#! c:/perl/bin/perl #! /usr/local/bin/perl # # joinlist.cgi # # Ver 2.021 : 9/11/05 : Deleted jcode.pl. Addec Copyright # Ver 2.02 : 1/22/05 : Modified to not register without a name # Ver 2.01 : 3/24/03 : Added error processing when missed a password # Ver 2.0 : 10/27/02 : Added password function, conbine rdjoin.pl and # wrjoin.pl into joinlist.cgi # # $Id: joinlist.cgi,v 1.1 2005/09/25 04:53:21 Hideki Kanayama Exp $ $version='2.021'; $lastupdatedyear='2005'; $joindir = "../joinlist"; $cgibin = "../cgi-bin"; $datafile = "$joindir/joinlist.dat"; $eventhtml = "$joindir/event.shtml"; $admindat = "$cgibin/adminpwd.dat"; $thisfile = $0; $thisfile =~ s/^.+[\/\\]([^\\\/]+)$/$1/; $script = "$cgibin/$thisfile"; $tmpfile = "$joindir/tmp.$$"; if ($ENV{"REQUEST_METHOD"} eq "GET"){ $data=$ENV{"QUERY_STRING"}; $method = 'GET'; } elsif ($ENV{"REQUEST_METHOD"} eq "POST"){ read(STDIN,$data,$ENV{"CONTENT_LENGTH"}); $method = 'POST' } @tmparry=split(/&/,$data); foreach $string (@tmparry){ ($key,$value)=split(/=/,$string); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s//>/g; if ($value =~ /\r\n/) { $value =~ s/\r\n/
/g; } if ($value =~ /\n/) { $value =~ s/\n/
/g; } if ($value =~ /\r/) { $value =~ s/\r/
/g; } if ($value =~ /,/) { $value =~ s/,/&\#44;/g; } $all{"$key"}=$value; } if (! -e "$admindat"){ if ($all{mode} ne 'adminpwd'){ &setadminpwd; } else { &wradminpwd; print "Location: $eventhtml\n\n"; } } open(ADMIN,"< $admindat"); $adminpwd = ; close(ADMIN); if ($all{mode} eq 'write'){ if (open(DAT,"< $datafile")){ @allline=; close(DAT); ($finnum,@rest) = split(/,/,$allline[$#allline]); } else { $finnum = 0; } if ($all{reg} ne ''){ if ($all{name} ne ''){ open(WR,">> $datafile"); $num = $finnum + 1; if ($all{pwd} ne ''){ $pwd = &makecrypt($all{pwd}); } else { $pwd = ''; } print WR "$num,$all{name},,$all{comment},$pwd\n"; close(WR); } } else { open(DAT,"< $datafile"); open(WR,"> $tmpfile"); while(){ s/[\n\r]*$//; ($num,$name,$join,$comment,$pwd)=split(/,/); $cancel = cancel . $num; $pwdnum = pwd . $num; if($all{$cancel} ne ''){ if ((&checkcrypt($all{$pwdnum},$pwd) && ($pwd ne '')) || &checkcrypt($all{$pwdnum},$adminpwd)){ $join = 'off'; } else { close(DAT); close(WR); print "Content-Type: text/html\n\n"; print "
Password does not match.\n"; unlink("$tmpfile"); exit; } } print WR "$num,$name,$join,$comment,$pwd\n"; } close(DAT); close(WR); rename("$tmpfile","$datafile"); } chmod(0666,"$datafile"); print "Location: $eventhtml\n\n"; } else { print "Content-Type: text/html\n\n"; print "
"; print "\n"; print ""; print "\n"; open(DAT,"< $datafile"); while(){ chop; ($num,$name,$join,$comment,$pwd)=split(/,/); $comment =~ s/^$/\ /; if ($join eq 'off'){ next; } print ""; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; } print "\n"; print "\n"; print "
AttendeeCommentPassword 
$name$comment
\n"; print "
joinlist.cgi Ver. $version
\n"; print "
Copyright(C) 2002-$lastupdatedyear, Hideki
\n"; close(DAT); } exit; sub makecrypt { my $plain = shift; my $salt = join "", ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]; my $result = crypt($plain,$salt) or crypt($plain,'$1$'.$salt.'$'); return $result; } sub setadminpwd { print "Content-type:text/html\n\n"; print ""; print "
"; print "
Set admin password
"; print ""; print ""; print ""; print "
"; print ""; exit; } sub wradminpwd { $passwd = &makecrypt($all{pwd}); if (open(FILE,"> $admindat")){ print FILE "$passwd"; close(FILE); } else { print "Content-type:text/html\n\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "Failed to make password\n"; print "\n"; print "\n"; print "Failed to make password."; print "\n"; exit; } } sub checkcrypt { my ($pwd,$encpwd)=@_; return(crypt($pwd,$encpwd) eq "$encpwd"); }