Add to the Guestbook

#!/usr/bin/perl ############################################################################# # verguest - Simple Guestbook - Version 1.4 - Released 12/27/2000 # # The following variables control how the guestbook works # This script was designed to give you as much freedom as # possible in setting up your service. Please change the # variables so the site fits more into your site. $script_url = "http://www.seif-sy.com/cgi/guestbook.pl"; # This is the name of the script $data_file = "/home/sites/site35/web/cgi/entries.txt"; # File where guestbook entries are stored. # You must include the full path. Upload a blank file called # entries.txt (or whatever), and make sure you CHMOD it to 777 $show = 10; # Number of guestbook entries per page. $my_email = 'bashar@seif-sy.com'; # Your email address. $tell_me = "yes"; # Tell me when someone has signed the guestbook. # This will send you an e-mail when the guestbook is signed. $thanks_response = "yes"; # Send a thankyou email to the signer of the guestbook. $sendmail = '/usr/sbin/sendmail'; # Where sendmail is located -- you should not have to change this. $date_command = "/bin/date"; # Date command -- again, there is no need to change this. $block_slang = 1; # Block bad words (1=yes 2=no). A list of curse words has been # appended to the bottom of this script. If you would like to # add others, simply follow the format. # # The following variables control how the guestbook looks # $view_text_color = "#000000"; # Color of the text within the guestbook. $view_link_color = "#0000FF"; # Color of the link within the guestbook. $view_bgcolor = "#FFFFFF"; # Color of the background within the guestbook. $view_bgimage = ""; # Background image within the guestbook; this is optional. $view_hr_image = " "; # Horizontal line image within the guestbook; this is optional. # If you leave it blank, an HR tag will be automatically appended # between each entry. $view_head_text = "This Is What Has Been Said About Our page"; # Text at the top of the guestbook. $add_text_color = "#000000"; # Color of the text on the submit form. $add_link_color = "#0000FF"; # Color of the link on the submit form. $add_bgcolor = "#FFFFFF"; # Color of the background on the submit form. $add_bgimage = ""; # Background image on the submit form; this is optional. $add_head_text = "

Add to our Guestbook

"; # Text on the top of the submit page. ################################# # Don't change the next 8 lines # ################################# $date = `$date_command +"%B %d, %Y"`; chop($date); &get_form; if ($FORM{'what'} =~ /\b(submit)\b/i){&submit} elsif ($FORM{'what'} =~ /\b(view)\b/i){&view} elsif ($FORM{'what'} =~ /\b(preview)\b/i){&preview} else {&add} exit(0); ################################### # Write an entry to the guestbook # ################################### sub submit { @cookies = split(/; /, $ENV{'HTTP_COOKIE'}); foreach $cook (@cookies) { ($name, $value) = split(/=/, $cook); $COOKIE{$name} = $value; } &error("Bad!", "Only one post per session!") if $COOKIE{'gbook'} == 1; # Check for name and comments &error("No name!", "Please fill in your name!") unless $FORM{'name'}; &error("No email!", "Please fill in your Email ! $FORM{'name'}") unless $FORM{'email'}; &error("No comments!", "Please fill in your Comments $FORM{'name'}") unless $FORM{'comments'}; $FORM{'comments'} =~ s/\n/
/g; # Send the signer an e-mail # By following the format, you can adjust the message to reflect what # you want to tell your visitor. if ($thanks_response =~ /yes/i && $FORM{'email'} =~ /\w+@\w+.\w+/) { open (MAIL, "|$sendmail -t") || die "Can't open $sendmail\n"; print MAIL "To: $FORM{'email'}\n"; print MAIL "Reply-to: $my_email\n"; print MAIL "From: $my_email\n"; print MAIL "Subject: Hello $FORM{'name'}\n\n"; print MAIL "Thanks for signing our guestbook. "; print MAIL "If you have any questions, please feel free to contact bashar\@seif-sy.com.\n\n"; close (MAIL); } # Send administrator an e-mail if ($tell_me =~ /yes/i) { # Get the remote hostname. @subnet_numbers = split (/\./, $ENV{'REMOTE_ADDR'}); $packed_address = pack ("C4", @subnet_numbers); $ENV{'REMOTE_HOST'} = gethostbyaddr($packed_address, 2); open (MAIL, "|$sendmail $my_email") || die "Can't open $sendmail!\n"; print MAIL "Reply-to: $FORM{'email'}\n"; print MAIL "From: $FORM{'email'} <$FORM{'name'}>\n"; print MAIL "Subject: $FORM{'name'} signed the guestbook!\n\n"; print MAIL "$FORM{'name'} <$FORM{'email'}> has made an entry to the guestbook.\n"; print MAIL "with the IP $ENV{'REMOTE_ADDR'}\n"; if ($ENV{'REMOTE_HOST'}){print MAIL "Using the hostname $ENV{'REMOTE_HOST'}\n"} print MAIL "on $date\n\n"; print MAIL "User's Comments: $FORM{'comments'}\n"; close (MAIL); } # Write a new entry to the guestbook file. open (FILE, ">>$data_file"); flock(FILE, 2); seek(FILE, 0, 2); print FILE "$FORM{'name'}|$FORM{'email'}|"; $FORM{'url'} =~ s#http://##eig; print FILE "http://$FORM{'url'}" if $FORM{'url'}; print FILE "|$FORM{'city'}|$FORM{'state'}|$FORM{'country'}|$FORM{'comments'}|$date\n"; close (FILE); flock(FILE, 8); # Set a Cookie print "Set-Cookie: gbook=1\n"; # Redirect the user. print "Location: $script_url?what=view\n\n"; } ################################ # Print the guestbook add form # ################################ sub add { print "Content-type: text/html\n\n"; print "\n"; print "Add to the Guestbook\n"; print ""; print "\n"; print "\n"; print " \n"; print " \n"; print " \n"; print " \n"; print " \n"; print "

Name:
E-Mail:
URL:
City:	State:
Country:
Comments:

\n"; print " \n"; print " \n"; print " \n"; print "

\n"; print "\n"; print "\n"; } ########################## # Print out the preview # ########################## sub preview { # Check for name and comments &error("No name!", "Please fill in your name!") unless $FORM{'name'}; &error("No email!", "Please fill in your Email ! $FORM{'name'}") unless $FORM{'email'}; &error("No comments!", "Please fill in your comments $FORM{'name'}") unless $FORM{'comments'}; print "Content-type: text/html\n\n"; print "\n"; print "Preview Entry\n"; print ""; print "

\n"; print "This is what your entry will look like...\n"; print "

\n\n"; print "\n"; print "\n"; print "\n" if $FORM{'email'}; $FORM{'url_temp'} = $FORM{'url'}; $FORM{'url_temp'} =~ s#//##eig; print "\n" if $FORM{'url_temp'}; print "\n"; print "\n"; $FORM{'commentsp'} = $FORM{'comments'}; $FORM{'commentsp'} =~ s/\n/
/g; print "

Name:	$FORM{'name'} - $date
E-mail:	$FORM{'email'}
My URL:	$FORM{'url'}
Location:	"; if (!$FORM{'country'}){$FORM{'country'} = "USA"} if ($FORM{'city'} && $FORM{'state'}){print "$FORM{'city'}, $FORM{'state'} $FORM{'country'}"} elsif ($FORM{'city'}){print "$FORM{'city'}, $FORM{'country'}"} elsif ($state){print "$FORM{'state'}, $FORM{'country'}"} else {print "$FORM{'country'}"} print "
Comments:	$FORM{'commentsp'}

\n"; print "

\n\n"; print "\n"; print " (please be patient)\n"; print "

\n"; } #################### # View the entries # #################### sub view { $po = ($FORM{'o'}-$show); $no = ($FORM{'o'}+$show); open(FILE, $data_file); @entries = ; close(FILE); @entries = reverse @entries; # Print out the html print "Content-type: text/html\n\n"; print "\n"; print "Guestbook\n"; print ""; print "
\n"; print "

$view_head_text

\n"; print "

\n\n"; foreach $line (@entries[$FORM{'o'}..$no-1]) { chomp $line; if ($line) { ($name, $email, $url, $city, $state, $country, $comments, $date) = split(/\|/, $line); print "\n"; print "\n"; print "\n" if $email; print "\n" if $url; print "\n"; print "\n"; print "

Name:	$name - $date
E-mail:	$email
My URL:	$url
Location:	"; if (!($country)){$country = "USA"} if ($city && $state){print "$city, $state $country"} elsif ($city){print "$city, $country"} elsif ($state){print "$state, $country"} else {print "$country"} print "
Comments:	$comments

\n"; print "

\n\n"; } } print "
\n"; if ($po >= 0){print "[<< Prev]"} $tno = $no; $tno++; if ($entries[$tno]){print " [Next >>]"} print "\n"; } ###################### # Print out an error # ###################### sub error { print "Content-type: text/html\n\n"; print "\n"; print "Error! - $_[0]\n"; print ""; print "\n"; print "

$_[1]

\n"; print "\n"; print "

\n"; print "\n"; exit(0); } ##################### # Parse form input. # ##################### sub get_form { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); @pairs2 = split(/&/, $ENV{'QUERY_STRING'}); foreach $pair (@pairs, @pairs2) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # Strip SSI $value =~ s// /g; # Strip HTML $value =~ s/\|/ /g; $value =~ s/\;//g; $value =~ s/\&/ /g; $value =~ s//>/g; # Strip Bad Words # Please add any words you feel are inappropriate to your site. $value =~ s/suck/stink/gi; $value =~ s/fuck/fudge/gi; $value =~ s/dick/richard/gi; $value =~ s/penis/dang/gi; $value =~ s/shit/shoot/gi; $value =~ s/fag/bundle of sticks/gi; $value =~ s/cunt/carp/gi; $value =~ s/pussy/prissy/gi; $value =~ s/ass/bum/gi; $value =~ s/bitch/Meredith Brooks/gi; $FORM{$name} = $value; } $FORM{'email'} =~ s/^([^ ]+) (.*)/$1/g; }