#!/usr/bin/perl ############################################################################## ############################################################################## #All set-up should be done in variables.pl. require 'variables.pl'; $version = "1.01"; print "Content-type:text/html\n\n"; if (!$ENV{'HTTP_REFERER'}) { print "Access denied\n"; print "\n"; print "You may not access this page.\n"; print "Your attempt has been logged.\n"; print "Your Ip address has been logged.\n\n"; print "\n"; print "\n\n"; print "\n"; exit; } if ($ENV{'REQUEST_METHOD'} eq 'GET') { @pairs = split(/&/, $ENV{'QUERY_STRING'}); } elsif ($ENV{'REQUEST_METHOD'} eq 'POST') { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); } else { print "Bad request method\n"; } foreach $pair (@pairs) { local($name, $value) = split(/=/, $pair); $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s///g; if ($FORM{$name} && $value) { $FORM{$name} = "$FORM{$name}, $value"; } elsif ($value) { $FORM{$name} = $value; } } if ($FORM{'action'} eq "sendit") { &check_url; &sendit; &returnhtml; } elsif ($FORM{'action'} eq "refer") { &check_url; &main; } elsif ($FORM{'action'} eq "README") { &readme; } else { &check_url; &main; } sub main { if ($FORM{'url'} eq "") { $sendpage = $ENV{'HTTP_REFERER'}; } else { $sendpage = $FORM{'url'}; } print < $sitename: Email page EOF ; if ($useheader) { &header; } else { print < EOF ; } print <

Email a friend
EOF ; if ($allowuseredit) { print < EOF ; } else { print < EOF ; } print <





Friend's name:
Friend's email:
Your Name:
Your Email:
Subject:
Link:
Subject: $FORM{'title'}
Link: $sendpage
 
 
EOF ; if ($usefooter) { &footer; } else { print < 

 

EOF ; } print < EOF ; exit; } sub sendit { if (($FORM{'tomail'} =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/) || ($FORM{'tomail'} !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/) || ($FORM{'frommail'} =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/) || ($FORM{'frommail'} !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/) || ($FORM{'toname'} eq "") || ($FORM{'fromname'} eq "") || ($FORM{'message'} eq "") ) { print < $sitename: Email friend: Error EOF ; if ($useheader) { &header; } else { print < EOF ; } print <

Email a friend: Error
EOF ; if ($allowuseredit) { print < EOF ; } else { print < EOF ; } print <
Missing fields or bad email address(es) detected:



Friend's name:
Friend's email:
Your name:
Your email:
Subject:
Link:
Subject: $FORM{'subject'}
Link: $FORM{'message'}
 
 
EOF ; if ($usefooter) { &footer; } else { print < 

 

EOF ; } print < EOF ; exit; } else { # Open The Mail Program open(MAIL,"|$mailprog -f formbot\@yourwebsite.cmo -t"); print MAIL "To: $FORM{'tomail'}\n"; print MAIL "From: $FORM{'frommail'} ($FORM{'fromname'})\n"; print MAIL "Subject: $FORM{'subject'}\n\n"; print MAIL "Hi $FORM{'toname'}!\n\n"; print MAIL $FORM{'message'}; print MAIL "\n\n"; print MAIL "Regards,\n"; print MAIL "$FORM{'fromname'}\n\n"; close (MAIL); } if ($sendthankyou) { open(MAIL2,"|$mailprog -t"); print MAIL2 "To: $FORM{'frommail'}\n"; print MAIL2 "From: $adminmail ($adminname)\n"; print MAIL2 "Subject: Pinellas Home Search $sitename!\n\n"; if ($customthankyou) { open(LIST,"$path/thankyou.txt"); @thankyou = ; close(LIST); foreach $line(@thankyou) { print MAIL2 "$line"; } print MAIL2 "\n\n"; } else { print MAIL2 "Hi $FORM{'fromname'}!\n\n"; print MAIL2 "Thank you for recommending Pinellas Home Search.\n\n"; print MAIL2 "Best Regards,\n"; print MAIL2 "$adminname\n"; print MAIL2 "$sitename\n"; print MAIL2 "$siteURL\n\n"; } close (MAIL2); } if ($notifyadmin) { open(MAIL3,"|$mailprog -t"); print MAIL3 "To: $adminmail\n"; print MAIL3 "From: $adminmail (Pinellas Home Search)\n"; print MAIL3 "Subject: New Recommendation!\n\n"; print MAIL3 "Hi $adminname,\n\n"; print MAIL3 "$FORM{'fromname'} ( $FORM{'frommail'} ) has just recommended the page\n\n"; print MAIL3 "$FORM{'url'}\n\n"; print MAIL3 "to $FORM{'toname'} ( $FORM{'tomail'} )!\n\n"; print MAIL3 "Yours sincerely,\n\n"; print MAIL3 "Pinellas Home Search\n\n"; close (MAIL3); } } sub returnhtml { #Then print out response page if ($noredirect) { print < $sitename: Email page : Page Sent! EOF ; if ($useheader) { &header; } else { print < EOF ; } print <Message Sent!

Thanks $FORM{'fromname'}! Your message has been sent to $FORM{'toname'}. Click here to return to our homepage.

 

 

EOF ; if ($usefooter) { &footer; } else { print < 

 

EOF ; } print < EOF ; } else { print < $sitename: Message Sent!

Message Sent!

Thanks $FORM{'fromname'}!

Your message has been sent to $FORM{'toname'}.

Now forwarding you back to the page you emailed...

 

 

EOF ; } exit; } #check referer sub check_url { # Localize the check_referer flag which determines if user is valid. # local($check_referer) = 0; # If a referring URL was specified, for each valid referer, make sure # # that a valid referring URL was passed to FormMail. # if ($ENV{'HTTP_REFERER'}) { foreach $referer (@referers) { if ($ENV{'HTTP_REFERER'} =~ m|https?://([^/]*)$referer|i) { $check_referer = 1; last; } } } else { $check_referer = 1; } # If the HTTP_REFERER was invalid, send back an error. # if ($check_referer != 1) { print < $sitename: Email page : Bad Referer EOF ; if ($useheader) { &header; } else { print < EOF ; } print <Email page : Bad Referer

The page attempting to access this program resides at $ENV{'HTTP_REFERER'}, which is not allowed to access this program.

EOF ; if ($usefooter) { &footer; } else { print < 

 

EOF ; } print < EOF ; exit; } } sub readme { print < Email page $version Email page EOF ; exit; } sub header { if (-e "$path/header.txt") { open(HEAD,"$path/header.txt") || &error("can't open $path/header.txt for reading"); @header = ; close(HEAD); foreach $line(@header) { print "$line"; } } else { &error("header.txt does not exist"); } } sub footer { if (-e "$path/footer.txt") { open(FOOT,"$path/footer.txt") || &error("can't open footer.txt for reading"); @footer = ; close(FOOT); foreach $line(@footer) { print "$line"; } } else { &error("footer.txt does not exist"); } } sub error { my $error_msg = shift; print <
$error_msg EOF ; exit; }