#!/usr/bin/perl # This Script and the readme may only be given away "as is", unmodified # and complete. The Script is Freeware. # Created and Copyright by Ralf Gueldemeister # on 25.12.98 require "./config.cgi"; require "./shared.cgi"; require "./$messages_dir/chat2.cgi"; require "./$messages_dir/shared.cgi"; require "./$html_dir/user_error.cgi"; require "./$html_dir/userinfo.cgi"; require "./$html_dir/register.cgi"; require "./$html_dir/banner.cgi"; require "./$html_dir/options.cgi"; require "./$html_dir/changeuserinfo.cgi"; require "./$html_dir/scriptlinks.cgi"; require "./$html_dir/chatframes.cgi"; # Main Part - DON'T CHANGE ANYTHING HERE! # ####################### &action; exit; sub action { if ($qs eq "") { &error($chat2_msg[26]); } elsif ($query{'action'} eq "register") { ®ister_html; } elsif ($query{'action'} eq "login") { &login; } elsif ($query{'action'} eq "create_nick") { &create_nick; } elsif ($query{'action'} eq "banner") { &banner_html; } elsif ($query{'action'} eq "options_html") { &options_html; } elsif ($query{'action'} eq "setoptions") { &setoptions; } elsif ($query{'action'} eq "gotourl") { &gotourl; } elsif ($query{'action'} eq "userinfo") { &userinfo($query{'infoabout'}); &userinfo_html; } elsif ($query{'action'} eq "changeuserinfo") { &changeuserinfo; } elsif ($query{'action'} eq "setuserinfo") { &setuserinfo; } elsif ($query{'action'} eq "scriptlinks") { &scriptlinks_html; } elsif ($query{'action'} eq "send_pwd") { &send_pwd; } elsif ($query{'action'} eq "logout") { &logout; } else { &error; } } sub login { &max_user_limit; # check if chat is full if ($clear_old_msgs == 1) { &clear_old_msgs_sub; } my ($nickdata, $nickok); if ($use_dbi) { } else { # check if ip is banned open (BANFILE, "<$data_dir/$data_banned"); while () { chomp; if ($_ eq "ip:$ENV{'REMOTE_ADDR'}") { &user_error_html($config_msg[7], $config_msg[8]); exit; } } # wait until other process finished working on the nicks file while (-e "$data_dir/$data_stillalive.tmp") { sleep 1; $file_tmp++; if ($file_tmp > 30) { unlink(glob("$data_dir/*.tmp")); $file_tmp = 0; } } open (NICKFILE, "<$data_dir/$data_nicks") || &create_file("$data_dir/$data_nicks"); open (NICKFILE2, ">$data_dir/$data_nicks.tmp") || &error("::open nick2 file failed::"); flock(NICKFILE2,2) if ($flocking == 1); my @nickdata; while () { if (/^\Q$query{'name'}\E;;/i) { chomp; @nickdata = split(/;;/); # check pwd if ($query{'password'} ne $nickdata[1]) { &user_error_html($config_msg[3], $config_msg[4]."$query{'name'}".$config_msg[19]); exit; } $$nickdata{'name'} = $nickdata[0]; $$nickdata{'password'} = $nickdata[1]; $$nickdata{'updatefrequency'} = $nickdata[5]; $$nickdata{'color'} = $nickdata[6]; $$nickdata{'streaming'} = $nickdata[8]; $$nickdata{'new_msg_on_top'} = $nickdata[9]; $$nickdata{'loginsound'} = $nickdata[13]; $$nickdata{'memos'} = $nickdata[12]; # update last visited date and IP and number of memos $nickdata[4] = $timestamp; $nickdata[11] = $ENV{'REMOTE_ADDR'}; $nickdata[12] = 0; #set unkicked if user was kicked $nickdata[10] = 0 if ($nickdata[10] == 1); #check if user is banned if ($nickdata[10] == 2) { &user_error_html($config_msg[7], $config_msg[8]); exit; } print NICKFILE2 join(';;', @nickdata)."\n"; $nickok = 1; } else { print NICKFILE2; } } close NICKFILE; close NICKFILE2; unlink("$data_dir/$data_nicks"); rename("$data_dir/$data_nicks.tmp", "$data_dir/$data_nicks"); } if (not $nickok) { &user_error_html($config_msg[1], $config_msg[2]); exit; } # use nick from database to correct case $query{'name'} = $$nickdata{'name'}; $query{'updatefrequency'} = $$nickdata{'updatefrequency'}; $query{'color'} = $$nickdata{'color'}; $query{'new_msg_on_top'} = $$nickdata{'new_msg_on_top'}; $query{'ls'} = $$nickdata{'loginsound'}; $query{'streaming'} = $$nickdata{'streaming'}; # check memos if ($$nickdata{'memos'} > 0) { $pause = 1; &check_for_memo($$nickdata{'memos'}); } #post welcome msg if ($welcome_msg ne "") { &postmsg("command", "WELCOME", $query{'name'}, $welcome_msg); } # Login msg + sound &postmsg("login", $query{'name'}, "", $chat2_msg[0]); &postmsg("action", $query{'name'}, "", "loginsound$nothing"); &enterchat; } sub enterchat { # LOG ACTION if ($logtype >= 2) { open (LOGFILE, ">>$log_dir/$log_file") || &error("::open $log_dir/$log_file failed::"); flock(LOGFILE,2) if ($flocking == 1); print LOGFILE localtime(time)." $ENV{'REMOTE_ADDR'} [LOGIN] $query{'name'}\n"; close LOGFILE; } &chatframes_html; } sub create_nick { # create new nick and redirect to chat # check if nick contains illegal chars if ($international_nicks) { if ($query{'name'} =~ /[\";\/:\\\?\*<>\| \']/ or not $query{'name'}) { &user_error_html($chat2_msg[15], $chat2_msg[16]); exit; } } else { if ($query{'name'} =~ /[\W]/ or !$query{'name'}) { &user_error_html($chat2_msg[1], $chat2_msg[2]); exit; } } # check if nick is too long if (length($query{'name'}) > $max_input_length) { &user_error_html($chat2_msg[29], $chat2_msg[30]); exit; } # check if password is too long if (length($query{'password'}) > $max_input_length) { &user_error_html($chat2_msg[31], $chat2_msg[32]); exit; } # check if password contains illegal chars if ($query{'password'} =~ /[;\']/ or !$query{'password'}) { &user_error_html($chat2_msg[3], $chat2_msg[4]); exit; } # check if 2 passwords are equal if ($query{'password'} ne $query{'password2'}) { &user_error_html($chat2_msg[5], $chat2_msg[6]); exit; } if ($use_dbi) { } else { if (-e "$data_dir/$data_nicks") { open (NICKFILE, "<$data_dir/$data_nicks") || &error("::open $data_dir/$data_nicks failed::"); } else { &create_file("$data_dir/$data_nicks"); open (NICKFILE, "<$data_dir/$data_nicks") || &error("::open Nickfile failed::"); # und dann oeffnen } # does nick already exist? while () { chomp; if (/^\Q$query{'name'}\E;;/i) { &user_error_html($chat2_msg[7], $chat2_msg[8]); exit; } } open (NICKFILE, ">>$data_dir/$data_nicks") || &error("open nickfile failed"); flock(NICKFILE,2) if ($flocking == 1); my @nickdata; $nickdata[0] = $query{'name'}; $nickdata[1] = $query{'password'}; $nickdata[2] = $query{'email'}; $nickdata[3] = localtime($timestamp); $nickdata[4] = $timestamp; $nickdata[5] = $updatefrequency; $nickdata[6] = "standard"; $nickdata[7] = 0; $nickdata[8] = $streaming; $nickdata[9] = $new_msg_on_top; my $nickentry = join(';;', @nickdata); print NICKFILE "$nickentry\n"; close NICKFILE; } #MAIL TO ADMIN if ($mail_on_new_registration == 1) { open(MAIL,"|$mailprogramme -t"); print MAIL "To: $admin_email_addresse\n"; print MAIL "From: $admin_email_addresse (Ralfs Chat Script)\n"; print MAIL "Subject: [CHAT] New Nick Registration\n\n"; print MAIL "A new user was registered\n"; print MAIL "Nickname: $query{'name'}\n"; print MAIL "eMail: $query{'email'}\n"; print MAIL "HTTP User Agent: ".$ENV{'HTTP_USER_AGENT'}."\n"; print MAIL "Remote Addresse: ".$ENV{'REMOTE_ADDR'}."\n"; } # LOG ACTION if ($logtype >= 1) { open (LOGFILE, ">>$log_dir/$log_file") || &error("::open $log_dir/$log_file failed::"); flock(LOGFILE,2) if ($flocking == 1); print LOGFILE localtime(time)." $ENV{'REMOTE_ADDR'} [NEW USER] $query{'name'} <$query{'email'}>\n"; close LOGFILE; } &user_error_html($chat2_msg[9], $chat2_msg[10]); } sub clear_old_msgs_sub { &saprocess; if ($use_dbi) { } else { # if stillalive file has zero size clear messages if (-z "$data_dir/$data_stillalive") { open(MSGFILE, ">$data_dir/$data_msg"); close MSGFILE; } } } sub setoptions { &checkpass; if ($query{'updatefrequency'}<$min_update_freq || $query{'updatefrequency'} eq "") { $query{'updatefrequency'}=$min_update_freq; } if ($query{'ls'}) { $query{'ls'} =~ s/^(file:)?(\/\/)?(localhost)?\/?(.*)/file:\/\/localhost\/$4/; } # remove anything from color tag $query{'color'} =~ s/.*([0-9A-F]{6}).*/$1/; if ($query{'change_pwd_old'} && $query{'change_pwd_new'}) { if ($query{'change_pwd_old'} eq $query{'password'}) { if ($query{'change_pwd_new'} eq $query{'change_pwd_new2'}) { if (length($query{'change_pwd_new'}) > $max_input_length) { &postmsg("command", "CHANGE_PWD", "$query{'name'}", $chat2_msg[33]); } elsif ($query{'change_pwd_new'} =~ /[;\'\n]/) { &postmsg("command", "CHANGE_PWD", "$query{'name'}", $chat2_msg[18]); } else { &postmsg("command", "CHANGE_PWD", "$query{'name'}", $chat2_msg[17]); $query{'password'} = $query{'change_pwd_new'}; } } else { &postmsg("command", "CHANGE_PWD", "$query{'name'}", $chat2_msg[19]); } } else { &postmsg("command", "CHANGE_PWD", "$query{'name'}", $config_msg[3]); } } if ($use_dbi) { } else { # wait until other process finished working on the nicks file while (-e "$data_dir/$data_nicks.tmp") { sleep 1; $file_tmp++; if ($file_tmp > 30) { unlink(glob("$data_dir/*.tmp")); $file_tmp = 0; } } open (NICKFILE, "<$data_dir/$data_nicks"); open (NICKFILE2, ">$data_dir/$data_nicks.tmp") || &error("::open nicks2 file failed::"); flock(NICKFILE2,2) if ($flocking == 1); my $userfound; while () { if (/^\Q$query{'name'}\E;;/i) { chomp; my @row = split(/;;/); $row[1] = $query{'password'}; $row[5] = $query{'updatefrequency'}; $row[6] = $query{'color'}; $row[8] = $query{'streaming'}; $row[9] = $query{'new_msg_on_top'}; $row[13] = $query{'ls'}; print NICKFILE2 join(';;', @row)."\n"; } else { print NICKFILE2; } } close NICKFILE; close NICKFILE2; unlink("$data_dir/$data_nicks"); rename("$data_dir/$data_nicks.tmp", "$data_dir/$data_nicks"); } &chatframes_html; } sub setuserinfo { &checkpass; &kill_special_chars($query{'realname'}); &kill_special_chars($query{'email'}); &kill_special_chars($query{'age'}); &kill_special_chars($query{'city'}); &kill_special_chars($query{'country'}); &kill_special_chars($query{'url'}); &kill_special_chars($query{'stuff'}); &kill_special_chars($query{'photo_url'}); &kill_special_chars($query{'icq_uin'}); if ($use_dbi) { } else { # wait until other process finished working on the userinfo file while (-e "$data_dir/$data_userinfo.tmp") { sleep 1; $file_tmp++; if ($file_tmp > 30) { unlink(glob("$data_dir/*.tmp")); $file_tmp = 0; } } open (UIFILE, "<$data_dir/$data_userinfo"); open (UIFILE2, ">$data_dir/$data_userinfo.tmp") || &error("::open userinfo2 file failed::"); flock(UIFILE2,2) if ($flocking == 1); while () { if (!/^\Q$query{'name'}\E;;/i) { print UIFILE2; } } my @row; $row[0] = $query{'name'}; $row[1] = $query{'realname'}; $row[2] = $query{'email'}; $row[3] = $query{'age'}; $row[4] = $query{'city'}; $row[5] = $query{'country'}; $row[6] = $query{'url'}; $row[7] = $query{'stuff'}; $row[8] = $query{'photo_url'}; $row[9] = $query{'icq_uin'}; print UIFILE2 join(';;', @row)."\n"; close UIFILE; close UIFILE2; unlink("$data_dir/$data_userifno"); rename("$data_dir/$data_userinfo.tmp", "$data_dir/$data_userinfo"); } &chatframes_html; } sub changeuserinfo { &checkpass; &userinfo($query{'name'}); &changeuserinfo_html; } sub gotourl { print ""; print ""; print "$chat2_msg[20]"; print ""; } sub max_user_limit { if (&number_of_users >= $max_users && $max_users >= 0) { if ($query{'password'} =~ / \Q$masterpassword\E$/) { $query{'password'} = substr($query{'password'}, 0, index($query{'password'}, " ")); } else { &user_error_html($chat2_msg[11], $chat2_msg[12]); exit; } } } sub check_for_memo { my $old_time = time - $days_to_keep_memos*60*60*24; if ($use_dbi) { } else { # wait until other process finished working on the stillalive file while (-e "$data_dir/$data_memo.tmp") { sleep 1; $file_tmp++; if ($file_tmp > 30) { unlink(glob("$data_dir/*.tmp")); $file_tmp = 0; } } open (MEMOFILE, "<$data_dir/$data_memo"); open (MEMOFILE2, ">$data_dir/$data_memo.tmp") || &error("::open memo2 file failed::"); flock(MEMOFILE2,2) if ($flocking == 1); my @row; while () { chomp; @row = split(/;;/); if ($row[3] < $old_time) { # remove old memos } elsif (/^\Q$query{'name'}\E;;/i) { # get & post & delete memos for $query{'name'} &postmsg("memo", "MEMO", $query{'name'},"$chat2_msg[21] $row[1] (".localtime($row[3])."): $row[2]"); } else { print MEMOFILE2 "$_\n"; } } close MEMOFILE; close MEMOFILE2; unlink("$data_dir/$data_memo"); rename("$data_dir/$data_memo.tmp", "$data_dir/$data_memo"); } } sub send_pwd { if ($use_dbi) { } else { open (NICKFILE, "<$data_dir/$data_nicks") || &error("::open $data_dir/$data_nicks failed::"); while () { if (/^\Q$query{'name'}\E;;/i) { chomp; my @row = split(/;;/); $query{'email'} = $row[2]; $query{'password'} = $row[1]; last; } } close NICKFILE; } if ($query{'email'}) { # mail to user open(MAIL,"|$mailprogramme -t"); print MAIL "To: $query{'email'}\n"; print MAIL "From: $admin_email_addresse ($html_title)\n"; print MAIL "Subject: $chat2_msg[22]\n\n"; print MAIL "$chat2_msg[23] $query{'password'} ($chat2_msg[25]: $query{'name'})\n\n"; print MAIL "$chat2_msg[24]"; close MAIL; &user_error_html($chat2_msg[13], $chat2_msg[14]); } else { &user_error_html($chat2_msg[13], $chat2_msg[28]); } } sub logout { if ($use_dbi) { } else { # wait until other process finished working on the stillalive file while (-e "$data_dir/$data_stillalive.tmp") { sleep 1; $file_tmp++; if ($file_tmp > 30) { unlink(glob("$data_dir/*.tmp")); $file_tmp = 0; } } open (SAFILE, "<$data_dir/$data_stillalive"); open (SAFILE2, ">$data_dir/$data_stillalive.tmp") || &error("::open stillalive2 file failed::"); flock(SAFILE2,2) if ($flocking == 1); while () { if (!/^\Q$query{'name'}\E;;/i) { print SAFILE2; } } close SAFILE; close SAFILE2; unlink("$data_dir/$data_stillalive"); rename("$data_dir/$data_stillalive.tmp", "$data_dir/$data_stillalive"); } &postmsg("command","LOGOUT","", "$query{'name'} $chat2_msg[27]"); print "Location: $script2_name?action=gotourl&url=$logout_url\n\n"; }