Administration

#!/usr/bin/perl ################################################################################## # # Poster v1.201 # # This script is among the easiest to configure. Upload it to your 'nix # server in a directory like http://site/admin, chmod it to 755, then # specify the directory you will give your users to read from. This # should be a new or empty directory. Make this specification using the # $put variable. # # You must take care to have these directories both be in symmetrical # locations. For example, you can put them in http://site/admin/ and # http://site/posts/, or you can put them in http://site/area/admin/ and # http://site/area/posts/, or even http://site/one/admin/ and # http://site/two/posts/. You cannot put them in http://site/area/admin # and http://site/posts. # # The form of your variable for the location will be relative to the script # and similar to: # # $put = "../posts" # # v1.201 adds useful error (status?) messages in the install process so that # those will restrictive server settings will know to do create their ../posts # folder manually with proper permissions. It also tightens up the code by # using more functions. # # Poster v1.20 adds ability to save archives to email. # # Poster v1.11 creates a smarter interface for the first posting to force the # administrator to write the first article rather than accidentally archiving # the placeholder files. # # Poster v1.1 added optional password protection and allows $put folder to be # renamed after already creating files. # # Poster v1.001 fixed a problem that caused the archive # feature to incompletely store files. # ##################################### faker@faketp.com $put = "../posts"; ################################################################################## # # You have finished the required configuration. The next variables are optional. # ################################################################################## # To use simple password protection of your admin page, make $protect = "yes" $protect = "no"; # If using simple password protection, set your password here $password = "password"; # THESE VARIABLE MUST BE DONE CORRECTLY!!! YOU MUST TYPE "\" BEFORE THE "@" SYMBOL!!! # If you want messages emailed to an address when they are archived, enter that address here # using a format like "user\@inter.net" for user@inter.net. You must use "\@" or get errors. $mto=""; # Return address of emails sent by this script, e.g. "server\@inter.net". $mfrom=""; ######################################################### # # THAT'S IT. NO MORE CONFIG REQUIRED # ######################################################### &parse; &vars; if ($protect eq "yes") { &auth; } &head; if ($action eq 'post') {&post} elsif ($action eq 'npost') {&npost}# elsif ($action eq 'ncreate') {&ncreate}# elsif ($action eq 'create') {&create} elsif ($action eq 'rcreate') {&rcreate} elsif ($action eq 'nedit') {&nedit}# elsif ($action eq 'template') {&template}# else {&pstart}# &foot; ############################## sub head { # Write the header used on each admin page print "Content-type: text/html\n\n"; print <

Administration

EOF # This creates the necessary files. It should be run at setup if ($action eq 'fmake') {&fmake} # This checks whether setup has been run and directs user there if it hasn't been unless (-e "$put/afile.txt") { print "This tool is not fully configured.

You should click to run FileConfig.

"; &foot; } } ############################## sub foot { # Write the footer used on each admin page print <

This fine stuff from faketp.com.

EOF exit; } ############################## sub pstart { # Main admin page that asks user what she wants to do open (READ_FILE, "<$put/current_title.txt"); $cur_title = ; close (READ_FILE) || &ezerror("3"); # Check whether tool has been used before. If not, force first edit. If so, allow edit or new. if ($cur_title =~ /^Default Title$/) { print <Congratulations on choosing this fine software to manage content on your site.

You should see this message only the first time you post your content. Henceforth you will be ready to take advantage of other features. Please:

post your initial content

EOF } else { print <Edit Pages--The tool lets you control content displayed on this web site. If you wrote something incorrectly in the most recent article and you need to make a small change in it, or if you want to delete its content and replace it with something else, pick this option:

Edit the current story

If you want to save the current story into your archives and you are ready to put up a new story all together, then you should pick this option:

Replace it with a new item

EOF } } ############################### sub nedit { # Edit existingn article $item="posting"; $Item="Posting"; $exit_action="npost"; $title="$put/current_title.txt"; $body="$put/current_body.txt"; open (FILE, "$title"); @title = ; close (FILE); open (FILE, "$body"); @body = ; close (FILE); print "

\nEdit Existing $Item Item

\n"; } ############################## sub npost { # Process the request to edit current article $title_cont = $formdata{'title'}; $body_cont = $formdata{'body'}; $title="$put/current_title.txt"; $body="$put/current_body.txt"; &new_file("$title","$title_cont"); &new_file("$body","$body_cont"); print "

Received!

Your input has been received. You can go to the home page or you can return to the admin page."; } ############################## sub template { # Make new posting and archive the old $exit_action="ncreate"; $Item="Posting"; print <

Post A New $Item Item

Title:
*Message Body:**



* You can make paragraph breaks in your message by putting your message in multiple boxes above.

; close (READ_FILE) || &ezerror("3"); open (READ_FILE, "<$put/current_body.txt"); @cur_body = ; close (READ_FILE) || &ezerror("4"); open (READ_FILE, "<$put/afile.txt"); $afile = ; close (READ_FILE) || &ezerror("5"); # set variables for formatting and refering to the archive file $item="posting" || &ezerror("ncreate_posting"); $Item="Posting" || &ezerror("ncreate_Posting"); $arc = "$put/nav_body.txt" || &ezerror("ncreate_arc"); # find what increment we're on for numbering &inc_count || &ezerror("ncreate_inc_count"); # print new record onto the archives list &add_to_top("$arc","$cur_title$date\n"); sub inc_count { open (NUMBER, "<$put/number.txt"); $post = || &set_number; close (NUMBER) || &ezerror("1"); sub set_number { open (NUMBER, ">$put/number.txt"); print NUMBER "1"; $post = "1"; } $post++; $newpost = $post; &new_file("$put/number.txt","$newpost"); } $title="$put/current_title.txt"; $body="$put/current_body.txt"; &new_file("$put/$afile","\n\n\n\n

$cur_title

@cur_body

\n\n
\n\n"); $title_cont = $formdata{'title_cont'}; $afile="$item$post$mday$mon.shtml"; $mid = $formdata{'body_cont'}; @midm = split(/29883612/, $mid); foreach $bit(@midm) { $bit =~ s/^\,\ //; $bit =~ s/\,\ $//; } open (WIPE, ">$body"); foreach $thing(@midm) { unless ($thing =~/^$/) {print WIPE "

$thing\n" } } close (WIPE); &new_file("$title","$title_cont"); &new_file("$put/afile.txt","$afile"); &send_mail("This is from your site."); print "

Received!

Your input has been received. Look at your posting or go to the Admin page.

"; } ############################## sub vars { # Set standard variables if ($site_name eq "") { $site_name = "Your Site" } unless (-e $put) { mkdir($put, 0777) || &ezerror("You have specified that this script should store files in the following directory:

$putThis directory does not exist on your web server. The script tried to create it for you, but your web server doesn\'t allow it permission to do so. Unless your administrator will change the permissions, you must create the needed directory manually with its permissions set to 777 (read, write, execute all). Once you create the needed directory, run this script again and you will be able to continue.") } $action=$formdata{'action'}; $file=$formdata{'file'}; $file="$put/$file"; $dtemh="Administration"; $dtemf=""; $dadmh=$dtemh; $dadmf=$dtemf; opendir (DIR,"$put") || &ezerror("opendir to dir_loc"); @dir = readdir (DIR); @dir = sort (@dir); closedir (DIR); &Dates; ############################### sub truncate { # currently off? # Make truncated article: $body_cont =~/(.{1,150})/; $body_trunc = $1; # Write truncated article to file: &new_file("$put/news_trunc.txt","$body_trunc"); } ############################### sub auth { # see whether user is trying to submit password if ($formdata{'auth'}) { print "Set-Cookie:auth=$formdata{'auth'}\n"; print "Content-type: text/html\n\n"; print "\n"; &foot;exit; } # see whether user has a password cookie and assign its variable if ($ENV{'HTTP_COOKIE'}) { @cookies = split (/;/, $ENV{'HTTP_COOKIE'}); foreach $cookie (@cookies) { ($name, $value) = split (/=/, $cookie); $crumbs{$name} = $value; } $passedout = "$crumbs{'auth'}"; } # if there's no password cookie, ask for password unless ($passedout) { &head;&ask;&foot;exit } # if the password is wrong, ask again unless ($passedout eq $password) { &head;print "Your password is incorrect.\n";&ask;&foot;exit; } # here's the subroutine for asking for password sub ask { print < Enter your password here:*

* Have you already entered your password? Then refresh this page. If you're having no luck, then your browser is not storing the required cookie. EOF } } ############################### sub fmake { # Makes the needed files print "

This script will now make sure needed files exist.

\n \n \n \n "); &fmake_it("$put/head.txt"," \n \n \n \n \n

\n \n "); &fmake_it("$put/nav_title.txt","\n Archives: \n\n"); &fmake_it("$put/news_subnav.txt","\n \n

[ Home | Current Article | Archives ]

\n \n "); &fmake_it("$put/nav_body.txt","\n"); &fmake_it("$put/archives.shtml","\n \n \n \n \n

\n \n \n

Subject	Date

\n \n "); &fmake_it("$put/number.txt","1"); &fmake_it("$put/index.shtml","\n \n \n \n

\n \n \n "); &fmake_it("$put/style.css","\n p { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt} \n td { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt; vertical-align: top} \n pre { font-family: \"Courier New\", Courier, mono; font-size: 10pt} \n caption { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11pt} \n .subhead2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12pt} \n h2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 18pt font-weight: light } \n code { font-family: \"Courier New\", Courier, mono; font-size: 10pt} \n th { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt ; font-weight: bold} \n sup { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 9pt} \n .bodyItalic { font-family: Verdana, Arial, Helvetica, sans-serif; font-style: italic; font-size: 10pt} \n h1 { font: bold normal 24pt Verdana, Arial, Helvetica, sans-serif} \n h3 { font: bold normal 14pt Verdana, Arial, Helvetica, sans-serif} \n h4 { font: bold normal 11pt Verdana, Arial, Helvetica, sans-serif} \n li { font: 10pt Verdana, Arial, Helvetica, sans-serif} \n ul { font: 10pt Verdana, Arial, Helvetica, sans-serif} \n .buttons { font: bold normal 9pt Verdana, Arial, Helvetica, sans-serif} \n h5 { font: bold normal 10pt Verdana, Arial, Helvetica, sans-serif} \n h6 { font: bold normal 9pt Verdana, Arial, Helvetica, sans-serif} \n body { background-color:#ffffff } \n a:link {color:#0000ff} \n a:visited {color: #004080} \n a:active {color:#808080} \n a:hover {color:#808080; text-decoration: none} \n "); print "

You can return to the admin page."; sub fmake_it { if (-e "$_[0]") { print "

$_[0] already exists.
\n" } else { open (FILE, ">$_[0]") || &ezerror("The directory this script is trying to write to needs its permissions changed to all read, write, and execute (777). Once you change these permissions, you will be able to rerun this script and proceed."); print FILE "$_[1]" || &ezerror("ne33"); close (FILE); print "

$_[0] has now been created.
\n"; } } &foot; } ############################## sub parse { if ($ENV{'REQUEST_METHOD'} eq 'GET') { @pairs = split(/&/, $ENV{'QUERY_STRING'}); } elsif ($ENV{'REQUEST_METHOD'} eq 'POST') { read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); if ($ENV{'QUERY_STRING'}) { @getpairs =split(/&/, $ENV{'QUERY_STRING'}); push(@pairs,@getpairs); } } else { print "Content-type: text/html\n\n"; print "

Use Post or Get"; } foreach $pair (@pairs) { ($key, $value) = split (/=/, $pair); $key =~ tr/+/ /; $key =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~s///g; # DISALLOWs BOTH DANGEROUS SERVER-SIDE INCLUDES & USEFUL HTML COMMENTS if ($formdata{$key}) { $formdata{$key} .= ", $value"; } else { $formdata{$key} = $value; } } } ############################## sub send_mail { if ($mto) { $title="$put/current_title.txt"; $body="$put/current_body.txt"; open (FILE, "$title"); @title = ; close (FILE); open (FILE, "$body"); @body = ; close (FILE); open (MAIL,"|/usr/sbin/sendmail -t") || &ezerror("Can't open sendmail"); print MAIL "To: $mto \nFrom: $mfrom\n"; print MAIL "X-MSMail-Priority: Normal \n"; print MAIL "Subject: ARCHIVED: $cur_title"; print MAIL "\n$_[0] \n\n"; # This is the message passed to sub as param print MAIL "--------------------------------------------------------- \n"; print MAIL "Subject: $cur_title "; print MAIL "--------------------------------------------------------- \n"; print MAIL "@cur_body "; print MAIL "--------------------------------------------------------- \n"; close (MAIL); } } ############################## sub ezerror { print "Content-type: text/html\n\n"; print "An error occurred: $_[0]\n"; exit; } ############################## sub add_to_top { # takes two parameters. the location of file to being added to in descending order and the content to be put at the top of that list. # example: &add_to_top("file.txt","new_line\n"); open (REV, "<$_[0]") || &ezerror("ncreate_open $REV"); @REV=; close (REV); open (REV,">$_[0]"); print REV "$_[1]"; print REV "@REV"; close (REV); } ############################## sub new_file { # takes two parameters. the location of file to being created or overwritten and the content to be written. # example: &new_file("file.txt","content\n"); open (FILE, ">$_[0]"); print FILE "$_[1]"; close (FILE); } ############################# sub file2arr { # this subroutine is broken # takes two parameters. the location of file to being read and the variable you'll assign it to. # example: &file2arr("file.txt","variable\n"); open (READ_FILE, "<$_[0]"); $_[1] = ; close (READ_FILE) || &ezerror("3"); } ############################## sub Dates { ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)=localtime(time); $y2k = $year + 1900; @days = qw(Sunday Monday Tuesday Wednesday Thursday Friday Saturday); @months = qw(January February March April May June July August September October November December); @moXX = qw(1 2 3 4 5 6 7 8 9 10 11 12); $date = $mday; $date = "$mday $months[$mon] $y2k" || &ezerror("sub DefineVars"); } } ########## Still to do: # # Fix the broken ed_file feature. # # Allow users to configure the list of recipients for emails online and to opt whether a specific # incident of posting should be sent by email using a chaeckbox. # # Give users a form to upload images to a specified directory. # # Make a smart path for creating posts such that users will be asked whether their post needs # an image. If so, send through image upload screen, image verification screen, and then to the # text input screen. # # Make javascript for image presentation that when function graphic("image.gif","300","200","Caption") # is called, it will load image.gif of width=300 and height=200 into a table with a border and a # caption below it. Load function script into the header of all pages as an include. # # Make archives list editable. Read lines of archives file, put each into an array, write each # to a wide text box for editing/deletion. Each box has a checkbox selected next to it. To delete, # a user can deselect the box. To edit, the user changes the content. Either of these changes # is made irrevocable by pressing the submit button. # # When running fmake, prompt user to choose whether to enter own header, footer or to take default. # ############################################################################################