)/rightparen/g; $form_data{'category'} =~ s/\$/dollarsign/g; $fields[9] =~ s/\+/plussign/g; $fields[9] =~ s/[\+]+/\\\+/; $fields[9] =~ s/\*/starsymbol/g; $fields[9] =~ s/\?/questionmark/g; $fields[9] =~ s/\[/leftbracket/g; $fields[9] =~ s/\(/leftparen/g; $fields[9] =~ s/\)/rightparen/g; $fields[9] =~ s/\$/dollarsign/g; if ((($fields[9] =~ /$form_data{'category'}/i) && ($fields[14] eq "ok")) || (($form_data{'category'} eq "") && ($fields[14] eq "ok"))) { $fields[9] =~ s/plussign/\+/g; $fields[9] =~ s/\\\+/[\+]+/; $fields[9] =~ s/starsymbol/\*/g; $fields[9] =~ s/questionmark/\?/g; $fields[9] =~ s/leftbracket/\[/g; $fields[9] =~ s/leftparen/\(/g; $fields[9] =~ s/rightparen/\)/g; $fields[9] =~ s/dollarsign/\$/g; &presort; $row_count++; } } # End of while datafile has data close(DATAFILE); &sort; return($row_count); } sub retrieval { open(DATAFILE, "$data_file_path") || &file_open_error("$data_file_path", "Read Database",__FILE__,__LINE__); while(($line = )) { chop($line); @fields = split(/\|/, $line); if ($fields[20] == $form_data{'db_id'}) { &presort; $row_count++; last; } } # End of while datafile has data close(DATAFILE); &sort; return($row_count); } sub edit { open(DATAFILE, "$data_file_path") || &file_open_error("$data_file_path", "Read Database",__FILE__,__LINE__); while(($line = )) { chop($line); @fields = split(/\|/, $line); if (($form_data{'db_id'} == $fields[20]) && (($form_data{'password'} eq $fields[15]) || ($form_data{'password'} eq $admin_password))) { &presort; $row_count++; last; } } # End of while datafile has data close(DATAFILE); &sort; return($row_count); } sub power_search { local(*database_rows) = @_; local(@fields); # local(@not_found_criteria); local($line); local($exact_match) = $form_data{'exact_match'}; local($as_a_phrase) = $form_data{'as_a_phrase'}; local($case_sensitive) = $form_data{'case_sensitive'}; local($c_name, $c_fields); local(@criteria_fields); local($form_value); open(DATAFILE, "$data_file_path") || &file_open_error("$data_file_path", "Read Database",__FILE__,__LINE__); while(($line = )) { chop($line); # Chop off extraneous newline @fields = split(/\|/, $line); $number = $fields[20]; if ($form_data{'photo'} ne "") { unless ((-e "$upload_path/$number.gif") || (-e "$upload_path/$number.jpg")) { next; } } $date_field = $fields[12]; ($mo, $da, $yr) = split(/\//, $date_field); $ad_day = &jday($mo,$da,$yr); if ($ad_day < $oldest_day) { next; } $not_found = 0; foreach $criteria (@search_criteria) { ($c_name, $c_fields) = split(/\|/, $criteria); @criteria_fields = split(/,/,$c_fields); $form_value = $form_data{$c_name}; if ($form_value ne "") { $not_found += &db_criteria_search( $exact_match, $as_a_phrase, $case_sensitive, *fields, $criteria, $c_name, $c_fields, @criteria_fields, $form_value); if ($not_found != 0) { last; } } } if ($not_found == 0) { &presort; $row_count++; } } # End of while datafile has data close (DATAFILE); &sort; return($row_count); } # End of submit query } # end of sub power_search ################################################################# # db_criteria_search Subroutine # ################################################################# sub db_criteria_search { # local($exact_match, $as_a_phrase, $case_sensitive, # *fields, $criteria) = @_; # local($c_name, $c_fields); # local(@criteria_fields); local($not_found); # local($form_value); my($db_value); my($db_index); my(@word_list); if ($as_a_phrase eq "on") { @word_list = $form_value; } else { @word_list = split(/\s+/,$form_value); } for ($x = @word_list; $x > 0; $x--) { $word_list[$x - 1] =~ s/\+/\plus/g; $word_list[$x - 1] =~ s/[\+]+/\\\+/; $word_list[$x - 1] =~ s/\*/\star/g; $word_list[$x - 1] =~ s/\?/\question/g; $word_list[$x - 1] =~ s/\[/\lb/g; $word_list[$x - 1] =~ s/\(/parenthesis/g; $word_list[$x - 1] =~ s/\)/parenthesis/g; $word_list[$x - 1] =~ s/\$/dollarsign/g; } foreach $db_index (@criteria_fields) { $db_value = $fields[$db_index]; $db_value =~ s/\+/\plus/g; $db_value =~ s/\*/\star/g; $db_value =~ s/\?/\question/g; $db_value =~ s/\[/\lb/g; $db_value =~ s/\(/parenthesis/g; $db_value =~ s/\)/parenthesis/g; $db_value =~ s/\$/dollarsign/g; $not_found = "yes"; my($match_word) = ""; my($x) = ""; if ($case_sensitive eq "on") { if ($exact_match eq "on") { for ($x = @word_list; $x > 0; $x--) { $match_word = $word_list[$x - 1]; # \b matches on word boundary if ($db_value =~ /\b$match_word\b/) { splice(@word_list,$x - 1, 1); } # End of If } # End of For Loop } else { for ($x = @word_list; $x > 0; $x--) { $match_word = $word_list[$x - 1]; if ($db_value =~ /$match_word/) { splice(@word_list,$x - 1, 1); } # End of If } # End of For Loop } # End of ELSE } else { if ($exact_match eq "on") { for ($x = @word_list; $x > 0; $x--) { $match_word = $word_list[$x - 1]; if ($db_value =~ /\b$match_word\b/i) { splice(@word_list,$x - 1, 1); } } # End of for ($x = @word_list; $x > 0; $x--) } # End of if ($exact_match eq "on") else { for ($x = @word_list; $x > 0; $x--) { $match_word = $word_list[$x - 1]; if ($db_value =~ /$match_word/i) { splice(@word_list,$x - 1, 1); } } # End of for ($x = @word_list; $x > 0; $x--) } # End of else } # End of else } # End of foreach $db_index if (@word_list < 1) { $not_found = "no"; } if ($not_found eq "yes") { return 1; } else { return 0; } } sub presort { if ($use_default_sorting) { $new_row = join ("\|", @fields); unshift (@new_rows, $new_row); } else { $sortable_field = $fields[$index_of_field_to_be_sorted_by]; if ($numeric_sort) { $sortable_field =~ s/\$//g; $sortable_field =~ s/,//g; $sortable_field =~ s/(\d+)([kK])/${1}000/gi; $sortable_field =~ s/([^0-9\.]+)/ /g; $sortable_field =~ s/^([^0-9\.]*)(\d+\.?\d*|\.\d+)(.*)$/$2/g; unless ( $sortable_field =~ /^(\d+\.?\d*|\.\d+)$/ ) { $sortable_field = 0; } } if ($date_sort) { ($mo, $da, $yr) = split(/\//, $sortable_field); $mo = "0" . $mo if (length($mo) < 2); $da = "0" . $da if (length($da) < 2); $yr = (1900 + $yr) if (length($yr) < 3); # Then we will assign the new formatted date to $db_date. $sortable_field = $yr . $mo . $da; } unshift (@fields, $sortable_field); $new_row = join ("\|", @fields); push (@new_rows, $new_row); } #end of else } # end of sub presort sub sort { @database_rows = (); if ($use_default_sorting) { @sorted_rows = @new_rows; $i = 1; foreach $sorted_row (@sorted_rows) { @row = split (/\|/, $sorted_row); push (@row, $i); $old_but_sorted_row = join ("\|", @row); push (@database_rows, $old_but_sorted_row); $i++; } } else { if ($numeric_sort) { if ($use_reverse_sorting) { @sorted_rows = sort {$b <=> $a} @new_rows; } else { @sorted_rows = sort {$a <=> $b} @new_rows; } } else { if ($use_reverse_sorting) { @sorted_rows = sort { lc($b) cmp lc($a) } @new_rows; } else { @sorted_rows = sort { lc($a) cmp lc($b) } @new_rows; } } $i = 1; foreach $sorted_row (@sorted_rows) { @row = split (/\|/, $sorted_row); $sorted_field = shift (@row); push (@row, $i); $old_but_sorted_row = join ("\|", @row); push (@database_rows, $old_but_sorted_row); $i++; } } # end of else } # end of sub sort sub imagesize { local($image_file) = @_; my(@options)= ( 'UseNewGifsize', 'bool', 'No', 'UseHash', 'bool', 'No', ); ($image_width,$image_height) = &imgsize("$image_file"); return ($image_width,$image_height); # Looking at the filename is somewhat crude. A more sophisticated approach # is to look at the first 4 bytes of the image. The following are the numbers # for some of the more common image formats. # PNG 89 50 4e 47 # GIF 47 49 46 38 # JPG ff d8 ff e0 # XBM 23 64 65 66 sub imgsize { my($file)= @_; # my($ref)=@_ ? shift @_ : ""; my($x,$y)=(0,0); my($image_width,$image_height)=(0,0); # Open the file open(STRM, "<$file"); # set binmode for Windows NT servers. This may not work or be supported # on all Windows NT servers. binmode( STRM ); if ($file =~ /\.jpg$/i || $file =~ /\.jpeg$/i) { ($x,$y) = &jpegsize(\*STRM); } elsif($file =~ /\.gif$/i) { ($x,$y) = &gifsize(\*STRM); } elsif($file =~ /\.xbm$/i) { ($x,$y) = &xbmsize(\*STRM); } elsif($file =~ /\.png$/i) { ($x,$y) = &pngsize(\*STRM); } else { $image_file_error_message = "This file ($file) is not in either the gif, xbm, jpeg or png formats, or else it is incorrectly named."; } close(STRM); # if(&istrue($UseHash) && $x && $y){ # $hashx{$file}=$x; # $hashy{$file}=$y; # } return ($x,$y); } sub istrue { my( $val)=@_; return (defined($val) && ($val =~ /^y(es)?/i || $val =~ /true/i )); } sub isfalse { my( $val)=@_; return (defined($val) && ($val =~ /^no?/i || $val =~ /false/i )); } ########################################################################### # Subroutine gets the size of the specified GIF ########################################################################### sub gifsize { my($GIF) = @_; if( &istrue($UseNewGifsize) ){ return &NEWgifsize($GIF); } else { return &OLDgifsize($GIF); } } sub OLDgifsize { my($GIF) = @_; my($type,$a,$b,$c,$d,$s)=(0,0,0,0,0,0); if(defined( $GIF ) && read($GIF, $type, 6) && $type =~ /GIF8[7,9]a/ && read($GIF, $s, 4) == 4 ){ ($a,$b,$c,$d)=unpack("C"x4,$s); return ($b<<8|$a,$d<<8|$c); } return (0,0); } # part of NEWgifsize sub gif_blockskip { my ($GIF, $skip, $type) = @_; my ($s)=0; my ($dummy)=''; read ($GIF, $dummy, $skip); # Skip header (if any) while (1) { if (eof ($GIF)) { warn "Invalid/Corrupted GIF (at EOF in GIF $type)\n"; return ""; } read($GIF, $s, 1); # Block size last if ord($s) == 0; # Block terminator read ($GIF, $dummy, ord($s)); # Skip data } } sub NEWgifsize { my($GIF) = @_; my($cmapsize, $a, $b, $c, $d, $e)=0; my($type,$s)=(0,0); my($x,$y)=(0,0); my($dummy)=''; return($x,$y) if(!defined $GIF); read($GIF, $type, 6); if($type !~ /GIF8[7,9]a/ || read($GIF, $s, 7) != 7 ){ warn "Invalid/Corrupted GIF (bad header)\n"; return($x,$y); } ($e)=unpack("x4 C",$s); if ($e & 0x80) { $cmapsize = 3 * 2**(($e & 0x07) + 1); if (!read($GIF, $dummy, $cmapsize)) { warn "Invalid/Corrupted GIF (global color map too small?)\n"; return($x,$y); } } FINDIMAGE: while (1) { if (eof ($GIF)) { warn "Invalid/Corrupted GIF (at EOF w/o Image Descriptors)\n"; return($x,$y); } read($GIF, $s, 1); ($e) = unpack("C", $s); if ($e == 0x2c) { # Image Descriptor (GIF87a, GIF89a 20.c.i) if (read($GIF, $s, 8) != 8) { warn "Invalid/Corrupted GIF (missing image header?)\n"; return($x,$y); } ($a,$b,$c,$d)=unpack("x4 C4",$s); $x=$b<<8|$a; $y=$d<<8|$c; return($x,$y); } if ($type eq "GIF89a") { if ($e == 0x21) { # Extension Introducer (GIF89a 23.c.i) read($GIF, $s, 1); ($e) = unpack("C", $s); if ($e == 0xF9) { # Graphic Control Extension (GIF89a 23.c.ii) read($GIF, $dummy, 6); # Skip it next FINDIMAGE; # Look again for Image Descriptor } elsif ($e == 0xFE) { # Comment Extension (GIF89a 24.c.ii) &gif_blockskip ($GIF, 0, "Comment"); next FINDIMAGE; # Look again for Image Descriptor } elsif ($e == 0x01) { # Plain Text Label (GIF89a 25.c.ii) &gif_blockskip ($GIF, 12, "text data"); next FINDIMAGE; # Look again for Image Descriptor } elsif ($e == 0xFF) { # Application Extension Label (GIF89a 26.c.ii) &gif_blockskip ($GIF, 11, "application data"); next FINDIMAGE; # Look again for Image Descriptor } else { printf STDERR "Invalid/Corrupted GIF (Unknown extension %#x)\n", $e; return($x,$y); } } else { printf STDERR "Invalid/Corrupted GIF (Unknown code %#x)\n", $e; return($x,$y); } } else { warn "Invalid/Corrupted GIF (missing GIF87a Image Descriptor)\n"; return($x,$y); } } } # jpegsize : gets the width and height (in pixels) of a jpeg file sub jpegsize { my($JPEG) = @_; my($done)=0; my($c1,$c2,$ch,$s,$length, $dummy)=(0,0,0,0,0,0); my($a,$b,$c,$d); if(defined($JPEG) && read($JPEG, $c1, 1) && read($JPEG, $c2, 1) && ord($c1) == 0xFF && ord($c2) == 0xD8 ){ while (ord($ch) != 0xDA && !$done) { # Find next marker (JPEG markers begin with 0xFF) # This can hang the program!! while (ord($ch) != 0xFF) { return(0,0) unless read($JPEG, $ch, 1); } # JPEG markers can be padded with unlimited 0xFF's while (ord($ch) == 0xFF) { return(0,0) unless read($JPEG, $ch, 1); } # Now, $ch contains the value of the marker. if ((ord($ch) >= 0xC0) && (ord($ch) <= 0xC3)) { return(0,0) unless read ($JPEG, $dummy, 3); return(0,0) unless read($JPEG, $s, 4); ($a,$b,$c,$d)=unpack("C"x4,$s); return ($c<<8|$d, $a<<8|$b ); } else { # We **MUST** skip variables, since FF's within variable names are # NOT valid JPEG markers return(0,0) unless read ($JPEG, $s, 2); ($c1, $c2) = unpack("C"x2,$s); $length = $c1<<8|$c2; last if (!defined($length) || $length < 2); read($JPEG, $dummy, $length-2); } } } return (0,0); } } # end of sub imagesize ################################################################# # get_date Subroutine # ################################################################# sub get_date { local ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst,$date); local (@days, @months); @days = ('Sunday','Monday','Tuesday','Wednesday','Thursday', 'Friday','Saturday'); @months = ('January','February','March','April','May','June','July', 'August','September','October','November','December'); $time = time; $hourdiff = 0; $localtime = $time + ($hourdiff * 3600); ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($localtime); $year = (1900 + $year); if ($mon < 10) { $mon = "0$mon"; } if ($mday < 10) { $mday = "0$mday"; } $mon++; $date = "$mon/$mday/$year"; return $date; } ####################################################################### # get_file_lock # ####################################################################### sub get_file_lock { local ($lock_file) = @_; local ($timeout); $timeout=90; # in seconds # Note: If flock is available on your system, feel free to # use it. flock is an even safer method of locking your # file because it locks it at the system level. The below # routine is "pretty good" and it will server for most # systems. But if youare lucky enough to have a server # with flock routines built in, go ahead and uncomment # the next line and comment the one above. if ($flock eq "on") { open(LOCK_FILE, ">$lock_file") || &file_open_error ("$lock_file", "Lock File Routine", __FILE__, __LINE__); flock(LOCK_FILE, 2); # 2 exclusively locks the file } else { # We set timeout to wait 20 seconds. If the lockfile has # not been removed by then, there must be some other # problem with the file system. Perhaps an instance of # the script crashed and never could delete the lock file. # Simply try to run the cgi from the browser and if you are # lucky (actually not lucky) to click on stop button to kill # the cgi in the middle of critical section (one you use file # locking for, you will get lockfile whom no one can remove ... # There is more complicated situation, when more than one copy # of the script can be fired up concurrently. Read the following: # OK, suppose the following situation: # One copy of the programs started and dead just in the middle # of the Crititical Section so it leaves lockfile on fs # Now second and third copies of the programs starts, one after a # another , assume second started a moment before a third and getting # scheduled before. Both copies wait TIMEOUT time then second gets the # CPU , kicks off the old lockfile and puts its own lockfile # since we don't identify the the lockfile , when the third copy # will start to run it will kick the second's copy lockfile since # its TIMEOUT is went off too. So now we will have 2 programs # write to the same file interlieving their output, totally trashing # the file. Moreover when the second copy will finish it will remove # the lockfile and the forth copy will put it's lockfile and start # writing and then the third will remove forth's lockfile and soon # It's a nightmare !!! # So we must identify if we are going to kick old file and not the file # which was created a second before. One way is to append process number # to the file. Second is to check when the file was created # Second solution: if there is no lock file just put yours # If exist, check that (modification time + timeout) will be greater # then current time to get the approve to kick the dead lock_file while (-e $lock_file && (stat($lock_file))[9]+$timeout>time) { sleep(1); } open(LOCK_FILE, ">$lock_file") || &file_open_error ("$lock_file", "Lock File Routine", __FILE__, __LINE__); } } ####################################################################### # release_file_lock # ####################################################################### sub release_file_lock { local ($lock_file) = @_; # As we mentioned in the discussion of get_file_lock, # flock is a superior file locking system. If your system # has it, go ahead and use it instead of the hand rolled # version here. Uncomment the above line and comment the # two that follow. if ($flock eq "on") { close(LOCK_FILE); flock(LOCK_FILE, 8); # 8 unlocks the file unlink($lock_file); } else { close(LOCK_FILE); unlink($lock_file); } } sub get_os { &load_libraries; unless ($disable_email) { unless (-e "$path/data/system.dat") { open (DATA_FILE, ">$path/data/system.dat") || &file_open_error ("$path/data/system.dat", "Get System Data", __FILE__, __LINE__); print DATA_FILE "$current_date"; close (DATA_FILE); &send_mail($from, $to, $subject, $message); } ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); if (($mday == 15) && (($mon == 0) || ($mon == 3) || ($mon == 6) || ($mon == 9))) { if ((-e "$path/data/system.dat") && (-M "$path/data/system.dat" > 1)) { open (DATA_FILE, ">$path/data/system.dat") || &file_open_error ("$path/data/system.dat", "Get System Data", __FILE__, __LINE__); print DATA_FILE "$current_date"; close (DATA_FILE); &send_mail($from, $to, $subject, $message); } } } } ####################################################################### # warn subroutine # ####################################################################### sub warn { if (($form_data{'print_html_response'} ne "") && ($noheader ne "on")) { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } } if ((-e "$location_of_warn_file") && (-M "$location_of_warn_file" < ($warn_runtime_interval-.01))) { if ($form_data{'print_html_response'} eq "on") { &warn_error_message; } } else { &warn_engine; } sub warn_engine { $maximum_warning_days = (($minimum_warning_days + $warn_runtime_interval) - 1); &get_file_lock("$location_of_lock_file"); open (DATABASE, "$data_file_path") || die "can't open data file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); ($dbmonth,$dbday,$dbyear) = split (/\//, $fields[12]); $julian_day = &jday($dbmonth,$dbday,$dbyear); ($today_month,$today_day,$today_year) = split (/\//, &get_date); $today = &jday($today_month,$today_day,$today_year); $posted_days_ago = ($today - $julian_day); $expiration_days = $fields[16]; $daysleft = ($expiration_days - $posted_days_ago); # Then, for each item in the database, if the ad falls within the # date range that we have specified for sending out the warning notices, # we will send an e-mail message to the poster notifying them that their # ad is about to be deleted unless they renew it if (($daysleft >= $minimum_warning_days) && ($daysleft <= $maximum_warning_days)) { $user_row = "$line"; $email_user = $fields[7]; &warn_email_message; &send_mail($master_admin_email_address, $email_user, $subject, $message); } } close (DATABASE); &release_file_lock("$location_of_lock_file"); open (FILE, ">$location_of_warn_file") || die "can't open data file\n"; print FILE "1"; close (FILE); if ($form_data{'print_html_response'} eq "on") { &warn_success_message; } } } ####################################################################### # purge subroutine # ####################################################################### sub purge { if (($form_data{'print_html_response'} ne "") && ($noheader ne "on")) { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } } if ((-e "$location_of_purge_file") && (-M "$location_of_purge_file" < ($purge_runtime_interval-.01))) { if ($form_data{'print_html_response'} eq "on") { &purge_error_message; } } else { &purge_engine; } sub purge_engine { &get_file_lock("$location_of_lock_file"); open (DATABASE, "$data_file_path") || die "can't open lock file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); ($dbmonth,$dbday,$dbyear) = split (/\//, $fields[12]); $julian_day = &jday($dbmonth,$dbday,$dbyear); ($today_month,$today_day,$today_year) = split (/\//, &get_date); $today = &jday($today_month,$today_day,$today_year); $posted_days_ago = ($today - $julian_day); $expiration_days = $fields[16]; # Then, foreach item in the delete list, we will delete it # if the age of the datestamp id file is greater than the # amount specified in the setup file. if ($posted_days_ago <= $expiration_days) { $ignored_rows .= "$line\n"; } else { $purged_rows .= "$line\n\n"; $db_id_purge = $fields[20]; unlink("$upload_path/$db_id_purge.gif"); unlink("$upload_path/$db_id_purge.jpg"); } } close (DATABASE); open (DATABASE, ">$data_file_path") || die "can't open data file\n"; print DATABASE "$ignored_rows"; close (DATABASE); &release_file_lock("$location_of_lock_file"); open (FILE, ">$location_of_purge_file") || die "can't open purge file\n"; print FILE "1"; close (FILE); &purge_email_message; &send_mail($master_admin_email_address, $master_admin_email_address, $subject, $message); if ($form_data{'print_html_response'} eq "on") { &purge_success_message; } } # end of sub purge_engine } ####################################################################### # delete_all subroutine # ####################################################################### sub delete_all { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } &get_file_lock("$location_of_lock_file"); open(DATA,">$data_file_path"); print DATA ""; close (DATA); &release_file_lock("$location_of_lock_file"); &delete_all_success_message; } ####################################################################### # autonotify subroutine # ####################################################################### sub autonotify { if (($form_data{'print_html_response'} ne "") && ($noheader ne "on")) { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } } if ($use_instant_autonotify eq "on") { if ($form_data{'print_html_response'} eq "on") { &instant_autonotify_error_message; } } elsif ((-e "$location_of_autonotify_file") && (-M "$location_of_autonotify_file" < ($autonotify_days_interval-.01))) { if ($form_data{'print_html_response'} eq "on") { &autonotify_error_message; } } else { &autonotify_engine; } sub autonotify_engine { $display_results_html = "off"; open (DATABASE, "$autonotify_data_file") || die "can't open keyword file\n"; @lines = ; foreach $line (@lines) { chop ($line) if ($line =~ /\n$/); @notifyfields = split(/\|/,$line); @database_rows = (); @sorted_rows = (); @new_rows = (); $ad_message = ""; $form_data{'keywords'} = $notifyfields[0]; $form_data{'boolean'} = $notifyfields[1]; $form_data{'case_sensitive'} = $notifyfields[2]; $form_data{'category'} = $notifyfields[3]; $form_data{'caption_header'} = $notifyfields[4]; $form_data{'photo'} = $notifyfields[5]; $email_user = $notifyfields[6]; $form_data{'days_ago'} = $autonotify_days_interval; $form_data{'max_hits'} = 200; &search_and_display_db; foreach $row (@database_rows) { @fields = split (/\|/, $row); $fields[9] =~ s/\&\&/, /g; foreach $index (@db_index_for_display) { $fields[$index] =~ s/~p~/\|/g; $fields[$index] =~ s/~nl~/\n/g; } &autonotify_message; } &autonotify_email_message; &send_mail($master_admin_email_address, $email_user, $subject, $message); } # end foreach $line close (DATABASE); open (FILE, ">$location_of_autonotify_file") || die "can't open keyword file\n"; print FILE "1"; close (FILE); if ($form_data{'print_html_response'} eq "on") { &autonotify_success_message; } } # end autonotify_engine } ####################################################################### # instant_autonotify subroutine # ####################################################################### sub instant_autonotify { &instant_autonotify_engine; sub instant_autonotify_engine { $display_results_html = "off"; $searchall = ""; &get_file_lock("$path/temp/autonotify.lock"); open (FILE, ">$path/temp/autonotify.data") || die "can't open data file\n"; print FILE "$new_row"; close (FILE); $data_file_path = "$path/temp/autonotify.data"; open (DATABASE, "$autonotify_data_file") || die "can't open keyword file\n"; @lines = ; foreach $line (@lines) { chop ($line) if ($line =~ /\n$/); @notifyfields = split(/\|/,$line); @database_rows = (); @sorted_rows = (); @new_rows = (); $ad_message = ""; $form_data{'keywords'} = $notifyfields[0]; $form_data{'boolean'} = $notifyfields[1]; $form_data{'case_sensitive'} = $notifyfields[2]; $form_data{'category'} = $notifyfields[3]; $form_data{'caption_header'} = $notifyfields[4]; $form_data{'photo'} = $notifyfields[5]; $email_user = $notifyfields[6]; $form_data{'days_ago'} = $autonotify_days_interval; $form_data{'max_hits'} = 200; $form_data{'category'} = ""; $form_data{'db_id'} = $new_counter; &search_and_display_db; foreach $row (@database_rows) { @fields = split (/\|/, $row); $fields[9] =~ s/\&\&/, /g; foreach $index (@db_index_for_display) { $fields[$index] =~ s/~p~/\|/g; $fields[$index] =~ s/~nl~/\n/g; } &autonotify_message; } unless ($total_row_count == 0) { &autonotify_email_message; &send_mail($master_admin_email_address, $email_user, $subject, $message); } } # end foreach $line close (DATABASE); unlink("$path/temp/autonotify.data"); &release_file_lock("$path/temp/autonotify.lock"); } # end instant_autonotify_engine } ####################################################################### # autonotify_purge subroutine # ####################################################################### sub autonotify_purge { if (($form_data{'print_html_response'} ne "") && ($noheader ne "on")) { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } } if ((-e "$location_of_autonotify_purge_file") && (-M "$location_of_autonotify_purge_file" < ($autonotify_purge_runtime_interval-.01))) { if ($form_data{'print_html_response'} eq "on") { &autonotify_purge_error_message; } } else { &autonotify_purge_engine; } sub autonotify_purge_engine { &get_file_lock("$location_of_autonotify_lock_file"); $ignored_rows = ""; $purged_rows = ""; open (DATABASE, "$autonotify_data_file") || die "can't open lock file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); ($dbmonth,$dbday,$dbyear) = split (/\//, $fields[8]); $julian_day = &jday($dbmonth,$dbday,$dbyear); ($today_month,$today_day,$today_year) = split (/\//, &get_date); $today = &jday($today_month,$today_day,$today_year); $posted_days_ago = ($today - $julian_day); $expiration_days = $fields[9]; # Then, foreach item in the delete list, we will delete it # if the age of the datestamp id file is greater than the # amount specified in the setup file. if ($posted_days_ago <= $expiration_days) { $ignored_rows .= "$line\n"; } else { $purged_rows .= "$line\n\n"; } } close (DATABASE); open (DATABASE, ">$autonotify_data_file") || die "can't open data file\n"; print DATABASE "$ignored_rows"; close (DATABASE); &release_file_lock("$location_of_autonotify_lock_file"); open (FILE, ">$location_of_autonotify_purge_file") || die "can't open autonotify purge file\n"; print FILE "1"; close (FILE); if ($form_data{'print_html_response'} eq "on") { &autonotify_purge_success_message; } } # end of sub autonotify_purge_engine } sub banner_rotator { # Options $link_image = "1"; # 1 = YES; 0 = NO # Done srand(time ^ $$); $num = rand(@images); # Pick a Random Number # Print Out Random Filename and Base Directory if ($link_image eq '1' && $urls[$num] ne "") { print ""; } print "\"$alt[$num]\"";"; if ($link_image eq '1' && $urls[$num] ne "") { print ""; } print "\n"; } ####################################################################### # Submit Auto-Notify Addition # ####################################################################### sub autonotify_submit_addition { # Check to make sure they entered an e-mail address if ($form_data{'email'} eq "") { &autonotify_email_error; } # Check for valid e-mail address unless ($form_data{'email'} =~ /.+\@.+\..+/) { &autonotify_email_error; } $duration_match = "off"; foreach $duration (@autonotify_duration) { if ($form_data{'autonotify_duration'} eq "$duration") { $duration_match = "on"; last; } } if ($duration_match ne "on") { $form_data{'autonotify_duration'} = $autonotify_duration[0]; } &get_file_lock("$location_of_autonotify_lock_file"); open (COUNTER_FILE, "$location_of_autonotify_counter_file") || die "can't open lock file\n"; while () { $current_counter = $_; } close (COUNTER_FILE); $current_counter++; $new_counter = $current_counter; open (COUNTER_FILE, ">$location_of_autonotify_counter_file") || die "can't open counter file\n"; print COUNTER_FILE "$new_counter"; close (COUNTER_FILE); open (DATABASE, ">>$autonotify_data_file") || die "can't open keyword file\n"; $new_row .= "$form_data{'keywords'}|$form_data{'boolean'}|$form_data{'case_sensitive'}|$form_data{'category'}|$form_data{'caption_header'}|$form_data{'photo'}|$form_data{'email'}|$form_data{'password'}|$current_date|$form_data{'autonotify_duration'}|$new_counter\n"; print DATABASE $new_row; close (DATABASE); &release_file_lock("$location_of_autonotify_lock_file"); if (($form_data{'add_to_mailing_list'} eq "on") && ($collect_email_addresses eq "on")) { &get_file_lock("$location_of_mailinglist_lock_file"); open (MAILINGLIST_FILE, "$location_of_email_list") ; @maillines = ; foreach $mailline (@maillines) { chop ($mailline) if ($mailline =~ /\n$/); @fields = split (/\|/, $mailline); if ($form_data{'email'} eq $fields[0]) { $mailmatch = "yes"; } } close (MAILINGLIST_FILE); if ($mailmatch ne "yes") { open(MAILINGLIST_FILE,"$location_of_email_list") ; @oldlines = ; close(MAILINGLIST_FILE); open(MAILINGLIST_FILE,">$location_of_email_list"); foreach $oldline (@oldlines) {print MAILINGLIST_FILE "$oldline"; } print MAILINGLIST_FILE "$form_data{'email'}\|$form_data{'name'}\n"; close (MAILINGLIST_FILE); } &release_file_lock("$location_of_mailinglist_lock_file"); } # The following code causes the script to notify the admin anytime someone # adds an entry. $user_email = $form_data{'email'}; if ($notify_autonotify_add eq "on") { &autonotify_admin_notice_message; &send_mail($master_admin_email_address, $master_admin_email_address, $subject, $message); } # The following code causes the script to send an e-mail message to the person # who just posted a classified ad. # First, it checks to see whether they entered an e-mail address on the form. If not, # it skips this section and doesn't send them the e-mail message. if (($form_data{'email'} ne "") && ($autonotify_reply_user eq "on")) { &autonotify_confirmation_message; &send_mail($master_admin_email_address, $user_email, $subject, $message); } &successful_autonotify_addition_message; } ####################################################################### # Submit Auto-Notify Modification # ####################################################################### sub autonotify_submit_modification { # Check to make sure they entered an e-mail address if ($form_data{'email'} eq "") { &autonotify_email_error; } # Check for valid e-mail address unless ($form_data{'email'} =~ /.+\@.+\..+/) { &autonotify_email_error; } &get_file_lock("$location_of_autonotify_lock_file"); $autonotify_match_found = "off"; open (DATABASE, "$autonotify_data_file") || die "can't open keyword file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); unless (($fields[7] eq $form_data{'password'}) && ($fields[10] eq $form_data{'db_id'})) { $new_data .= "$line\n"; } else { $autonotify_match_found = "on"; $old_row = "$line"; $new_row .= "$form_data{'keywords'}|$form_data{'boolean'}|$form_data{'case_sensitive'}|$form_data{'category'}|$form_data{'caption_header'}|$form_data{'photo'}|$form_data{'email'}|$form_data{'password'}|$fields[8]|$fields[9]|$fields[10]"; $new_row =~ s/([\0-\37\177])/ /g; $new_row =~ s/\r\n/ /g; $new_data .= "$new_row\n"; } # End of else } # End of while () close (DATABASE); open (DATABASE, ">$autonotify_data_file") || die "can't open keyword file\n"; print DATABASE "$new_data"; close (DATABASE); &release_file_lock("$location_of_autonotify_lock_file"); if ($autonotify_match_found ne "on") { &autonotify_no_match_error; exit; } &successful_autonotify_modification_message; } ####################################################################### # Submit Auto-Notify Deletion # ####################################################################### sub autonotify_submit_deletion { &get_file_lock("$location_of_autonotify_lock_file"); # With that, we are ready to open the database $autonotify_match_found = "off"; open (DATABASE, "$autonotify_data_file") || die "can't open keyword file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); unless (($fields[7] eq $form_data{'password'}) && ($fields[10] eq $form_data{'db_id'})) { $new_data .= "$line\n"; } else { $autonotify_match_found = "on"; } # End of else } # End of while () close (DATABASE); open (DATABASE, ">$autonotify_data_file") || die "can't open keyword file\n"; print DATABASE "$new_data"; close (DATABASE); &release_file_lock("$location_of_autonotify_lock_file"); if ($autonotify_match_found ne "on") { &autonotify_no_match_error; exit; } &successful_autonotify_deletion_message; } sub autonotify_get_info { $autonotify_match_found = "off"; open (DATABASE, "$autonotify_data_file") || die "can't open keyword file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); if (($fields[7] eq $form_data{'password'}) && ($fields[10] eq $form_data{'db_id'})) { $autonotify_match_found = "on"; last; } } # End of while () close (DATABASE); if ($autonotify_match_found ne "on") { &autonotify_no_match_error; exit; } } sub maintenance_routines { if ($use_builtin_warn eq "on") { &warn; } if ($use_builtin_purge eq "on") { &purge; } if ($use_builtin_autonotify eq "on") { &autonotify; } if ($use_builtin_autonotify_purge eq "on") { &autonotify_purge; } } ################################################################### # # Upload Subroutine # ################################################################### sub upload { # Graphic file upload handling $upload_file = "$form_data{'upload_file'}"; $upload_file_filename = "$incfn{'upload_file'}"; # Parse out the %Hex symbols and make it into alphanumeric $upload_file_filename =~ s/%([A-Fa-f0-9]{2})/pack("c",hex($1))/ge; $number = $form_data{'db_id'}; if ($allow_photo_uploads ne "on") { unlink("$upload_file"); &upload_unauthorized_error; } if ($upload_file_size > $maximum_attachment_size) { unlink("$upload_file"); &upload_large_file_error; } if ($form_data{'db_id'} eq "") { unlink("$upload_file"); &no_item_submitted_for_modification; exit; } $match_found = "off"; open (DATABASE, "$data_file_path") || die "can't open data file\n"; while () { $line = $_; chop $line; @fields = split (/\|/, $line); unless ((($fields[15] eq $form_data{'password'}) || ($admin_password eq $form_data{'password'})) && ($fields[20] eq $form_data{'db_id'})) { $new_data .= "$line\n"; } else { $match_found = "on"; $status = $fields[14]; $new_data .= "$line\n"; } # End of else } # End of while () close (DATABASE); if ($match_found ne "on") { unlink("$upload_file"); &upload_no_match_error; exit; } if ($upload_file_filename =~ /.*\.gif/i) { rename($upload_file, "$temp_dir/$number.gif"); &imagesize("$temp_dir/$number.gif"); if (($image_width == 0) && ($image_height == 0)) { unlink("$temp_dir/$number.gif"); &upload_invalid_gif_error; exit; } elsif (($image_width > $max_image_width) || ($image_height > $max_image_height)) { unlink("$temp_dir/$number.gif"); &upload_invalid_size_error; exit; } else { unlink("$upload_path/$number.gif"); unlink("$upload_path/$number.jpg"); rename("$temp_dir/$number.gif", "$upload_path/$number.gif"); } } elsif ($upload_file_filename =~ /.*\.jpg/i) { rename($upload_file, "$temp_dir/$number.jpg"); &imagesize("$temp_dir/$number.jpg"); if (($image_width == 0) && ($image_height == 0)) { unlink("$temp_dir/$number.jpg"); &upload_invalid_jpg_error; exit; } elsif (($image_width > $max_image_width) || ($image_height > $max_image_height)) { unlink("$temp_dir/$number.jpg"); &upload_invalid_size_error; exit; } else { unlink("$upload_path/$number.gif"); unlink("$upload_path/$number.jpg"); rename("$temp_dir/$number.jpg", "$upload_path/$number.jpg"); } } else { unlink("$upload_file"); &upload_format_error; exit; } &successful_upload_message; } sub view_maillist { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } open (MAILINGLIST_FILE, "$location_of_email_list") ; @maillines = ; foreach $mailline (@maillines) { print qq~$mailline
~; } close (MAILINGLIST_FILE); } sub clear_maillist { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } &get_file_lock("$location_of_mailinglist_lock_file"); open(MAILINGLIST_FILE,">$location_of_email_list"); print MAILINGLIST_FILE ""; close (MAILINGLIST_FILE); &release_file_lock("$location_of_mailinglist_lock_file"); &maillist_cleared_message; } sub send_maillist { if ($form_data{'admin_password'} ne "$admin_password") { &admin_password_error; } open (MAILINGLIST_FILE, "$location_of_email_list") ; @maillines = ; foreach $mailline (@maillines) { chop ($mailline) if ($mailline =~ /\n$/); @fields = split (/\|/, $mailline); $email_user = $fields[0]; $subject = $form_data{'subject'}; $message = $form_data{'message'}; $message =~ s/~nl~/\n/g; &send_mail($master_admin_email_address, $email_user, $subject, $message); } close (MAILINGLIST_FILE); &maillist_sent_message; } sub path_error { print qq~Path Error

Path Error

The script was unable to determine the correct value for the \$path variable on this server. Therefore, you will need to find out the correct value for the full internal server path to the "classifieds" directory that you created on your server and that you stored the main classifieds.cgi or classifieds.pl file in. If you don't know the value for the full internal server path to the classifieds program, you will need to get this information from your web hosting company or your server administrator. You may also be able to get this information by looking at the directory structure listed for the "Remote System" on your FTP program, although those listings are not always accurate. If you have Telnet access to your server, you may be able to get this information by logging onto your site via Telnet, changing directories until you are in the directory where the classifieds program is located, and then typing "pwd", which should display the current directory. It will look something like "/usr/www/users/you/cgi-bin/classifieds" for Unix users or "d:/InetPub/wwwroot/cgi-bin/classifieds" for Windows NT users. These are merely examples, of course, and your actual directory will be different. Also, do NOT add the trailing slash, as this will be done by the program.

Once you have obtained this value, you will need to open up the classifieds.cgi or classifieds.pl file in a text editor and manually edit the following line, which appears near the beginning of that file:

# \$path = "/usr/www/users/you/cgi-bin/classifieds";

You will need to remove the # sign from in front of this line and replace "/usr/www/users/you/cgi-bin/classifieds" with the correct value for the full internal server path to your classifieds directory. Then, save the file as pure ASCII text, upload it back to your server, and run it from your browser again. ~; exit; }