#!/usr/bin/perl
#guestbook.pl

#this code is hereby released into the public domain

#there is no warranty, express or implied, even merchantability or
#fitness for a particular purpose

#if you're reading this, you hopefully know what you're doing.  Check
#out the structure of guestlog.html...they only thing that makes this
#guestbook "cool" is that it has those random colors

$notify_email = "mhunter\@lusars.net";

srand;

#cgi code from Lance Stack
#----------------------------------------------begin ripped off of stack
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

die "foad" if ($ENV{'REMOTE_ADDR'} eq '203.113.13.4');

# Split the name-value pairs
@pairs = split(/&/, $buffer);

foreach $pair (@pairs) 
{
   ($name, $value) = split(/=/, $pair);

   # Un-Webify plus signs and %-encoding
   $value =~ tr/+/ /;
   $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
   $value =~ s/<!--(.|\n)*-->//g;
   $value =~ s/<([^>]|\n)*>//g;

   $FORM{$name} = $value;
}
#----------------------------------------------end ripped off of stack

$username = $FORM{'username'};
$email = $FORM{'email'};
$url = $FORM{'url'};
$thetext = $FORM{'thetext'};

if ( ($username eq "") || ($thetext eq "") )
{
        print <<mArKeR;
Content-type: text/html


<html>
<title>Submission Error</title>
<body bgcolor=#000000 text=#ffffff>
<h2>A required field was left blank</h2>
</body>
</html>
mArKeR
        exit(0);
}

my $date = `date '+%a %b %e, %Y %T %Z'`;
chomp($date);

if (($thetext !~ s/^\s*banana\s*//i) or ($thetext =~ /(hotxxx|porkyhost)/i))
{
        print <<mArKeR0;
Content-type: text/html


<html>
<title>Submission Error</title>
<body bgcolor=#000000 text=#ffffff>
<h2>The first word of your entry MUST be "banana"<h2>
Your attempted entry was:<br>
<pre>
$thetext
</pre>
</body>
</body>
</html>
mArKeR0


	#open (MAIL, "|mail -s \"autogen guestbook ABUSE?\" $notify_email >>/dev/null") || die "couldn't mail";  
	#print MAIL "Guestbook URL:  http://lusArs.net/~mhunter/guestbook.html\n";
	#print MAIL "$date\n$ENV{REMOTE_ADDR}\n";
	#print MAIL "$username\n$email\n$url\n\n$thetext\n\n";
	#close MAIL;
        exit(0);
}


open (LOGTMP, 
"../.writedir/guestbook.html");
@logtmp = <LOGTMP>;
close LOGTMP;

open (GUESTBOOK, 
">../.writedir/guestbook.html")
     || warn "Could not open GUESTBOOK!!!";


$i = 1;

#dark
$rcolor = rand()*128;
$gcolor = rand()*64;
$bcolor = rand()*128;

$rstr = $rcolor > 15 ? sprintf("%x", $rcolor) : sprintf("0%x", $rcolor);
$gstr = $gcolor > 15 ? sprintf("%x", $gcolor) : sprintf("0%x", $gcolor);
$bstr = $bcolor > 15 ? sprintf("%x", $bcolor) : sprintf("0%x", $bcolor);

$tablecolor = sprintf("#%s%s%s", $rstr, $gstr, $bstr);

foreach $line (@logtmp)
{
	print GUESTBOOK $line;
	if (($line eq "<!-- begin entries -->\n") && $i)
	{
		print GUESTBOOK <<mArKeR;
<tr bgcolor=$tablecolor>
	<td>
		<font color=#ffffff>
		<p>On $date, <b>$username</b>
		(<a href=mailto:$email>$email</a>)
		wrote:<hr>
		</font>
	</td>
</tr>
<tr bgcolor=$tablecolor>
	<td>
		$thetext<br><p><br>
mArKeR

		if (!(($url eq "") or ($url eq "http://")))
		{
			print GUESTBOOK "$username\'s homepage: <a href=$url>$url</a>"; 
		}

		print GUESTBOOK "\n\t</td>\n</tr>\n";
		$i = 0;
	}
}

close(GUESTBOOK); 

open (MAIL, "|mail -s \"autogen guestbook notice\" $notify_email >>/dev/null") || die "couldn't mail";  
print MAIL "$date\n$ENV{REMOTE_ADDR}\n";
print MAIL "$username\n$email\n$url\n\n$thetext\n\n";
close MAIL;

if ( ($url eq "") or ($url eq "http://"))
{
	$url = "(no URL)";
}

print <<mArKeR2;
Content-type: text/html


<html>
<head><title>Post Submission page</title></head>
<body bgcolor=#000000 text=#ffffff vlink=#00ff00>

The following has been added to the guestbook:<br><p>

$username<br>$email<br>$url<br> 
$thetext
<br><p>
Click <a href="http://www.lusars.net/~mhunter/guestlog.html">here</a> to 
view the guest log. (You may have to click "refresh").
</body>
</html>
mArKeR2