#!/usr/bin/perl # ### FREEWARE UBB SCRIPT ## # # Ultimate Bulletin Board is copyright Infopop Corporation, 1998-1999. # # ------------ ubbmisc.cgi ------------- # # This file contains functionality for the Freeware UBB. # # Infopop Corporation offers no # warranties on this script. The owner/licensee of the script is # solely responsible for any problems caused by installation of # the script or use of the script, including messages that may be # posted on the BB. # # All copyright notices regarding the Ultimate Bulletin Board # must remain intact on the scripts and in the HTML # for the scripts. These "powered by" and copyright notices MUST # remain visible when the pages are viewed on the Internet. # # You may not SELL this script. You may offer it freely to others. # It is freeware. You may not alter the code and then call it another # name. You may not alter the code and then resell it under another # name, either. # # For more info on the Ultimate BB, including licensing info, # see http://www.UltimateBB.com # ############################################################### # #If you are running UBB on IIS, #you may need to add the following line #if so, just remove the "#" sign before the print line below #print "HTTP/1.0 200 OK\n"; eval { ($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); # Get the script location: UNIX / or Windows / ($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); # Get the script location: Windows \ #substitute all require files here for the file require "UltBB.setup"; require "Date.pl"; require "mods.file"; require "ubb_library.pl"; require "ubb_library2.pl"; }; print ("Content-type: text/html\n\n"); if ($@) { print "Error including required files: $@\n"; print "Make sure these files exist, permissions are set properly, and paths are set correctly."; exit; } &ReadParse; foreach $row(@in) { ($Name, $Value) = split ("=", $row); $Name = &decodeURL($Name); $Value = &decodeURL($Value); if ($Name eq "forum") { $Forum = $Value; $Forum =~ s/\/\\//g; $ForumCoded = &HTMLIFY($Forum); $ForumCoded =~ tr/ /+/; $Forum = &UNHTMLIFY($Forum); } if ($Name eq "TopicSubject") { $TopicSubject = $Value; $TopicSubject =~ s/<.+?>//g; $TopicSubject = &UNHTMLIFY($TopicSubject); } if ($Name eq "UserName") { $UserName = $Value; $UserNameFile = $UserName; $UserNameFile =~ s/ /_/g; #remove spaces } if ($Name eq "PasswordConfirm") { $PasswordConfirm = $Value; } if ($Name eq "number") { $number = $Value; } if ($Name eq "DaysPrune") { $DaysPrune = $Value; } if ($Name eq "topic") { $topic = $Value; } if ($Name eq "Email") { $Email = $Value; $Email =~tr/A-Z/a-z/; } if ($Name eq "URL") { $URL = &CleanThis($Value); $URL = &PipeCleaner($URL); } if ($Name eq "Permissions") { $Permissions = $Value; } if ($Name eq "Occupation") { $Occupation = &CleanThis($Value); $Occupation = &PipeCleaner($Occupation); } if ($Name eq "Location") { $Location = &CleanThis($Value); $Location = &PipeCleaner($Location); } if ($Name eq "TotalPosts") { $TotalPosts = $Value; } if ($Name eq "Status") { $Status = $Value; } if ($Name eq "Interests") { $Interests = &CleanThis($Value); $Interests = &PipeCleaner($Value); } if ($Name eq "sendto") { $sendto = $Value; } } # end FOREACH $row if ($VariablesPath eq "") { $VariablesPath = $CGIPath; } $ReplyMessage = $in{'ReplyMessage'}; $Message = $in{'Message'}; $SubjectCoded = &HTMLIFY($TopicSubject); $SubjectCoded =~ tr/ /+/; if ($in{'action'} eq "getbio") { &GetBio; } if ($in{'action'} eq "editbio") { &EditBio; } if ($in{'action'} eq "checkbioid") { &CheckBioID; } if ($in{'action'} eq "modifybio") { &ModifyBio; } if ($in{'action'} eq "RegSubmit") { &RegSubmit; } sub GetBio { @thisprofile = &OpenProfile("$UserName.cgi"); $EmailView = $thisprofile[11]; $Signature = $thisprofile[12]; chomp($Signature); if (($EmailBlock eq "ON") || ($EmailView eq "no")) { $EmailField = "Not available."; } else { $EmailField = "$thisprofile[2]"; } &ViewBioHTML; } ## END GET BIO sr sub CheckBioID { if (($in{'UserName'} eq "") || ($in{'Password'} eq "")) { &StandardHTML("You did not complete all required form fields! Please go back and re-enter."); } else { $NameFound = "no"; if (-e "$MembersPath/$UserNameFile.cgi") { $NameFound = "yes"; } if ($NameFound eq "yes") { #Check Password Now @thisprofile = &OpenProfile("$UserName.cgi"); if ($in{'Password'} eq "$thisprofile[1]") { $pwmatch = "true"; $Password = $thisprofile[1]; $Email = $thisprofile[2]; $URL = $thisprofile[3]; $Occupation = $thisprofile[5]; $Location = $thisprofile[6]; $Interests = $thisprofile[9]; $Status = $thisprofile[8]; $TotalPosts = $thisprofile[7]; $Permissions = $thisprofile[4]; $DateRegistered = $thisprofile[10]; $EmailView = $thisprofile[11]; &ProcessEdit; } } ## END IF MEMBER = Username.cgi condition if ($NameFound ne "yes") { &StandardHTML("We have no one registered with that user name. Use your back button to try again."); } if (($NameFound eq "yes") && ($pwmatch ne "true")) { &StandardHTML("Sorry, but the password you entered was not correct. Please try again. Use your Back button."); } } # end check for missing fields } ## END CheckBioID SR ### ## HTML CODE #### sub EditBio { print< $BBName - Edit Profile Modify Your Profile

It is your responsibility to keep your profile information up-to-date. Do not ask the administrator or moderators to do this for you.

To modify your current profile information, please identify yourself below.

UserName
Password

EDITbioHTML } ##END EDIT BIO SR sub BioModifyConfirmHTML { print< Member Profile Modification Confirmation

Thank you, $UserName. Your profile has been successfully updated.

$ModifyWarning

Return to: Forums Summary Page
Edit Your Profile
Help/FAQ
HTML } ## END Bio Modify Confirmation sr sub ViewBioHTML { if ($thisprofile[10] eq "") { $DateRegistered = "Not available."; } else { $DateRegistered = "$thisprofile[10]"; } print < Profile for $thisprofile[0]

Date Registered: $DateRegistered
Status: $thisprofile[8]
Total Posts: $thisprofile[7]
Current Email: $EmailField
Homepage: $thisprofile[3]
Occupation: $thisprofile[5]
Location: $thisprofile[6]
Interests: $thisprofile[9]
BioHTML } ## END View BIO HTML sr sub ProcessEdit { if ($EmailView eq "no") { $EVno = "CHECKED"; } else { $EVyes = "CHECKED"; } print< Modify Your Profile

Thank you! We have confirmed your identity, $UserName ($Status).

Feel free to modify any of the fields below.

Email Address
Password
Homepage
Occupation
City, State, Country
Interests
Keep your email address viewable to other users when you post notes?
yes no

EditHTML } ##END Process Edit SR sub RegSubmit { if (($UseEmail eq "ON") && ($EmailVerify eq "ON")) { if ( ($in{'UserName'} eq "") || ($in{'Email'} eq "") || ($in{'Email'} !~ /\@/) ) { &StandardHTML("You did not properly complete all required form fields! Remember that you must enter a valid email address. Please go back and re-enter."); } else { &GoAhead; } } else { if ( ($in{'UserName'} eq "") || ($in{'Email'} !~ /\@/) || ($in{'Password'} eq "") || ($PasswordConfirm eq "") ) { &StandardHTML("You did not properly complete all required form fields! Remember that you must enter a valid email address. Please go back and re-enter."); } else { if ($in{'Password'} eq "$PasswordConfirm") { &GoAhead; } else { &StandardHTML("Registration Failed!

You failed to type the same password twice on the registration form. Please go back and try again.

Use your back button to try again."); } } } } ## END RegSubmit SR ## sub GoAhead { #check for illegal (non alphanumeric characters) $_ = "$UserNameFile"; if ((m/\W+/) || (m/\b[_]/) || (m/[_]\b/) || (m/_{2,}/)) { &StandardHTML("The User Name you attempted to register is illegal for one of the following reasons:

1. You may have included an illegal character in your User Name. You should only use letters, numbers, or spaces (apostrophes, for example, are not permitted). You may not begin or end a User Name with a space. You may not have two or more consecutive spaces.

2. You may have attempted to use a name that doesn't include any letters or numbers.

Use your back button to try again.
"); } else { #check to make sure Username is unique &GetMemberListArray; $LCUNFile = "$UserNameFile"; #Get ready to lower case it $LCUNFile =~ tr/A-Z/a-z/; #convert to lc for check $duplicate = "no"; CHECKDUPES: for $checkthis(@members) { $checkthisLC = "$checkthis"; $checkthisLC =~ tr/A-Z/a-z/; #convert to lc for check if ($checkthisLC eq "$LCUNFile.cgi") { $duplicate = "yes"; &StandardHTML("Someone else has already registered that UserName. Please try again. Use your back button."); last CHECKDUPES; } #CHECK to make sure email isn't a duplicate too if (($duplicate ne "yes") && ($EmailCheck eq "true")) { open (MEM, "$MembersPath/$checkthis") or die("Unable to open Members directory."); @checkemail = ; close (MEM); @profile = split (/\|/, $checkemail[0]); if ($Email eq "$profile[2]") { $duplicate = "yes"; &StandardHTML("Someone else has already registered that email address. Please try again. Use your back button."); } } #END if duplicate ne yes } # end checkdupes loop if ($duplicate ne "yes") { my $Password = "$in{'Password'}"; # Get Today's Date so we can log the date of registration &GetDateTime; ## APPEND NEW REGISTRATION TO REG FILE &Lock ("lock.file"); open (MEMBERSHIP, ">$MembersPath/$UserNameFile.cgi") or die("Unable to open Members directory."); print MEMBERSHIP ("$UserName|"); print MEMBERSHIP ("$Password|"); print MEMBERSHIP ("$Email|"); print MEMBERSHIP ("$URL|"); print MEMBERSHIP ("Write|"); print MEMBERSHIP ("$Occupation|"); print MEMBERSHIP ("$Location|"); print MEMBERSHIP ("0|"); print MEMBERSHIP ("Junior Member|"); print MEMBERSHIP ("$Interests|"); print MEMBERSHIP ("$HyphenDate|"); print MEMBERSHIP ("$in{'EmailView'}|"); print MEMBERSHIP (" \n"); close (MEMBERSHIP); &Unlock ("lock.file"); $RegWording1 = "You have successfully registered your User Name and Password for $BBName. "; $RegWording2 = "$in{'Password'}"; &PrintRegistrationHTML; } ### end if dupe ne yes } # end if/else /m } # end GoAhead subroutine sub PrintRegistrationHTML { print < User Registration Confirmation
Congratulations!

$RegWording1 Feel free to post messages on any of our forums. Your registration information is listed below.

User Name $UserName
Password $RegWording2
Email $Email
City, State, Country $Location
Occupation $Occupation
Interests $Interests
Homepage $URL

Click here to enter the Bulletin Board now!


HTML } ## END Print Registration sr sub ModifyBio { if (($Email eq "") || ($in{'NewPassword'} eq "") || ($Email !~ /\@/)) { &StandardHTML("You did not complete all required form fields! Please go back and re-enter."); } else { ## Confirm UserName and Password to prevent hacking &OpenProfile("$UserName.cgi"); #returns @profileinfo $CurrentEmail = "$profileinfo[2]"; $Permissions = "$profileinfo[4]"; $TotalPosts = "$profileinfo[7]"; $Status = "$profileinfo[8]"; $DateRegistered = "$profileinfo[10]"; chomp($DateRegistered); if ($profileinfo[1] eq "$in{'Password'}") { ## check for duplicate email addresses, if applicable if ($EmailCheck eq "true") { &GetMemberListArray; $duplicate = ""; CHECKEMAIL: for $checkemails(@members) { open (MEM, "$MembersPath/$checkemails") or die("Unable to open Members directory."); @checkemail = ; close (MEM); @profileEM = split (/\|/, $checkemail[0]); if (($Email eq "$profileEM[2]") && ($UserName ne "$profileEM[0]")) { $duplicate = "yes"; last CHECKEMAIL; } } # end for $checkemails } #END if Email check eq TRUE if ($duplicate eq "yes") { &StandardHTML("You cannot use the email address you tried to use. Another registered user is already using it."); } else { $Password = "$in{'NewPassword'}"; $ModifyWarning = ""; &Lock("lock.file"); ##print profile fields to file open (MEMBERSHIP, ">$MembersPath/$UserNameFile.cgi") || die("Unable to open Members directory."); print MEMBERSHIP ("$UserName|"); print MEMBERSHIP ("$Password|"); print MEMBERSHIP ("$Email|"); print MEMBERSHIP ("$URL|"); print MEMBERSHIP ("$Permissions|"); print MEMBERSHIP ("$Occupation|"); print MEMBERSHIP ("$Location|"); print MEMBERSHIP ("$TotalPosts|"); print MEMBERSHIP ("$Status|"); print MEMBERSHIP ("$Interests|"); print MEMBERSHIP ("$DateRegistered|"); print MEMBERSHIP ("$in{'EmailView'}|"); print MEMBERSHIP (" \n"); close (MEMBERSHIP); &Unlock("lock.file"); #confirm processing to user, provide links to other places &BioModifyConfirmHTML; } } else { &StandardHTML("Sorry, but you seem to be trying to hack into someone else's profile. You can not edit someone's profile without knowing their password."); } } # end if/else complete fields } ## END Modify Bio SR