$title

	$lang_topic	$lang_replies	$lang_author	$lang_views	$lang_last_post
	$topic_subject$page_navigation $unsubscribe_link	$topic_replies	$topic_name	$topic_views	<$smallfont>$date \@ $hour:$min $ampm $lang_by $topic_lastpost_name
$lang_no_topics_yet_long

<$smallfont>$lang_posted_on $short_date $hour:$min:$sec$ampm
$lang_author:	$dele_name
$lang_subject:	$dele_subject
$lang_message:	$dele_message

<$smallfont>Tick the topics you want to delete in the RED column
Tick the topics in which you want to delete replies in the ORANGE column
If you want to block an IP from someone who posted in a specific topic, also tick the ORANGE column
		$lang_subject	$lang_author	$lang_last_post
		$topic_subject $topic_replies	$topic_name	<$smallfont>$short_date $hour:$min:$sec $ampm

	Attachment	Size
	$attachment	$attachment_size
There are currently no attachments

HTML open_dir($users_dir); foreach (@files) { if (/^.*?\.prf$/) { push @user_profiles, $_; } } $profile_amount = $#user_profiles; foreach (sort @user_profiles) { if (/^(.*?)\.prf$/) { # This is a user profile $profile_user = $1; open(PRF, "$users_dir/$profile_user\.prf") or dienice("Couldn't open $profile_user\.prf: $!"); flock PRF, 2; while () { if (/(.*?)<\/user_name>/s) { $profile_name = $1; } if (/(.*?)<\/user_title>/s) { $profile_title = $1; } } close PRF; print "\n"; if ($print_id == int($profile_amount/2)) { print "

$profile_name

"; } $print_id++; } } print <

HTML } } elsif ($admin_sub_action == 3) { # Delete Users if (!param('confirm_delete')) { # Print the delete users form ###&page_start; print < $lang_administration_area
<$smallfont>Delete Users

Check the box next to the user(s) you want to delete and press "Delete Selected Users".

HTML open_dir($users_dir); #filter out the profiles and store them in @user_profiles foreach (@files) { if (/^.*?\.prf$/) { push @user_profiles, $_; } } # $delete_amount contains the number of files in $users_dir $delete_amount = $#user_profiles + 1; print "\n"; # according to $delete_amount we can calculate the dimensions of the table which contains the users $table_cols = 4; # colums $table_rows = int($delete_amount/$table_cols); # rows if ($table_rows != ($delete_amount/$table_cols)) { $table_rows++; } # (example: 4.3333 must be rounded to 5 instead of 4) $table_cell_width = int(600/$table_cols); # width of a cell # print the table containing the user list print "\n

"; foreach $user_profile(sort @user_profiles) { # $delete_id is required for easily finding which users are selected # each checkbox in the form has name="$delete_id" and value="$user_profile" # this way we can scan the id's and if their value is positive (selected) # we delete the file which has that value ($delete_name.prf) # The amount of delete id's is more or less the amount of variables in @user_profiles # we store this in $delete_amount (see above) $delete_id++; if ($user_profile =~ /^(.*?)\.prf$/) { $delete_user = $1; open PRF, "$users_dir/$user_profile" or dienice("Couldn't open $user_profile"); flock PRF, 2; while () { if (/(.*?)<\/user_name>\n/) { $delete_name = $1; print " $delete_name
\n"; for ($i = 1; $i < $table_cols; $i++) { if ($delete_id == $table_rows * $i and $delete_id ne $delete_amount) { print "

\n"; } } } } close PRF; } } print <

HTML } else { # Delete the selected users # $delete_amount is the amount of param's to check (see expl. above) $delete_amount = param('delete_amount'); for ($i = 1; $i <= $delete_amount; $i++) { if (param($i)) { $delete_user = param($i); if (-e "$users_dir/$delete_user.prf") { unlink "$users_dir/$delete_user.prf"; } if (-e "$users_dir/private_messages/$delete_user\_in.pmsg") { unlink "$users_dir/private_messages/$delete_user\_in.pmsg"; } if (-e "$users_dir/private_messages/$delete_user\_out.pmsg") { unlink "$users_dir/private_messages/$delete_user\_out.pmsg"; } } } # redirect back to admin area print timer_redirect("$script_name?fid=$forum_id&admin=1",0,"Applying Changes"); exit; } } elsif ($admin_sub_action == 4) { # Ban Users if (!param('posted') and !param('unban')) { # Ban Users Form ###&page_start; print < $lang_administration_area
<$smallfont>Ban Users

"; $menuitem_editprofile = ""; if ($enable_private_messages eq "on") { $menuitem_private_messages = ""; } $menuitem_mysettings = ""; if ($mail eq "on") { $menuitem_subscriptions = ""; } $menuitem_change_pass = ""; if (param('user_profile')) { $breadcrumbs = "» $lang_personal » $lang_edit_profile"; } elsif (param('pmsg')) { $breadcrumbs = "» $lang_personal » $lang_private_messages"; } elsif (param('user_prefs')) { $breadcrumbs = "» $lang_personal » $lang_my_settings"; } elsif (param('user_subscriptions')) { $breadcrumbs = "» $lang_personal » $lang_subscriptions"; } elsif (param('user_chpass')) { $breadcrumbs = "» $lang_personal » $lang_change_password"; } else { $breadcrumbs = "» $lang_personal » $lang_my_profile"; $usersettings_mainpage = 1; # this is the personal user settings main page } # print the user settings navigation menu if (!param('redirect')) { &page_start; print <

<$smallfont>» $lang_forum_index $breadcrumbs

HTML open (BANFILE, "< $config_dir/banned.sf"); @banfile_content = ; close BANFILE; #if empty banfile if ($#banfile_content < 0) { print ""; } #else else { print < HTML # parse banfile content foreach (@banfile_content) { if (/(.*?)<\/ban>/) { $ban_content = $1; if ($ban_content =~ /(.*?)<\/user>/) { $ban_user = $1; push (@banned_users, $ban_user); } if ($ban_content =~ /.*?<\/ip>/) { $ban_ip = "Yes"; } else { $ban_ip = "No"; } if ($ban_content =~ /(\d*)<\/expires>/) { $ban_expires = date_time($1). " \@ $hour:$min $ampm"; } print ""; } } } print <

No users are banned at the moment.
Name	IP Ban	Expires
$ban_user	$ban_ip	$ban_expires

BAN USERS

UNBAN USERS
Unban User
<$smallfont>Remove a previously placed ban.

HTML } elsif (param('unban')) { # unban form submitted if (param('unban_user')) { $unban_user = param('unban_user'); } else { dienice("You didn't select a user to unban.

Back"); } # remove from banned.sf open(BANFILE, "+>> $config_dir/banned.sf") or dienice("Couldn't open banfile: $!"); flock BANFILE, 2; seek BANFILE, 0, 0; $banfile_content = join '', ; seek BANFILE, 0, 0; truncate BANFILE, 0; $banfile_content =~ s/^(.*)\Q$unban_user\E<\/user>.*?<\/ban>(.*)$/$1$2/sg; print BANFILE $banfile_content; close BANFILE; # re-enable profile open(PRF, "+>> $users_dir/$unban_user.prf") or dienice("Couldn't open profile: $!"); flock PRF, 2; seek PRF, 0, 0; $unban_user_profile_content = join '', ; seek PRF, 0, 0; truncate PRF, 0; $unban_user_profile_content =~ s/.*?<\/user_ban>\n//sg; print PRF $unban_user_profile_content; close PRF; # Redirect back to admin area print timer_redirect("$script_name?fid=$forum_id&admin=1&admin_action=3_4",0,"Applying Changes"); exit; } else { # Ban form posted # The user that will be banned $ban_user = param('ban_user'); if (!$ban_user) { dienice("You haven't selected the user you want to ban

Back"); } # The time the ban expires $ban_expires = time + (param('ban_duration_1') * param('ban_duration_2')); # Open target's profile and set and get open(PRF, "+>> $users_dir/$ban_user\.prf") or dienice("Couldn't open profile: $!"); flock PRF, 2; seek PRF, 0, 0; $prf_content = join '', ; seek PRF, 0, 0; truncate PRF, 0; if ($prf_content =~ /(.*?)<\/user_ban>\n/s) { $prf_content =~ s/(.*?)<\/user_ban>\n/$ban_expires<\/user_ban>\n/s; } else { $prf_content .= "$ban_expires<\/user_ban>\n"; } if ($prf_content =~ /(.*?)<\/user_ip>/) { $ban_ip = $1; } print PRF $prf_content; close PRF; # Open the ipban file and set the banned IP's to prevent this user from accessing the forum using another account open (BANFILE, "< $config_dir/banned.sf"); $banfile_content = join '', ; close BANFILE; # remove previously placed bans for the ban_user $banfile_content =~ s/\Q$ban_user\E<\/user>.*?<\/ban>\n//sg; # add the new ban open (BANFILE, "> $config_dir/banned.sf") or dienice("Couldn't write the banned.sf file: $!"); flock BANFILE, 2; print BANFILE $banfile_content; print BANFILE "$ban_user"; if (param('ban_ip')) { print BANFILE "$ban_ip"; } print BANFILE "$ban_expires\n"; close BANFILE; # Redirect back to admin area print timer_redirect("$script_name?fid=$forum_id&admin=1&admin_action=3_4",0,"Applying Changes"); exit; } } elsif ($admin_sub_action == 5) { # register users $no_title = 1; $footer_printed = 1; ®ister; $footer_printed = 0; } elsif ($admin_sub_action == 6) { # Change User Password if (!param('chpass_posted')) { ###&page_start; print <CHANGE USER'S PASSWORD
Select User
<$smallfont>Select the user whose password you want to change.
HTML } else { # Change-password form posted, syntax-check the password and store it in the user's profile if (!param('chpass_user')) { dienice("No user was specified

$lang_back"); } if (param('chpass_pass1') eq param('chpass_pass2')) { $chpass_pass = param('chpass_pass1'); if (length($chpass_pass) > 3) { #check passw value for incorrect characters if ($chpass_pass !~ /\W/) { # password syntax correct, store it $chpass_user = param('chpass_user'); open PRF, "+>> $users_dir/$chpass_user\.prf" or dienice("Couldn't open profile $chpass_user\.prf
$!"); flock PRF, 2; seek PRF, 0, 0; $chpass_content = join '', ; $chpass_pass = encrypt($chpass_pass); $chpass_content =~ s/(.*?)<\/user_password>/$chpass_pass<\/user_password>/s; truncate PRF, 0; seek PRF, 0, 0; print PRF $chpass_content; close PRF; print timer_redirect("$script_name?fid=$forum_id&admin=1",0,"Applying Changes"); } else { # illegal character found dienice("Illegal Character - Passwords may only contain AlphaNumeric characters ([a-z] [A-Z] [0-9])

$lang_back"); } } else { # password too short dienice("Password too short - Passwords must contain at least 4 characters

$lang_back"); } } else { # the given passwords do not match dienice("The given passwords do not match!

$lang_back"); } } } elsif ($admin_sub_action == 7) { # User Info ###&page_start; if (!param('user_info_posted_1') and !param('user_info_posted_2')) { print <USER INFO
Show one user's info
<$smallfont>Select a user to view his/her info.

Show all users' info
<$smallfont>If you want to view something specific for all users at the same time.
HTML } elsif (param('user_info_posted_1')) { # View info about one specific user if (!param('user_info_user')) { dienice("No user was selected

$lang_back"); } $user_info_user = param('user_info_user'); @user_infos = ('joindate','lastvisit','title','posts','email','icq','aol','msn','skype','yahoo','realname','location','website','occupation','ip'); print < USER INFO

HTML print "\n"; foreach $user_info(@user_infos) { $user_info_value = get_userparam($user_info_user,"user_$user_info"); if ($user_info eq "joindate" or $user_info eq "lastvisit") { $user_info_value = date_time($user_info_value); } elsif ($user_info eq "email") { $user_info_value = "$user_info_value"; } elsif ($user_info eq "website") { $user_info_value = "$user_info_value"; } elsif ($user_info eq "ip") { $user_info_value =~ s/^\|//s; $user_info_value =~ s/\|$//s; $user_info_value =~ s/\|/
\n/sg; } print "\n"; } print <

$lang_back
HTML } elsif (param('user_info_posted_2')) { # View a specific info about all users if (!param('user_info_info')) { dienice("No info was selected

$lang_back"); } $user_info_info = param('user_info_info'); $user_info_info_big = $user_info_info; $user_info_info_big =~ tr/[a-z]/[A-Z]/; print < USER INFO : $user_info_info_big

Info about ".get_userparam($user_info_user,'user_name')."
$user_info:	$user_info_value

HTML open_dir($users_dir); foreach (sort @files) { if (/^(.*?)\.prf$/) { $user_info_info_value = "n/a"; $profile_user = $1; $print_info_counter++; if ($print_info_counter == int($#files/2 +1)) { print "

"; } # get username and the requested parameter value $profile_name = get_userparam($profile_user,'user_name'); $user_info_info_value = get_userparam($profile_user,"user_$user_info_info"); # reformat output for joindate, email and website if ($user_info_info eq "joindate" or $user_info_info eq "lastvisit") { $user_info_info_value = date_time($user_info_info_value); } elsif ($user_info_info eq "email") { $user_info_info_value = "$user_info_info_value"; } elsif ($user_info_info eq "website") { $user_info_info_value = "$user_info_info_value"; } elsif ($user_info_info eq "ip") { $user_info_info_value =~ s/^\|//s; $user_info_info_value =~ s/\|$//s; $user_info_info_value =~ s/\|/
\n/sg; } # print the info print "\n"; } } print <

<$smallfont>$profile_name:

<$smallfont>$user_info_info_value

$lang_back
HTML } } elsif ($admin_sub_action == 8) { ###&page_start; print < USER GROUPS

HTML if (param('add_group') and param('group_name')) { # add a group... $group_name = param('group_name'); open(GROUP,"> $users_dir/groups/$group_name\.group") or dienice("Group could not be created: $!"); flock GROUP,2; print GROUP < GROUP_CONTENT close GROUP; } elsif (param('add_groupmember_name') and param('add_groupmember_group')) { # add a member to a group... $add_groupmember_name = param('add_groupmember_name'); $add_groupmember_group = param('add_groupmember_group'); open(GROUP, "+>> $users_dir/groups/$add_groupmember_group\.group") or dienice("Couldn't add member: $!"); flock GROUP, 2; seek GROUP,0,0; $group_content = join '',; seek GROUP,0,0; truncate GROUP,0; if ($group_content !~ /.*?\|\Q$add_groupmember_name\E\|.*?<\/group_members>/s) { $group_content =~ s/(.*?)<\/group_members>/$1\|$add_groupmember_name\|<\/group_members>/sg; } print GROUP $group_content; close GROUP; } elsif (param('remove_groupmember_name') and param('remove_groupmember_group')) { # remove a member from a group... $remove_groupmember_name = param('remove_groupmember_name'); $remove_groupmember_group = param('remove_groupmember_group'); open(GROUP, "+>> $users_dir/groups/$remove_groupmember_group\.group") or dienice("Couldn't remove member: $!"); flock GROUP, 2; seek GROUP,0,0; $group_content = join '',; seek GROUP,0,0; truncate GROUP,0; $group_content =~ s/(.*?)\|\Q$remove_groupmember_name\E\|(.*?)<\/group_members>/$1$2<\/group_members>/sg; print GROUP $group_content; close GROUP; } elsif (param('remove_group')) { # remove a group... $remove_group = param('remove_group')."\.group"; unlink "$users_dir/groups/$remove_group"; } # print the group names and group members print ""; if (!-e "$users_dir/groups") { mkdir("$users_dir/groups", 0777); } open_dir("$users_dir/groups"); foreach $group(sort @files) { if ($group =~ /^(.*?)\.group$/) { $group_name = $1; push @groups,$group_name; open(GROUP, "< $users_dir/groups/$group") or dienice("Couldn't open group file: $!"); flock GROUP,2; $group_content = join '', ; close GROUP; if ($group_content =~ /(.*?)<\/group_members>/s) { $group_members = $1; @group_members = split('\|',$group_members); } $group_members = ""; foreach (sort @group_members) { if ($_) { $group_member_name = get_userparam($_,"user_name"); $group_members = $group_members."\n"; } } if (!$group_members) { $group_members = ""; } print ""; $group_printed = 1; } } if (!$group_printed) { print ""; } print <

Group Name

Group Members

$group_member_name

Empty

$group_name

$group_members

No groups have been created yet

Add Group
<$smallfont>Enter the name of the new group, and press "Add Group".

Add Member
<$smallfont>To add a user to a group, select the user and the group you want to add him to. Then press "Add Member".

HTML foreach $group(sort @groups) { print "\n"; } print <
Remove Group
<$smallfont>Select the group you wish to remove and press "Remove Group". This action cannot be undone!
HTML } else { dienice("Unknown Admin Action"); } if (param('posted')) { # Write the new configuration to the simpleforum.conf file (For ALL subcathegories of the "Forum Configuration Menu if ($admin_sub_action == 1) { @variables = ("guest_access","enable_private_messages","enable_guest_registration","enable_polls","override_language","override_hour_difference","override_date_notation","override_hour_notation","override_topic_order","override_topics_per_page","override_posts_per_page"); } elsif ($admin_sub_action == 2) { @variables = ("enable_user_titles","title_lvl1","title_lvl2","title_lvl3","title_lvl4","title_lvl5","title_lvl6","title_lvl2_posts","title_lvl3_posts","title_lvl4_posts","title_lvl5_posts","title_lvl6_posts"); } open(CONF, "+>> $config_dir/simpleforum.conf") or dienice("Couldn't open conf file"); flock CONF, 2; seek CONF, 0, 0; $conf_content = join '', ; seek CONF, 0, 0; truncate CONF, 0; foreach $variable (@variables) { $variable_value = param($variable); if ($variable eq "attachments_uploadmax") { $variable_value = $variable_value * 1024000; } if ($conf_content =~ /\Q$variable\E:(.*?)\n/s) { $conf_content =~ s/\Q$variable\E:(.*?)\n/$variable:$variable_value\n/sg; } else { $conf_content .= "$variable:$variable_value\n"; } } print CONF $conf_content; close CONF; print timer_redirect("$script_name?fid=$forum_id&admin=1",0,"Applying Changes"); # Change the manual user titles in the profiles if (param('change_manual_titles')) { # Set the new user titles in the profiles open_dir($users_dir); foreach (@files) { if (/^(.*?)\.prf$/) { $profile_title = param($1); open PRF, "+>> $users_dir/$_" or dienice("Couldn't open $_: $!"); flock PRF, 2; seek PRF, 0, 0; $profile_text = join '', ; seek PRF, 0, 0; truncate PRF, 0; $profile_text =~ s/(.*?)<\/user_title>\n/$profile_title<\/user_title>\n/sg; print PRF $profile_text; close PRF; } } } } } sub delete_replies_form { #first we open the specific topic open(TOPIC,"< $topic_dir/$topic_id.topic") or dienice("Couldn't open $topic_dir/$topic_id.topic"); $topic_content = join '', ; close TOPIC; if ($topic_content =~ /(.*?)<\/subject>/s) { $topic_title = $1; } # # # # HTML # # # # print < TOPIC: $topic_title HTML # # # END HTML # # # #get necessary content and print it while ($topic_content =~ /(.*?)<\/post>/sg) { $post_content = $1; if ($post_content =~ /(.*?)<\/name>/sg) { $post_name = $1; } if ($post_content =~ /(.*?)<\/ip>/sg) { $post_ip = $1; } if ($post_content =~ /(.*?)<\/email>/sg) { $post_email = $1; } if ($post_content =~ /(.*?)<\/subject>/sg) { $post_subject = $1; } if ($post_content =~ /(.*?)<\/time>/sg) { $post_time = $1; } if ($post_content =~ /(.*?)<\/message>/sg) { $post_message = $1; } $post_subject = add_html($post_subject); #add smileys, images, url's, ... $post_message = add_html($post_message); #add smileys, images, url's, ... #This line takes care of the color switching if ($tablecolor eq $tablecolor1) { $tablecolor = $tablecolor2; } else { $tablecolor = $tablecolor1; } #This line adds the link to the email address to the Author's name if ($post_email) { if ($post_email =~ /\@/s) { $post_email = "mailto:$post_email"; } else { $blanktarget = "target='_blank'"; } $post_name = "$post_name"; } #Make $post_time "readable" ;) date_time($post_time); #Here we print ONE post from the entire topic, in a loop (while) # # # # HTML # # # # print <

<$smallfont>$lang_posted_on $short_date $hour:$min:$sec$ampm

$lang_author:

$post_name

IP:

$post_ip Block this IP

Subject:

$post_subject

$lang_message:

$post_message

HTML # # # END HTML # # # } } sub add_ipblock { $blockip = param('blockip'); open (IPBAN, "+>> $config_dir/banned.sf") or dienice("$!
Make sure that the dir $config_dir has its permissions set to 777"); flock IPBAN, 2; print IPBAN "$blockip\n"; close IPBAN; print "
$blockip has been blocked"; } sub search { if (param('posted')) { $searchkey = param('searchkey'); $searchfor = param('searchfor'); $searchforums = param('searchforums'); $searchcase = param('searchcase'); $searchtimespan = param('searchtimespan'); $searchtype = param('searchtype'); if (!$searchkey) { dienice("$lang_you_must_enter_a_search_key

$lang_back"); } if (length($searchkey) < 3) { dienice("Search key must contain at least 3 characters

$lang_back"); } if (length($searchkey) > 30) { dienice("Search key must be no longer than 30 characters

$lang_back"); } #@searchchars = split(//,$searchkey); #foreach $char(@searchchars) { # if ($char =~ /\W/) { if ($char ne "\ ") { dienice("Bad search phrase '$searchkey'.

Only alphanumeric characters are allowed.

$lang_back"); } } #} while ($searchkey =~ /\"(.*?)\"/sg) { push @searchkeys_temp,$1; $searchkey =~ s/\"(.*?)\"//s; } push @searchkeys_temp, split(/\s/,$searchkey); foreach $searchkey(@searchkeys_temp) { if ($searchkey) { push @searchkeys,$searchkey; } } if ($searchforums eq 'all') { open_dir($simpleforum_dir); foreach $file(@files) { if ($file =~ /^(forum_(\d*))$/) { $searchforum_candidate = $1; if (subforumaccess_check($user,$2)) { push @searchforums, $searchforum_candidate; } } } } else { push @searchforums, $searchforums; } #search only in files greater than the current time minus one day/week/... if ($searchtimespan eq "all") { $searchtimespan = time; } $searchtimespan = time - $searchtimespan; if ($searchcase eq "insensitive") { $searchkey =~ tr/[A-Z]/[a-z]/; } foreach $forum_dir(@searchforums) { open_dir("$simpleforum_dir/$forum_dir"); foreach $topic(@files) { if ($topic =~ /^(\d*?).topic$/) { $topic_time = $1; if ($topic_time ge $searchtimespan) { open(TPC, "< $simpleforum_dir/$forum_dir/$topic_time.topic") or dienice("couldn't open a topic: $!"); $tpc_content = join '', ; close TPC; # # # SEARCH ONE TOPIC $notfound = 0; $found = ""; $searchtype_all = ""; $matchstart = 1; $matchend = 1; if ($searchtype eq "any") { # search occurences of any of the @searchkeys if ($searchfor eq "post") { while ($tpc_content =~ /(.*?)<\/post>/sg and !$found) { $tpc_post_content = $1; foreach $searchkey(@searchkeys) { if (!$found) { if (($searchcase eq "insensitive" and $tpc_post_content =~ /(.*?)\Q$searchkey\E(.*?)<\/subject>/si) or ($searchcase eq "sensitive" and $tpc_post_content =~ /.*?\Q$searchkey\E.*?<\/subject>/s)) { #match subject $matchstart = $1; $matchend = $2; } elsif (($searchcase eq "insensitive" and $tpc_post_content =~ /(.*?)\Q$searchkey\E(.*?)<\/message>/si) or ($searchcase eq "sensitive" and $tpc_post_content =~ /.*?\Q$searchkey\E.*?<\/message>/s)) { #match message body $matchstart = $1; $matchend = $2; } if ((!$matchstart or $matchstart =~ /.*\W$/s) and (!$matchend or $matchend =~ /^\W.*/s)) { push @results, "$forum_dir/$topic"; $matchstart = 1; $matchend = 1; # reset values $found = 1; } } } } } elsif ($searchfor eq "author") { while ($tpc_content =~ /(.*?)<\/post>/sg and !$found) { $tpc_post_content = $1; foreach $searchkey(@searchkeys) { if (!$found) { if ($tpc_post_content =~ /.*?\Q$searchkey\E.*?<\/name>/si) { #match author push @results, "$forum_dir/$topic"; $found = 1; } } } } } } elsif ($searchtype eq "all") { # all of the @searchkeys must be found! $tpc_post_content = ""; while ($tpc_content =~ /(.*?)<\/post>/sg) { $tpc_post_content .= $1; } if ($searchfor eq "post") { foreach $searchkey(@searchkeys) { if (!$notfound) { if (($searchcase eq "insensitive" and $tpc_post_content =~ /(.*?)\Q$searchkey\E(.*?)<\/subject>/si) or ($searchcase eq "sensitive" and $tpc_post_content =~ /.*?\Q$searchkey\E.*?<\/subject>/s)) { #match subject $matchstart = $1; $matchend = $2; } elsif (($searchcase eq "insensitive" and $tpc_post_content =~ /(.*?)\Q$searchkey\E(.*?)<\/message>/si) or ($searchcase eq "sensitive" and $tpc_post_content =~ /.*?\Q$searchkey\E.*?<\/message>/s)) { #match message body $matchstart = $1; $matchend = $2; } if ((!$matchstart or $matchstart =~ /.*\W$/s) and (!$matchend or $matchend =~ /^\W.*/s)) { $matchstart = 1; $matchend = 1; # reset values } else { $notfound = 1; } } } } elsif ($searchfor eq "author") { $tpc_post_content = ""; while ($tpc_content =~ /(.*?)<\/post>/sg) { $tpc_post_content .= $1; } foreach $searchkey(@searchkeys) { if (!$notfound) { if ($tpc_post_content =~ /.*?\Q$searchkey\E.*?<\/name>/si) { #match author } else { $notfound = 1; } } } } if (!$notfound) { push @results, "$forum_dir/$topic"; $notfound = 0; } } } } } } if (@results) { # print forum navigation and Select A Forum menu $searchkey = param('searchkey'); print <

<$smallfont>» $lang_forum_index » $lang_search "$searchkey"

HTML print &select_a_forum; print <

HTML @topics = @results; &print_topic_list; } else { print "$lang_no_matches

$lang_back
"; } } else { # Print the search form # # # # HTML # # # # print <<$smallfont>» $lang_forum_index$frm_lnk » $lang_search

$lang_search
$lang_search_key	Search for any terms or use query as entered Search for all terms
$lang_search_for	$lang_subjects / $lang_messages $lang_author
$lang_options
$lang_forum
$lang_case	$lang_insensitive $lang_sensitive
$lang_time_span

<$smallfont>$lang_searching_will_take_a_while

HTML # # # END HTML # # # } } sub help { #The Help section $no_title = 1; &page_start; # # # # HTML # # # # print <

$lang_help

$lang_smileys

BBCode

<$smallfont>

$lang_smileys_expl


	<$smallfont>:)
	<$smallfont>;)
	<$smallfont>:(
	<$smallfont>:'(
	<$smallfont>:P or :p
	<$smallfont>:D
	<$smallfont>:\|
	<$smallfont>>:(
	<$smallfont>>:)
	<$smallfont>:O or :o
	<$smallfont>:S or :s
	<$smallfont>:X or :x
	<$smallfont>:?
	<$smallfont>:rant:
	<$smallfont>:sneeze:
	<$smallfont>:vomit:

	<$smallfont>8)
	<$smallfont>o.O or 8\|
	<$smallfont>^.^
	<$smallfont>>.<
	<$smallfont>L.L or l.l
	<$smallfont>:blush:
	<$smallfont>:dizzy:
	<$smallfont>:erm:
	<$smallfont>:laugh:
	<$smallfont>:geek:
	<$smallfont>:zzz:
	<$smallfont>:w00t:
	<$smallfont>:whistle:
	<$smallfont>:thumb:
	<$smallfont>:wave:
	<$smallfont>:bow:

<$smallfont> $lang_bbcode_expl
<$smallfont>[b]bold[/b]	<$smallfont>bold
<$smallfont>[u]underline[/u]	<$smallfont>underline
<$smallfont>[i]italic[/i]	<$smallfont>italic
<$smallfont>[center]center[/center]	<$smallfont> center
<$smallfont>[justify]justify[/justify]	<$smallfont> justify
<$smallfont>[right]right[/right]	<$smallfont> right
<$smallfont>[color:red]red text[/color]	<$smallfont>red text
<$smallfont>[h6]h6 header[/h6]	<$smallfont> h6 header
<$smallfont>[pre]text[/pre]	<$smallfont> text
<$smallfont>[img://www.domain.com/w00t.gif]	<$smallfont>
<$smallfont>[quote]Text[/quote]	<$smallfont>Quote:\n \« Text \»
<$smallfont>[url=http://www.domain.com] My Site[/url]	<$smallfont>My Site
<$smallfont>[list] []ListItem1 []ListItem2 [/list]	<$smallfont> ListItem1 ListItem2

$lang_post_icons

<$smallfont>

- $lang_help_regular_topic

- $lang_help_newregular_topic

- $lang_help_popular_topic

- $lang_help_newpopular_topic

- $lang_help_readonly_topic

- $lang_help_newreadonly_topic

- $lang_help_sticky_topic

- $lang_help_newsticky_topic

HTML # # # END HTML # # # &page_end; } sub print_emoticon_table { if ($smileys eq "on") { print <

HTML } } sub select_a_forum { # Get the content of the forum index and put it in the select field # This sub also creates the @forum_index_content array used in several places to display the forum index contents... if (!$select_a_forum) { open (INDEX_CONTENT, "< $config_dir/forum_index.conf"); @forum_index_content = ; close INDEX_CONTENT; # get any new forums that are not yet in the index open_dir($simpleforum_dir); foreach $file(sort(@files)) { if ($file =~ /^forum_\d*$/) { $isnewforum = 1; foreach $findex(@forum_index_content) { if ($findex =~ /\Q$file\E<\/forum>/) { $isnewforum = 0; } } if ($isnewforum) { push @forum_index_content, "$file"; } } } $select_a_forum = < HTML # create the multiple select field foreach $findex(@forum_index_content) { if ($findex =~ /^forum_(\d*)<\/forum>$/ and -e "$simpleforum_dir/forum_$1") { # add a forum to the field if ($optgroup_open) { $select_a_forum .= "\n"; } $optgroup_name = add_html($1); $optgroup_name =~ s/<(.*?)>//sg; $select_a_forum .= "\n"; $optgroup_open = 1; } } if ($optgroup_open) { $select_a_forum .= "\n"; } if ($logged_in) { # user folders $select_a_forum .= < HTML } $select_a_forum .= "\n\n"; } return $select_a_forum; } sub currently_online { if ($user eq "guest") { $guest_ip = $ENV{'REMOTE_ADDR'}; } open (FC, "+>> $config_dir/stats.sf") or dienice("couldn't open stats file: $!"); flock FC, 2; seek FC, 0, 0; $fc_text = join '',; seek FC, 0, 0; truncate FC, 0; #write to stats file if ($fc_text =~ /(.*?)<\/recentusers>/s) {$recent_users = $1;} else {$fc_text .= "<\/recentusers>\n";} @recent_users = split('\\|',$recent_users); foreach $ruser(@recent_users) { chomp $ruser; if ($ruser =~ /^(.*):(.*?)$/) { if (($1 ne $user and $1 ne "guest($guest_ip)") and (time-$2) < 360) { # if this is not the current user $newrecent_users = "$ruser|$newrecent_users"; } } } if ($user ne "guest") { $newrecent_users = "$user:".time."|$newrecent_users"; } else { $newrecent_users = "$user($guest_ip):".time."|$newrecent_users"; } $fc_text =~ s/(.*?)<\/recentusers>/$newrecent_users<\/recentusers>/sg; #print to forum @newrecent_users = split('\\|',$newrecent_users); foreach $ruser(@newrecent_users) { if ($ruser =~ /^(.*?):(\d*?)$/ and $1 and $1 !~ "guest$(.*?)$") { open(PROFILE, "< $users_dir/$1\.prf"); $profile_text = join '', ; close PROFILE; $seenuser = $1; $seentime = $2; if ($profile_text =~ /(.*?)<\/user_name>/) { $online_name = $1; } if ((time - $seentime) > 240) { $ocolor = "#DF0000"; } elsif ((time - $seentime) > 120) { $ocolor = "#E77E52"; } else { $ocolor = "#5F8563"; } if ($comma) { $currently_online .= ", ";} $currently_online .= "$online_name"; $comma = 1; } elsif ($ruser =~ /^guest$(.*?)$:(.*?)$/) { $guestcount++; } } if ($guestcount) { if ($comma) { $currently_online .= ", "; } if ($guestcount > 1) {$guest_s = $lang_guests; } else { $guest_s = $lang_guest; } $currently_online .= "$guestcount $guest_s\n\n"; } print FC $fc_text; close FC; } sub statistics { open(STATS, "< $config_dir/stats.sf") or &edit_statistics_file; $stats_content = join '', ; if ($stats_content =~ /(\d*)<\/tpc_amount>/s) { $tpc_amount = $1; } else { $reset_stats = 1; } if ($stats_content =~ /(\d*)<\/msg_amount>/s) { $msg_amount = $1; } else { $reset_stats = 1; } if ($stats_content =~ /(\d*)<\/usr_amount>/s) { $usr_amount = $1; } else { $reset_stats = 1; } if ($stats_content =~ /(.*?)<\/newest_user>/s) { $newest_user = $1; } close STATS; if ($reset_stats) { &edit_statistics_file; } open_dir($users_dir); foreach (@files) { if (/.*\.prf$/) { $registered_users++; } } date_time(time); if (!$forum_id) { print "
"; } # get custom statistics or print default statistics if (-e "$config_dir/custom_statistics.sf") { open(STATS, "< $config_dir/custom_statistics.sf") or dienice("Couldn't open custom statistics file: $!"); $statistics = join '', ; close STATS; open(PRF, "< $users_dir/$newest_user.prf"); while () { if (/(.*?)<\/user_name>/) { $newest_user_name = $1; } }; close PRF; $statistics =~ s/\$full_date/$days[$day] $mday $months[$mon] $year/sg; $statistics =~ s/\$short_date/$short_date/sg; $statistics =~ s/\$time/$hour:$min:$sec $ampm/sg; $statistics =~ s/\$topics/$tpc_amount/sg; $statistics =~ s/\$messages/$msg_amount/sg; $statistics =~ s/\$total_users/$registered_users/sg; $statistics =~ s/\$visits/$usr_amount/sg; $statistics =~ s/\$online_users/$currently_online/sg; $statistics =~ s/\$newest_user/$newest_user_name<\/a>/sg; } else { $statistics = <$full_date $ampm
- $lang_stats1 $tpc_amount $lang_stats2 $msg_amount $lang_stats3
- $lang_total_users: $registered_users. $lang_stats4 $usr_amount $lang_stats5
- $lang_currently_online: $currently_online STATS } print <

<$smallfont>$title - $lang_forum_statistics

<$smallfont>$statistics

HTML } sub edit_statistics_file { $action = join '', @_; if ($action =~ /^(.*?)(..)$/ and -e "$config_dir/stats.sf") { $action = $1; $increase_or_decrease = $2; open(STATS, "+>> $config_dir/stats.sf"); flock STATS, 2; seek STATS, 0, 0; $stats_content = join '',; if ($stats_content =~ /<\Q$action\E>(\d*)<\/\Q$action\E>/s) { if ($increase_or_decrease eq "++") { $amount = $1 + 1; } elsif ($increase_or_decrease eq "--") { $amount = $1 - 1; } $stats_content =~ s/<\Q$action\E>(\d*)<\/\Q$action\E>/<$action>$amount<\/$action>/s; } seek STATS, 0, 0; truncate STATS, 0; print STATS $stats_content; close STATS; return; } # RESET the stats file (-> check msg_amount and tpc_amount) if no action is given if (-e "$config_dir/stats.sf") { open(STATS, "< $config_dir/stats.sf"); $stats_content = join '',; close STATS; if ($stats_content =~ /(\d*)<\/usr_amount>/s) { $usr_amount = $1; } } open_dir($simpleforum_dir); @sffiles = @files; foreach $sffile(@sffiles) { if ($sffile =~ /^forum_(\d*)$/s) { open_dir("$simpleforum_dir/$sffile"); @topics = @files; foreach $topic(@topics) { if ($topic =~ /(\d*).topic/s) { $tpc_amount++; open(TPC, "< $simpleforum_dir/$sffile/$topic") or dienice("Couldn't open topic: $!"); $tpc_content = join '', ; while ($tpc_content =~ /(.*?)<\/post>/sg) { $msg_amount++; } close TPC; } } } } if (!$usr_amount) { $usr_amount = 1; } if (!$tpc_amount) { $tpc_amount = 0; } if (!$msg_amount) { $msg_amount = 0; } open(STATS, "> $config_dir/stats.sf") or dienice("Couldn't create statistics file: $!"); flock STATS, 2; print STATS <$tpc_amount $msg_amount $usr_amount<\/usr_amount> STATS_CONTENT close STATS; } sub register { # Register new users if ($enable_guest_registration eq "off" and !$admin_access) { &page_start; print "Registrations have been turned off.

Accounts will only be given by the Forum Administrator.

$lang_back
"; &page_end; exit; } if (param('confirmed')) { # User registered, print confirm message &page_start; print <$lang_register

Your account has been created!

Please write your password down somewhere safe. Lost passwords cannot be retrieved.
Click \"$lang_personal\" in the top menu to configure the forum to your liking.

$lang_forum_index

HTML &page_end; } elsif (!param('posted')) { open (AGR, "< $config_dir/forum_agreement.sf"); $forum_agreement = join '', ; close AGR; &page_start; if (!$forum_agreement or param('forum_agreement') eq "yes" or $admin_access) { # Print the register form print <$lang_register

<$smallfont>$lang_register_expl

HTML } else { # print forum agreement print <

$forum_agreement

HTML } &page_end; } else { # Verify the input and write the new user profile + Login (set sfusr cookie) $register_user = param('register_user'); $register_password = param('register_password'); $register_password_confirm = param('register_password_confirm'); $profile_file = $register_user; $profile_file =~ tr/[A-Z]/[a-z]/; # check name for invalid characters if ($profile_file =~ /^ / or $profile_file =~ / $/ or $profile_file =~ / /) { dienice("Spaces in front and behind user names are not allowed.

$lang_back"); } if ($profile_file =~ /<.*?>/) { dienice("Invalid username.

$lang_back"); } if (!-e "$simpleforum_dir/users/$profile_file.prf") { $profile_file =~ s/[\&\"\'\ \|\\\?\/\*\<\>\.\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg; } # avoid problems with '&" characters later if ($register_password eq $register_password_confirm) { if (length($register_password) > 3) { #check passw value for incorrect characters if ($register_password =~ /\W/) { #illegal character found dienice("Illegal character for your password, please use alphanumeric characters only!

Back"); } } else { #empty password or less than 4 chars dienice("The password must contain at least 4 characters

Back"); } } else { #passw don't match dienice("The 2 given passwords don't match, please enter your password twice the same

Back"); } if (!$register_user or !$register_password) { dienice("You forgot to enter a user name or a password

$lang_back"); } $register_password = encrypt($register_password); if (-e "$users_dir/$profile_file.prf") { dienice("This user already exists! Please choose a different name.

$lang_back"); } open(PROFILE, "> $users_dir/$profile_file.prf") or dienice("Couldn't create profile: $!"); flock PROFILE, 2; $register_time = time; $register_ip = $ENV{'REMOTE_ADDR'}; print PROFILE <$register_user |$register_ip| $register_password $register_time 1 0 PRF_CONTENT close PROFILE; # log in after registration, except when this user was created by the administrator if (!$admin_access) { $cookie = cookie(-name => 'sfusr', -value => "$profile_file\|$register_password"); print "Set-Cookie: $cookie\n"; } # remove the user from the Currently Online in stats open (STATS, "+>> $config_dir/stats.sf") or dienice("Couldn't open stats file: $!"); flock STATS, 2; seek STATS, 0, 0; $stats_content = join '', ; seek STATS, 0, 0; truncate STATS, 0; $stats_content =~ s/(.*?)\Q$user\E\:\d*?\|(.*?)<\/recentusers>/$1$2<\/recentusers>/sg; if ($stats_content =~ /.*?<\/newest_user>\n/) { $stats_content =~ s/(.*?)<\/newest_user>/$profile_file<\/newest_user>/sg; } else { $ stats_content .= "$profile_file<\/newest_user>\n"; } print STATS $stats_content; close STATS; # redirect admins to admin area and users to their profile if ($admin_access) { print redirect("$script_name?&fid=$forum_id&admin=1"); } else { print redirect("$script_name?user_settings=1&sblogged=1"); } } } sub login { $login_referer = $ENV{'HTTP_REFERER'} or $ENV{'REQUEST_URI'} or param('ref'); if ($login_referer !~ /\Q$script_name\E/) { $login_referer = $script_name; } if (!param('posted')) { # print the login form if (!$header_printed) { &page_start; } print < $lang_log_in

$lang_login_expl

HTML if ($qs =~ /login/) { &page_end; } } else { # verify user login input and login => set sfusr cookie $user = param('user'); $user =~ s/[\&\"\'\ \|\\\?\/\*\<\>\.\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg; # at registration, "difficult" characters were converted to "_" characters $user_password_input = param('user_password'); $login_referer = param('login_referer'); if (!$user or !$user_password_input) { dienice("You forgot to enter your name or password

$lang_back"); } $user =~ tr/[A-Z]/[a-z]/; $user_password_input = encrypt($user_password_input); open(USER_PROFILE, "< $users_dir/$user\.prf") or $error = 1; flock USER_PROFILE, 2; @user_profile_content = ; close USER_PROFILE; foreach $line (@user_profile_content) { chomp $line; if ($line =~ /^<(.*?)>(.*?)<\/(.*?)>$/) { $$1 = $2; } } if ($user_password_input ne $user_password) { $error = 1; } if ($error) { dienice("You specified an invalid user name or password

$lang_back"); } if (param('remember_login')) { $login_time = param('remember_login'); $cookie = cookie(-name => 'sfusr', -value => "$user\|$user_password", -expires => $login_time); } else { $cookie = cookie(-name => 'sfusr', -value => "$user\|$user_password"); } print "Set-Cookie: $cookie\n"; $login_referer =~ s/\$/\&/sg; # remove the "guest" from the Currently Online visit open (STATS, "+>> $config_dir/stats.sf") or dienice("Couldn't open stats file: $!"); flock STATS, 2; seek STATS, 0, 0; $stats_content = join '', ; seek STATS, 0, 0; truncate STATS, 0; $stats_content =~ s/(.*?)guest$\Q$ENV{'REMOTE_ADDR'}\E$\:\d*?\|(.*?)<\/recentusers>/$1$2<\/recentusers>/sg; print STATS $stats_content; close STATS; if ($login_referer !~ /\?/) { $login_referer .= "?"; } print redirect("$login_referer&sblogged=1"); } } sub logout { # Log out => empty the sfusr cookie $cookie = cookie(-name => 'sfusr', -value => ""); print "Set-Cookie: $cookie\n"; # remove the user from the Currently Online in stats open (STATS, "+>> $config_dir/stats.sf") or dienice("Couldn't open stats file: $!"); flock STATS, 2; seek STATS, 0, 0; $stats_content = join '', ; seek STATS, 0, 0; truncate STATS, 0; $stats_content =~ s/(.*?)\Q$user\E\:\d*?\|(.*?)<\/recentusers>/$1$2<\/recentusers>/sg; print STATS $stats_content; close STATS; print redirect("$script_name"); } sub subscribe { # Subscribes or unsubscribes the current user to a topic # params: # - action: "subscribe" or "unsubscribe" # - topic path: forum_dir/topic_id.topic my $subscribe_action = $_[0]; my $subscribe_topic = $_[1]; if ($subscribe_action eq "unsubscribe") { # unsubscribe # edit the topic file if (!$logged_in) { dienice("You need to be logged in in order to unsubscribe

$lang_log_in"); } open (TOPIC, "+>> $simpleforum_dir/$subscribe_topic") or dienice("Couldn't open $subscribe_topic"); flock TOPIC, 2; seek TOPIC, 0, 0; $tpc_content = join '', ; seek TOPIC, 0, 0; truncate TOPIC, 0; $tpc_content =~ s/(.*?)\|\Q$user\E<\/subscribe>\n/$1<\/subscribe>\n/s; $tpc_content =~ s/\Q$user\E\|(.*?)<\/subscribe>\n/$1<\/subscribe>\n/s; $tpc_content =~ s/\Q$user\E<\/subscribe>\n/<\/subscribe>\n/s; $tpc_content =~ s/(.*?)\|\Q$user\E\|(.*?)<\/subscribe>\n/$1\|$2<\/subscribe>\n/s; print TOPIC $tpc_content; close TOPIC; # edit the user profile open(PRF,"+>> $users_dir/$user.prf") or dienice("Couldn't open your profile: ".$!); flock PRF, 2; seek PRF, 0, 0; $prf_content = join '',; seek PRF, 0, 0; truncate PRF, 0; $prf_content =~ s/(.*?)\|\Q$subscribe_topic\E\|(.*?)<\/user_subscriptions>\n/$1$2<\/user_subscriptions>\n/sg; print PRF $prf_content; close PRF; } elsif ($subscribe_action eq "subscribe") { # subscribe if ($user_subscriptions =~ /\|\Q$subscribe_topic\E\|/s) { dienice("You are already subscribed to this topic!"); } if (!$user_email) { dienice("You need to enter a valid email address in your Personal Profile
in order to subscribe to this topic.

$lang_back"); } open(TOPIC,"+>> $simpleforum_dir/$subscribe_topic"); flock TOPIC, 2; seek TOPIC, 0, 0; $topic_content = join '', ; seek TOPIC, 0, 0; while () { if (/(.*?)<\/subscribe>\n/) { $subscribe_tags_exist = 1; if ($1 =~ /^\Q$user\E$/ or $1 =~ /^\Q$user\E\|(.*)/ or $1 =~ /(.*)\|\Q$user\E$/) { $user_subscribed = 1; } else { $subscribed_users = $1."\|$user"; $topic_content =~ s/(.*?)<\/subscribe>\n/$subscribed_users<\/subscribe>\n/s; } } } seek TOPIC, 0, 0; truncate TOPIC, 0; if (!$subscribe_tags_exist) { # if the subscribe tags do not exist we must place them print TOPIC "$user\n\n".$topic_content; $subscribed_users = $user; } else { # everything has been done above, just print the new data to the topic file seek TOPIC, 0, 0; truncate TOPIC, 0; print TOPIC $topic_content; } close TOPIC; # write to user profile open(PRF,"+>> $users_dir/$user.prf") or dienice("Couldn't open your profile: ".$!); flock PRF, 2; seek PRF, 0, 0; $prf_content = join '',; seek PRF, 0, 0; truncate PRF, 0; if ($prf_content !~ /.*?\|\Q$subscribe_topic\E\|.*?<\/user_subscriptions>\n/) { $prf_content =~ s/(.*?)<\/user_subscriptions>\n/$1\|$subscribe_topic\|<\/user_subscriptions>\n/sg or $prf_content .= "\|$subscribe_topic\|<\/user_subscriptions>\n"; } print PRF $prf_content; close PRF; } # refresh the $user_subscriptions variable $user_subscriptions = get_userparam($user,"user_subscriptions"); } sub user_settings { # user settings (a.k.a. Personal) if (!$logged_in) { dienice("You're not logged in"); } $menuitem_myprofile = "

<$smallfont>$lang_my_profile

<$smallfont>$lang_edit_profile

<$smallfont>$lang_private_messages

<$smallfont>$lang_my_settings

<$smallfont>$lang_subscriptions

<$smallfont>$lang_change_password

$menuitem_myprofile $menuitem_editprofile $menuitem_private_messages $menuitem_mysettings $menuitem_subscriptions $menuitem_change_pass

<$smallfont>$lang_personal

HTML if (!$usersettings_mainpage and !param('user_profile')) { print < HTML &page_end; } sub private_messages { # This sub handles everything that has to do with private messaging # guest -> abort // this part is not really necessary since it's already checked in user_settings if ($user eq "guest") { &page_start; print "Only registered users are allowed to send private messages

$lang_back
"; &page_end; exit; } if ($enable_private_messages eq "off") { &page_start; print "The Private Messaging feature has been disabled by the administrator

$lang_back
"; &page_end; exit; } $pmsg_dir = "$users_dir/private_messages"; # This is the directory where the pmsg data files are stored $tablewidth = "100%"; # since this is printed inside the user prefs panel # $box (as defined in the line below) is the "place" where you are inside the private messaging system. It can be either the Inbox or the Outbox or the Send Message ("box") if (param('outbox')) { $box = $lang_outbox; } elsif (param('send_pmsg') or param('sendto')) { $box = $lang_send_message } else { $box = $lang_inbox } if (!param('del')) { # print the header for all private messages pages (except when deleting, because the delete part uses a redirect) # This is the "header" for all the private messages pages if (param('user_settings')) { $user_settings = param('user_settings'); $user_settings_lnk = " » $lang_personal"; } #print private messages menu print "$lang_private_messages

<$smallfont>$lang_inbox - $lang_outbox - $lang_send_message

"; } if (param('send_pmsg') or param('sendto')) { # For sending new private messages if (!param('posted')) { # print the send private message form # param sendto (if it exists) contains the recipient if (param('sendto')) { $pmsg_recipient = param('sendto'); } # param pmsg_reply_id: put the text of the message you're answering to as a quote if (param('pmsg_reply_id')) { # get the content of the message you are replying to $pmsg_reply_id = param('pmsg_reply_id'); open(PMSG_IN, "< $pmsg_dir/$user\_in.pmsg") or dienice("Could not open inbox data: $!"); flock PMSG_IN, 2; $pmsg_in_content = join '', ; if ($pmsg_in_content =~ /\Q$pmsg_reply_id\E<\/pmsg_time>\n(.*?)<\/pmsg_subject>\n(.*?)<\/pmsg_message>/sg) { $pmsg_subject = $1; $pmsg_message = $2; $pmsg_subject =~ s/Re: //s; $pmsg_subject = "Re: ".$pmsg_subject; $pmsg_time = date_time($pmsg_reply_id); $pmsg_message =~ s/\n$//sg; $pmsg_message = "\[quoted\]\n[b]At $hour:$min:$sec $ampm $short_date, ".get_userparam($pmsg_recipient,"user_name")." wrote:[/b]\n$pmsg_message\n\[\/quoted\]\n\n"; } close PMSG_IN; } # print the form headers print <

HTML if ($admin_access and $mail eq "on") { print "\n"; } print <

$lang_recipient	HTML if ($pmsg_recipient) { # if the recipient is predefined, just open his profile and get his name open(STPRF,"< $users_dir/$pmsg_recipient.prf") or dienice("Unknown user!\n"); flock STPRF, 2; $stprf_text = join '', ; close STPRF; if ($stprf_text =~ /(.?)<\/user_name>/) { print "\n$1"; } else { dienice("Couldn't find name! Recipient unknown or corrupted profile."); exit; } } else { # if the recipient is not* predifined, get a list of all known users and let the sender select a recipient # get the name for every possible recipient open_dir($users_dir); print "\n"; # Print the rest of the form : Title and Message print <
$lang_subject
$lang_message HTML &print_emoticon_table; if ($pmsg_signature = &random_signature) { $pmsg_signature = "\n\n\n______________\n".$pmsg_signature; } print <	$pmsg_message$pmsg_signature
	$lang_send_pmsg_to_mail

HTML } else { # form is submitted; send the message # check input $pmsg_recipients = param('pmsg_recipient'); $pmsg_subject = param('pmsg_subject'); $pmsg_message = param('message'); if (!$pmsg_recipients) { $err .= "- select a recipient
\n"; } if (!$pmsg_subject) { $err .= "- enter a subject
\n"; } if (!$pmsg_message) { $err .= "- enter a message
\n"; } if ($err) { print "
Message could not be sent. You forgot to
\n

$err

\n$lang_back"; exit;} # assemble the @pmsg_recipients array if ($pmsg_recipients eq "all_registered_users") { # pmsg to all registered users: get every user from db open_dir($users_dir); foreach (@files) { if (/^(.*?)\.prf$/) { push @pmsg_recipients, $1; } } } else { # pmsg to a single user push @pmsg_recipients, $pmsg_recipients; } # create pmsg dir if it doesn't already exist if (!-e $pmsg_dir) { mkdir($pmsg_dir, 0777); } #open recipient's private messages file and write the new private message (1), dito for outbox of the sender (2) $pmsg_message .= "\n"; foreach $pmsg_recipient (@pmsg_recipients) { # 1 - Write to recipient's inbox file open(PMSG,"+>> $pmsg_dir/$pmsg_recipient\_in.pmsg") or die "Couldn't open $pmsg_recipient_in.pmsg"; flock PMSG, 2; seek PMSG, 0, 0; $pmsg_text = join '', ; seek PMSG, 0, 0; truncate PMSG, 0; $pmsg_time = time; print PMSG < no $user $pmsg_time $pmsg_subject $pmsg_message PMSG print PMSG $pmsg_text; close PMSG; # 2 - open the recipient's profile and reset the private messages popup open (PRFP, "+>> $users_dir/$pmsg_recipient.prf") or dienice("Couldn't open $pmsg_recipient.prf:$!"); flock PRFP,2; seek PRFP, 0, 0; $prfp_text = join '', ; seek PRFP, 0, 0; truncate PRFP, 0; if ($prfp_text =~ /(.*?)<\/user_pmsg_popped>\n/s) { $prfp_text =~ s/(.*?)<\/user_pmsg_popped>\n/no<\/user_pmsg_popped>\n/s; } else { $prfp_text .= "no<\/user_pmsg_popped>\n"; } print PRFP $prfp_text; close PRFP; # 3 - send a copy to the receiver's email address # requirements: - mail enabled by admin # - user email address available in profile # - the sender has selected that the recipient should get an email OR pmsg email notification is enabled by the recipient if ($mail eq "on" and (param('send_pmsg_to_mail') or get_userparam($pmsg_recipient,'user_pmsg_email_notify') ne "off") and get_userparam($pmsg_recipient,'user_email')) { # get recipient's email address $recipient_email = get_userparam($pmsg_recipient,'user_email'); if ($user_hide_email ne "yes") { $from_email = $user_email; } else { $from_email = ""; } # protect sender's email address if the sender chooses to keep his email address hidden open (MAIL, "|$mailprog -t") or dienice("Can't access $mailprog! Please make sure your mailprogram is installed and that the path to your mailprogram is set correctly.\n
The server returned this error: $!\n

If the error is something like \"No such file or directory\" this means the path to your mailprog is incorrect. The administrator can set this path in Administrator area > Forum Configuration"); print MAIL "From: $from_email ($user_name)\n"; print MAIL "To: $recipient_email\n"; print MAIL "Reply-to: $from_email\n"; print MAIL "Subject: Private Message: $pmsg_subject (by $user_name)\n\n"; print MAIL <> $pmsg_dir/$user\_out.pmsg") or die "Couldn't open $user_out.pmsg"; flock PMSG_OUTBOX, 2; seek PMSG_OUTBOX, 0, 0; $pmsg_outbox_text = join '', ; seek PMSG_OUTBOX, 0, 0; truncate PMSG_OUTBOX, 0; print PMSG_OUTBOX < $pmsg_recipients $pmsg_time $pmsg_subject $pmsg_message PMSG print PMSG_OUTBOX $pmsg_outbox_text; close PMSG_OUTBOX; # print a message to ensure the sender that the private message has been sent (and nothing went wrong) $pmsg_subject = add_html($pmsg_subject); # add html, smileys, bbcode, ... $pmsg_message = add_html($pmsg_message); if ($#pmsg_recipients == 0) { $pmsg_recipient_notify = @pmsg_recipients[0]; } else { $pmsg_recipient_notify = "recipients"; } print < $lang_message_sent_to $pmsg_recipient_notify!

$lang_subject	$pmsg_subject
$lang_message	$pmsg_message

HTML } } elsif (param('del')) { # Delete a private message from inbox or outbox # set the file in which the message should be deleted, either the inbox file, else the outbox file if (param('outbox')) { $pmsg_file = "$user\_out.pmsg"; $outbox = param('outbox'); } # outbox file else { $pmsg_file = "$user\_in.pmsg"; } # inbox file # The $del_id variable is based on the time when the to-be-deleted-private-message # was sent. We scan the content of the pmsg and remove the pmsg matching the del_id. $del_id = param('del'); open(PMSG, "+>> $pmsg_dir/$pmsg_file") or dienice("$pmsg_file: $1"); flock PMSG, 2; seek PMSG, 0,0; $pmsg_text = join '', ; seek PMSG, 0,0; truncate PMSG, 0; $pmsg_text =~ s/^(.*)\n.*?\n\Q$del_id\E<\/pmsg_time>\n.*?<\/pmsg>\n(.*)$/$1$2/sg; print PMSG $pmsg_text; close PMSG; $user_settings = param('user_settings'); # redirecting the user to the inbox or outbox depending on where he came from print redirect("$script_name?fid=$forum_id&pmsg=1&user_settings=$user_settings&outbox=$outbox"); exit; } else { # INBOX & OUTBOX - This will print out all Private Messages in the inbox OR in the outbox # open private messages file for this user # Set the file from which to read the messages; either inbox or outbox if (param('outbox')) { $pmsg_file = "$user\_out.pmsg"; $outbox = param('outbox'); } # outbox file else { $pmsg_file = "$user\_in.pmsg"; } # inbox file # open and get the contents from the private messages file open(PMSG, "+>> $pmsg_dir/$pmsg_file"); flock PMSG, 2; seek PMSG, 0, 0; $pmsg_text = join '', ; $new_pmsg_text = $pmsg_text; # mark every unread message as read $new_pmsg_text =~ s/no<\/pmsg_read>\n/yes<\/pmsg_read>\n/sg; seek PMSG, 0, 0; truncate PMSG, 0; print PMSG $new_pmsg_text; close PMSG; # The while loop below goes through every private message one by one, parsing and printing the data while ($pmsg_text =~ /\n(.*?)<\/pmsg>\n/sg) { $pmsg_printed = 1; # if the private messages file contains one message (and thus prints one message), we disable the "No messages" note. $pmsg = $1; # parse the private message (in the loop) if ($pmsg =~ /(.*?)<\/pmsg_sender>\n/s) { $pmsg_sender = $1; } if ($pmsg =~ /(.*?)<\/pmsg_read>\n/s) { $pmsg_read = $1; } if ($pmsg =~ /(.*?)<\/pmsg_time>\n/s) { $pmsg_time = $1; } if ($pmsg =~ /(.*?)<\/pmsg_subject>\n/s) { $pmsg_subject = $1; } if ($pmsg =~ /(.*?)<\/pmsg_message>\n/s) { $pmsg_message = $1; } # reset vars $pmsg_user = ""; $pmsg_avatar = ""; $pmsg_title = ""; $pmsg_posts = ""; $pmsg_status = ""; # check whether the sender of the message is a registered user if (-e "$users_dir/$pmsg_sender\.prf") { $pmsg_sender; # This is a registered user! Get his avatar, name, post-amount, ... open(PMSG_PROFILE, "< $users_dir/$pmsg_sender\.prf"); flock PMSG_PROFILE, 2; $pmsg_profile = join '', ; close PMSG_PROFILE; if ($pmsg_profile =~ /(.*?)<\/user_name>\n/s) { $pmsg_name = "$1"; } if ($pmsg_profile =~ /(.*?)<\/user_avatar>\n/s) { $pmsg_avatar = $1; } if ($pmsg_profile =~ /(.*?)<\/user_posts>\n/s) { $pmsg_posts = $1; } if ($pmsg_profile =~ /(.*?)<\/user_title>\n/s) { $pmsg_title = $1; } } else { $pmsg_title = $lang_guest; } $pmsg_subject = add_html($pmsg_subject); #add smileys, images, url's, ... $pmsg_message = add_html($pmsg_message); #This line takes care of the color switching if ($tablecolor eq $tablecolor1) { $tablecolor = $tablecolor2; } else { $tablecolor = $tablecolor1; } #Make $pmsg_time "readable" ;) date_time($pmsg_time); # determine the user's title if (!$post_title and $enable_user_titles eq "on") { if ($post_posts < $title_lvl2_posts) { $post_title = $title_lvl1; } elsif ($post_posts < $title_lvl3_posts) { $post_title = $title_lvl2; } elsif ($post_posts < $title_lvl4_posts) { $post_title = $title_lvl3; } elsif ($post_posts < $title_lvl5_posts) { $post_title = $title_lvl4; } elsif ($post_posts < $title_lvl6_posts) { $post_title = $title_lvl5; } elsif ($post_posts) { $post_title = $title_lvl6; } } # set the border color for new messages if ($pmsg_read eq "no") { $borderstyle = "style='border-color:#FF0000;'"; } else { $borderstyle = ""; } # print one message (in a loop) print <<$smallfont>$lang_posted_on $short_date $hour:$min:$sec$ampm

<$bigfont>$pmsg_name HTML if ($pmsg_title and $enable_user_titles eq "on") { print "
<$smallfont>$pmsg_title"; } if ($pmsg_posts) { print "
<$smallfont>$lang_posts: $pmsg_posts"; } print < <$smallfont>
$lang_reply | $lang_delete HTML if ($pmsg_avatar and $allow_avatars ne "no") { print "

"; } print <

<$bigfont>$pmsg_subject

$pmsg_message

HTML } if (!$pmsg_printed) { # no messages in Inbox print <

$lang_there_are_currently_no_messages_in_your $box.

\n HTML } } } sub print_user_folder { # Takes one param: the folder name # Known names are: # - Subscriptions (shows all of the user's subscribed topics) # - New Topics (shows all new topics since last visit) # - Last 10 Topics (shows last ten (?) topics) my $user_folder = shift (@_); if ($user_folder eq "Subscriptions") { $user_folder_name = $lang_subscriptions; } elsif ($user_folder eq "Last 10 topics") { $user_folder_name = $lang_last_ten_topics; } elsif ($user_folder eq "New topics") { $user_folder_name = $lang_new_topics; } else { $user_folder_name = $user_folder; } print "

$user_folder_name

"; if (!$subtablewidth) { $subtablewidth = $tablewidth; } # Get the forum index structure # This structure gets created in select_a_forum, so we run this subroutine without printing the resulting "; if (!$select_a_forum_printed) { print ""; $select_a_forum_printed = 1; } print "

<$smallfont>» $lang_forum_index ".add_html($forum_group)."» ".add_html($forum_name)."

".&select_a_forum."

"; $topic_dir = "$simpleforum_dir/$forum_dir"; $forum_id = $fid; $tablewidth = $subtablewidth; $topic_id = ""; &print_topic_list; $user_folder_item_printed = 1; print ""; } } } if (!$user_folder_item_printed) { print $empty_message; if (!param('user_subscriptions')) { print "
Back"; } } else { print "

".&select_a_forum."

\n"; } } # # # # DO NOT EDIT ANYTHING BELOW # # # # # # # # # # # # # # # # # # sub installation { if ($admin_account eq "unknown_admin") { # if for any reason no admin account is defined, but the forum is installed, set it if (!param('selectadmin') and !param('createadmin')) { &page_start; print <No administrator account has been set!

Please select a user from the list below to administer this forum.

If you are upgrading from SimpleForum Lite or if no users are present,
you will need to create a new administrator account. HTML &page_end; } elsif (param('selectadmin')) { if (param('admin_acct')) { $new_admin = param('admin_acct'); open (SF, "+>> $config_dir/simpleforum.conf"); flock SF, 2; seek SF, 0, 0; $sf_content = join '', ; seek SF, 0, 0; truncate SF, 0; $sf_content =~ s/admin_account\:.*?\n/admin_account\:$new_admin\n/sg; print SF $sf_content; close SF; print redirect($script_name); } else { dienice("No account has been selected

Back"); } } elsif (param('createadmin')) { $admin_account = param('admin_acct'); $pass1 = param('pass1'); $pass2 = param('pass2'); if (!$admin_account) { dienice("You did not specify a name

Back"); } if (!$pass1) { dienice("You need to enter a password

Back"); } if ($pass1 ne $pass2) { dienice("The given passwords are not the same

Back"); } if (length($pass1) < 4) { dienice("The password must contain at least 4 alphanumeric characters

Back"); } if ($pass1 =~ /\W/) { dienice("Illegal character(s) found in your password, please use alphanumeric characters only

Back"); } if ($admin_account =~ /\W/) { dienice("Illegal character(s) found in your name, please user alphanumeric characters only

Back"); } $admin_password = $pass1; # assign users directory location and create it if necessary $users_dir = "$simpleforum_dir/users"; if (!-e $users_dir) {mkdir($users_dir,0777) or dienice("Couldn't create the users directory: $!");} # write the administrator's profile $profile_file = $admin_account; $profile_file =~ tr/[A-Z]/[a-z]/; $profile_file =~ s/[\&\"\'\ \|\\\?\/\*\<\>\.\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg; if (-e "$users_dir/$profile_file.prf") { print "This user already exists! Please choose a different name.

Back"; exit; } open(PROFILE, "> $users_dir/$profile_file.prf") or dienice("Couldn't create profile: $!"); flock PROFILE, 2; $register_time = time; $register_ip = $ENV{'REMOTE_ADDR'}; $admin_password = encrypt($admin_password); print PROFILE <$admin_account |$register_ip| $admin_password $register_time 1 Administrator 0 PRF_CONTENT close PROFILE; # modify the simpleforum.conf file open (SF, "+>> $config_dir/simpleforum.conf"); flock SF, 2; seek SF, 0, 0; $sf_content = join '', ; seek SF, 0, 0; truncate SF, 0; $sf_content =~ s/admin_account\:.*?\n/admin_account\:$profile_file\n/sg; print SF $sf_content; close SF; print redirect($script_name); } exit; } elsif ($admin_account) { return undef; } #already installed # Here begins installation from scratch (not from lite as above) $admin_account = param('admin_account'); $admin_password = param('admin_password'); $admin_password1 = param('admin_password1'); $admin_password2 = param('admin_password2'); $images_dir = param('images_dir'); if (!param('step3b')) { # admin log in on installation complete, so don't print the normal headers! print header . < Simpleforum $version - Installation

Welcome to Simpleforum Pro $version!

In order to make this script work on your server there are a few steps you need to follow. Please read the instructions carefully!

HTML } if (param('step1')) { if (param('step2')) { if (param('step3a')) { if (param('step3b')) { #installation complete # assign users directory location and create it if necessary $users_dir = "$simpleforum_dir/users"; if (!-e $users_dir) {mkdir($users_dir,0777) or dienice("Couldn't create the users directory: $!");} # write the administrator's profile $profile_file = $admin_account; $profile_file =~ tr/[A-Z]/[a-z]/; $profile_file =~ s/[\&\"\'\ \|\\\?\/\*\<\>\.\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg; if (-e "$users_dir/$profile_file.prf") { print "This user already exists! Please choose a different name.

Back"; exit; } open(PROFILE, "> $users_dir/$profile_file.prf") or dienice("Couldn't create profile: $!"); flock PROFILE, 2; $register_time = time; $register_ip = $ENV{'REMOTE_ADDR'}; $admin_password = encrypt($admin_password); print PROFILE <$admin_account |$register_ip| $admin_password $register_time 1 Administrator 0 PRF_CONTENT close PROFILE; # write the simpleforum.conf file open(CONF, "> $config_dir/simpleforum.conf") or $die = 1; if ($die) { print "Couldn't write the configuration to the $config_dir directory! ($!) Please make sure that you've set the permissions of this directory to 777 (or whatever fits for your webserver's configuration"; exit; } flock CONF, 2; print CONF < 'sfusr', -value => "$profile_file\|$admin_password"); print "Set-Cookie: $cookie\n"; print header." Simpleforum $version - Installation

Welcome to Simpleforum Pro $version!

Installation complete!

To configure your forum any further, go to the Admin area on your forum by clicking \"Admin\" in the top menu. Enjoy!

Click here to enter your forum
"; exit; } else { # step 3b # add a slash (/) if necessary if ($images_dir and $images_dir !~ /^(.*?)\/$/) { $images_dir .= "/"; } elsif (!$images_dir) { $images_dir = "$simpleforum_dir/images/"; } print <Step 3 - Images!
If you can see the following image, click "Finish!", else click "Continue".
Image:

If the image above doesn't show, it means that the images directory which is located in $simpleforum_dir cannot be reached from the browser.

To fix this issue, read the following instructions carefully.

Go to your simpleforum directory ($simpleforum_dir)

Move the "images" directory, located in $simpleforum_dir to somewhere outside the cgi-bin (or outside the directory configured to execute cgi scripts)

If you don't get the previous step, just move the images directory to the http root level of your server (the directory where you place your html files).

Try accessing the images directory through your browser by going to the new location of the images directory. (Open a new window)
Example: http://www.mydomain.com/path/to/images/

If you can see the images, enter the location in the text-field below; else keep moving the images directory around on your server until you find a suitable location for it.

Enter URL to images directory here:

Example: http://www.mydomain.com/path/to/images/

HTML } } else { # step 3a if ($admin_account) { while ($admin_account =~ /(\W)/sg) { if ($1 ne ' ') { print "Whoops!

Illegal character(s) found in your user name, please use alphanumeric characters only

Back"; exit; } } $profile_file = $admin_account; $profile_file =~ tr/[A-Z]/[a-z]/; if (-e "$simpleforum_dir/users/$profile_file.prf") { print "Whoops!

This account already exists

Back"; exit; } } else { print "Whoops!

You forgot to enter an account name!

Back"; exit; } if ($admin_password1 eq $admin_password2) { $admin_password = $admin_password1; if (length($admin_password) > 3) { #check passw value for incorrect characters if ($admin_password !~ /\W/) { print <Step 3 - Images!
If you can see the following image, click "Finish!", else click "Continue".
Image:

If the image above doesn't show, it means that the images directory which is located in $simpleforum_dir cannot be reached from the browser.

To fix this issue, read the following instructions carefully.

Go to your simpleforum directory ($simpleforum_dir)

Move the "images" directory, located in $simpleforum_dir to somewhere outside the cgi-bin (or outside the directory configured to execute cgi scripts)

If you don't get the previous step, just move the images directory to the http root level of your server (the directory where you place your html files).

Try accessing the images directory through your browser by going to the new location of the images directory. (Open a new window)
Example: http://www.mydomain.com/path/to/images/

If you can see the images, enter the location in the text-field below; else keep moving the images directory around on your server until you find a suitable location for it.

Enter URL to images directory here:

Example: http://www.mydomain.com/path/to/images/

HTML } else { #illegal character found print "Whoops!

Incorrect value for the Administrator Password, please use alphanumeric characters only!

Back"; exit; } } else { #empty password or less than 4 chars print "Whoops!

The password must contain at least 4 characters

Back"; exit; } } else { #passw don't match print "Whoops!

The 2 given passwords don't match, please enter the admin password twice the same

Back"; exit; } } } else { # step 2 if (!$simpleforum_dir) { print "Whoops!

No value given for the simpleforum files directory

Back"; exit; } if (!-e $simpleforum_dir) { print "Whoops!

Looks like the directory ($simpleforum_dir) could not be located!
Please set the simpleforum_files directory in the right place, next to $script_name.

Back"; exit; } open(FILE, "> $simpleforum_dir/permissionscheck.txt") or $permissions_error = 1; print FILE "Test"; close FILE; if ($permissions_error) { print "Whoops!

Could not write to the directory '$simpleforum_dir'. Please set the permissions for this directory to 777 (or whatever fits for your webserver's configuration).

Back"; exit; } open(FILE, "< $simpleforum_dir/permissionscheck.txt") or $permissions_error = 1; close FILE; if ($permissions_error) { print "Whoops!

Could not read from the directory '$simpleforum_dir'. Please set the permissions for this directory to 777 (or whatever fits for your webserver's configuration).

Back"; exit; } unlink "$simpleforum_dir/permissionscheck.txt"; # Create config dir if necessary $config_dir = "$simpleforum_dir/config"; if (!-e $config_dir) {mkdir($config_dir,0777) or return("Couldn't create the config directory $config_dir: $!");} if (-e "$config_dir/simpleforum.conf") { open(FILE, "+>> $config_dir/simpleforum.conf") or $permissions_error = 1; close FILE; if ($permissions_error) { print "Whoops!

Your simpleforum.conf file is not readable by the script. This means you have somehow changed its owner/permissions. Please chmod the simpleforum.conf file (located in simpleforum_files) to 777 or whatever fits for your webserver's configuration. If this error keeps appearing, delete the simpleforum.conf file. Note that this will delete your former simpleforum settings. You can keep a copy of the simpleforum.conf file and open it with a texteditor to see the old values of your configuration.

Back"; exit; } } print <Step 2 - The Administrator Account
This account will have the ability to configure and manage everything that is going on on your forum. You can assign multiple administrators later in the forum configuration, only one is required now. The password must be at least 4 characters long and may contain only alphanumeric characters! Write your password down somewhere safe because it cannot be recovered when lost!

Password examples:
abc123

mypassword

Account Name:

Password:

Confirm:

HTML } } else { # step 1 print <Step 1 - The SimpleForum Files directory
This directory, called "simpleforum_files", is the directory where SimpleForum will save all its data in. The simpleforum_files directory came with the download and should be placed in the same directory you put $script_name and the permissions for this directory should be set to 777 (or whatever fits for your webserver's configuration).

If you have done this, click "Continue" and the script will test if the location is correct and if the permissions for this directory are set correctly.

HTML } print < HTML exit; } sub start { #Don't edit anything here! #standard operations $qs = $ENV{'QUERY_STRING'}; $password = encrypt(param('password')); $version = "4.6.2"; $script_name = $ENV{'SCRIPT_FILENAME'}; if (!$script_name) { $script_name = "simpleforum_pro.cgi"; } $script_name =~ s/^.*\/(.*?)$/$1/s; # Set the config directory location if (-e "$simpleforum_dir/config") { $config_dir = "$simpleforum_dir/config"; } elsif (-e "$simpleforum_dir/simpleforum.conf") { &upgrade; } # for older versions of simpleforum if (-e "$config_dir/simpleforum.conf") { open CONF, "$config_dir/simpleforum.conf" or dienice("Couldn't open simpleforum.conf for reading: $!"); while () { if (/admin_account:(.*?)\n/) { $admin_account = $1; } } close CONF; } else { &installation; } if (!$admin_account or ($qs eq "installation" and !$admin_account)) { &installation; exit; } #&last_visit; if (!$simpleforum_dir) { $error .= "the SimpleForum Files Directory is not set.
To do this, open $script_name in a texteditor and follow the instructions written there.

"; } if ($error) { print header."ErrorError - You got the forum running... BUT:

$error"; exit;} #if the simpleforum_dir does not exist if (!-e $simpleforum_dir) { print header."Could not locate the SimpleForum Files directory: $!\n

This directory, called simpleforum_files (default), came with the $script_name script and should be placed in the same directory where you put $script_name. Set its permissions to 777 (chmod 777 $simpleforum_dir). This means that user, group and everyone must have read/write/execute access for the simpleforum-directory ($simpleforum_dir)

If you have done this, and it's still not working, check if your \$simpleforum_dir variable is set correctly in $script_name.
(Default) Example: \$simpleforum_dir = \"simpleforum_files\";

"; exit; } # default settings: do not edit these. They can all be edited from the admin area (on the forum in your browser) # in case the conf file has not been created yet, these are the settings that will apply to the forum $images_dir = "$simpleforum_dir/images"; # images directory $title = "SimpleForum $version"; # Title of your forum (example: John's Forum) $subtitle = "W e l c o m e !"; # Subtitle that appears below the Title (see above) on the forum index $home_name = "Home"; # Title of your homepage $home_url = "http://simpleforum.net"; # URL for your homepage $hour_difference = 0; # If the server time is different from your local time. Can be a negative number as well. Expressed in hours. (example: 1, this will set the hour difference to +1 HOUR) $hoursystem = "12"; # 12 or 24 (12 will add AM and PM behind in hour notation) $date_notation = "ddmmyy"; # Date notation: mmddyy (MM/DD/YY) or ddmmyy (DD/MM/YY) $html_protection = "on"; # disable html in posts [on/off] $bbcode = "on"; # allow bbcode [on/off] $smileys = "on"; # add smileys $author_edit = "on"; # allow the author to edit his post or not $backgroundcolor = "#FFFFFF"; # The background color of the forum $backgroundimage = "$images_dir/background.gif"; # If you want an image for background, specify the URL to the image (e.g. "http://www.domain.com/path/to/image.jpg") $menu_display = "text"; # Display the menu as text or images $tablecolor1 = "#E9E6E6"; # Table backgroundcolor 1 $tablecolor2 = "#D8D7D7"; # Table backgroundcolor 2 $tablecolor3 = "#F8F7F7"; # Table backgroundcolor 3 $tablebordercolor = "#AAAAAA"; # Table border color $tablebordersize = 1; # border thickness $tablewidth = "93%"; # Table width $maximagewidth = "700"; # Images with width larger than this number will be resized $postformbackground = "#E9E6E6"; # Table background color for the post/reply form $fontface = "verdana,arial"; # The font you want to use for your forum, note that the visitor must have the font installed on his computer. By adding a "," you can add a secondary font in case the visitor has not got the font installed (e.g. "arial, verdana"). Empty field will apply the standard font. $fontsize = "9"; # The size of the font in general, this does not count for headers and such (example: 12, this will make the font size 12pt) $fontsizesmall = "8"; # The font size of comments, less important text, ... $fontcolor = "#555555"; # Will change the color for most text on your forum $topic_order = "last-modified"; # Determines in what order topics are listed on a forum [last-modified/creation-date] $topics_per_page = 10; # Amount of topics shown in topic index $posts_per_page = 20; # Amount of replies shown in a topic $popularnumb = 15; # Amount of replies required to make a topic "Popular" $link_color = "#6685CC"; # color of hyperlinks $visited_link_color = "#6685CC"; # color of visited hyperlinks $link_hover_color = "#CC6666"; # color when hovering mouse over hyperlinks $language = "English"; # forum language $mail = "on"; # activates the mail function of the forum. However, the sendmail program must be operational and the path to sendmail must be set correctly. $mailprog = '/usr/sbin/sendmail'; # mail program, standard set to unix sendmail. $show_email_addresses = "off"; # Show/Hide user's email addresses on the forum $allow_attachments = "yes"; # attachments feature on/off $attachments_dir = "$simpleforum_dir/attachments"; # location of the attachments directory (local path) $attachments_uploadmax = "5120000"; # 5 megabites max filesize for uploaded attachments $attachments_allowed_filetypes = ".txt .gif .jpg .png"; # default allowed extensions for attachments $guest_access = "read-only"; # allow guest access on your forum [on/read-only/off] $title_lvl1 = "*"; $title_lvl2 = "**"; $title_lvl3 = "***"; $title_lvl4 = "****"; $title_lvl5 = "*****"; $title_lvl6 = "******"; $title_lvl1_posts = "0"; $title_lvl2_posts = "64"; $title_lvl3_posts = "128"; $title_lvl4_posts = "256"; $title_lvl5_posts = "512"; $title_lvl6_posts = "1024"; $enable_user_titles = "on"; $enable_private_messages = "on"; $enable_guest_registration = "on"; $enable_polls = "on"; $override_hour_difference = "yes"; $override_date_notation = "yes"; $override_hour_notation = "yes"; $override_topic_order = "yes"; $override_language = "yes"; $override_topics_per_page = "yes"; $override_posts_per_page = "yes"; $allow_avatars = "yes"; $avatars_uploadmax = 102400; #100 kb $avatars_width = 70; #pixels #in case the conf file exists, get and modify the default variables' values open CONF, "$config_dir/simpleforum.conf" or dienice("Couldn't open simpleforum.conf for reading: $!"); while () { chomp; if (/^(.*?):(.*?)$/) { $$1 = $2; } } close CONF; # version check if ($forum_version ne $version) { &upgrade; } # define the font classes so that in the script we can use <$standardfont>,<$smallfont> and <$bigfont> $bigsize = $fontsize + 1; $standardfont = "font class='standardfont'"; $smallfont = "font class='smallfont'"; $bigfont = "font class='bigfont'"; if (!$images_dir) { $images_dir = "$simpleforum_dir/images"; } else { $images_dir =~ s/\/$//s; } if (!$attachments_dir) { $attachments_dir = "$simpleforum_dir/attachments"; } else { $attachments_dir =~ s/\/$//s; } if (!$attachments_url) { $attachments_url = $attachments_dir; } # set users directory location and create it if necessary $users_dir = "$simpleforum_dir/users"; if (!-e $users_dir) {mkdir($users_dir,0777) or dienice("Couldn't create the users directory: $!

Please contact the forum admin");} $smileys_dir = "$images_dir/smileys"; $script_dir = url(-absolute=>1); $script_dir =~ s/(.*)\/(.*?)$/$1\//; #get user information from profile OR if not logged in, get the remembered user name and email address $cookie = cookie('sfusr'); if ($cookie =~ /^(.*?)\|(.*?)$/s) { $cookie_user = $1; $cookie_password = $2; if (-e "$users_dir/$cookie_user\.prf") { $user = $cookie_user; $logged_in = 1; open(USER_PROFILE, "< $users_dir/$cookie_user\.prf") or dienice("Couldn't open profile: $!"); flock USER_PROFILE, 2; @user_profile_content = ; $user_profile_content = join '', @user_profile_content; close USER_PROFILE; if ($user_profile_content =~ /(.*?)<\/user_password>\n/s) { $user_password = $1; if ($cookie_password eq $user_password) { foreach $line (@user_profile_content) { chomp $line; if ($line =~ /^<(user_.*?)>(.*?)<\/(user_.*?)>$/) { # a single-line variable $$1 = $2; } elsif ($line =~ /^<(user_.*?)>(.*?)$/) { # a multi-line variable $var = $1; if ($user_profile_content =~ /<\Q$var\E>(.*?)<\/\Q$var\E>\n/s) { $$var = $1; } } } } else { $user = "guest"; $cookie_name = ""; $cookie_email = $cookie_password; $logged_in = ""; } } } else { $user = "guest"; $cookie_name = $1; $cookie_email = $2; } } elsif (param('sblogged')) { # display error message if acquiring the cookie failed dienice("You don't appear to have cookies properly enabled."); $user = "guest"; } else { $user = "guest"; } # set personal user settings if ($logged_in and $qs !~ /admin/) { # disable personal settings for admin area if ($override_hour_difference and $user_hour_difference) { $hour_difference = $user_hour_difference; } if ($override_date_notation and $user_date_notation) { $date_notation = $user_date_notation; } if ($override_hour_notation and $user_hour_notation) { $hoursystem = $user_hour_notation; } if ($override_topic_order and $user_topic_order) { $topic_order = $user_topic_order; } if ($override_language and $user_language) { $language = $user_language; } if ($override_topics_per_page and $user_topics_per_page) { $topics_per_page = $user_topics_per_page; } if ($override_posts_per_page and $user_posts_per_page) { $posts_per_page = $user_posts_per_page; } } if (!-e "$simpleforum_dir/languages/$language.pm") { print header."The language module ($language.pm) is not installed!

Place this module that came with the official distribution of SimpleFroum in \"$simpleforum_dir/languages/\""; exit; } require "$simpleforum_dir/languages/$language.pm"; &set_language_vars; #check if the language files are updated if (!$lang_viewing) { dienice("You haven't got the latest version of the language files installed. Please read the \"upgrade_readme.txt\" file that came with the download for more info."); } # Last visited in order to see "new" topics &last_visit; #Check banned IP's and normal bans &check_bans; #Get the current forum's info if ($qs =~ /fid=(\d*)/) { $forum_id = $1; if ($forum_id) { $topic_dir = "$simpleforum_dir/forum_$forum_id"; open(INFO, "< $topic_dir/forum.info") or dienice("Failed to open forum.info (fid=$forum_id): $!

Could this be because you just deleted the requested forum?

Back"); $forum_info = join '', ; close INFO; if ($forum_info =~ /(.*?)<\/forum_name>/s) { $forum_name = add_html($1); } if ($forum_info =~ /(.*?)<\/forum_more>/s) { $forum_more = add_html($1); } if ($forum_info =~ /(.*?)<\/forum_perm>/s) { $forum_perm = add_html($1); } if ($forum_info =~ /(.*?)<\/forum_mods>/s) { $forum_mods = $1; } if ($forum_info =~ /(.*?)<\/forum_access>/s) { $forum_access = $1; } $frm_lnk = " » $forum_name"; } } #access for guests denied when $guest_access eq "off" if ($guest_access eq "off" and $user eq "guest" and $qs ne "register" and $qs !~ /^login(.*?)$/) { &page_start; print "Welcome to $title!

"; print "This Forum does not allow for unregistered users to be used.
Please $lang_log_in or $lang_register in order to gain access to this Forum.

\n"; &login; &page_end; exit; } # check if the user is an administrator @admin_accounts = split(/\|/, $admin_account); foreach $admin_account(@admin_accounts) { if ($admin_account eq $user) { $admin_access = 1; } if ($admin_account eq "unknown_admin") { &installation; } # set the admin account } # check if the user is a forum moderator @forum_moderators = split(/\|/, $forum_mods); foreach $forum_moderator(@forum_moderators) { if ($forum_moderator eq $user) { $moderator_access = 1; } } # add this user to the currently online list ¤tly_online; # if this is a registered user: see whether the IP has changed. # if the IP has changed, add it to the list of his IP's if ($logged_in) { while ($user_ip =~ /(\d*?\.\d*?\.\d*?\.\d*?)\|/sg and !$matching_ip) { if ($ENV{'REMOTE_ADDR'} eq $1) { $matching_ip = 1; } } if (!$matching_ip) { # add the ip to the list $new_ip = $ENV{'REMOTE_ADDR'}; open (PRF, "+>> $users_dir/$user\.prf") or dienice("couldn't open $user\.prf"); flock PRF, 2; seek PRF, 0, 0; $profile_text = join '', ; seek PRF, 0, 0; truncate PRF, 0; $profile_text =~ s/(.*?)<\/user_ip>\n/\|$new_ip$1<\/user_ip>\n/s; print PRF $profile_text; close PRF; } } #Check forum access if (!&forumaccess_check) { exit; } # update user status (what the user is doing at the moment) &user_status('set'); } sub date_time { #Don't edit anything here, unless you know what you're doing. my($date_time) = @_; ($sec,$min,$hour,$mday,$mon,$year,$day,$yday,$isdst) = localtime($date_time + ($hour_difference *3600)); if ($sec < 10) { $sec = "0$sec"; } if ($min < 10) { $min = "0$min"; } if ($hour < 10) { $hour = "0$hour"; } if ($mon < 10) { $mon = "0$mon"; } if ($mday < 10) { $mday = "0$mday"; } $mon++; if (!@months or !@months_short or !@days) { dienice("Incomplete language file!"); } if ($hoursystem eq "12") { if ($hour > 11) { if ($hour > 12) { $hour = $hour - 12; } $ampm = " PM"; } else { $ampm = " AM"; } } $year += 1900; $full_date = "$days[$day] $mday $months[$mon] $year @ $hour:$min:$sec"; $long_date = "$months[$mon] $mday, $year at $hour\:$min\:$sec"; $date = "$mday $months_short[$mon] $year"; $year %= 100; if ($year < 10) { $year = "0$year"; }; if ($date_notation eq "mmddyy") { $short_date = "$mon/$mday/$year"; } elsif ($date_notation eq "ddmmyy") { $short_date = "$mday/$mon/$year"; } elsif ($date_notation eq "yymmdd") { $short_date = "$year/$mon/$mday"; } else { $short_date = "$mon/$mday/$year"; } } sub page_end { #Credits are to be left untouched!! For the up to date "terms of use", see http://simpleforum.net. #feel free to *add* some text, just make sure that you leave a link to the simpleforum site if (!$footer_printed) { $custom_footer =~ s/\$images_dir/$images_dir/sg; print "

<$smallfont>Powered by SimpleForum Pro $version"; if ($menu_display ne "text" and $logged_in) { print "<$smallfont>$lang_you_are_logged_in_as $user_name
"; } print "

\n\n"; # Resize images that are larger than the maximum image width print < HTML if ($qs !~ /help/) { print "\n$custom_footer\n\n\n"; } print "<\/body>\n\n<\/HTML>"; $footer_printed = 1; } } sub write_to_topic { #after submitting and verifying a message, write it to the appropriate topic file $time = time; $signature = &random_signature; # get a random signature if available if (!$topic_id) { # if this is a new topic, define a new topic id $topic_id = $time; edit_statistics_file("tpc_amount++"); if (param('make_sticky') eq "yes") { # if this is a sticky topic, write its ID to the sticky topics file open (STICKY, "+>> $topic_dir/sticky_topics.sf") or dienice("Couldn't make this topic a sticky topic: $!"); flock STICKY, 2; seek STICKY, 0, 0; $sticky_content = join '', ; seek STICKY, 0, 0; truncate STICKY, 0; print STICKY "$topic_id<\/sticky_id>\n"; print STICKY $sticky_content; close STICKY; } } if ($logged_in) { # set the status of the sender $status = "registered"; } else { $status = "guest"; } # poll data # choices are already stored in @poll_choices; see subroutine verify_content if ($#poll_choices >= 0) { # if there are poll options $poll_data = "\n<\/voted>\n"; for ($i=0;$i<=$#poll_choices;$i++) { $poll_data .= "$poll_choices[$i]\n"; $poll_data .= "0\n"; } $poll_data .= ''; } #open topic for writing and write the reply data open(TOPIC,"+>> $topic_dir/$topic_id.topic") or dienice("Couldn't open $topic_dir/$topic_id.topic:
$!

Make sure that you set the permissions for the directory \"$topic_dir\" to 777, as described in the readme!"); flock TOPIC, 2; print TOPIC #The following is NOT HTML, don't touch! < $name $status $ENV{'REMOTE_ADDR'} $email $subject $time $message\n $signature<\/signature> $poll_data TOPIC_CONTENT close TOPIC; edit_statistics_file("msg_amount++"); # edit forum history open (HIST, "+>> $topic_dir/forum.hist"); flock HIST, 2; seek HIST, 0, 0; $forum_hist_content = join '', ; seek HIST, 0, 0; truncate HIST, 0; $forum_hist_content =~ s/\Q$topic_id\E\:.*?\n//s; print HIST "$topic_id\:$time\n"; print HIST $forum_hist_content; close HIST; if (!$logged_in) { $cookie = cookie(-name => 'sfusr', -value => "$name\|$email", -expires => '+365d'); print "Set-Cookie: $cookie\n"; } # update the profile (user_posts) if ($logged_in) { open(PROFILE, "+>> $users_dir/$user\.prf") or dienice("Your message has been sent, but the script could not update your profile: $!"); flock PROFILE, 2; seek PROFILE, 0, 0; $profile_content = join '', ; if ($profile_content =~ /(\d*?)<\/user_posts>\n/s) { $user_posts = $1 + 1; $profile_content =~ s/(\d*?)<\/user_posts>\n/$user_posts<\/user_posts>\n/s; } seek PROFILE, 0, 0; truncate PROFILE, 0; print PROFILE $profile_content; close PROFILE; } # Notify the administrator of this new post if the option is enabled if ($admin_email and $admin_email_notify eq "on") { &admin_email_notify; } # Send an email-reply if selected by sender if (param('send_mail') and $mail = "on") { mail_post('email_reply'); } # Subscribe to this post if selected by sender if (param('subscribe') and $mail = "on") { subscribe("subscribe","forum_$forum_id/$topic_id.topic"); } # Send mails to subscribed users if ($mail = "on") { if (!$subscribed_users) { # get the subscribed users if we haven't already got them from above (in the subroutine "subscribe") open (TOPIC, "< $topic_dir/$topic_id.topic") or dienice("Couldn't open the topic for reading"); while () { if (/(.*?)<\/subscribe>\n/) { $subscribed_users = $1; $stop_topic_scan2 = 1; } } close TOPIC; } # add the users that are subscribed to the forum to the list of $subscribed_users if (get_filecontent("$simpleforum_dir/forum_$forum_id/forum.info") =~ /(.*?)<\/forum_subscriptions>/s) { $subscribed_users .= $1; } if ($subscribed_users) { # if at all anyone is subscribed, get the email addresses @subscribed_users = split(/\|/, $subscribed_users); foreach $subscribed_user(@subscribed_users) { if ($subscribed_user and $mail_sent_to !~ /\|\Q$subscribed_user\E\|/s) { # get email address $subscribed_user_email = undef; open(PRF,"$users_dir/$subscribed_user.prf"); while () { if (/(.*?)<\/user_email>\n/) { $subscribed_user_email = $1; } } close PRF; # send the email if ($subscribed_user_email and $subscribed_user ne $user) { mail_post('subscribe'); } $mail_sent_to .= "\|$subscribed_user\|"; # keep this list to prevent sending multiple mails to the same person } } } } # write RSS feed &RSS; } sub admin_email_notify { if ($mail ne "on") { return; } #for more security - don't execute this if the mail function isn't on if ($user_email eq $admin_email) { return; } # don't send the email if it's the admin himself who is sending the message if (!$email) { $nomail = "no email address given"; } $topic_url = param('topic_url'); $topic_url =~ s/^(.*?)\/\Q$script_name\E.*?$/$1/s; $topic_url .= "/$script_name?fid=$forum_id&topic_id=$topic_id"; $orig_message = param('message'); $subj = $subject; if ($orig_message =~ /\[quoted\]..(.*?)\n\[\/quoted\]/s) { $rquote = $1; $rquote =~ s/\n/\n\>/sg; $orig_message =~ s/\[quoted\](.*?)\[\/quoted\]/\> $rquote/s; } open (MAIL, "|$mailprog -t") or dienice("Can't access $mailprog! Please make sure your mailprogram is installed and that the path to your mailprogram is set correctly.\n
The server returned this error: $!\n

If the error is something like \"No such file or directory\" this means the path to your mailprog is incorrect. The administrator can set this path in Administrator area > Forum Configuration"); print MAIL "From: $user_email ($user_name @ $title)\n"; print MAIL "To: $admin_email\n"; print MAIL "Reply-to: $from\n"; print MAIL "Subject: $subject (by $user_name)\n\n"; print MAIL </sg; $orig_message =~ s/\[quoted\](.*?)\[\/quoted\]/\> $rquote/s; } open (MAIL, "|$mailprog -t") or dienice("Can't access $mailprog! Please make sure your mailprogram is installed and that the path to your mailprogram is set correctly.\n
The server returned this error: $!\n

If the error is something like \"No such file or directory\" this means the path to your mailprog is incorrect. The administrator can set this path in Administrator area > Forum Configuration"); print MAIL "From: $from\n"; print MAIL "To: $recipient\n"; print MAIL "Reply-to: $from\n"; print MAIL "Subject: $subj (by $user_name)\n\n"; print MAIL <The server returned this error: $!\n

If the error is something like \"No such file or directory\" this means the path to your mailprog is incorrect. The administrator can set this path in Administrator area > Forum Configuration"); print MAIL "From: $from_email ($user_name @ $title)\n"; print MAIL "To: $subscribed_user_email\n"; print MAIL "Reply-to: $from_email\n"; print MAIL "Subject: $subj\n\n"; print MAIL </>/sg; } #smileys # hide smileys from http conversion $smileys_dir =~ s|http://|smiley://|sg; if ($smileys eq "on") { s~\>\;:\((\W)~

$1~sg; s~\>:\((\W)~

$1~sg; s~8\|(\W)~

$1~sg; s~o\.O(\W)~

$1~sg; s~\:blush\:(\W)~

$1~sg; s~8\)(\W)~

$1~sg; s~\:\'\((\W)~

$1~sg; s~\:cry\:(\W)~

$1~sg; s~\>\;\:\)(\W)~

$1~sg; s~\>\:\)(\W)~

$1~sg; s~\:dizzy\:(\W)~

$1~sg; s~\:erm\:(\W)~

$1~sg; s~L\.L(\W)~

$1~sg; s~l\.l(\W)~

$1~sg; s~\:D(\W)~

$1~sg; s~\^\.\^(\W)~

$1~sg; s~\:laugh\:(\W)~

$1~sg; s~\:\|(\W)~

$1~sg; s~\:geek\:(\W)~

$1~sg; s~\>\;\.\<\;(\W)~

$1~sg; s~\>\.\<(\W)~

$1~sg; s~\:\((\W)~

$1~sg; s~\:o(\W)~

$1~sg; s~\:O(\W)~

$1~sg; s~\:x(\W)~

$1~sg; s~\:X(\W)~

$1~sg; s~\:zzz\:(\W)~

$1~sg; s~\:\)(\W)~

$1~sg; s~\:p(\W)~

$1~sg; s~\:P(\W)~

$1~sg; s~\:S(\W)~

$1~sg; s~\:s(\W)~

$1~sg; s~\:w00t\:(\W)~

$1~sg; s~\:\?(\W)~

$1~sg; s~\:whistle\:(\W)~

$1~sg; s~\;\)(\W)~

$1~sg; s~\:rant\:(\W)~

$1~sg; s~\:wave\:(\W)~

$1~sg; s~\:thumb\:(\W)~

$1~sg; s~\:sneeze\:(\W)~

$1~sg; s~\:vomit\:(\W)~

$1~sg; s~\:puke\:(\W)~

$1~sg; s~\:bow\:(\W)~

$1~sg; s~\:hail\:(\W)~

$1~sg; } #Reply quoted s|\[quote\]|\[quoted\]|sg; s|\[/quote\]|\[/quoted\]|sg; $tablecolor_quoted = $tablecolor; $add_html = add_quoted($add_html); s/\n/
\n/sg; # hide the [url] tag from the general conversion of http:// s|\[url=http://(.*?)\]|\[url=temp://$1\]|sg; # bbcode [img]http://www.domain.com/image.ext[/img] s|\[img\]http://(.*?)\[/img\]|\[img://$1\]|sg; s|\[img\](.*?)\[/img\]|\[img:$1\]|sg; #convert URLs to HTML hyperlinks \\ Disabled ending chars: <>'()," s/(http:\/\/(.*?))([\<\>\'\,\"\ \r\n])/\[url=$1\]$1\[\/url\]$3/g; # reactivate the [url] tag s|\[url=temp://(.*?)\]|\[url=http://$1\]|sg; # reactivate the smiley s|smiley://|http://|sg; $smileys_dir =~ s|smiley://|http://|sg; #convert Email addresses to HTML hyperlinks s/([\w\-\.]+\@[\w\-\.]+\.[\w\-]+)/$1<\/a>/g; #bbcode if ($bbcode eq "on") { s|\\\]|]|sg; # escape bbcode by typing \] s|\\\[|[|sg; # escape bbcode by typing \[ s|\[url://(.*?)\](.*?)\[\/url\]|$2|sg; s|\[url=(.*?)\](.*?)\[\/url\]|$2|sg; s|\[b\](.*?)\[/b\]|$1|sg; s|\[u\](.*?)\[/u\]|$1|sg; s|\[center\](.*?)\[/center\]|

|sg; s|\[justify\](.*?)\[/justify\]|

|sg; s|\[right\](.*?)\[/right\]|

|sg; s|\[i\](.*?)\[/i\]|$1|sg; s|\[color:(.*?)\](.*?)\[/color\]|$2|sg; s|\[pre\](.*?)\[/pre\]|

$1

|sg; s|\[code\](.*?)\[/code\]|$1|sg; s|\[img://(.*?)\]|

|sg; s|\[img:(.*?)\]|

|sg; for ($size=1;$size<7;$size++) { s/\[h$size\]//sg; s/\[\/h$size\]/<\/h$size>/sg; } s|\[\*\]|

|sgi; $add_html_orig = $add_html; while ($add_html_orig =~ /\[list\](.*?)\[\/list\]/sg) { $listcontent = $1; $newlistcontent = $listcontent; $newlistcontent =~ s/
//sg; s/\Q$listcontent\E/$newlistcontent/sg; } s|\[list\](.*?)\[/list\][\r\n]
|

$1|sgi; s|\[list\](.*?)\[/list\]|

$1|sgi; } } return $add_html; sub add_quoted { my ($add_quoted) = @_; my $temp,$temp2; my $tablecolor_quoted; if (!$tablecolor_quoted and !$tablecolor) { $tablecolor_quoted = $tablecolor2; } elsif (!$tablecolor_quoted) { $tablecolor_quoted = $tablecolor; } while ($add_quoted =~ /\[quoted\].*?\[\/quoted\]/sg) { if ($add_quoted =~ /\[quoted\](.*?)\[\/quoted\]/s and $1 !~ /\[quoted\]/s) { # Multiple sequential [quoted]'s $temp = $1; $temp2 = $temp; $temp2 =~ s/^\s\n//s; $add_quoted =~ s~\[quoted\]\Q$temp\E\[\/quoted\]~

<$smallfont>$temp2

~s; } elsif ($add_quoted =~ /\[quoted\](.*?)\[\/quoted\]/s) { # Nested [quoted]'s, to be handled recursively $temp = $1; $temp2 = add_quoted($temp); $temp2 =~ s/^\s\n//s; $add_quoted =~ s~\[quoted\]\Q$temp\E\[\/quoted\]~

<$smallfont>$temp2

~s; if ($tablecolor_quoted eq $tablecolor1) { $tablecolor_quoted = $tablecolor2; } else { $tablecolor_quoted = $tablecolor1; } } } return $add_quoted; } } sub open_dir { #open directories and put the filenames in @files $dir = join '', @_; opendir(DIR, $dir) or return (); @files = readdir DIR; closedir (DIR); return @files; } sub last_visit { #lets the script know when you last visited the forum $newvisit = time; if ($logged_in) { # get lastvisited data from profile $lastvisit = $user_lastvisit; $oldvisit = $user_oldvisit; } else { # get lastvisited data from cookies for guests $raw_cookie = cookie('sflvisited'); if ($raw_cookie =~ /^(\d*)\|(\d*)/s) { $lastvisit = $1; $oldvisit = $2; } } if (($newvisit - $lastvisit) > 500 and $lastvisit) { # if this is a "new" visit $oldvisit = $lastvisit; $usr_count = 1; } elsif (!$lastvisit) { # if the user first visits the forum for the first time (or when cookies are not enabled) we ignore the "New" posts $oldvisit = $newvisit; } if ($logged_in and $user_mark_read eq "manual" and param('mark_read')) { # manual mark read $oldvisit = $newvisit; } if ($logged_in and (!$user_mark_read or $user_mark_read eq "automatic" or ($user_mark_read eq "manual" and param('mark_read')))) { # write lastvisited data to profile open(PRF, "+>> $users_dir/$user\.prf") or dienice("Couldn't open profile: $!"); flock PRF, 2; seek PRF, 0, 0; $prf_content = join '', ; seek PRF, 0, 0; truncate PRF, 0; if ($prf_content =~ /.*?<\/user_lastvisit>\n/s) { $prf_content =~ s/.*?<\/user_lastvisit>\n/$newvisit<\/user_lastvisit>\n/s; } else { $prf_content .= "$newvisit<\/user_lastvisit>\n"; } if ($prf_content =~ /.*?<\/user_oldvisit>\n/s) { $prf_content =~ s/.*?<\/user_oldvisit>\n/$oldvisit<\/user_oldvisit>\n/s; } else { $prf_content .= "$oldvisit<\/user_oldvisit>\n"; } print PRF $prf_content; close PRF; } else { # write lastvisited data to cookies $cookie = cookie(-name => 'sflvisited', -value => "$newvisit\|$oldvisit", -expires => '+365d'); # write the cookie if ($qs !~ /login/ and !$logged_in) { # do not write the cookie when logging in (in case the browser does not support double cookie-writing) print "Set-Cookie: $cookie\n"; } } if ($usr_count) { edit_statistics_file("usr_amount++"); } #forumvisits + 1 } sub check_bans { # return if there is no ban file open (BANFILE, "< $config_dir/banned.sf") or return; $banfile_content = join '', ; close BANFILE; # if empty banfile, delete it and return if (!$banfile_content) { unlink "$config_dir/banned.sf"; return; } open (IPBAN, "+>> $config_dir/banned.sf"); flock IPBAN, 2; seek IPBAN, 0, 0; $current_user_ip = $ENV{'REMOTE_ADDR'}; while () { if (/(.*?)<\/user>.*?(.*?)<\/expires>/) { $ban_user = $1; $ban_expires = $2; if ($ban_expires > time) { # non-expired ban $ipban_content .= $_; if ($user eq $ban_user or /(.*?)<\/ip>/ and $1 =~ /\|\Q$current_user_ip\E\|/sg) { # This user has been banned! dienice("You have been banned from this forum!

You will regain access

".&date_time($ban_expires)." @ $hour:$min $ampm
"); } } } } seek IPBAN, 0, 0; truncate IPBAN, 0; print IPBAN $ipban_content; close IPBAN; } sub random_signature { if ($user_sign1) { push @signatures, $user_sign1; } if ($user_sign2) { push @signatures, $user_sign2; } if ($user_sign3) { push @signatures, $user_sign3; } if ($user_sign4) { push @signatures, $user_sign4; } srand(time() ^ ($$ + ($$ << 15)) ); return $signatures[int(rand($#signatures+1))]; } sub user_status { # Gets or sets the user status # Supports the following states: - browsing topic xxx # - browsing forum xxx # - if none of the above: browsing forum index # takes 2 parameters: user_status('get',$user_id) or user_status('set',$user_id) # when 'get' returns 1 parameter: the user status in readable format my $user_status_function = @_[0]; my $user_status_user = @_[1]; my $user_status_readablestatus; my $user_status_topic_id; my $user_status_forum_id; if (!$user_status_user) { $user_status_user = $user; } # select the current user if no other user is specified if ($user_status_function eq 'set') { # set user status my $status_topic_id = param('topic_id'); if ($status_topic_id and $forum_id) { # user is reading a topic set_userparam($user,"user_status","\|fid:$forum_id\|tid:$status_topic_id\|"); } elsif ($forum_id) { # user is browsing topic list set_userparam($user,"user_status","\|fid:$forum_id\|"); } else { # User is doing something else... set_userparam($user,"user_status",''); } } elsif ($user_status_function eq 'get') { # get user status my $user_status_status = get_userparam($user_status_user,"user_status"); # make it readdable if ($user_status_status =~ /\|tid:(.*?)\|/s) { $user_status_topic_id = $1; } if ($user_status_status =~ /\|fid:(.*?)\|/s) { $user_status_forum_id = $1; } # if forum id's are involved, check if the user has access to that forum before getting topic names and such if ($user_status_forum_id and subforumaccess_check($user_status_user,$user_status_forum_id)) { # get forum name if (get_filecontent("$simpleforum_dir/forum_$user_status_forum_id/forum.info") =~ /(.*?)<\/forum_name>/s) { $user_status_readablestatus = "".add_html($1).""; } if ($user_status_topic_id) { # get topic name if (get_filecontent("$simpleforum_dir/forum_$user_status_forum_id/$user_status_topic_id.topic") =~ /^.*?(.*?)<\/subject>/s) { $user_status_readablestatus = "".add_html($1).""; } } } else { $user_status_readablestatus = "$lang_forum_index"; } return $user_status_readablestatus; } else { dienice("Incorrect call of \&user_status"); } } ### GV # Generate a guid for the feed without cpan sub GUID_GV { use POSIX qw(strftime); return strftime("%Y_%m_%d_%H_%M_%S", gmtime).'_'.int(rand(100)); } # print out RSS information sub RSS { # Please refer to RSS 2.0 specs at http://blogs.law.harvard.edu/tech/rss ## Added by Gilles use POSIX qw(strftime); ## These variables should be in the ADMIN section in future versions ## Added by Gilles $localizable_copyright = "Produit par"; $localizable_title_in = "dans"; $localizable_title_by = "par"; # String used to do not have real e-mail in the file to avoid spam $obfuscate_email = "EnlevezCeci_"; $mailName = $admin_email; $mailName =~ s/(@) .*/$1/gx; $len = length $mailName; $mailName = substr $mailName, 0, $len-1; $guid = GUID_GV(); $display_rss = "on"; $rss_title = "Derniers sujets sur ".$title.""; $encoding = "iso-8859-1"; $max_length_per_post = "500"; $number_of_posts_to_display = "10"; $rss_filename = "../../../forum/feedFR/latest_posts.xml"; # Initialize variables $itemindex = 0;@item = (''); # read in old items from the xml file open(RSSIN, "< $rss_filename"); $itemindex = 0; while () { $item[$itemindex] .= $_ if (// .. /<\/item>/); $itemindex++ if (/<\/item>/); } close(RSSIN); if ($lang_charset =~ /^ISO/) { $rss_language = "en"; } else { $rss_language = $lang_charset; } ## Changed by Gilles #my $formatted_date = gmtime(time)." GMT"; my $formatted_date = strftime("%a, %e %b %Y %H:%M:%S", gmtime)." GMT"; $formatted_date =~ s/ / /g; $formatted_date =~ s/ / /g; my $rss_description = $message; $rss_description =~ s|\[img.*\]|(Image Attached)|sg; $rss_description =~ s|\[url.*\]|(File Attached)|sg; #$rss_description =~ s|\[http.*\]|(Location Attached)|sg; $rss_description =~ s/(\r|\n)/ /sg; $rss_description = substr($rss_description,0,500); $topic_url = param('topic_url'); $topic_url =~ s/^(.*?)\/\Q$script_name\E.*?$/$1/s; $topic_url .= "/$script_name?fid=$forum_id&topic_id=$topic_id"; open(RSSOUT, "> $rss_filename") or die @!; # print title section print RSSOUT "\n"; print RSSOUT "\n"; print RSSOUT "\t\n"; print RSSOUT "\t\t".$rss_title." \n"; print RSSOUT "\t\t".$home_url." \n"; print RSSOUT "\t\t".$home_name."\n"; print RSSOUT "\t\t".$rss_language."\n"; print RSSOUT "\t\tSimpleForum Pro ".$forum_version."\n"; print RSSOUT "\t\t".$title." - ".$localizable_copyright." SimpleForum Pro ".$forum_version."\n"; # print RSSOUT "\t\t".$obfuscate_email.$admin_email."\n"; print RSSOUT "\t\t".$obfuscate_email.$admin_email." (".$mailName.")\n"; print RSSOUT "\t\thttp://blogs.law.harvard.edu/tech/rss\n"; # print newest item print RSSOUT "\t\t\n"; # print RSSOUT "\t\t\t \n"; print RSSOUT "\t\t\t \n"; print RSSOUT "\t\t\t"".$subject."" ".$localizable_title_in." ".$forum_name." ".$localizable_title_by." ".get_userparam($name,'user_name')." \n"; print RSSOUT "\t\t\t \n"; print RSSOUT "\t\t\t".$formatted_date." \n"; #print RSSOUT "\t\t\t".get_userparam($name,'user_name')." \n"; if ($message) { print RSSOUT "\t\t\t".$rss_description; if (length($message) > $max_length_per_post) { print RSSOUT " ...\n"; } else { print RSSOUT "\n"; } } else { print RSSOUT "\t\t\tPhoto Posted\n"; } print RSSOUT "\t\t\n"; # print older items for ($i=0;$i<$number_of_posts_to_display-1;$i++) { print RSSOUT $item[$i]; } # print footer section print RSSOUT "\t\n"; print RSSOUT "\n"; close(RSSOUT); } sub transferscript { # OptionTransfer # http://www.mattkruse.com/javascript/optiontransfer/ # # usage in this script: # must come *before* page_start occupies the $onload variable and $select_transfer_options_script # the $onload variable should be inside the tag # the $select_transfer_options_script should come before the tag # transferscript($left,$right,$delimiter); $left = @_[0]; $right = @_[1]; $delimiter = @_[2]; $onload = "onload=\"opt.init(document.forms[0])\""; if (!$transfer_script_printed) { $transfer_script_printed = 1; $select_transfer_options_script = < /* Script from http://www.mattkruse.com/javascript/optiontransfer/ */ /* SOURCE FILE: selectbox.js */ function selectUnselectMatchingOptions(obj,regex,which,only){if(window.RegExp){if(which == "select"){var selected1=true;var selected2=false;}else if(which == "unselect"){var selected1=false;var selected2=true;}else{return;}var re = new RegExp(regex);for(var i=0;i(b.text+"")){return 1;}return 0;});for(var i=0;i3){var regex = arguments[3];if(regex != ""){unSelectMatchingOptions(from,regex);}}for(var i=0;i=0;i--){var o = from.options[i];if(o.selected){from.options[i] = null;}}if((arguments.length<3) ||(arguments[2]==true)){sortSelect(from);sortSelect(to);}from.selectedIndex = -1;to.selectedIndex = -1;} function copySelectedOptions(from,to){var options = new Object();for(var i=0;i=0;i--){var o=from.options[i];if(o.selected){from.options[i] = null;}}from.selectedIndex = -1;} /* SOURCE FILE: OptionTransfer.js */ function OT_transferLeft(){moveSelectedOptions(this.right,this.left,this.autoSort);this.update();} function OT_transferRight(){moveSelectedOptions(this.left,this.right,this.autoSort);this.update();} function OT_transferAllLeft(){moveAllOptions(this.right,this.left,this.autoSort);this.update();} function OT_transferAllRight(){moveAllOptions(this.left,this.right,this.autoSort);this.update();} function OT_saveRemovedLeftOptions(f){this.removedLeftField = f;} function OT_saveRemovedRightOptions(f){this.removedRightField = f;} function OT_saveAddedLeftOptions(f){this.addedLeftField = f;} function OT_saveAddedRightOptions(f){this.addedRightField = f;} function OT_saveNewLeftOptions(f){this.newLeftField = f;} function OT_saveNewRightOptions(f){this.newRightField = f;} function OT_update(){var removedLeft = new Object();var removedRight = new Object();var addedLeft = new Object();var addedRight = new Object();var newLeft = new Object();var newRight = new Object();for(var i=0;i0){str=str+delimiter;}str=str+val;}return str;} function OT_setDelimiter(val){this.delimiter=val;} function OT_setAutoSort(val){this.autoSort=val;} function OT_init(theform){this.form = theform;if(!theform[this.left]){alert("OptionTransfer init(): Left select list does not exist in form!");return false;}if(!theform[this.right]){alert("OptionTransfer init(): Right select list does not exist in form!");return false;}this.left=theform[this.left];this.right=theform[this.right];for(var i=0;i TRANSFER_SCRIPT } # I might want to try using multiple select fields later, idea: change the make "opt." a variable $select_transfer_options_script .= < var opt = new OptionTransfer("$left","$right"); opt.setAutoSort(true); opt.setDelimiter("$delimiter"); opt.saveRemovedLeftOptions("removedLeft"); opt.saveRemovedRightOptions("removedRight"); opt.saveAddedLeftOptions("addedLeft"); opt.saveAddedRightOptions("addedRight"); opt.saveNewLeftOptions("newLeft"); opt.saveNewRightOptions("newRight"); TRANSFER_OPTIONS } sub encrypt { my $ipas = shift (@_); $encpass = crypt ($ipas, SiMpLeFoRuM); return $encpass; } sub upgrade { # Takes care of differences between versions of simpleforum, starting from SimpleForum Pro 4.3 # The latest version to need an upgrade script: $latest_upgrade_version = "4.6.1"; # put the upgrade-from version in the right format to compare if ($forum_version !~ /^\d.\d.\d$/) { $forum_version .= ".0"; } $versiontag = $version; # $version = current (this) version $versiontag =~ s/\.//sg; # $versiontag = current (this) version without "." $forum_versiontag = $forum_version; # $forum_version = upgrade-from version $forum_versiontag =~ s/\.//sg; # $forum_versiontag = upgrade-from version without "." $latest_upgrade_versiontag = $latest_upgrade_version; # $latest_upgrade_version = latest version to require an upgrade script $latest_upgrade_versiontag =~ s/\.//sg; # $latest_upgrade_versiontag = latest version to require an upgrade script without "." if ($forum_versiontag >= $latest_upgrade_versiontag) { # upgrade is NOT necessary open(SF, "+>> $config_dir/simpleforum.conf") or dienice("Couldn't open $config_dir/simpleforum.conf file: $!"); flock SF, 2; seek SF, 0, 0; $sf_content = join '', ; seek SF, 0, 0; truncate SF, 0; $sf_content =~ s/forum_version\:.*?\n/forum_version\:$version\n/sg; print SF $sf_content; close SF; return; # exit upgrade } # Upgrade is necessary, print the starting form and authorize the upgrade with admin password check if (!param('upgrade_confirmed')) { if ($admin_account and $admin_account ne "unknown_admin") { # perform a user check, only admins may perform the upgrade $admin_check = "

Admin Name :
Admin Pass :

"; } print header.< Simpleforum $version - Upgrade

Welcome to Simpleforum Pro $version!

This is the automatic upgrade script of SimpleForum Pro $version. This version needs to make a few changes in your SimpleForum filesystem. After upgrading the filesystem, it will no longer work with previous versions of SimpleForum Pro. This might also be a good time to make a backup of the "$simpleforum_dir" directory.

If you are ready to upgrade, press the button below to proceed.

Powered by SimpleForum Pro $version HTML } else { # admin check if (param('admin_check')) { $admin_name = param('admin_name'); $admin_name =~ tr/[A-Z]/[a-z]/; if (!-e "$simpleforum_dir/users/$admin_name.prf") {$admin_name =~ s/[\&\"\'\ \|\\\?\/\*\<\>\.\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg;} $admin_pass = encrypt(param('admin_pass')); @admin_accounts = split('\|',$admin_account); foreach $account(@admin_accounts) { if ($admin_name eq $account) { open(PRF, "< $simpleforum_dir/users/$admin_name.prf") or dienice("Couldn't open profile: $!"); $profile_content = join '', ; close PRF; if ($profile_content =~ /(.*?)<\/user_password>/) { $user_password = $1; } if ($user_password eq $admin_pass) { $perform_upgrade = 1; } } } } else { $perform_upgrade = 1; } # if there are no admins, upgrade is good to go # Perform the actual upgrade if ($perform_upgrade) { if (!-e "$simpleforum_dir/upgrades/upgrade$latest_upgrade_versiontag.pm") { print header."Upgrade could not start
Error

upgrade$latest_upgrade_versiontag.pm could not be located!

Place this module that came with the official distribution of SimpleForum in \"$simpleforum_dir/upgrades/\"

Back"; exit; } require "$simpleforum_dir/upgrades/upgrade$latest_upgrade_versiontag.pm"; $upgrade_sub = "upgrade$latest_upgrade_versiontag"; $returned = &$upgrade_sub; if ($returned eq "successful") { print header.< Simpleforum $version - Upgrade

Welcome to Simpleforum Pro $version!

Upgrade Successful!

Enjoy SimpleForum Pro $version

Click here to go to your forum

Powered by SimpleForum Pro $version HTML open(SF, "+>> $simpleforum_dir/config/simpleforum.conf") or dienice("Couldn't open conf file: $!"); flock SF, 2; seek SF, 0, 0; $sf_content = join '', ; seek SF, 0, 0; truncate SF, 0; if ($sf_content =~ /forum_version\:.*?\n/sg) { $sf_content =~ s/forum_version\:.*?\n/forum_version\:$version\n/sg; } else { $sf_content .= "forum_version:$version\n"; } print SF $sf_content; close SF; } else { print header."Upgrade Error
An error occured while upgrading:

$returned

Back"; exit; } } else { # access to perform upgrade denied print header."Upgrade Access Denied
Incorrect user name or password.

Back"; exit; } } exit; } sub get_filecontent { # this subroutine takes 1 argument, the file # returns the content of the file # returns 0 if the file wasn't found my $get_filecontent_file = $_[0]; # if the file was read before, don't read it again because the content is still stored! if ($get_filecontent_file eq $get_filecontent_file_last) { return $get_filecontent_filecontent; } if (-e $get_filecontent_file) { open(GET_FILECONTENT,"< $get_filecontent_file"); $get_filecontent_filecontent = join '',; close GET_FILECONTENT; $get_filecontent_file_last = $get_filecontent_file; # save the last-read file so we don't have to read it multiple times return $get_filecontent_filecontent; } return 0; } sub get_userparam { # this subroutine takes 2 arguments (user,userparam) and returns the value of the requested paramter # for that user. Returns false (0) if the user or the parameter were not found. my $get_userparam_user = $_[0]; my $get_userparam_param = $_[1]; # the following if prevents the forum from reading the user profile multiple times when more parameters are # requested sequentially for the same user if ($get_userparam_user ne $current_get_userparam_user) { # get content of the user's profile open(GETUSERPARAM,"< $users_dir/$get_userparam_user\.prf") or return 0; $get_userparam_info = join '',; close GETUSERPARAM; } if ($get_userparam_info =~ /<\Q$get_userparam_param\E>(.*?)<\/\Q$get_userparam_param\E>\n/s) { $current_get_userparam_user = $get_userparam_user; return $1; } return 0; # if the param wasn't found... } sub set_userparam { # This function should not be used to change multiple variables as it will open and close the file on each call # Also, this function will erase and replace any existing value, or add the tags if they do not exist # # This subroutine takes 3 arguments set_userparam(user,userparam,value) # Returns true (1) if successful my $set_userparam_user = $_[0]; my $set_userparam_param = $_[1]; my $set_userparam_value = $_[2]; # open the profile open(SET_USERPARAM,"+>> $users_dir/$set_userparam_user.prf") or return 0; flock SET_USERPARAM, 2; seek SET_USERPARAM, 0, 0; my $set_userparam_profilecontent = join '', ; truncate SET_USERPARAM, 0; if ($set_userparam_profilecontent =~ /<\Q$set_userparam_param\E>(.*?)<\/\Q$set_userparam_param\E>\n/s) { $set_userparam_profilecontent =~ s/<\Q$set_userparam_param\E>(.*?)<\/\Q$set_userparam_param\E>\n/<$set_userparam_param>$set_userparam_value<\/$set_userparam_param>\n/sg; } else { # add the variable $set_userparam_profilecontent .= "<$set_userparam_param>$set_userparam_value<\/$set_userparam_param>\n"; } print SET_USERPARAM $set_userparam_profilecontent; close SET_USERPARAM; return 1; } sub subforumaccess_check { # this subroutine has 2 arguments (user,forum_id) and checks if the user has access to the subforum # returns true (1) if the user has access, false (0) otherwise my $check_user = $_[0]; my $check_fid = $_[1]; open(INFO, "< $simpleforum_dir/forum_$check_fid/forum.info") or dienice("Couldn't open forum.info: $!"); my $info_content = join '', ; close INFO; if ($info_content =~ /(.*?)<\/forum_mods>/s) { $forum_mods = $1; } if ($info_content =~ /(.*?)<\/forum_access>/s) { $forum_access = $1; } if ($info_content =~ /(.*?)<\/forum_access_groups>/s) { $forum_access_groups = $1; } if ($admin_access) { return 1; } # administrators always have access... if (!$forum_access) { # everyone has access return 1; } my @access_users = split('\|',$forum_access); foreach $access_user(@access_users) { if ($access_user eq $check_user) { return 1; } # if the user is in the list of access users, grant access } my @access_users = split('\|',$forum_mods); foreach $access_user(@access_users) { if ($access_user eq $check_user) { return 1; } # this user is a moderator of this forum } @forum_access_groups = split('\|',$forum_access_groups); foreach $forum_access_group (@forum_access_groups) { if ($forum_access_group) { open(GROUP, "< $users_dir/groups/$forum_access_group\.group"); $group_content = join '', ; close GROUP; if ($group_content =~ /(.*?)<\/group_members>/sg) { @group_members = split('\|',$1); foreach $group_member(@group_members) { if ($group_member eq $user) { return 1; # user is part of this group } } } } } return 0; # none of the access checks has passed. Access denied. } sub forumaccess_check { if ($admin_access or $moderator_access) { return 1; } # no need to check authorization for admins and moderators if (!$forum_access or !$forum_id) { return 1; } # If there's specific access parameter set in config or forum_id is missing, we don't need to check any passwords... if (subforumaccess_check($user,$forum_id)) { return 1; } # if this user is specifically allowed to use this forum # no access &page_start; print <$lang_access_denied!

$lang_access_needs_to_be_given_access_by_moderator

$lang_back HTML &page_end; return undef; } sub show_size { # takes one parameter ($size) and returns the size in a readable format (kb,Mb,Gb) my($size) = @_; $size = $size/1024; if ($size >= 1024) { $size = $size/1024; if ($size >= 1024) { $size = sprintf("%.2f",$size/1024); $size = $size."Gb"; } else { $size = sprintf("%.2f",$size); $size = $size."Mb"; } } else { $size = sprintf("%.2f",$size)."kb"; } return $size; } # Return a clean string for filename sub cleanFileName { use strict; use Unicode::Normalize; use Encode; my $string = $_[0]; $string = decode("utf-8", $string); $string =~ s/[\&\"\'\ \|\\\?\/\*\<\>\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg; $string = NFD($string); $string =~ s/\pM//og; $string =~ s/[^[:ascii:]]+/_/g; return $string; } sub upload_file { # Upload a file from a form to the server # This subroutine takes 5 parameters and returns 3 # ($upload_newfilename,$upload_ctype,$upload_size) = upload_file($upload_file,$upload_newfilename,$upload_location,$upload_maxsize,$upload_overwrite); my $upload_file = $_[0]; # the parameter from the form my $upload_newfilename = $_[1]; # new filename (if desired), without the extension (.jpg, .txt, ...) my $upload_location = $_[2]; # the location where the file should be uploaded to my $upload_maxsize = $_[3]; # maximum file size my $upload_overwrite = $_[4]; # 1 -> overwrite if the file exists ; 0 -> do not overwrite my $upload_filename; # the new filename under which the file is uploaded to the server my $upload_ctype; # content-type my $upload_size; # file size in bytes, use &show_size to make it readable (kb,Mb,Gb) my $upload_extension; if ($upload_file =~ /.*\/(.*?)$/s) { # UNIX filesystem $upload_filename = $1; } elsif ($file =~ /.*\$.*?)$/s) { # Windows filesystem $upload_filename = $1; } else { $upload_filename = $upload_file; } if ($upload_newfilename) { # add the extension of the original file to the new filename $upload_extension = $upload_file; $upload_extension =~ s/^.*(\..*?)$/$1/s; $upload_newfilename .= $upload_extension; } else { # no new file name given, use the original filename $upload_newfilename = $upload_filename; } # avoid problems with some characters later $upload_newfilename =~ s/[\&\"\'\ \|\\\?\/\*\($\<\>\:\;\[\]\+\-\^\%\$\#\@\!\{\}\=]/_/sg; # check if the file doesn't already exist if (-e "$upload_location/$upload_newfilename" and !$upload_overwrite) { dienice("$lang_upload_file_exists"); } # check the attachment's filename if ($upload_newfilename =~ /^\./) { dienice("Invalid filename"); } # filenames starting with a dot are forbidden # check attachment's size $upload_size = $ENV{'CONTENT_LENGTH'}; if ($upload_size > $upload_maxsize) { #file too large dienice("$lang_file_too_large ".show_size($upload_maxsize)); } #UPLOAD THE FILE if (!-e "$upload_location") { # upload location directory doesn't exist, so we need to create this directory first mkdir("$upload_location",0777) or dienice("$!

If the above error said \"Permission Denied\" this means that the upload directory ($upload_location) does not exist or that the script has not got the sufficient previleges to write the file to the upload directory. Please create this directory and set its permissions (hint: chmod 777)"); } open(OUT,">$upload_location/$upload_newfilename") or dienice("Couldn't write the attachment ($upload_location/$upload_newfilename): $!"); binmode OUT; flock OUT, 2; $flen = 0; while (read($upload_file,$i,1024)) { print OUT $i; $flen = $flen + 1024; if ($flen > $upload_maxsize) { close(OUT); } } close(OUT); chmod(0644,"$upload_location/$upload_newfilename"); $upload_ctype = uploadInfo($upload_file)->{'Content-Type'}; return ($upload_newfilename,$upload_ctype,$upload_size); } sub dienice { #Makes the script abort on failure, showing the error my $err = join '', @_; if (!$header_printed) { &page_start; } print "

Whoops!

".$err."

"; &page_end; exit; } sub timer_redirect { my $location = shift(@_); my $redirect_time = shift(@_); my $redirect_message = shift(@_); if (!$redirect_message) { $redirect_message = "Redirecting"; } $meta_tags = "\n\n"; return "$meta_tags\n\n$redirect_message...

\nClick here if you are not being redirected\n\n\n
"; exit; } # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # If you are using a foreign languagee on your forum that doesn't use the ISO-8859-1 charset, # remove the "#" character at the beginning of the next line # sub header { return "Content-type: text/html\n\n"; } # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # If your forum is having trouble with logging in, you will need to enable the # following piece of code. You can do this by removing the "#" sign at the beginning # of the line below. # sub redirect { my $location = join '', @_; $meta_tags = "\n\n"; $footer_printed = 1; &page_start; return "\n\nRedirecting...

\nClick here if you are not being redirected\n\n\n

<$smallfont>Powered by SimpleForum Pro $version

$custom_footer<\/body>\n\n<\/HTML>"; exit; } # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

	$lang_forum	$lang_topics	$lang_last_post
".add_html($1)."
	$forum_name \n$forum_more$forum_moderators	$topic_amount	$forum_index_date$last_posted_name
$lang_no_forums_yet_long

Level 1	0
Level 2
Level 3
Level 4
Level 5
Level 6

<$smallfont>Registered users		<$smallfont>Administrators

h6 header

Whoops!