############################################################ # # uber_utils.pl # # Provides client with access to the following uberpages. # # upload - upload a file to server side # contactus - send email to webmaster # sendmail - send email to anyone # # ############################################################ ############################################################ # # Handle various requests # ############################################################ sub uber_utils { my $message = ""; my $page = $cgi->param('page'); if ($cgi->param('page') eq "upload") { print_upload_form_page(); } elsif ($cgi->param('upload')) # "Upload" { $message = process_upload(); print_upload_form_page($message); } elsif ($page eq "contactus") { print_contactus_form_page(); } elsif ($cgi->param('contactus')) # eq "Send") { process_contactus_page(); } elsif (($page eq "sendmail") || ($cgi->param('sendmail'))) { print_sendmail_form_page(); } } ############################################################ # # Allow user to upload a file. # ############################################################ sub print_upload_form_page { my ($message) = @_; my $title = "Upload File"; my $uploadDir = $cgi->param('uploaddir'); $uploadDir = "${USERROOT}/$UBERACC{'USERNAME'}/upload" if ($uploadDir eq ""); print_html_head(); print qq(
$title
$message
File:
To: ); if ($UBERACC{'PRIVILEGE'} > 2) # administrators can choose the upload directory { print qq( ); } else { print qq($uploadDir ); } print qq(
  home
); print_html_end(); write_log(qq(print_upload_form_page() message="$message")) if ($message); exit(0); } ############################################################ # # Handle user's request to upload a file. # # See: # http://www.sitepoint.com/article/uploading-files-cgi-perl # ############################################################ sub process_upload { return "You must be logged in as $PRIVILEGE_LIST[2] or above." if ( (! is_logged_in()) || !($UBERACC{'PRIVILEGE'} > 1) ); # restrict size of file # $CGI::POST_MAX = 1024 * 5000; # Can't get this to work my $filename = $cgi->param('datafile'); if (!$filename) { return qq(File too large. Limit is $CGI::POST_MAX); } # restrict filename characters my $safe_filename_characters = "a-zA-Z0-9_.-"; my ($name, $path, $extension) = fileparse ($filename, '\..*'); $fname = $name . $extension; $fname =~ tr/ /_/; $fname =~ s/[^$safe_filename_characters]//g; if ($fname =~ /^([$safe_filename_characters]+)$/) { $fname = $1; } else { return qq(Filename contains invalid characters); } $uploadDir = $cgi->param('uploaddir'); #write_log("uploadDir=$uploadDir"); makedir("${USERROOT}/$UBERACC{'USERNAME'}"); makedir("$uploadDir"); my $upload_filehandle = $cgi->upload('datafile'); open (UPLOADFILE, ">${uploadDir}/$fname") or return "$message - Failed to upload file: $fname"; binmode UPLOADFILE; while ( <$upload_filehandle> ) { print UPLOADFILE; } close UPLOADFILE; $message = qq(Uploaded file "$fname" to $uploadDir); write_action($message); return qq($message); } ############################################################ # # Allow user to send us an email # ############################################################ sub print_contactus_form_page { my ($message) = @_; my $title = "Email us"; my $whoami = username_and_priv(); # read_login_file(\%UBERACC); my $name = $UBERACC{'REALNAME'}; my $email = $UBERACC{'EMAIL'}; print_html_head(); print qq(
); if ($message ne "") { print qq( ); } print qq( ) if (is_logged_in()); print qq(
$title
    $message
  Login: $whoami  
  Your name:  
  Your email:  
  Subject:  
  Message:  
        home   
       
); print_html_end(); exit(0); } ############################################################ # # Handle user's request to send us an email. # ############################################################ sub process_contactus_page { my $title = "Sent Email"; my $name = $cgi->param('name'); my $mailfrom = $cgi->param('mailfrom'); my $subject = $cgi->param('subject'); my $message = $cgi->param('message'); my $mailto = $ADMIN_EMAIL; $mailto = $ENV{SERVER_ADMIN} if ($mailto eq ""); my $from = $mailfrom; $from = qq(<anon>) if ($from eq ""); my $comma_name = $name; $comma_name = qq(, $name) if ($comma_name ne ""); my $thankyou = qq(Thanks for your email$comma_name. ); if ($mailfrom =~ /\@/) { $thankyou .= qq(We will reply to you as soon as possible.); } else { $thankyou .= qq(We're afraid we can't reply to you as you didn't give us a valid email address); } open(SENDMAIL, "|$SENDMAIL") or $thankyou = qq(
ERROR - Sorry, cannot send email.
); print SENDMAIL qq(To: $mailto From: $mailfrom Reply-to: $mailfrom Subject: $subject Content-type: text/plain Message from: $name Using app: $SCRIPT_TITLE ----------------------- $message ); close(SENDMAIL); print_html_head(); print qq(
); print qq( ) if ($UBERACC{'USERNAME'} ne ""); print qq(
$title
  $thankyou

  
  Login: $UBERACC{'USERNAME'}  
  From: $from  
  To: $SCRIPT_TITLE admin  
  Subject: $subject  
  Message: $message  
        home   
       
); print_html_end(); write_action("Contact Us: Sent mail from $from ($name) to $mailto subject: $subject"); exit(0); } ############################################################ # # Allow user to send an email # ############################################################ sub print_sendmail_form_page { my ($message) = @_; my $title = "Sendmail"; my $mail_from = $cgi->param('mail_from'); my $mail_to = $cgi->param('mail_to'); my $reply_to = $cgi->param('reply_to'); my $subject = $cgi->param('subject'); my $content = $cgi->param('content'); my $content_preview = $content; $content_preview =~ s/\n/
/g; $mail_from = $reply_to if (!$mail_from); $reply_to = $mail_from if (!$reply_to); # my $whoami = username_and_priv(); # my ($user, $passwd, $name, $email, $location, $priv) # = read_login_file(\%UBERACC); $mail_from = $email if (!$mail_from); $reply_to = $email if (!$reply_to); my $disabled = ""; if (!($mail_to =~ /@/)) { $disabled = qq(disabled="1"); } print_html_head(); print qq(
$title
); if ($cgi->param('sendmail') eq "Preview") # preview mail before sending { print qq(
Mail to: $mail_to
Mail from: $mail_from
Reply to: $reply_to
Subject: $subject
Message: $content_preview

Edit
); } elsif ($cgi->param('sendmail') eq "Send") # send the email { open(SENDMAIL, "|$SENDMAIL"); ### or die "Cannot open $sendmail: $!"; if (SENDMAIL) { if( print SENDMAIL qq(To: $mail_to From: $mail_from Reply-to: $reply_to Subject: $subject Content-type: text/plain $content ) ) { print qq(
Sent mail to $mail_to via $SENDMAIL

Another? no thanks

); } else { print qq(
Cannot print to SENDMAIL /($SENDMAIL/)
); } close (SENDMAIL); } else { print qq(
Cannot open SENDMAIL
); } $mail_to = ""; $subject = ""; $content = ""; } # Edit email details print qq(
Mail to:
Mail from:
Reply to:
Subject:
Message:
home
); print_html_end(); exit(0); } ############################################################ sub email_notify { log_info("email_notify()"); my ($mail_to, $mail_from, $subject, $content, $name_from) = @_; log_info("email_notify() - mail_to=$mail_to"); log_info("email_notify() - mail_from=$mail_from"); log_info("email_notify() - subject=$subject"); log_info("email_notify() - name_from=$name_from"); log_info("email_notify() - sending email to $SENDMAIL"); #open (SENDMAIL, ">${SHAREDROOT}/email_notify.txt"); open(SENDMAIL, "|$SENDMAIL"); ### or die "Cannot open $sendmail: $!"; print SENDMAIL qq(To: $mail_to From: "$name_from" <$mail_from> Reply-to: $mail_from Subject: $subject Content-type: text/plain $content ); log_info("email_notify() - sent mail to $mail_to from $mail_from - subject: $subject"); } ############################################################ sub email_notify_file { log_info("email_notify_file()"); my ($mail_to, $mail_from, $subject, $fname, $name_from) = @_; log_info("email_notify_file() - mail_to=$mail_to"); log_info("email_notify_file() - mail_from=$mail_from"); log_info("email_notify_file() - subject=$subject"); log_info("email_notify_file() - fname=$fname"); log_info("email_notify_file() - name_from=$name_from"); my $content = ""; open (EMAIL_FILE, "$fname") or log_info ("ERROR email_notify_file() Cannot read file: $fname"); while() {$content .= $_;} close(EMAIL_FILE); #open (SENDMAIL, ">${SHAREDROOT}/email_notify_file.txt"); log_info("email_notify_file() - sending email to $SENDMAIL"); open(SENDMAIL, "|$SENDMAIL"); ### or die "Cannot open $sendmail: $!"; print SENDMAIL qq(To: $mail_to From: "$name_from" <$mail_from> Reply-to: $mail_from Subject: $subject Content-type: text/plain $content ); log_info("email_notify_file() - sent mail to $mail_to from $mail_from using file $fname - subject: $subject"); } ############################################################ # # append 's' to plural things sub plural { my ($name, $num) = @_; my $text = "$num $name"; if ($num ne "1") { $text .= "s"; } return $text; } 1; ############################################################ # EOF