#!/usr/local/bin/perl ############################################################################## # WWWBoard Admin Version 2.0 ALPHA 2 # # Copyright 1996 Matt Wright mattw@worldwidemart.com # # Created 10/21/95 Last Modified 11/25/95 # # Scripts Archive at: http://www.worldwidemart.com/scripts/ # ############################################################################## # COPYRIGHT NOTICE # # Copyright 1996 Matthew M. Wright All Rights Reserved. # # # # WWWBoard may be used and modified free of charge by anyone so long as # # this copyright notice and the comments above remain intact. By using this # # code you agree to indemnify Matthew M. Wright from any liability that # # might arise from it's use. # # # # Selling the code for this program without prior written consent is # # expressly forbidden. In other words, please ask first before you try and # # make money off of my program. # # # # Obtain permission before redistributing this software over the Internet or # # in any other medium. In all cases copyright and header must remain intact.# ########################################################################### do "board_lib.cgi"; $cgi_url=$admin_url; ########################################################################### if ($ENV{'QUERY_STRING'} ne '') { $command = "$ENV{'QUERY_STRING'}"; } else { &parse_form; } print "Content-type: text/html\n\n"; ########################################################################### # Remove # # This option is useful to see how the threads appear in the # # wwwboard.html document. It can give you a better idea of whether or # # not you want to remove the whole thread or just part of it. # ########################################################################### if ($command eq 'remove') { print "Remove Messages From WWWBoard\n"; print "

Remove Messages From WWWBoard

\n"; print "Select below to remove those postings you wish to remove.\n"; print "Checking the Input Box on the left will remove the whole thread\n"; print "while checking the Input Box on the right to remove just that posting.

\n"; print "These messages have been left unsorted, so that you can see the order in\n"; print "which they appear in the $mesgpage page. This will give you an idea oF\n"; print "what the threads look like and is often more helpful than the sorted method.\n"; print "

\n"; print "


\n"; print "[ Remove ] [ Remove by Date ] [ Remove by Author ] [ Remove by Message Number ] [ $title ]\n"; print "

\n"; print "

\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; open(MSGS,"$basedir/$mesgfile"); @lines = ; close(MSGS); foreach $line (@lines) { if ($line =~ /
  • (.*)<\/a> - (.*)<\/b>\s+(.*)<\/i>/) { push(@ENTRIES,$1); $SUBJECT{$1} = $2; $AUTHOR{$1} = $3; $DATE{$1} = $4; } } @SORTED_ENTRIES = (sort { $a <=> $b } @ENTRIES); $max = pop(@SORTED_ENTRIES); $min = shift(@SORTED_ENTRIES); print "\n"; print "\n"; print "\n"; foreach (@ENTRIES) { print "
  • \n"; print "\n"; print "\n"; } print "
    Username: -- Password:
    Post # Thread Single Subject Author Date
    $_ $SUBJECT{$_} $AUTHOR{$_} $DATE{$_}
    \n"; print "

    \n"; print " \n"; print "

    \n"; print "\n"; } ########################################################################### # Remove By Number # # This method is useful to see in what order the messages were # # added to the wwwboard.html document. # ########################################################################### elsif ($command eq 'remove_by_num') { print "Remove Messages From WWWBoard By Number\n"; print "

    Remove Messages From WWWBoard By Number

    \n"; print "Select below to remove those postings you wish to remove.\n"; print "Checking the Input Box on the left will remove the whole thread\n"; print "while checking the Input Box on the right to remove just that posting.\n"; print "

    \n"; print "


    \n"; print "[ Remove ] [ Remove by Date ] [ Remove by Author ] [ Remove by Message Number ] [ $title ]\n"; print "

    \n"; print "

    \n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; open(MSGS,"$basedir/$mesgfile"); @lines = ; close(MSGS); foreach $line (@lines) { if ($line =~ /
  • (.*)<\/a> - (.*)<\/b>\s+(.*)<\/i>/) { push(@ENTRIES,$1); $SUBJECT{$1} = $2; $AUTHOR{$1} = $3; $DATE{$1} = $4; } } @SORTED_ENTRIES = (sort { $a <=> $b } @ENTRIES); $max = pop(@SORTED_ENTRIES); $min = shift(@SORTED_ENTRIES); push(@SORTED_ENTRIES,$max); unshift(@SORTED_ENTRIES,$min); print "\n"; print "\n"; print "\n"; foreach (@SORTED_ENTRIES) { print "
  • \n"; print "\n"; print "\n"; } print "
    Username: -- Password:
    Post # Thread Single Subject Author Date
    $_ $SUBJECT{$_} $AUTHOR{$_} $DATE{$_}
    \n"; print "

    \n"; print " \n"; print "

    \n"; print "\n"; } ########################################################################### # Remove By Date # # Using this method allows you to delete all messages posted before # # a certain date. # ########################################################################### elsif ($command eq 'remove_by_date') { print "Remove Messages From WWWBoard By Date\n"; print "

    Remove Messages From WWWBoard By Date

    \n"; print "Select below to remove those postings you wish to remove.\n"; print "Checking the input box beside a date will remove all postings \n"; print "that occurred on that date.\n"; print "

    \n"; print "


    \n"; print "[ Remove ] [ Remove by Date ] [ Remove by Author ] [ Remove by Message Number ] [ $title ]\n"; print "

    \n"; print "

    \n"; print "

    \n"; print "\n"; print "\n"; print "
    \n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; open(MSGS,"$basedir/$mesgfile"); @lines = ; close(MSGS); foreach $line (@lines) { if ($line =~ /
  • .*<\/a> - .*<\/b>\s+(.*)<\/i>/) { $date = $2; if ($use_time == 1) { ($time,$day) = split(/\s+/,$date); } else { $day = $date; } $DATE{$1} = $day; } } undef(@used_values); foreach $value (sort (values %DATE)) { $match = '0'; $value_number = 0; foreach $used_value (@used_values) { if ($value eq $used_value) { $match = '1'; last; } } if ($match == '0') { undef(@values); undef(@short_values); foreach $key (keys %DATE) { if ($value eq $DATE{$key}) { $key_url = "$key"; push(@values,$key_url); push(@short_values,$key); $value_number++; } } $form_value = $value; $form_value =~ s/\//_/g; print "
  • \n"; print "\n"; print "\n"; push(@used_values,$value); push(@used_form_values,$form_value); } } print "
    Username: -- Password:
    X Date # of Messages Message Numbers
    $value $value_number @values

    \n"; print "\n"; print " \n"; print "

    \n"; print "\n"; } ########################################################################### # Remove By Author # # This option makes a list of all known authors and then groups # # together there postings and allows you to remove them all at once. # ########################################################################### elsif ($command eq 'remove_by_author') { print "Remove Messages From WWWBoard By Author\n"; print "

    Remove Messages From WWWBoard By Author

    \n"; print "Checking the checkbox beside the name of an author will remove \n"; print "all postings which that author has created.\n"; print "

    \n"; print "


    \n"; print "[ Remove ] [ Remove by Date ] [ Remove by Author ] [ Remove by Message Number ] [ $title ]\n"; print "

    \n"; print "

    \n"; print "

    \n"; print "\n"; print "\n"; print "
    \n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; open(MSGS,"$basedir/$mesgfile"); @lines = ; close(MSGS); foreach $line (@lines) { if ($line =~ /
  • .*<\/a> - (.*)<\/b>\s+.*<\/i>/) { $AUTHOR{$1} = $2; } } undef(@used_values); foreach $value (sort (values %AUTHOR)) { $match = '0'; $value_number = 0; foreach $used_value (@used_values) { if ($value eq $used_value) { $match = '1'; last; } } if ($match == '0') { undef(@values); undef(@short_values); foreach $key (keys %AUTHOR) { if ($value eq $AUTHOR{$key}) { $key_url = "$key"; push(@values,$key_url); push(@short_values,$key); $value_number++; } } $form_value = $value; $form_value =~ s/ /_/g; print "
  • \n"; print "\n"; print "\n"; push(@used_values,$value); push(@used_form_values,$form_value); } } print "
    Username: -- Password:
    X Author # of Messages Message #'s
    $value $value_number @values

    \n"; print "\n"; print " \n"; print "

    \n"; print "\n"; } ########################################################################### # Change Password # # By calling this section of the script, the admin can change his or# # her password. # ########################################################################### elsif ($command eq 'change_passwd') { print "Change WWWBoard Admin Password\n"; print "

    Change WWWBoard Admin Password

    \n"; print "Fill out the form below completely to change your password and user name.\n"; print "If new username is left blank, your old one will be assumed.


    \n"; print "

    \n"; print "\n"; print "
    \n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
    Username:
    Password:
    New Username:
    New Password:
    Re-type New Password:
    \n"; print "
    \n"; } ########################################################################### # Remove Action # # This portion is used by the options remove and remove_by_num. # ########################################################################### elsif ($FORM{'action'} eq 'remove') { &check_passwd; for ($i = $FORM{'min'}; $i <= $FORM{'max'}; $i++) { if ($FORM{$i} eq 'all') { push(@ALL,$i); } elsif ($FORM{$i} eq 'single') { push(@SINGLE,$i); } } open(MSGS,"$basedir/$mesgfile"); @lines = ; close(MSGS); foreach $single (@SINGLE) { foreach ($j = 0;$j <= @lines;$j++) { if ($lines[$j] =~ //) { splice(@lines, $j, 3); $j -= 3; } elsif ($lines[$j] =~ //) { splice(@lines, $j, 1); $j--; } } $filename = "$basedir/$mesgdir/$single\.$ext"; if (-e $filename) { unlink("$filename") || push(@NOT_REMOVED,$single); } else { push(@NO_FILE,$single); } push(@ATTEMPTED,$single); } foreach $all (@ALL) { undef($top); undef($bottom); foreach ($j = 0;$j <= @lines;$j++) { if ($lines[$j] =~ //) { $top = $j; } elsif ($lines[$j] =~ //) { $bottom = $j; } } if ($top && $bottom) { $diff = ($bottom - $top); $diff++; for ($k = $top;$k <= $bottom;$k++) { if ($lines[$k] =~ //) { push(@DELETE,$1); } } splice(@lines, $top, $diff); foreach $delete (@DELETE) { $filename = "$basedir/$mesgdir/$delete\.$ext"; if (-e $filename) { unlink($filename) || push(@NOT_REMOVED,$delete); } else { push(@NO_FILE,$delete); } push(@ATTEMPTED,$delete); } } else { push(@TOP_BOT,$all); } } open(WWWBOARD,">$basedir/$mesgfile"); print WWWBOARD @lines; close(WWWBOARD); &return_html($FORM{'type'}); } ########################################################################### # Remove Action by Date or Author # # This portion is used by the method remove_by_date or # # remove_by_author. # ########################################################################### elsif ($FORM{'action'} eq 'remove_by_date_or_author') { &check_passwd; @used_values = split(/\s/,$FORM{'used_values'}); foreach $used_value (@used_values) { @misc_values = split(/\s/,$FORM{$used_value}); foreach $misc_value (@misc_values) { push(@SINGLE,$misc_value); } } open(MSGS,"$basedir/$mesgfile"); @lines = ; close(MSGS); foreach $single (@SINGLE) { foreach ($j = 0;$j <= @lines;$j++) { if ($lines[$j] =~ //) { splice(@lines, $j, 3); $j -= 3; } elsif ($lines[$j] =~ //) { splice(@lines, $j, 1); $j--; } } $filename = "$basedir/$mesgdir/$single\.$ext"; if (-e $filename) { unlink("$filename") || push(@NOT_REMOVED,$single); } else { push(@NO_FILE,$single); } push(@ATTEMPTED,$single); } open(WWWBOARD,">$basedir/$mesgfile"); print WWWBOARD @lines; close(WWWBOARD); &return_html($FORM{'type'}); } elsif ($FORM{'action'} eq 'change_passwd') { open(PASSWD,"$basedir/$passwd_file") || &error(passwd_file); $passwd_line = ; chop($passwd_line) if $passwd_line =~ /\n$/; close(PASSWD); ($username,$passwd) = split(/:/,$passwd_line); if (!($FORM{'passwd_1'} eq $FORM{'passwd_2'})) { &error(not_same); } $test_passwd = crypt($FORM{'password'}, substr($passwd, 0, 2)); if ($test_passwd eq $passwd && $FORM{'username'} eq $username) { open(PASSWD,">$basedir/$passwd_file") || &error(no_change); $new_password = crypt($FORM{'passwd_1'}, substr($passwd, 0, 2)); if ($FORM{'new_username'}) { $new_username = $FORM{'new_username'}; } else { $new_username = $username; } print PASSWD "$new_username:$new_password"; close(PASSWD); } else { &error(bad_combo); } &return_html(change_passwd); } else { print "WWWAdmin For WWWBoard\n"; print "

    WWWAdmin For WWWBoard

    \n"; print "Choose your Method of modifying WWWBoard Below:

    \n"; print "



    \n"; print "\n"; } ####################### # Parse Form Subroutine sub parse_form { # Get the input read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); # Split the name-value pairs @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); # Un-Webify plus signs and %-encoding $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; } } sub return_html { $type = $_[0]; if ($type eq 'remove') { print "Results of Message Board Removal\n"; print "

    Results of Message Board Removal

    \n"; } elsif ($type eq 'remove_by_num') { print "Results of Message Board Removal by Number\n"; print "

    Results of Message Board Removal by Number

    \n"; } elsif ($type eq 'remove_by_date') { print "Results of Message Board Removal by Date\n"; print "

    Results of Message Board Removal by Date

    \n"; } elsif ($type eq 'remove_by_author') { print "Results of Message Board Removal by Author\n"; print "

    Results of Message Board Removal by Author

    \n"; } elsif ($type eq 'change_passwd') { print "WWWBoard WWWAdmin Password Changed\n"; print "

    WWWBoard WWWAdmin Password Changed

    \n"; print "Your Password for WWWBoard WWWAdmin has been changed! Results are below:


    \n"; print "New Username: $new_username

    \n"; print "New Password: $FORM{'passwd_1'}

    \n"; print "


    \n"; print "Do not forget these, since they are now encoded in a file, and not readable!.\n"; print "\n"; } if ($type =~ /^remove/) { print "Below is a short summary of what messages were removed from $mesgpage and the\n"; print "$mesgdir directory. All files that the script attempted to remove, were removed,\n"; print "unless there is an error message stating otherwise.


    \n"; print "Attempted to Remove: @ATTEMPTED

    \n"; if (@NOT_REMOVED) { print "Files That Could Not Be Deleted: @NOT_REMOVED

    \n"; } if (@NO_FILE) { print "Files Not Found: @NO_FILE

    \n"; } print "


    \n"; print "[ Remove ] [ Remove by Date ] [ Remove by Author ] [ Remove by Message Number ] [ $title ]\n"; print "

    \n"; print "\n"; } } sub error { $error = $_[0]; if ($error eq 'bad_combo') { print "Bad Username - Password Combination\n"; print "

    Bad Username - Password Combination

    \n"; print "You entered and invalid username password pair. Please try again.

    \n"; &passwd_trailer } elsif ($error eq 'passwd_file') { print "Could Not Open Password File For Reading\n"; print "

    Could Not Open Password File For Reading

    \n"; print "Could not open the password file for reading! Check permissions and try again.

    \n"; &passwd_trailer } elsif ($error eq 'not_same') { print "Incorrect Password Type-In\n"; print "

    Incorrect Password Type-In

    \n"; print "The passwords you typed in for your new password were not the same.\n"; print "You may have mistyped, please try again.

    \n"; &passwd_trailer } elsif ($error eq 'no_change') { print "Could Not Open Password File For Writing\n"; print "

    Could Not Open Password File For Writing

    \n"; print "Could not open the password file for writing! Password not changed!

    \n"; &passwd_trailer } exit; } sub passwd_trailer { print "


    \n"; print "[ WWWAdmin ] [ $title ]\n"; print "

    \n"; print "\n"; } sub check_passwd { open(PASSWD,"$basedir/$passwd_file") || &error(passwd_file); $passwd_line = ; chop($passwd_line) if $passwd_line =~ /\n$/; close(PASSWD); ($username,$passwd) = split(/:/,$passwd_line); $test_passwd = crypt($FORM{'password'}, substr($passwd, 0, 2)); if (!($test_passwd eq $passwd && $FORM{'username'} eq $username)) { &error(bad_combo); } }