&InitImportantStuff; sub InitImportantStuff { # Remember, altering the powered-by notice is a # violation of the UBB license agreement, and a fairly # easy to spot one at that. $version = "6.1.0 Public Beta 1.4"; $version_number = "6R1R0"; $release_j = "2452139"; $trademark = qq(TM); $trade = "™"; if ($vars_display{showcopytype} eq 'image') { $InfopopCopyright = qq!!; } else { $InfopopCopyright = qq!Powered by ???!; } $InfopopCopyright .= qq% %; $masterCharset = $vars_display{masterCharset}; $masterCharset = "ISO-8859-1" unless $masterCharset; # weights: used for member ratings %weights = ( 0 => "0.15", 1 => "0.05", 2 => "0.08", 3 => "0.12", 4 => "0.25", 5 => "0.35" ); } #endsub sub list_check { # $_[0]: user number of member you are checking # used to see if particular member # is on ignore or buddy list $_[0] = &Do8Digit($_[0]); local ($list_add); if (-e "$vars_config{MembersPath}/pm_ignore/$user_number.cgi") { &RequireVars("$vars_config{MembersPath}/pm_ignore/$user_number.cgi"); } if (-e "$vars_config{MembersPath}/pm_buddy/$user_number.cgi") { &RequireVars("$vars_config{MembersPath}/pm_buddy/$user_number.cgi"); } unless (exists($pm_ignore{$_[0]})) { $list_add = qq~$vars_wordlets{ignore_user}~; } else { $list_add = "$vars_wordlets{user_on_ignore}"; } unless (exists($pm_buddy{$_[0]})) { if ($list_add ne '') { $list_add .= ' | '; } $list_add .= qq~$vars_wordlets{make_buddy}~; } else { if ($list_add ne '') { $list_add .= ' | '; } $list_add .= "$vars_wordlets{user_on_buddy}"; } return ($list_add); } # end list check sub get_public_name { my @this_user = &OpenProfile($_[0]); chomp($this_user[15]); chomp($this_user[0]); my $this_public_name = $this_user[15]; if ($this_public_name eq '') { $this_public_name = $this_user[0]; } return ($this_public_name); } sub get_rating { # %votes, %total, %avg, %weighted_avg should be prevously declared local ($the_rating); my $this_member = &Do8Digit($_[0]); undef(%weighted_avg); undef(%votes); if ((-s "$vars_config{MembersPath}/user_ratings/$this_member.cgi") && ($this_member ne '')) { do "$vars_config{MembersPath}/user_ratings/$this_member.cgi"; $the_rating = $weighted_avg{total}; $the_rating = &round_up($the_rating); } else { $the_rating = ''; } return ($the_rating, $votes{total}); } # end get_rating sub round_up { my ($whole, $dec) = split (/\./, $_[0]); if ($dec > 49) { $whole++; } return ($whole); } sub Do2Decimal { $_[0] = sprintf("%3.2f", $_[0]); return ($_[0]); } sub user_access { local ($f, @profile, $this_user_access, $j, $perms, @permitted); ($f, @profile) = @_; ($j, $perms) = split (/&/, $profile[4]); chomp($perms); @permitted = split (/\,/, $perms); foreach (@permitted) { if ($_ eq "$f") { $this_user_access = 'true'; last; } else { $this_user_access = 'false'; } } if (!$this_user_access) { #if the poor sap STILL isn't in... # check to see if forumpw cookie set: my $forumpw = cookie("forumpw$vars_config{Cookie_Number}"); my %pwhash = split (/\|\^\|/, $forumpw); my @foruminfo = GetForumRecord($f); # pw hash check if ((exists($pwhash{$f})) && ($pwhash{$f} eq $foruminfo[12])) { $this_user_access = "true"; } else { $this_user_access = "false"; } #endunless } #endif return ($this_user_access); } # end user_access sub is_admin_or_mod { local ($f, @profile, $Moderator, @mods, $mod_name, $mod_num, $mod_match, $is_one, @mod_profile); ($f, @profile) = @_; chomp($profile[8]); chomp($profile[0]); if ($profile[8] eq 'Administrator') { $is_one = 'true'; } elsif ($profile[8] eq 'Moderator') { if ($f ne 'ALL') { # check to see if user is moderator of particular forum # check if moderator &RequireVars("$vars_config{VariablesPath}/vars_mods.cgi"); $Moderator = ("Forum" . "$f" . "Moderator"); $Moderator = $$Moderator; #split up Mod var @mods = split (/\|\|\^\|\|/, $Moderator); @mod_profile = (); foreach (@mods) { chomp($_); if (-s "$vars_config{MembersPath}/$_.cgi") { @mod_profile = &OpenProfile($_); chomp($mod_profile[0]); if ($mod_profile[0] eq $profile[0]) { $mod_match = 'true'; } } } if ($mod_match ne 'true') { $is_one = 'false'; } else { $is_one = 'true'; } } else { # this is just to see if user is a mod of any forum $is_one = 'true'; } } else { $is_one = 'false'; } return ($is_one); } # is_admin_or_mod sub Smilies { if (exists $vars_graemlins->{'graems'}) { $_[0] = &CustomGraemlins($_[0]); } else { &RequireVars("$vars_config{VariablesPath}/vars_graemlins.cgi"); $_[0] = &CustomGraemlins($_[0]); } return ($_[0]); } sub check_html { if ($_[0] =~ /\/\s*SCRIPT\s*>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag}: SCRIPT"); exit(0); } if ($_[0] =~ /<\s*EMBED\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} EMBED"); exit(0); } if ($_[0] =~ /<\s*OBJECT\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} OBJECT"); exit(0); } if ($_[0] =~ /<\s*IFRAME\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} IFRAME"); exit(0); } if ($_[0] =~ /<\s*FORM\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} FORM"); exit(0); } if ($_[0] =~ /<\s*XMP\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} XMP"); exit(0); } if ($_[0] =~ /<\s*APPLET\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} APPLET"); exit(0); } if ($_[0] =~ /<\s*BODY\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} BODY"); exit(0); } if ($_[0] =~ /<\s*HEAD\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} HEAD"); exit(0); } if ($_[0] =~ /<\s*HTML\s*?>/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} HTML"); exit(0); } if ($_[0] =~ /ONLOAD\s*=/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} ONLOAD"); exit(0); } if ($_[0] =~ /ONCLICK\s*=/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} ONCLICK"); exit(0); } if ($_[0] =~ /MOUSEOVER\s*=/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} MOUSEOVER"); exit(0); } if ($_[0] =~ /ONERROR\s*=/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} ONERROR"); exit(0); } if ($_[0] =~ /\.cookie/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} COOKIE"); exit(0); } if ($_[0] =~ /getcookie/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} GETCOOKIE"); exit(0); } if ($_[0] =~ /(<)([^>]*?)(\()/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} Parenthesis in HTML tag"); exit(0); } if ($_[0] =~ /eval\s*\(/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} EVAL"); exit(0); } } # end check for script sub Truncate { $vars_misc{stringLengthLimit} = 180 unless $vars_misc{stringLengthLimit}; $_[0] =~ s/(\S{$vars_misc{stringLengthLimit}})/$1 /isg; return ($_[0]); } sub PipeCleaner { $_[0] =~ s/\|\|/||/sg; return ($_[0]); } sub GetPubName { local (@user_p); @user_p = &OpenProfile($_[0]); chomp($user_p[15]); chomp($user_p[0]); if ($user_p[15] eq '') { $user_p[15] = $user_p[0]; } return ($user_p[15]); } # get pub name sub GetUserNumber { local ($MatchName, $ThisProfileNumber); # $_[0] : Member Login Name my $GetNameClean = quotemeta($_[0]); # Note: %ProfileNumber hash declared in use vars (ultimatebb.cgi) # memberlist_array declaed in use vars too # memlistopen also use vars if (exists $ProfileNumber{$GetNameClean}) { # check if it's already found return $ProfileNumber{$GetNameClean}; } else { unless ($memlistopen) { # only open once %ProfileNumber = %{&OpenFileAsHash("$vars_config{MembersPath}/memberslist.cgi", "|!!|")}; $memlistopen++; } return ($ProfileNumber{$_[0]}); } # end else } #end GetUserNumber sub PostHackDetails { my $called = "(called by " . (caller)[1] . ", " . (caller)[2] . ")"; my $hackstring = ""; $hackstring .= "\nHACK ATTEMPT DATE: $GotTime{LastLoginDT}\n$_[1]\nAttempt Details:\nEnvironment:\n"; foreach (sort keys %ENV) { $hackstring .= "$_ \t $ENV{$_}\n"; } $hackstring .= "\nPassed to script:\n"; foreach (sort keys %in) { $hackstring .= "$_ \t $in{$_}\n"; } $hackstring .= "-=- " x 20; &AppendFileAsString("$vars_config{NonCGIPath}/hacklog.cgi", $hackstring); &StandardHTML("$_[0] $called"); } sub CheckBadChars { # check for | , ;, .. or >< character hack attempts my $checkthis = shift; if ($checkthis =~ /\||\;|<|>|\.\.|\*/) { # &PostHackDetails("$vars_wordlets_err{hack_attempt_bad_char}"); } return 1; } # end SR sub name_clean { $_[0] = &strip_lead_trail_space($_[0]); $_[0] =~ s/\s{2,}/ /g; $_[0] =~ s//>/g; return ($_[0]); } sub CleanVar2 { $_[0] =~ s/!/\\!/g; return ($_[0]); } sub SmallClean { $_[0] =~ s/~/\\~/g; return ($_[0]); } sub SmallClean2 { #like SmallClean only doesn't double-escape $_[0] = &SmallClean($_[0]); $_[0] =~ s/\\\\~/\\~/g; if ($_[0] =~ m/\\$/) { $_[0] .= ' '; } return $_[0]; } sub ConvertReturns { $_[0] = &strip_lead_trail_space($_[0]); $_[0] =~ s/\n\r\n/

/ig; $_[0] =~ s/\n/
/ig; $_[0] =~ s/\r//g; $_[0] =~ s/(

){2,}/

/ig; $_[0] =~ s/(

){2,}/
/ig; $_[0] =~ s/)(
)/$1/ig; return ($_[0]); } sub LimitReturns { $_[0] =~ s/\s+$//; $_[0] =~ s/\n{2,}/\n/ig; $_[0] =~ s/(\n\r\n){2,}/\n\r\n/ig; $_[0] =~ s/\r{2,}/\r/g; return ($_[0]); } sub EliminateReturns { $_[0] =~ s/\s{2,}/ /g; $_[0] =~ s/\n\r\n//g; $_[0] =~ s/\n//g; $_[0] =~ s/\r//g; return ($_[0]); } sub OpenForumsFile { unless ($alltheforums[0]) { @alltheforums = &OpenFileAsArray("$vars_config{VariablesPath}/vars_forums.cgi"); } my @forumsfile = grep(/\|\^\|/, @alltheforums); return (@forumsfile); } sub Do2Digit { return(sprintf ("%.2d", $_[0])); } sub Do6Digit { return(sprintf ("%.6d", $_[0])); } sub Do8Digit { return(sprintf ("%.8d", $_[0])); } sub MainButtonOptions { local ($MyProfileLink, $RegisterLink, $SearchLink, $MainButtons, $this_forum, $ifmyreg, $ifregsearch, $ifsearchrest); if (exists $in{'f'}) { $this_forum = "&search_forum=$in{f}"; } else { $this_forum = ""; } if ($vars_registration{DisplayRegistration} ne 'NO') { $MyProfileLink = qq($vars_wordlets{profile_link}); $ifmyreg = "|"; $ifregsearch = "|" unless $vars_registration{SuspendRegister} eq "true"; $RegisterLink = qq($vars_wordlets{register_link}) unless $vars_registration{SuspendRegister} eq "true"; } if ($vars_search{AllowSearch} ne 'FALSE') { $ifsearchrest = "|"; $SearchLink = qq($vars_wordlets{search_link}); } $MainButtons = qq! $MyProfileLink $ifmyreg $RegisterLink $ifregsearch $SearchLink $ifsearchrest $vars_wordlets{faq_link} | $vars_wordlets{forum_home_link} !; return ($MainButtons); } # end mainbuttonoptions sub GetCatName { # $_[0] : category number local ($j, $CName, $CNum, $one, $ThisCatName); my @catlist = &GetCategoriesFile; FINDIT: foreach $one (@catlist) { ($j, $CName, $CNum) = split (/\|\^\|/, $one); chomp($CNum); if ($CNum == $_[0]) { $ThisCatName = "$CName"; last FINDIT; } } return ($ThisCatName); } sub Validate { local ($each); local (@splitter); local ($Redo); local ($BadLine); my $Redo = ''; $BadLine = ""; foreach $each (@_) { chomp($each); if ($each !~ /\|/) { if ($in{$each} eq '') { $Redo = 'true'; if ($each =~ /custom/) { if ($each eq 'customfield1') { $each = $vars_registration{customfield1}; } if ($each eq 'customfield2') { $each = $vars_registration{customfield2}; } if ($each eq 'customfield3') { $each = $vars_registration{customfield3}; } if ($each eq 'customfield4') { $each = $vars_registration{customfield4}; } } $BadLine .= "$vars_wordlets_err{did_not_complete} $each
"; } } else { # this is an AND list @splitter = split (/\|/, $each); $ok = 'false'; foreach $one (@splitter) { chomp($one); if ($in{$one}) { $ok = 'true'; } } if ($ok eq 'false') { $Redo = 'true'; $BadLine .= "$vars_wordlets{missing_input_line} $each
"; } } #end single/OR } if ($Redo eq 'true') { if (($in{ubb} eq 'submit_registration') || ($in{ubb} eq 'edit_profile')) { #print qq%Content-type: text/html\n\n%; print header( -charset => "$masterCharset", -type => "text/html", ); } &StandardHTML("$vars_wordlets_err{missing_fields_intro}

$BadLine

"); } } #end validate sr sub GetForumRecord { # $_[0] : forum number local ($one, @for, @check, $goodline, @got_it); my @for = &OpenForumsFile; CHECK: foreach $one (@for) { @check = split (/\|\^\|/, $one); if ($check[8] eq $_[0]) { $goodline = $one; last CHECK; } } chomp($goodline); @got_it = split (/\|\^\|/, $goodline); return (@got_it); } sub GetMemberListArray { local ($thisline, @profiles, @members); my @themembers = &OpenFileAsArray("$vars_config{MembersPath}/memberslist.cgi"); foreach $thisline (@themembers) { @profiles = split (/\|\!\!\|/, $thisline); chomp($profiles[1]); push (@members, $profiles[0]); } return (@members); } # end Get Member List Array sr sub GetEmails { local ($dos, $EmailHere, $MemNum, $EmailLine, @EmailList); my @theemails = &OpenFileAsArray("$vars_config{MembersPath}/emailfile.cgi"); foreach $dos (@theemails) { ($EmailHere, $MemNum) = split (/\|\|/, $dos); chomp($MemNum); $EmailLine = "$EmailHere??$MemNum"; push (@EmailList, $EmailLine); } return (@EmailList); } # thanks to Cal for this patch, even if it DOES use map :) sub GeneratePassword { return &GeneratePasswordCore(6); } sub GeneratePassword2 { return &GeneratePasswordCore(8); } sub GeneratePasswordCore { my @digit = ('A'..'Z',1..9); srand(time); return join '',map{$digit[rand(@digit)]}(1..$_[0]); } sub hit_me { local (*FILE); unless (-d "$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter") { mkdir("$vars_config{NonCGIPath}/cache-$cache_cookie", 0777); chmod(0777, "$vars_config{NonCGIPath}/cache-$cache_cookie"); mkdir("$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files", 0777); chmod(0777, "$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files"); mkdir("$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter", 0777); chmod(0777, "$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter"); } unless (-e "$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter/$GotTime{JSYear}-$GotTime{mon}.cgi") { &WriteFileAsString("$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter/$GotTime{JSYear}-$GotTime{mon}.cgi", "0"); } open(FILE, "+<$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter/$GotTime{JSYear}-$GotTime{mon}.cgi") or die "Can't open counter: $!"; &lock; my $hits = ; chomp($hits); $hits++; seek(FILE, 0, 0); truncate(FILE, 0); print FILE $hits; &unlock; close(FILE); chmod(0666, "$vars_config{NonCGIPath}/cache-$cache_cookie/ubb_files/counter/$GotTime{JSYear}-$GotTime{mon}.cgi"); } # end hit_me sub auto_url { local ($check); $check = shift; $check =~ s/(^|\s)(http:\/\/\S+)(\.?|,?)/$1$2<\/a>$3/isg; $check =~ s/(^|\s)(https:\/\/\S+)(\.?|,?)/$1$2<\/a>$3/isg; $check =~ s/(^|\s)(ftp:\/\/\S+)(\.?|,?)/$1$2<\/a>$3/isg; $check =~ s/(^|\s)(www\.\S+)(\.?|,?)/$1$2<\/a>$3/isg; return ($check); } # end auto_url sub UBBCode { $_[0] =~ s/(\[URL|(^|\s)http:\/\/|(^|\s)www\.)(\S*?)([".]+?)(\]|\[\/URL\]|\s|$)/$1$4$5$6/isg; $_[0] =~ s/(\[URL|(^|\s)ftp:\/\/|(^|\s)ftp\.)(\S*?)([".]+?)(\]|\[\/URL\]|\s|$)/$1$4$5$6/isg; $_[0] =~ s/(\[URL|(^|\s)https:\/\/|(^|\s)www\.)(\S*?)([".]+?)(\]|\[\/URL\]|\s|$)/$1$4$5$6/isg; $_[0] = &auto_url($_[0]); unless ($_[0] =~ /\[\/.+]/) { return ($_[0]); } # only process if there are ubbcode tags if ($_[0] =~ /\.cookie/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} COOKIE"); exit(0); } if ($_[0] =~ /ONERROR\s*=/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} ONERROR"); exit(0); } if ($_[0] =~ /getcookie/i) { &StandardHTML("$vars_wordlets_err{illegal_html_tag} GETCOOKIE"); exit(0); } $_[0] =~ s/(\[URL\])(http|https|ftp)(:\/\/\S+?)(\[\/URL\])/ $2$3<\/A> /isg; $_[0] =~ s/(\[URL\])(\S+?)(\[\/URL\])/ $2<\/a> /isg; $_[0] =~ s/(\[URL=)(http|https|ftp)(:\/\/\S+?)(\])(.+?)(\[\/URL\])/$5<\/a>/isg; $_[0] =~ s/(\[URL=)(\S+?)(\])(.+?)(\[\/URL\])/$4<\/a>/isg; $_[0] =~ s/(\[EMAIL\])(\S+\@\S+?)(\[\/EMAIL\])/ $2<\/a> /isg; $_[0] =~ s,(\[code\])(.+?)(\[/code\]),
$vars_wordlets{ubbcode_code}:<\/font>
$2
<\/blockquote>,isg; if ($_[1] eq 'ON') { $_[0] =~ s/(\[IMG\])(\S+?)(\[\/IMG\])/&imageize($2)/eisg; } $_[0] =~ s/(\[QUOTE\])(.+?)(\[\/QUOTE\])/
$vars_wordlets{ubbcode_quote}:<\/font>
$2
<\/blockquote>/isg; $_[0] =~ s/(\[i\])(.+?)(\[\/i\])/$2<\/i>/isg; $_[0] =~ s/(\[b\])(.+?)(\[\/b\])/$2<\/b>/isg; $_[0] =~ s/(\[qb\])(.+?)(\[\/qb\])/$2<\/strong>/isg; $_[0] =~ s/(\[list\])\n?\r?(.+?)(\[\/list\])/