#!/usr/bin/perl ############################################## ## ## ## PROFILE MANAGER PREMIUM 2.1 ## ## Build 2004-02-19 ## ## ## ## Aytekin Tank ## ## email: aytekin@interlogy.com ## ## http://www.interlogy.com/products/pmpre ## ## ## ## Copyright 1999-2004 Aytekin Tank. ## ## ## ############################################## ############################### # find the root if this is IIS: ############################### if($ENV{'SERVER_SOFTWARE'} =~ m/IIS/) { if($root eq "" && $ENV{'PATH_TRANSLATED'} ne "") { my $pt = $ENV{'PATH_TRANSLATED'}; my @pts = split(/\\/, $pt); $pts[-1] = ""; $root = join "/", @pts; $OS = "NT"; } } ############################### # functions library: ############################### if(!$dontparse){ require "${root}data/config/pmpre.cfg"; require "${root}lib/pm.lib"; } ############################### # Read the data coming from the form.. ############################### if(!$dontparse){ &readit; } ############################### # read cookie ############################### if($use_cookie eq "yes" && !$dontparse && $input{'ID'}<1){ #- retrieve existing cookie $lp = $req->cookie("pmpre"); my ($clogin, $cID) = split(/\|/, pm_decode($lp)); if(($clogin ne "") and ($cID ne "")){ if($input{'login'} eq ""){ $input{'login'} = $clogin; } if($input{'ID'} eq "" && $input{'password'} eq ""){ $input{'ID'} = $cID; } } } ############################### # Read session ############################### if($input{'session'} ne "" && $input{'session'} ne "session" && $input{'action'} ne "display" && $input{'action'} ne "show"){ ($input{'login'}, $input{'ID'}, $input{'logintime'}) = split(/\|/, pm_decode($input{'session'})); $input{'ID'}=0 if( (time()-$input{'logintime'}) > 3600 ); # expire }elsif($input{'action'} ne "display" && $input{'action'} ne "show" && $input{'action'} ne "list"){ $input{'session'} = pm_encode("$input{'login'}|$input{'ID'}|".time()); } if($input{'action'} eq "login") { if(&pm_check eq "yes"){ $input{'session'} = pm_encode("$input{'login'}|$input{'ID'}|".time()); $cookie_pmpre = $req->cookie( -NAME => "pmpre", -VALUE => $input{'session'}, -EXPIRES => "+1h", -PATH => "/" ); } else { $use_cookie = "no"; } #- setting cookie for a populated login form if($input{'save'} eq "yes"){ my $encoded_login = pm_encode("$input{'login'}|$input{'password'}"); my $cookie_pmpre_login = $req->cookie( -NAME => "pmpre_login", -VALUE => "$encoded_login", -EXPIRES => "+1y", -PATH => "/" ); print $req->header(-COOKIE => [$cookie_pmpre, $cookie_pmpre_login]); #- setting cookie for accessing any page without ID } elsif( $use_cookie eq "yes"){ print $req->header(-COOKIE => $cookie_pmpre); }else{ print "Content-type: text/html\n\n"; } } elsif ($input{'action'} eq "logout") { my $cookie_pmpre = $req->cookie( -NAME => "pmpre", -VALUE => "0", -EXPIRES => "-1d", -PATH => "/" ); my $cookie_pmpre_login = $req->cookie( -NAME => "pmpre_login", -VALUE => "0", -EXPIRES => "-1d", -PATH => "/" ); print $req->header( -COOKIE => [$cookie_pmpre, $cookie_pmpre_login] ); } elsif ($input{'action'} eq "approved") { $noheader = 1; } else { print "Content-type: text/html\n\n"; } ############################### # Make it easy to find the errors ############################### eval("main"); if ($@) { #print "Content-type: text/plain\n\n", &err("
\n$@\n"); } sub main { ############################### # track user movement ############################### if($track_user eq "yes"){ &track_user; } ############################### # some definations: ############################### $info = "login=$input{'login'}"; if($input{'ID'} ne "") { $info .= "&ID=$input{'ID'}"; $gotid=1;} elsif((&pm_check) eq "yes") { $info .= "&ID=$values{'ID'}";} &init_errors; ############################### # create the links ############################### &link_em; ############################### # show header ############################### &pm_header; ######## # MENU # ######## if ($input{'action'} eq "display") { &display_cgi; &end; } elsif ($input{'action'} eq "delete") { if(&pm_check eq "yes"){&pm_delete_form;}else{&err($error_message{'no permission'})}; &end; } elsif ($input{'action'} eq "deleted") { &pm_delete; &end; } elsif ($input{'action'} eq "register") { &pm_register; &end; } elsif ($input{'action'} eq "list") {&list; &tempwiz; &end; } elsif ($input{'action'} eq "error") { &err($error_message{$input{'why'}}); &end;} elsif ($input{'action'} eq "modify") { if(&pm_check eq "yes"){&pm_modify_form} else{&err($error_message{'no permission'})}; &end; } elsif ($input{'action'} eq "show"){ &show; &end; } elsif ($input{'action'} eq "member") { &member; &end; } elsif ($input{'action'} eq "approved") { &approved; exit; } elsif ($input{'action'} eq "admin") { &admin; &end; } elsif ($input{'action'} eq "modified") { if(&pm_check eq "yes"){ &pm_modify }; &end; } elsif ($input{'action'} eq "login") { if($save_stats eq "yes") {&log_event;} if($can_unapproved_login eq "no"){ if(!&check_approval($input{'login'})){ &err($error_message{'not approved'}); &end; } } &panel_check; &end; } elsif ($input{'action'} eq "send_password"){ &pm_send_password; &end; } elsif ($input{'action'} eq "change_password"){ if(&pm_check eq "yes"){ &pm_change_password }else{ &err($error_message{'no permission'}) }; &end; } elsif ($input{'action'} eq "upload"){ if(&pm_check eq "yes"){ &pm_upload_page }else{ &err($error_message{'no permission'}) }; &end; } elsif ($input{'action'} eq "uploaded"){ if(&pm_check eq "yes"){ &modify_element_by_number($input{'field'}, $endURL); }&end; } elsif ($input{'action'} eq "delete_image") { if(&pm_check eq "yes"){ &modify_element_by_number($input{'field'}, " "); }&end; } elsif($input{'action'} eq "profile_send_email"){ &profile_send_email; &end; } elsif($input{'action'} eq "mail_delete") { if(&pm_check eq "yes") { &mail_delete; &tempwiz; } &end; } elsif($input{'action'} eq "mail_read") { if(&pm_check eq "yes"){ &mail_read; &tempwiz; }else{ &err($error_message{'no permission'}); } &end; } elsif($input{'action'} eq "mail_send"){ if(&pm_check eq "yes"){ &mail_send; &tempwiz; &end; } } elsif($input{'action'} eq "mail_write") { if($input{'to'} eq ""){ $input{'to'} = "_" } if($input{'subject'} eq ""){ $input{'subject'} = "_" } if($input{'body'} eq ""){ $input{'body'} = "_" } if(&pm_check eq "yes"){ &tempwiz; &end; } else { $input{'action'} = "mail_write_login"; &tempwiz; &end; } } elsif($input{'action'} eq "mail_reply") { if(&pm_check eq "yes"){ &mail_reply; $input{'action'} = "mail_write"; &tempwiz; }else{ &err($error_message{'no permission'}); } &end; } elsif($input{'action'} eq "add_favorite") { if(&pm_check eq "yes"){ &add_favorite; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "delete_favorite") { if(&pm_check eq "yes"){ &delete_favorite; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "list_favorites") { if(&pm_check eq "yes"){ &list_favorites; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "myblog") { if(&pm_check eq "yes"){ &blog_list; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_add_form") { if(&pm_check eq "yes"){ &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_modify_form") { if(&pm_check eq "yes"){ &blog_display; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_delete_form") { if(&pm_check eq "yes"){ &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_add") { if(&pm_check eq "yes"){ &blog_add; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_modify") { if(&pm_check eq "yes"){ &blog_modify; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_delete") { if(&pm_check eq "yes"){ &blog_delete; &tempwiz; &end; }else{ &err($error_message{'no permission'});&end; } } elsif($input{'action'} eq "blog_display") { &blog_display; &tempwiz; &end; } elsif($input{'action'} eq "blog_list") { &blog_list; &tempwiz; &end; } elsif($input{'action'} eq "blog_modify_list") { &blog_list; &tempwiz; &end; } elsif($input{'action'} eq "blog_search") { &blog_search; &tempwiz; &end; } elsif($input{'action'} eq "logout") { &tempwiz; &end; } else { &panel_check; &end; } &err($error_message{'no permission'});&end; } ####### # END # #######