0byt3m1n1
Path:
/
data
/
18
/
3
/
115
/
147
/
3441799
/
user
/
3836491
/
cgi-bin
/
[
Home
]
File: fmail.pl
#!/usr/bin/perl ###################### # General Mail Form To Work With Any Fields # Created 6/9/95 Last Modified 11/13/2003 # Version 1.5 # Modified by Emil Briggs, Charles Brabec, Burtland Jones, Mark Skogsberg # Define Variables $mailprog = '/bin/sendmail'; ###################### # A date for those with no /bin/date # @junk = localtime(time); $date = (Jan,Feb,Mar,Apr,May,Jun,Jul,Aug,Sep,Oct,Nov,Dec)[$junk[4]]; $junk[5] += 1900; $date .= "-" . $junk[3] . "-" . $junk[5]; $date .= " " . $junk[2] . ":" . $junk[1] . " EST"; $datafile = '/etc/hosts'; ###################### # Necessary Fields in HTML Form: (Read the README file for more info) # recipient = specifies who mail is sent to # username = specifies the remote users email address for replies # realname = specifies the remote users real identity # subject = specifies what you want the subject of your mail to be ######################## # A subroutine to die gracefully under html ######################## sub safe_die { print "Content-type: text/html\n\n"; print @_,"<br>\n"; exit(0); } ###################### # Read in posted data ###################### read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); ############################################ # Capture referring URL for security checks ############################################ $finddomain = $ENV{'HTTP_REFERER'}; ############################################ # die if Script is called directly ############################################ if ($finddomain eq "") { &safe_die("Please do not call this interface directly"); } ############################################ # Clean the $finddomain variable and get the URI portion, if any ############################################ $finddomain = lc($finddomain); $finddomain =~ s/^http:\/\/|^https:\/\///; $finddomain =~ s/^www\.//; if($finddomain =~ /\//) { ($finddomain, $uri_path) = split(/\//, $finddomain, 2); } else { $uri_path = ""; } &check_exists($finddomain); # Split the name-value pairs @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); # Un-Webify plus signs and %-encoding $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; } #################################### # drop the case of the email address to make pattern matching easier #################################### $FORM{'recipient'} = lc($FORM{'recipient'}); ############################################## # verify that referrer is valid local file ############################################## $isvalid = &file_verify($uri_path); if($isvalid == 0) { &safe_die("Referring file is not a valid form"); } # clean up the recipient address, to avoid hackers $whoto = $FORM{'recipient'}; if ($whoto eq "") { &safe_die("No Recipient Given!\n"); } if ($FORM{'username'} eq "") { $FORM{'username'} = "No-Email-Given\@nowhere.none"; } # Open The Mail open (MAIL, "|$mailprog -t") || &safe_die("Can't open $mailprog!\n"); print MAIL "From: $FORM{'username'}\n"; print MAIL "Reply-To: $FORM{'username'}\n"; print MAIL "To: $whoto\n"; print MAIL "Subject: $FORM{'subject'}\n\n"; print MAIL "Below is the information submitted on $date\n"; print MAIL "----------------------------------------------------------------------------------------\n\n"; foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); # Un-Webify plus signs and %-encoding $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; if (($name eq "recipient")|| ($name eq "subject") || ($name eq "Senden") || ($name eq "Send") || ($name eq "thankurl")) { print MAIL ""; } else { # Print the MAIL for each name value pair print MAIL "$name: $value\n"; }} close (MAIL); if ($FORM{thankurl} eq "no") { print "Content-type: text/html\n\n"; print "<html><head><title>Thank You</title></head>\n"; print "<body><h1>Thank You</h1>\n"; print "Below is what you submitted on $date<hr>\n"; foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); # Un-Webify plus signs and %-encoding $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $FORM{$name} = $value; if (($name eq "recipient")|| ($name eq "subject") || ($name eq "Senden") || ($name eq "Send") || ($name eq "thankurl")) { print ""; } else { # Print the Return HTML for each name value pair. print "$name = $value<p>\n"; }} print "</body></html>"; } else { print "Location: $FORM{'thankurl'}\n\n"; } sub check_exists { $chkdomain = shift; $found = 0; open(DB, "<$datafile") || &safe_die("Cannot open data file"); while ($lin = <DB>) { chop($lin); ($rest,$tmpdomain) = split(/\s/, $lin, 3); $tmpdomain=~s/\s+//g; if ($tmpdomain eq $chkdomain) { $found = 1; last; } next; } close(DB); if ($found == 0) { &safe_die("$chkdomain Domain does not exist on this server"); } } ################################################################ # Subroutine to verify existence and validity of referring page # takes URI to referring page as argument ################################################################ sub file_verify { # Pull file path from argument my $filepath = shift; chomp($filepath); my $valid = 0; # get the web root for the current site my $doc_root = $ENV{'DOCUMENT_ROOT'}; # verify existence of the referring file if($filepath =~ /\//) { @dirsleft = split(/\//,$filepath); $ct = @dirsleft; # Split the file path, taking into account nested directories if($ct >1) { $fname = pop @dirsleft; if($fname !~ /\./) { push @dirsleft,$fname; $fname = ''; } } else { $fname = ''; } } else { $fname = $filepath; } # If an explicit file name was not passed, build a DirectoryIndex array if(length($fname) == 0) { @indexes = &get_index_list; } else { @indexes = ($fname); } $dir_path = $doc_root; # Rebuild the directory path, in case caps were used foreach $dir(@dirsleft) { @files = (); opendir(DIR,"$dir_path"); @files = readdir DIR; closedir DIR; foreach $filename(@files) { chomp($filename); $filename =~ s/\///g; if($filename =~ /^$dir$/i) { $dir = $filename; $dir_path .= "/$dir"; } else { next; } } } # Once the directory path has been reconstructed, find the file # All this is necessary because CGI passes its ENV variables in lower-case # Thus, any files or paths with caps would be lost. @files = (); opendir(DIR,"$dir_path"); @files = readdir DIR; closedir DIR; foreach $index(@indexes) { foreach $file(@files) { push @info,$file; if($file eq '.' || $file eq '..') { next; } elsif($index =~ /^$file$/i) { $fname = $file; break; } else { next; } } } # Error out if the file passed as referer does not exist if(!( -e "$dir_path/$fname")) { &safe_die("Referring form $filepath does not exist"); } # if file exists, make sure it is a valid fmail form else { push @info,"$dir_path/$fname"; open(FILE,"<$dir_path/$fname"); while(<FILE>) { if($_ =~ /name\=\"recipient\"/i) { @fields = split(/\<|\>/,$_); foreach $field(@fields) { if($field =~ /name\=\"recipient\"/i) { @parms = split(/\s+/,$field); foreach $parm(@parms) { ($mykey,$myval) = split(/\=/,$parm,2); $myval =~ s/\"|\'//g; $mykey = lc($mykey); $myval = lc($myval); $validcheck{$mykey} = $myval; } if($validcheck{'value'} eq $FORM{'recipient'}) { $valid++; } } } } else { next; } } close(FILE); } # number returned should be greater than 0 if file is valid return $valid; } ################################################ # If page name is not explicitly declared, generate directory index list ################################################ sub get_index_list { open(CNF,"</www/conf/httpd.conf"); while(<CNF>) { if($_ =~ /^DirectoryIndex/i || $_ =~ /^\s+DirectoryIndex/i) { chomp($_); $_ =~ s/^\s+//g; @ilist = split(/\s+/,$_); shift @ilist; } else { next; } } close(CNF); return @ilist; }