#!/usr/bin/perl $discus_conf = '/usr/local/www/www.acheron.org/discus_admin_245059122/discus.conf'; #Discus board administration script (board-admin-1.cgi) #------------------------------------------------------------------------------- # This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved. # Its use is subject to the license agreement that can be found at the following # URL: http://www.chem.hope.edu/discus/license #------------------------------------------------------------------------------- if (open (FILE, "$discus_conf")) { @file = ; close (FILE); $evals = ""; foreach $line (@file) { if ($line =~ /^(\w+)=(.*)/) { $varname = $1; $value = $2; $value =~ s/'/\\'/g; $value =~ s/\r//g; $evals .= "\$$varname='$value'; "; } } eval($evals); require "$admin_dir/source/src-board-subs-common"; } else { print "Content-type: text/html\n\n"; print "Script Execution Error\n"; print "\n"; print "

Script Execution Error

\n"; print "Discus scripts could not execute because the discus.conf file\n"; print "could not be opened."; print "

Reason: $!" if $!; print "

This generally indicates a setup error of some kind.\n"; print "Consult the Discus "; print "Resource Center for troubleshooting information.\n"; exit(0); } require "$admin_dir/source/src-board-subs-admin"; &parse_form; &read_cookie; #------------------------------------------------------------------------------- # PAGE MANAGER ACTIONS AND OTHER RELATED FUNCTIONS #------------------------------------------------------------------------------- if ($FORM{'action'} eq 'add_subtopic') { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!"); &error_message("Add Subtopic Error", "You did not specify a title for the new subtopic!") if $FORM{'subtopic'} eq ""; ($newtitle) = &ex("webtags", $FORM{'subtopic'},3); &error_message("Add Subtopic Error", "Formatting tags returned the following error:

$newtitle") if $newtitle =~ /

Formatting/i; $param = "Sublist" if $FORM{'pagetype'} eq "privateindex"; $param = "SublistCreate" if $FORM{'pagetype'} eq "publicindex"; $param = "MessagesAdd" if $FORM{'pagetype'} eq "message"; $target = "Main" if $FORM{'linktype'} eq "rightframe"; $target = "_parent" if $FORM{'linktype'} eq "top"; $target = "_blank" if $FORM{'linktype'} eq "new"; $param = "LINK" if $FORM{'type'} eq "link"; if ($param eq "LINK") { $url = $FORM{'url'}; &error_message('Add Subtopic Error', "The URL you specified was not valid") if $FORM{'url'} eq ""; } ($newnum_number) = &ex("add_page", $newtitle,$param,$url,$target); ($dt) = &ex("get_date_time", "short"); ($ts) = &ex("get_date_time", "long"); $ts =~ s/\W//g; &ex("update_time", $topic_number, $newnum_number, $me_number, $ts, $dt); $append = "?username=$FORM{'username'}"; &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}) if ($FORM{'jumpin'} == 0 || $param eq "LINK"); &ex("page_mgr_2", "//$topic_number/$newnum_number.$ext", $FORM{"username"}) if $FORM{'jumpin'} == 1; exit(0); } if ($FORM{'action'} eq "subtopics") { &check_passwd; &extract($FORM{'HTTP_REFERER'}); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this topic!"); if ($FORM{'SELECTION'} =~ /^delete(\w+)/) { $todo = $1; if ($todo eq "all") { $todo = $FORM{'MARK'}; } &ex("remove_page", $topic_number, $me_number, $todo); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } elsif ($FORM{'SELECTION'} =~ /move(\w+)/) { if ($1 =~ /^(\d+)$/) { $tomove = $1; $plural = ""; $singular = "a "; } else { $tomove = $FORM{'MARK'}; $plural = "s"; $singular = ""; } &ex('move_subtopic_form', $topic_number, $me_number, $FORM{'username'}, $plural, $singular, $FORM{'HTTP_REFERER'}); exit(0); } elsif ($FORM{'SELECTION'} =~ /properties(\d+)/) { $torename = $1; if ($torename =~ /^0/) { $torename =~ s/^0//g; &ex("rename_link_form", $FORM{"HTTP_REFERER"},$torename,$FORM{"username"}); } else { &ex("rename_subtopic_form", $FORM{"HTTP_REFERER"}, $torename, $FORM{"username"}); } exit(0); } elsif ($FORM{'SELECTION'} =~ /reorder/) { undef @data; undef @datakeys; foreach $key (keys(%FORM)) { $key2 = $key; $keystr .= "$key2=$FORM{$key2}
"; if ($key2 =~ /^ORDER/) { $key2 =~ s/^ORDER//g; $key2 =~ s/^0//g; push (@data, $key2); push (@dataval, $FORM{$key}); } } @array = @data[sort {$dataval[$a] <=> $dataval[$b]} $[..$#data]; $arraystr = join(":", @array); &ex("reorder_subtopics", $FORM{"HTTP_REFERER"}, $arraystr); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } } if ($FORM{'action'} eq 'rename_a_subtopic' || $FORM{'action'} eq 'rename_a_link') { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner ($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permissions to rename subtopics on this page!"); ($newname) = &ex('webtags', $FORM{"newname"}, 3); $newname = &remove_links($newname); &error_message("Rename Error", "You didn't specify a new subtopic/link name!") if $newname eq ""; &error_message("Formatting Error", "The following formatting error was returned:

$newname

") if $newname =~ /

FORMATTING/i; if ($FORM{'action'} eq "rename_a_subtopic") { $subtopic = $FORM{'subtopic'}; $subtopic =~ s/\D//g; &error_message("Rename Error", "You didn't specify a valid initial subtopic!") if $subtopic == 0; &ex("rename_subtopic", $FORM{"HTTP_REFERER"}, $subtopic, $newname); } else { $linknum = $FORM{'link'}; $url = &remove_html($FORM{'url'}); if ($FORM{'frame'} eq "top") { $target = "_parent"; } elsif ($FORM{'frame'} eq "new") { $target = "_blank"; } else { $target = "Main"; } &ex("rename_link", $FORM{"HTTP_REFERER"}, $linknum, $newname, $url, $target); } &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } if ($FORM{'action'} eq "move_subtopic") { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner ($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permissions to move subtopics from this page!"); $oldtopic = $topic_number; $oldparent = $me_number; &extract("//$FORM{'click'}.$ext"); &verify_owner ($owner,$FORM{'username'}) || &error_message("Permissions Error", "You do not have permissions to move subtopics to this page!"); $newtopic = $topic_number; $newtopic_hold = $newtopic; $newhome = $me_number; $newhome_hold = $newhome; @tomove = split(/,/, $FORM{'move'}); foreach $page (@tomove) { $page =~ s/^0//; } $tomove = join(",", @tomove); &ex('move_page', $oldtopic, $tomove, $oldparent, $newtopic, $newhome); &extract("//$newtopic_hold/$newhome_hold.$ext"); if ($param !~ /Sublist/) { &ex('change_layout', $newtopic_hold, $newhome_hold, $param . "Sublist"); } ($dt) = &ex('get_date_time', "short"); ($ts) = &ex('get_date_time', "long"); $ts =~ s/\W//g; &ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); exit(0); } if ($FORM{'action'} eq "messages") { &check_passwd; &extract($FORM{'HTTP_REFERER'}); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this topic!"); if ($FORM{'SELECTION'} =~ /delete(\w+)/) { $todo = $1; if ($todo ne "all") { $todo =~ s/\D//g; if ($todo != 0) { &ex('remove_message', $FORM{"HTTP_REFERER"}, $todo); } } else { &ex('remove_message', $FORM{"HTTP_REFERER"}, $FORM{'MARK'}); } &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } elsif ($FORM{'SELECTION'} =~ /move(\w+)/) { $tomove = $1; &ex('move_message_form', $topic_number, $tomove, $FORM{"move"}, $FORM{"MARK"}, $FORM{"HTTP_REFERER"}, $FORM{"username"}); exit(0); } elsif ($FORM{'SELECTION'} =~ /edit(\d+)/) { $toedit = $1; &ex('edit_message_form', $topic_number, $me_number, $toedit, "", "", $FORM{"username"}); exit(0); } elsif ($FORM{'SELECTION'} =~ /reorder/) { undef @data; undef @datakeys; foreach $key (keys(%FORM)) { $key2 = $key; $keystr .= "$key2=$FORM{$key2}
"; if ($key2 =~ /^ORDER/) { $key2 =~ s/^ORDER//g; push (@data, $key2); push (@dataval, $FORM{$key}); } } @array = @data[sort {$dataval[$a] <=> $dataval[$b]} $[..$#data]; $arraystr = join(":", @array); &ex('reorder_messages', $FORM{"HTTP_REFERER"}, $arraystr); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } } if ($FORM{'action'} eq "edit_message") { &check_passwd; &extract($FORM{'HTTP_REFERER'}); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit messages in this topic!"); $source = $FORM{"message"}; ($lint, $message) = &ex('webtags', $source, 0, 1); &error_message ("Edit Message Error", "You cannot specify a blank message!") if $message eq ""; $FORM{'submit'} = "Preview" if $lint eq "!Error"; $error_force = 1 if $lint eq "!Error"; if ($pro) { ($removed, $added) = &ex('compare_source', $source, $topic_number, $me_number, $FORM{'postindex'}); if ($added) { $FORM{'submit'} = "Preview"; $message = "

Editing Error

The following references to images or attachments have been modified:

$line\n"; } $message .= "

Repair or remove these references, or cancel your editing."; } } if ($FORM{'submit'} =~ /Preview/) { &ex('edit_message_form', $topic_number, $me_number, $FORM{"postindex"}, $source, $message, $FORM{"username"}, $error_force); exit(0); } &ex('save_edited_message', $topic_number, $me_number, $FORM{"postindex"}, &escape($source), $message, $FORM{"username"}); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } if ($FORM{'action'} eq "move_message") { &check_passwd; &extract($FORM{'HTTP_REFERER'}); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to move messages from this topic!"); ($old_topic,$old_page) = ($topic_number, $me_number); if ($FORM{'click'}) { &extract ("//$FORM{'click'}.$ext"); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to move messages to this topic!"); ($new_topic, $new_page) = ($topic_number, $me_number); $page_num = $new_page; } else { $new_topic = "Create"; $new_page = $FORM{'newname'}; } ($new_page, $new_topic) = &ex('move_message', $old_topic, $old_page, $FORM{"move"}, $new_topic, $new_page, $FORM{"parm"}); if ($new_page != 0) { $page_num = $new_page; $new_topic = $old_topic if $new_topic =~ /\D/; &extract ("//$new_topic/$new_page.$ext"); $param =~ s/noneset//g; if ($param !~ /Messages/) { &ex('change_layout', $new_topic, $page_num, $param . "Messages"); $param .= "Messages"; if ($param !~ /Add/ && $FORM{"parm"} == 1) { &ex('change_layout', $new_topic, $page_num, $param . "Add"); } } } &extract("//$new_topic/$new_page.$ext"); ($dt) = &ex('get_date_time', "short"); ($ts) = &ex('get_date_time', "long"); $ts =~ s/\W//g; &ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } if ($FORM{'action'} eq 'about_message') { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner ($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!"); $FORM{'message'} =~ s/^\s+//; $FORM{'message'} =~ s/\s+$//; ($lint_subj, $new_message) = &ex('webtags', $FORM{'message'}, 1, 1); $FORM{'submit'} = "Preview" if $lint_subj eq "!Error"; if ($FORM{'submit'} =~ /Preview/) { $FORM{'message'} =~ s/&/&/g; $FORM{'message'} =~ s//>/g; $FORM{'message'} =~ s/"/"/g; &ex('preview_admin_message', $FORM{"message"}, $new_message, $FORM{"username"}, $FORM{"HTTP_REFERER"}, "about_message", "About Message"); exit(0); } else { $file = "$message_dir/$topic_number/$me_number.$ext"; &ex('change_about_message', $file, $FORM{"message"}, $new_message); ($dt) = &ex('get_date_time', "short"); ($ts) = &ex('get_date_time', "long"); $ts =~ s/\W//g; &ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } } if ($FORM{'action'} eq 'announce_message') { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner ($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!"); $FORM{'message'} =~ s/^\s+//; $FORM{'message'} =~ s/\s+$//; ($lint_subj, $new_message) = &ex('webtags', $FORM{'message'}, 1, 1); $FORM{'submit'} = "Preview" if $lint_subj eq "!Error"; if ($FORM{'submit'} =~ /Preview/) { $FORM{'message'} =~ s/&/&/g; $FORM{'message'} =~ s//>/g; $FORM{'message'} =~ s/"/"/g; &ex('preview_admin_message', $FORM{"message"}, $new_message, $FORM{"username"}, $FORM{"HTTP_REFERER"}, "announce_message", "Announcement"); exit(0); } else { $file = "$message_dir/$topic_number/$me_number.$ext"; &ex('change_announce_message', $file, $FORM{"message"}, $new_message); ($dt) = &ex('get_date_time', "short"); ($ts) = &ex('get_date_time', "long"); $ts =~ s/\W//g; &ex('update_time', $topic_number, $me_number, $parent_number, $ts, $dt); &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); } } if ($FORM{'action'} eq "change_layout") { &check_passwd; &extract ($FORM{'HTTP_REFERER'}); &verify_owner($owner, $FORM{'username'}) || &error_message("Permissions Error", "You do not have permission to edit this page!"); $layout = ""; $layout .= "Sublist" if $FORM{'element1'} eq "on"; $layout .= "Create" if $FORM{'element2'} eq "on"; $layout .= "About" if $FORM{'element3'} eq "on"; $layout .= "Messages" if $FORM{'element4'} eq "on"; $layout .= "Add" if $FORM{'element5'} eq "on"; $layout .= "Announcement" if $FORM{'element6'} eq "on"; $layout .= "Archive" if $param =~ m|Archive|; &ex('change_layout', $topic_number, $me_number, $layout); $append = "?username=$FORM{'username'}"; &ex("page_mgr_2", $FORM{"HTTP_REFERER"},$FORM{"username"}); exit(0); } &error_message("Invalid Query", "The form action $FORM{action} is not valid for this script");