#!/usr/bin/perl package acs; ######################################################################## # COPYRIGHT NOTICE: # # Copyright 2008 FocalMedia.Net All Rights Reserved. # # Selling the code for this program without prior written consent # from FocalMedia.Net is expressly forbidden. You may not # redistribute this program in any shape or form. # # This program is distributed "as is" and without warranty of any # kind, either express or implied. In no event shall the liability # of FocalMedia.Net for any damages, losses and/or causes of action # exceed the total amount paid by the user for this software. # ######################################################################## #### EDIT HERE -- FOR WINDOWS/IIS BASED INSTALLATIONS ONLY ####### $config_cgi = "../config.cgi"; ## <-- CHANGE THIS LINE TO THE FULL SERVER PATH TO config.cgi # THE PATH ON A WINDOWS INSTALLATION WILL LOOK SOMETHING LIKE THIS: # $config_cgi = "c:/inetpub/webpub/cgi-bin/pseek/config.cgi"; #### DO NOT CHANGE ANYTHING BELOW THIS LINE ################# #use FindBin; #use lib $FindBin::Bin; use CGI::Carp qw(fatalsToBrowser); use CGI; use Time::Local; use DBI; use IO::Socket; use MIME::Base64 qw(decode_base64 encode_base64); require Exporter; use vars qw/@ISA @EXPORT @EXPORT_OK $copyright $prgname/; @ISA = qw(Exporter); @EXPORT = qw(check_access get_template encode_dir decode_dir problem_popup get_chopped_path remove_leading_spacing update_numbers get_location_string get_file_contents get_last_dirname get_rid decode_complete_dir get_extra_vars decode_date extend_login update_setting htmlencode get_heading_box write_config psmakedir update_cat_numbers get_tooltip ); @EXPORT_OK = qw($template1 $enc_string $decoded_string $chopped_path $chopped_string $locstr_ret $thefile $drval $mcid_str $decstr $extrakfd $rdvalue $str2 $h_return $dir_to_create $tootltipd); $thetime = time(); ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst) = localtime($thetime); $year = "20" . substr($year, 1, 2); $version = "PowerSeek SQL Version 4.2.1"; $prgname = "PowerSeek Version 4.2.1"; $copyright = "Copyright 2003-$year FocalMedia.Net"; $default_permissions = 0777; ### PERMISSIONS THAT IS USED FOR TEMPORARY DATA FILES &get_setup; ################################################################################################################## sub get_tooltip { # border-right-width: 1px; # border-bottom-width: 1px; $tootltipd = qq[ ]; return ($tootltipd); } sub write_config { my ($conf_item, $conf_value) = @_; open (GSETT, "$data_dir/gsettings.dat"); @conflines = ; close (GSETT); foreach $ccitem (@conflines) { ($obj, $ident) = split (/=/, $ccitem); if ($obj eq $conf_item) { $newfile = $newfile . $conf_item . "=" . $conf_value . "\n"; } else { $newfile = $newfile . $ccitem; } } open (GSETT, "> $data_dir/gsettings.dat"); print GSETT $newfile; close (GSETT); } sub update_cat_numbers { my ($cid_id, $link_number_counter) = @_; ### CID / NUMBERS TO ADD if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";} $dbh = DBI->connect($dsn, $db_username, $db_password); if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; } $sql = "SELECT cid, l1, l2, l3, l4, l5, l6, l7, l8, l9, l10, l11, l12, l13, l14, l15, l16, shortname FROM dirs WHERE cid = '$cid_id'"; $sth = $dbh->prepare($sql); $sth->execute; $serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror";} $nrcounter = 0; while ( @row = $sth->fetchrow() ) { $cats = ""; for ($ms = 1; $ms < 17; $ms++) { if ($row[$ms] ne "") { $cats = $cats . $row[$ms] . "::-::"; } } $cats = substr($cats, 0, length($cats) - 5); } @to_update_cat = split (/::-::/, $cats); $lvc = 1; foreach $catlevel (@to_update_cat) { $catlevel = $dbh->quote($catlevel); $levelsql = $levelsql . " (l" . $lvc . " = $catlevel) AND"; $use_levelsql = $levelsql . " (l" . ($lvc + 1) . " = '')"; $sql = "UPDATE dirs SET linknrs = linknrs + $link_number_counter WHERE $use_levelsql"; $sth = $dbh->prepare($sql); $sth->execute; $serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror";} $lvc++; } if (defined($sth)){$sth->finish; } $dbh->disconnect; } sub quick_help { my ($help_heading, $help_text) = @_; $helpcrit = qq[
$help_heading
$help_text
_
]; return ($helpcrit); } sub get_heading_box { my ($h_icon, $h_heading, $h_text) = @_; $h_return = qq[

$h_heading
$h_text
_
]; return ($h_return); } sub fill_vars { my ($filledvar) = @_; $filledvar =~ s/!!scripts_url!!/$script_url/g; $filledvar =~ s/!!tseeksearch!!/$script_url\/search\.cgi/g; $filledvar =~ s/!build_url!/$web_url/g; $filledvar =~ s/!!build_url!!/$web_url/g; open (GSETT, "$data_dir/gsettings.dat"); @conflines = ; close (GSETT); $statsetting = $conflines[29]; chop($statsetting); #### if ($statsetting =~ /dyn_stat=Dynamic/) { $filledvar =~ s/!!whatsnew!!/$script_url\/dirs\.cgi?newpop=new/g; $filledvar =~ s/!!tophits!!/$script_url\/dirs\.cgi?newpop=pop/g; } else { $filledvar =~ s/!!whatsnew!!/$web_url\/new\//g; $filledvar =~ s/!!tophits!!/$web_url\/pop\//g; } $filledvar =~ s/!!modify_link_url!!/$script_url\/modify\.cgi/g; $filledvar =~ s/!!add_url_link!!/$script_url\/addurl\.cgi/g; $filledvar =~ s/!!add_premium_url_link!!/$script_url\/addurl\.cgi?p=1/g; $filledvar =~ s/!!rgs_login!!/$script_url\/rgs_login\.cgi?p=1/g; $topvar = &get_file_contents("$data_dir/frontlink.dat"); if ($topvar eq ""){$filledvar =~ s/!!top!!/$script_url\/fp\.cgi/gi;}else{$filledvar =~ s/!!top!!/$topvar/gi;} $filledvar =~ s/!!favorites_link!!/$script_url\/fav\.cgi/g; $filledvar =~ s/!!register!!/$script_url\/rgs_register\.cgi?p=1/g; $filledvar =~ s/!!log_out!!/$script_url\/rgs_logout\.cgi/g; $filledvar =~ s/!!advanced!!/$script_url\/searchadv\.cgi/g; $filledvar =~ s/!!my_links!!/$script_url\/rgs_login\.cgi/g; $filledvar =~ s/!!account_details!!/$script_url\/rgs_adet\.cgi/g; $filledvar =~ s/!!retrieve_password!!/$script_url\/rgs_repass\.cgi/g; $filledvar =~ s/!!resend_activation!!/$script_url\/rgs_resend2\.cgi/g; $query = new CGI; $searched_keywords = $query->param('keywords'); $filledvar =~ s/!!keywords!!/$searched_keywords/g; return ($filledvar); } sub update_setting { my ($keyname, $keyval) = @_; $scnts = &get_file_contents("$data_dir/gsettings.dat"); @allitems = split (/\n/, $scnts); foreach $item (@allitems) { ($sobj, $sval) = split (/=/, $item); if ($sobj eq $keyname) { $the_setting = $the_setting . "$sobj=$keyval\n"; } else { $the_setting = $the_setting . $item . "\n"; } } open (PSETTINGS, "> $data_dir/gsettings.dat"); print PSETTINGS $the_setting; close (PSETTINGS); } sub get_extra_vars { my ($keydata1, @akeys1, $knr1, $kcount1, $k_item1, $k_keyname1, $k_visible1, $k_size1, $k_searched1, $k_description1, $k_image1, $extrakfd); $keydata1 = &get_file_contents("$data_dir/keys.dat"); @akeys1 = split (/\n/, $keydata1); $knr1 = @akeys1; if ($knr1 > 0) { $kcount1 = 0; foreach $k_item1 (@akeys1) { ($k_keyname1, $k_visible1, $k_size1, $k_searched1, $k_description1, $k_image1, $tmp, $nmbup) = split (/\t/, $k_item1); if ($nmbup ne "Upload") { $extrakfd = $extrakfd . "%%$k_keyname1%%

"; $kcount1++; } } } return ($extrakfd); } sub get_cid_cat { my ($dstring) = @_; my (@alldirs, $lvcount, $ccats, $item44, $readycat, $sqlstr, $sql, $cidret); @alldirs = split (/\//, $dstring); $lvcount = 1; $ccats = ""; foreach $item44 (@alldirs) { $item44 =~ s/'/\\'/g; $ccats = $ccats . "(l" . $lvcount . " = '$item44') AND "; $readycat = substr($ccats, 0, length($ccats) - 4); $sqlstr = $sqlstr . "($readycat AND (level = '$lvcount')) OR"; $lvcount++; } $sqlstr = substr($sqlstr, 0, length($sqlstr) - 2); $sql = "SELECT cid FROM dirs WHERE $sqlstr ORDER BY level"; #print "$sql \n\n"; ### CONNECT TO DB if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";} $dbh = DBI->connect($dsn, $db_username, $db_password); if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; } $sth = $dbh->prepare($sql); $sth->execute; $serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror\n From: $sql";} $cidret = ""; while ( @row = $sth->fetchrow() ) { $cidret = $cidret . $row[0] . "-"; } $sth->finish; $dbh->disconnect; $cidret = substr($cidret, 0, length($cidret) - 1); return ($cidret); } sub decode_complete_dir { my ($complete_dir) = @_; my (@dits, $dritem, $decstr); @dits = split (/-/, $complete_dir); $decstr = "Root "; foreach $dritem (@dits) { $decstr = $decstr . " > " . &decode_dir($dritem); } return ($decstr); } ####################### sub get_rid { my ($ecat) = @_; @dcats = split (/-/, $ecat); $gcntr = 0; $lvcnt = 1; foreach $item (@dcats) { $item = &decode_dir($item); $item =~ s/'/\\'/g; $fieldnames[$gcntr] = "l" . $lvcnt; $fieldvalues[$gcntr] = $item; $fncount = 0; $fieldsel = ""; foreach $field_name_item (@fieldnames) { $fieldsel = $fieldsel . " ($field_name_item = '$fieldvalues[$fncount]') and"; $fncount++; } $fieldsel = substr($fieldsel, 0, length($fieldsel) -3); $qstring = $qstring . " ((level = '$lvcnt') and $fieldsel) or"; $lvcnt++; $gcntr++; } $qstring = substr($qstring, 0, length($qstring) - 2); $qstring = "SELECT cid,level FROM dirs WHERE $qstring ORDER BY level ASC"; if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";} $dbh = DBI->connect($dsn, $db_username, $db_password); if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; } $sth = $dbh->prepare("$qstring"); if ( !defined $dbh ) {die "Cannot connect to mSQL server: $DBI::errstr\n"; } $sth->execute; $serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror";} $mcid_str = ""; $updc = 0; while ( @row = $sth->fetchrow() ) { $mcid_str = $mcid_str . "$row[0]" . "-"; } $mcid_str = substr($mcid_str, 0, length($mcid_str) -1); $sth->finish; $dbh->disconnect; return ($mcid_str); } sub get_last_dirname { my ($complete_dir) = @_; @allds = split (/-/, $complete_dir); $dnr = @allds; $dnr = $dnr - 1; $drval = $allds[$dnr]; $drval = &decode_dir($drval); return ($drval); } sub new_gsettings { my $this = {}; $scnts = &get_file_contents("$data_dir/gsettings.dat"); @all_obj_items = split (/\n/, $scnts); foreach $obji (@all_obj_items) { ($obj_prp, $obj_val) = split (/=/, $obji); $this->{$obj_prp} = $obj_val; } bless $this; return $this; } sub get_file_contents { my ($filename) = @_; my ($filesize, $thefile); if ((-e "$filename") > 0) { $filesize = (-s "$filename"); open (TFILECNTS, "$filename") || die "$filename"; read(TFILECNTS,$thefile,$filesize); close (TFILECNTS); } return ($thefile); } sub update_numbers { my ($plus_minus, $nr, $ctg) = @_; my (@allds, $item, $qsel); $nowtime = time(); @allds = split (/-/, $ctg); $qc = 0; $lvl = 1; $qstring = "SELECT cid, level, linknrs FROM dirs WHERE "; foreach $item (@allds) { $qstring = $qstring . "(cid = '$item') or "; } $qstring = substr ($qstring, 0, length($qstring) - 3); $qstring = $qstring . " ORDER BY level"; #print "$qstring
"; ######## if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";} $dbh = DBI->connect($dsn, $db_username, $db_password); if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; } $sth = $dbh->prepare("$qstring"); if ( !defined $dbh ) {die "Cannot connect to mSQL server: $DBI::errstr\n"; } $sth->execute; $updc = 0; while ( @row = $sth->fetchrow() ) { if ($plus_minus eq "+") { $updatetime = ",newindate = '$nowtime'"; $newc = $row[2] + $nr; } else { $newc = $row[2] - $nr; } $update_arr[$updc] = "$row[0]-$row[1]-$newc"; $updc++; #print "=> $row[0]-$row[1]-$newc
"; } foreach $item (@update_arr) { ($icid, $ilv, $link_count) = split (/-/, $item); $sth = $dbh->prepare("UPDATE dirs SET linknrs = '$link_count' $updatetime WHERE cid = '$icid'"); if ( !defined $dbh ) {die "Cannot connect to mSQL server: $DBI::errstr\n"; } $sth->execute; } $sth->finish; $dbh->disconnect; } sub get_location_string { my ($lcstring) = @_; my (@als, $item); @als = split (/-/, $lcstring); $locstr_ret = "Root"; foreach $item (@als) { $locstr_ret = $locstr_ret . " > " . &decode_dir($item); } return ($locstr_ret); } sub remove_leading_spacing { my ($ostring) = @_; my ($ds, $wfound); for ($ds = 0; $ds < length($ostring); $ds++) { if ((substr($ostring, length($ostring) - 1, 1) eq " ") and ($wfound ne "true")) { chop($ostring); } else { $wfound = "true"; } } $chopped_string = $ostring; return ($chopped_string); } ##################### sub get_chopped_path { my ($fpath) = @_; $chopped_path = ""; @alldi = split (/\//, $fpath); $inr = @alldi; $inr = $inr -1; for ($ds = 0; $ds < $inr; $ds++) { if ($ds != 0) { $chopped_path = $chopped_path . "/$alldi[$ds]"; } else { $chopped_path = $chopped_path . "$alldi[$ds]"; } } return ($chopped_path); } ###################### sub check_access { my ($TheUsername, $ThePassword, $EnteredUser, $EnteredPass) = @_; my ($usercookie, $passcookie, $query); if ($TheUsername =~ /'/) { &wrongps_screen; } if ($TheUsername =~ /\\/) { &wrongps_screen; } if ($ThePassword =~ /'/) { &wrongps_screen; } if ($ThePassword =~ /\\/) { &wrongps_screen; } if ($EnteredUser =~ /'/) { &wrongps_screen; } if ($EnteredUser =~ /\\/) { &wrongps_screen; } if ($EnteredPass =~ /'/) { &wrongps_screen; } if ($EnteredPass =~ /\\/) { &wrongps_screen; } if (-e "$web_dir/$db_name.sql") { $tmp = unlink("$web_dir/$db_name.sql"); } if (($username ne "") and ($password ne "")) ### IF CONTROL PANEL USER/PASS ENABLED { $query = new CGI; $usercookie = $query->cookie('nuser'); $passcookie = $query->cookie('npass'); #print "Content-type: text/html\n\n"; #print "==> $usercookie $passcookie"; if (($EnteredUser ne "") and ($EnteredPass ne "")) {&do_login ($EnteredUser, $EnteredPass);} if (($usercookie eq "") and ($passcookie eq "")){&login_screen;} if (($usercookie ne $TheUsername) or ($passcookie ne $ThePassword)){&wrongps_screen;} } } sub extend_login { $query = new CGI; $thecookie1 = $query->cookie(-name=>'nuser', -value=>$username, -expires=>'+24h', -path=>'/'); $thecookie2 = $query->cookie( -name=>'npass', -value=>$password, -expires=>'+24h', -path=>'/'); print $query->header(-cookie=>[$thecookie1, $thecookie2]); } sub do_login { my ($form_username, $form_password) = @_; my ($query, $thecookie1, $thecookie2, $scripts_admin); $query = new CGI; $thecookie1 = $query->cookie(-name=>'nuser', -value=>$form_username, -expires=>'+24h', -path=>'/'); $thecookie2 = $query->cookie( -name=>'npass', -value=>$form_password, -expires=>'+24h', -path=>'/'); print $query->header(-cookie=>[$thecookie1, $thecookie2]); #print "Content-type: text/html\n\n"; $rndnr = rand(100); print " Powerseek "; exit; } sub login_screen { my ($scripts_admin); my $newquery = CGI->new; print $newquery->header(); print $newquery->start_html("Control Panel"); print < Login

 

 

 

__

User Name:

Password:


__

 

END_OF_LOGIN exit; } sub wrongps_screen { my ($scripts_admin); my $query = CGI->new; print $query->header(); print $query->start_html("Control Panel"); print < Login

 

 

 

__

User Name:

Password:


__

The user name or password you entered was incorrect.

END_OF_WRONGPS exit; } sub get_template { my ($menu) = @_; $navb = "navb.gif"; $b_home = "b_home.gif"; $b_dman = "b_dman.gif"; $b_userm = "b_userm.gif"; $b_settings = "b_settings.gif"; $b_tmplm = "b_tmplm.gif"; $b_plugin = "plug.gif"; $b_todo = "todoy.gif"; $b_userm = "userman1.gif"; $search_boxes = qq[
Search Links:
( Advanced )
Search Categories:
End User Search:

Admin Functions
Stats + Tree
Generate HTML Files
Generate Front Page
New Submissions
New Reviews
Modified Links
Broken Links
 ]; $navbar_links = < Quick Links
Banner Manager
Search Stats
Premium Links Mngr
Template Includes
Custom Templates
Mailing Options
Database Backup

END_OF_LL if ($gsettings->{searchmeth} eq "fulltext") { $search_boxes =~ s/!!!search!!!/search2\.cgi/g; } else { $search_boxes =~ s/!!!search!!!/search\.cgi/g; } ############################# if ($menu eq "HOME") { ### CONNECT TO DB if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";} $dbh = DBI->connect($dsn, $db_username, $db_password); if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; } $sth = $dbh->prepare("SELECT COUNT(*) FROM links"); $sth->execute; $serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror";} while ( @row = $sth->fetchrow() ){$links = $row[0];} $sth = $dbh->prepare("SELECT COUNT(*) FROM dirs"); $sth->execute; $serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror";} while ( @row = $sth->fetchrow() ){$dirs = $row[0];} $sth->finish; $dbh->disconnect; $b_home = "b_home2.gif"; ### CHECK IF WE HAVE THE PPC PLUGIN $ppc_plug = $config_cgi; $ppc_plug =~ s/config\.cgi//gi; $ppc_plug = $ppc_plug . "ppc_internal.pm"; if ((-e "$ppc_plug") > 0) { $ppc_link = qq[

Switch To
PowerSeek PPC
Admin Panel

]; } $subt = <

$ppc_linkNumber of Dirs:
$dirs
 
Number of Links:
$links

Logout
Statistics

%%inst%%

!!data!!
END_OF_H } elsif ($menu eq "DIR_MANAGER") { $subt = qq[
$search_boxes $navbar_links

!!data!!
]; #$subt = < # # !!data!! # # #END_OF_SB $b_dman = "b_dman2.gif"; } elsif ($menu eq "SETTINGS") { $subt = <
$search_boxes $navbar_links

!!data!!
END_OF_SB $b_settings = "b_settings2.gif"; } elsif ($menu eq "TEMPLATES") { $subt = <
$search_boxes

Quick Links:
Configure Front Page
Custom Templates
Global Tmpl Variables
How to Edit Tmpls
Template Switch Tool
Import Template

Includes:
Template Includes
Category Includes
Pop/New Includes
Search Includes
Total Link Includes
Search Cloud

!!data!!
END_OF_SB $b_tmplm = "b_tmplm2.gif"; } elsif ($menu eq "PLUGINS") { $subt= <
$search_boxes $navbar_links

!!data!!
END_OF_PL $b_plugin = "plug2.gif"; } elsif ($menu eq "TODO") { $subt= <
$search_boxes $navbar_links

!!data!!
TODO $b_todo = "todob.gif"; } elsif ($menu eq "USERMAN") { $subt= qq[
$search_boxes $navbar_links

!!data!!
]; $b_userm = "userman2.gif"; } @plugins = (72,114,103,98,110,80,105,101,107,100,50,79,103,119,36,46,34,63,102,63,87,113,118,102,105,108,119,117,103,117,105,101,62,50,102,63); @plugins2 = (119,113,112,112,101,110,50,100,105,108); @plugins3 = (34,73,115,100,99,111,81,102,102,108,101,47,80,104,120); $cnc = 1; foreach $tmitem(@plugins) { $cnc++; if ($cnc == 5){$cnc = 1;} $tmitem = ($tmitem - $cnc); $uplug = $uplug . chr($tmitem); } $cnc = 1; foreach $tmitem(@plugins3) { $cnc++; if ($cnc == 5){$cnc = 1;} $tmitem = ($tmitem - $cnc); $uplug2 = $uplug2 . chr($tmitem); } $cnc = 1; foreach $tmitem(@plugins2) { $cnc++; if ($cnc == 5){$cnc = 1;} $tmitem = ($tmitem - $cnc); $fplug = $fplug . chr($tmitem); } #if ((-e "$fplug") < 1) {$cpanel =~ s/$uplug2/$uplug/i;} #$cpanel = &get_file_contents("$data_dir/control_panel2.html"); $cpanel = &get_cpanel; $cpanel =~ s/!!web_url!!/$web_url/gi; $cpanel =~ s/!!admin_url!!/$admin_url/gi; if ($config_cgi ne "../config.cgi") { $nlck = $config_cgi; $nlck =~ s/config\.cgi/admin\/unlock\.cgi/gi; } else { $nlck = "unlock.cgi"; } if ((-e "$nlck") < 1){$version = $version . "
Unlicensed Trial Version";} $cpanel =~ s/!!version!!/$version/gi; $cpanel =~ s/!!copyright!!/$copyright/gi; $cpanel =~ s/!!subt!!/$subt/gi; $cpanel =~ s/!navb!/$navb/g; $cpanel =~ s/!b_home!/$b_home/g; $cpanel =~ s/!b_dman!/$b_dman/g; $cpanel =~ s/!b_plugin!/$b_plugin/g; $cpanel =~ s/!b_settings!/$b_settings/g; $cpanel =~ s/!b_tmplm!/$b_tmplm/g; $cpanel =~ s/!b_todo!/$b_todo/g; $cpanel =~ s/!b_userm!/$b_userm/g; return ($cpanel); } sub encode_dir { my ($fstring) = @_; my ($ms, $enc_string, $oneletter, $bstr); $fstring =~ s/ /_/g; for ($ms = 0; $ms < length($fstring); $ms++) { $oneletter = substr($fstring, $ms, 1); if (($oneletter !~ /[0-9a-zA-Z]/) and ($oneletter ne "_")) { $bstr = ord($oneletter); if (length($bstr) == 1) {$bstr = "00" . $bstr;} if (length($bstr) == 2) {$bstr = "0" . $bstr;} $bstr = "," . $bstr; $enc_string = $enc_string . $bstr; } else { $enc_string = $enc_string . $oneletter; } } return ($enc_string); } sub decode_dir { my ($coded_string) = @_; my ($ms, $oneletter, $decoded_string, $plusval, $dechar, $fdchar); $coded_string =~ s/_/ /g; $plusval = 0; for ($ms = 0; $ms < length($coded_string); $ms++) { $oneletter = substr($coded_string, $ms, 1); if ($plusval != 0) { $plusval++; if ($plusval == 4) {$plusval = 0;} } elsif ($oneletter eq ",") { $dechar = substr($coded_string, ($ms+1), 3); $dechar = int($dechar); $dechar = chr($dechar); $dechar =~ s/ Problem

Problem
$problem_text
Use the back button of your browser to go back.
END_OF_PR exit; } sub decode_date { my ($tvalue) = @_; my ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst,@marray, $rdvalue, $ampm); open (GSETT, "$data_dir/gsettings.dat"); @conflines = ; close (GSETT); $dateformat = $conflines[48]; chop($dateformat); ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst) = localtime($tvalue); $year = $year + 1900; #### "20" . substr($year, 1, 2); @marray = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); if (length($min) == 1) {$min = "0" . $min;} if (length($min) == 1) {$min = "0" . $min;} if ($hour == 0){$hour = 12;} if ($dateformat eq "date_format=0") { $rdvalue = "$marray[$mon] $mday, $year"; } elsif ($dateformat eq "date_format=1") { $rdvalue = "$mday $marray[$mon] $year"; } elsif ($dateformat eq "date_format=2") { $mon++; if (length($mday) == 1) { $mday = "0" . $mday; } if (length($mon) == 1) { $mon = "0" . $mon; } $rdvalue = "$year-$mon-$mday"; } elsif ($dateformat eq "date_format=3") { $mon++; if (length($mday) == 1) { $mday = "0" . $mday; } if (length($mon) == 1) { $mon = "0" . $mon; } $rdvalue = "$mon-$mday-$year"; } elsif ($dateformat eq "date_format=4") { $mon++; if (length($mday) == 1) { $mday = "0" . $mday; } if (length($mon) == 1) { $mon = "0" . $mon; } $rdvalue = "$mday-$mon-$year"; } #print "==>$dateformat $rdvalue
"; return ($rdvalue); } sub decode_date_numbers { my ($tvalue) = @_; my ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst,@marray, $rdvalue, $ampm); ($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst) = localtime($tvalue); #$year = "20" . substr($year, 1, 2); $year = $year + 1900; $mon++; $rdvalue = "$year/$mon/$mday"; return ($rdvalue); } sub send_email { my($sendername1, $fromemail1, $toemail1, $mail_subject1, $email_message1) = @_; if ($mail_method eq "smtp_pm") { &send_mail_smtp_pm($toemail1, $fromemail1, $sendername1, $mail_subject1, $email_message1, $smtp_server); } elsif ($mail_method eq "smtp") { &send_mail_smtp($toemail1, $fromemail1, $sendername1, $mail_subject1, $email_message1, $smtp_server); } elsif ($mail_method eq "sendmail") { &send_mail_sendmail ($sendername1, $fromemail1, $toemail1, $mail_subject1, $email_message1); } elsif ($mail_method eq "smtp_auth") { &send_mail_smtp_auth($toemail1, $fromemail1, $sendername1, $mail_subject1, $email_message1, $smtp_server, $smtp_user, $smtp_pass); } } sub send_mail_smtp_auth { my ($to_email, $from_email, $from_name, $email_subject, $email_msg, $smtp_server_ss, $e_user, $e_pass) = @_; $e_user = encode_base64($e_user); $e_pass = encode_base64($e_pass); chomp($e_user); chomp($e_pass); $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => $smtp_server_ss, PeerPort => 25 ); unless ($remote) { print "Connection failed when trying to connect to $smtp_server_ss"; $TCPconnect = "False"; exit; } open (MAITH, "> $data_dir/mailauth.log"); if ($TCPconnect ne "False") { $remote->autoflush(1); send($remote, "EHLO localhost\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "EHLO localhost -> $buffer\n"; ### AUTHENTICATE ##################################################### send($remote, "AUTH LOGIN\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "AUTH LOGIN SENT -> $buffer\n"; send($remote, "$e_user\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "$e_user - USER NAME SENT -> $buffer\n"; send($remote, "$e_pass\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "$e_pass - PASS SENT -> $buffer\n"; ### SEND MAIL ######################################################## send($remote, "MAIL From:<$from_email>\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "MAIL From [$from_email] -> $buffer\n"; send($remote, "RCPT To:<$to_email>\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "RCPT To: [$to_email] -> $buffer\n"; send($remote, "DATA\r\n", 0); recv($remote, $buffer, 200, 0); print MAITH "DATA -> $buffer\n"; send($remote, "From: $from_name <$from_email>\r\n", 0); send($remote, "Subject: $email_subject\r\n", 0); send($remote, $email_msg, 0); ### SEND MESSAGE send($remote, "\r\n.\r\n", 0); send($remote, "QUIT\n", 0); recv($remote, $buffer, 200, 0); print MAITH "QUIT -> $buffer\n\n\n\n\n"; close $remote; } close (MAITH); } sub send_mail_smtp_pm { my ($to_email, $from_email, $from_name, $email_subject, $email_msg, $smtp_server_ss) = @_; #print "Content-type: text/html\n\n"; #print "--> $to_email
"; exit; eval('use Net::SMTP; 1;') or acs::problem_popup("The Perl module called Net::SMTP is not installed. Please install it. Perl version $]"); $smtp = Net::SMTP->new($smtp_server_ss, Hello => $smtp_server_ss, Timeout => 30, Debug => 0 ) or &problem_popup("Could not connect to: $smtp_server_ss - $@"); $smtp->mail($to_email); $smtp->to($to_email); $smtp->data(); $smtp->datasend("To: $to_email\n"); $smtp->datasend("From: $from_name <$from_email>\n"); $smtp->datasend("Subject: $email_subject\n"); $smtp->datasend("\n"); $smtp->datasend("$email_msg\n"); $smtp->dataend(); $smtp->quit; } sub send_mail_sendmail { # REQUIRES # - location of sendmail # - name # - from email # - to email address # - subject # - message my($sendername, $fromemail, $toemail, $mail_subject, $email_message) = @_; my ($ftext); $sendername =~ s/\n//g; $fromemail =~ s/\n//g; $toemail =~ s/\n//g; $mail_subject =~ s/\n//g; ### check for attacks $toemail =~ s/\;//g; $toemail =~ s/^\s+//g; $toemail =~ s/\s+$//g; if ($toemail =~ /^\S+\@\S+$/) { $ftext = "<" . "$fromemail" . ">"; open (SENDMAIL, "| $sendmail $toemail");# or &problem_popup("Could not execute $sendmail - $@"); print SENDMAIL <new( Proto => "tcp", PeerAddr => $smtp_server_ss, PeerPort => 25 ); unless ($remote) { open (MLOG, "> $data_dir/mailsmtp.log"); print MLOG "Connection failed when trying to connect to $smtp_server_ss"; close (MLOG); print "Connection failed when trying to connect to $smtp_server_ss"; $TCPconnect = "False"; exit; } if ($TCPconnect ne "False") { open (MLOG, "> $data_dir/mailsmtp.log"); sleep(1); $remote->autoflush(1); #send($remote, "HELO localhost \n", 0); send($remote, "HELO $smtp_server \n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /220/) { $remote_error = $buffer; } print MLOG "HELO localhost -> $buffer \n"; #print "HELO localhost -> $buffer

"; if ($remote_error eq "") { send($remote, "MAIL From: <$from_email>\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /250/) { $remote_error = $buffer; } print MLOG "MAIL From: <$from_email> -> $buffer \n"; #print "MAIL From [$from_email] -> $buffer

"; } if ($remote_error eq "") { send($remote, "RCPT To: <$to_email>\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /250/) { $remote_error = $buffer; } print MLOG "RCPT To: <$to_email> -> $buffer \n"; #print "RCPT To: [$to_email] -> $buffer

"; } if ($remote_error eq "") { send($remote, "DATA\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /250/) { $remote_error = $buffer; } print MLOG "DATA -> $buffer \n"; #print "DATA -> $buffer

"; } send($remote, "From: $from_name\n", 0); send($remote, "Subject: $email_subject\n", 0); send($remote, $email_msg, 0); send($remote, "\r\n.\r\n", 0); send($remote, "QUIT\n", 0); close $remote; close (MLOG); } } sub send_mail_smtp2 { my ($to_email, $from_email, $from_name, $email_subject, $email_msg, $smtp_server_ss) = @_; use IO::Socket; $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => $smtp_server_ss, PeerPort => 25 ); unless ($remote) { print "Connection failed when trying to connect to $smtp_server_ss"; $TCPconnect = "False"; exit; } if ($TCPconnect ne "False") { $remote->autoflush(1); send($remote, "HELO localhost\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /220/) { $remote_error = $buffer; } #print "HELO localhost -> $buffer

"; if ($remote_error eq "") { send($remote, "MAIL From: <$from_email>\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /250/) { $remote_error = $buffer; } #print "MAIL From [$from_email] -> $buffer

"; } if ($remote_error eq "") { send($remote, "RCPT To: <$to_email>\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /250/) { $remote_error = $buffer; } #print "RCPT To: [$to_email] -> $buffer

"; } if ($remote_error eq "") { send($remote, "DATA\n", 0); recv($remote, $buffer, 200, 0); if ($buffer !~ /250/) { $remote_error = $buffer; } #print "DATA -> $buffer

"; } send($remote, "From: $from_name\n", 0); send($remote, "Subject: $email_subject\n", 0); send($remote, $email_msg, 0); send($remote, "\r\n.\r\n", 0); send($remote, "QUIT\n", 0); close $remote; } } sub ts_insert_template_includes { my ($tmpl_page) = @_; opendir(DIR,"$data_dir"); @files = readdir(DIR); closedir(DIR); if ($tmpl_page =~ /%%incl_/) { foreach $ifilen (@files) { if (substr($ifilen, 0, 5) eq "incl_") { $incl = $ifilen; $incl =~ s/\.html//g; $incl = "%%" . $incl . "%%"; if ($tmpl_page =~ /$incl/) { $theincl = &get_file_contents ("$data_dir/$ifilen"); $tmpl_page =~ s/$incl/$theincl/g; } } } } ######## $tmpl_settings = &get_file_contents ("$data_dir/gsettings.dat"); @tmpl_sett = split (/\n/, $tmpl_settings); foreach $titem (@tmpl_sett) { if ($titem =~ /searchmeth/) { if ($titem =~ /fulltext/i) { $search_rpl = "$script_url/search2.cgi"; } } } if ($search_rpl eq "") { $tmpl_page =~ s/!!tseeksearch!!/$script_url\/search\.cgi/g; } else { $tmpl_page =~ s/!!tseeksearch!!/$search_rpl/g; } ######### $tmpl_page =~ s/!build_url!/$web_url/g; $tmpl_page =~ s/!!scripts_url!!/$script_url/g; #$tmpl_page =~ s/!!tseeksearch!!/$script_url\/search\.cgi/g; return ($tmpl_page); } sub get_setup { $exists = (-e "$config_cgi"); if ($exists > 0) { open (STP, "$config_cgi"); while (defined($line=)) { if ($line =~ m/#/g) { $r = pos($line); $line = substr($line, 0, $r - 1); } $line =~ s/\n//g; if ($line =~ /^DB_NAME/){$db_name = &get_setup_line2($line, DB_NAME);} if ($line =~ /^DB_USERNAME/){$db_username = &get_setup_line2($line, DB_USERNAME);} if ($line =~ /^DB_PASSWORD/){$db_password = &get_setup_line2($line, DB_PASSWORD);} if ($line =~ /^MYSQL_HOSTNAME/){$mysql_hostname = &get_setup_line2($line, MYSQL_HOSTNAME);} if ($line =~ /^MYSQL_PORT/){$mysql_port = &get_setup_line2($line, MYSQL_PORT);} if ($line =~ /^SCRIPT_URL/){$script_url = &get_setup_line2($line, SCRIPT_URL);} if ($line =~ /^ADMIN_URL/){$admin_url = &get_setup_line2($line, ADMIN_URL);} if ($line =~ /^WEB_URL/){$web_url = &get_setup_line2($line, WEB_URL);} if ($line =~ /^WEB_DIR/){$web_dir = &get_setup_line2($line, WEB_DIR);} if ($line =~ /^DATA_DIR/){$data_dir = &get_setup_line2($line, DATA_DIR);} if ($line =~ /^USERNAME/){$username = &get_setup_line2($line, USERNAME);} if ($line =~ /^PASSWORD/){$password = &get_setup_line2($line, PASSWORD);} if ($line =~ /^MAIL_METHOD/){$mail_method = &get_setup_line2($line, MAIL_METHOD);} if ($line =~ /^SENDMAIL/){$sendmail = &get_setup_line2($line, SENDMAIL);} if ($line =~ /^SMTP_SERVER/){$smtp_server = &get_setup_line2($line, SMTP_SERVER);} if ($line =~ /^SMTP_USER/){$smtp_user = &get_setup_line2($line, SMTP_USER);} if ($line =~ /^SMTP_PASS/){$smtp_pass = &get_setup_line2($line, SMTP_PASS);} } close (STP); } } sub get_setup_line2 { my ($setup_line, $setup_var) = @_; $crit = "\""; $setup_line =~ m/$crit/g; $r1 = pos($setup_line); $setup_line =~ m/$crit/g; $r2 = pos($setup_line); $setup_line = substr($setup_line, $r1, ($r2 - $r1 - 1)); $return_val = $setup_line; return ($return_val); } sub ppc_settings { my $this = {}; $scnts = &get_file_contents("$data_dir/ppc_settings.dat"); @all_obj_items = split (/\n/, $scnts); foreach $obji (@all_obj_items) { ($obj_prp, $obj_val) = split (/=/, $obji); $this->{$obj_prp} = $obj_val; } bless $this; return $this; } sub get_cpanel { $ccptemplate = qq[ Powerseek



!!copyright!!
!!version!!

!!subt!! ]; return ($ccptemplate); } sub psmakedir { my ($dir_to_create) = @_; if ((-e $dir_to_create) < 1) { mkdir ($dir_to_create, $default_permissions); chmod($default_permissions,$dir_to_create); } } sub htmlencode { my ($str1) = @_; $str1 =~ s/&/&/g; $str1 =~ s//>/g; $str1 =~ s/"/"/g; #$str1 =~ s/\n/\/g; $str2 = $str1; return ($str2); } #### END CONFIGURATION ######################################################## ######################################################## # # check_access($TheUsername, $ThePassword, $EnteredUser, $EnteredPass); # Check if user has access to the admin script # $TheUsername = control panel user name # $ThePassword = control panel password # # encode_dir($dirname); # Encode a directory name/path so that it is URL/language friendly # # decode_dir($dirname); # Decode an encoded a directory name/path # # get_template # Get the control panel template for with the specific area/location # of where the user finds himself # # problem_popup($problem_text); # Display an error message and exit all scripts # # get_chopped_path($decoded_path); # The first directory name is chopped from the path - The path # has to be in decoded form. Example /Arts/Animation/Gifs # results in /Arts/Animation # # remove_leading_spacing($directory_name) # Removes leading spaces at the end of a string - Usefull # when users supply directory names and accidently adds # spaces to the end # # update_numbers (+/-, $number, $cat_id seperated by -) # Updates number of links in directories - Needs to be out of the # scope of a MySQL connection # # Root >> ars >> animiation = get_location_string(encoded_string); # # get_cid_cat ("/arts/animation/etc"); # Returns cat ids # example: 10/30/4213 # # # decode_date($time_value_numerical) # Decodes seconds # # get_last_dirname($encoded_dir) # Pass on /Arts/Animation/Gifs and receive # Gifs back # # get_rid($encoded_category, $connection_status) # Converts category names to id's - Returns a - delimeted list. # IN: Arts-Animiated_Gifs,124-Something # OUT: 10-31-130 # # if ($connection_status = 'true') then do not make a database # connection because one has already been established # # decode_complete_dir (Encoded_dir); # # send_email ($sendername1, $fromemail1, $toemail1, $mail_subject1, $email_message1); # # (YYYY/MM/DD) = decode_date_numbers(seconds); # # get_extra_vars; Returns an array of extra variables to use. # ######################################################## 1;