#!/usr/bin/perl5

# advguest.cgi version 3
# 
# Written by Leif M. Wright
# leif@conservatives.net
# http://www.conservatives.net/atheist/scripts
# 
#
#################   INSTRUCTIONS   #####################
#
# This script makes a guestbook for your visitors to sign. I tried
# to make it as flexible as I could. 
# 
# It uses a template. You might also want
# to get the template. You can find it at
# http://www.conservatives.net/atheist/scripts/template
# 
# Advguest.cgi version 3 makes several significant improvements
# over version 2:
# 
# IMPORTANT!! IMPORTANT!!
# Instructions are in the readme file, which you can get here:
# http://www.conservatives.net/atheist/scripts/index.html?Download&advguestreadme
#
##################################################################
#
#                     Configuration SECTION
#                  
##################################################################
#
$link ="http://www.conservatives.net/atheist/scripts/";
$mailfile ="/usr/home/leif/public_html/conservatives/atheist/scripts/bulk/testlist.txt";
$bookfile = "/usr/home/leif/public_html/conservatives/atheist/scripts/bookfile.txt";
$newform ="http://www.conservatives.net/atheist/scripts/advguest.cgi";
$mailprog = "/usr/sbin/sendmail";
$them_mail = 1;
$myemail = "your\@email.com";
$me_mail = 0;
$from_mail = "your\@email.com";
$permit_html = "no";
$MailMessage = "Thank you for signing my guestbook. I am always glad to hear from people who visit my site."
               . "\n Visit my monster archive at http://www.conservatives.net/scripts.\n";
	      
@FoundByList = ('<option>Surfed on in',
                '<option>Yahoo.com',
				'<option>Bob\'s House o sites',
				'<option>I don\'t know');

$SpamConfound = "no";
@bannedlist = ('202.188.159.172');
$template ="/usr/home/leif/public_html/conservatives/atheist/scripts/template";
$Hed{T} = "Tammie's Husband's advanced guestbook";
$Hed{Bg} = "white";
$Hed{Font} = "black";
$Hed{FontFace} = "Verdana,Arial,Helvetica,Geneva";
$PageLinkColor = "blue";
$HeaderFile = "header";
$FooterFile = "footer";
require 'web-lib.pl';

##################################################################
#
#           END OF CONFIGURATION SECTION - CONGRATULATIONS!
#
##################################################################

&Parse;

if ($NVPairsExist eq "1"){&CheckNVStuff;}
else {&CheckStuff;}

sub CheckStuff
{
	if ($in{0} eq "view") 
	{
	    &viewbook;
	}

	if ($in{0} eq "") 
	{
	    &addbook;
	}
}

sub CheckNVStuff
{
	$date = `date +"%A, %B %d, %Y at %T (%Z)"`;
        chop($date);
	$shortdate = `date +"%D %T %Z"`;
        chop($shortdate);
	&banned;
	foreach (keys %in)
	{
		$value = $in{$_};
		if (($permit_html eq "no") && ($value =~ /<|>/gi))
		{
			&Error("You cannot code html into my guestbook. Sorry. Please go back and reformat your entry.");
		}
		&CheckForCussing($value);
	}
	if ($BadFound)
	{
		&Header;
		foreach $cus (@BadWordFound)
		{
			print "You cannot use the word <b>$cus</b><br>\n";
		}
		exit;
	}

	&no_cigar unless $in{comments};
	&no_cigar unless $in{name};
	&no_cigar unless $in{email};
	$validemail = &checkfrom;
	if(! $validemail) { &nope; }
	$fromexists = &checkitfrom;
	if(! $fromexists) { &nofromfinish; }
	&memail;
	&themmail;
	&sent;
	&output;
	&capture;
}

############ BANNED SUBROUTINE ############
# Check's user's IP address against list of banned IPs. If user's IP
# matches one of your banned IPs, he's booted to the youarebanned
# subroutine.
sub banned
{
	foreach $bannedlist (@bannedlist) 
	{  
		if ($ENV{REMOTE_HOST} eq $bannedlist)
		{ 
			&youarebanned;
		}
	
	}
}



############ CHECKFROM SUBROUTINE ############
# This checks to ensure that the email address
# is a valid email address. If yes, it returns 1. If 
# no, it returns 0.
sub checkfrom
{
	if ($in{email}  !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/)
	{ 
		return 0; 
	}
	return 1; 
}

############ CHECKITFROM SUBROUTINE ############
# This checks to see if the email address
# already exists in your $mailfile.
sub checkitfrom
{
	open (HTFILE, "$mailfile");
	until (eof (HTFILE))
	{
		$line =<HTFILE>;
		chop ($line);
		if ($line =~ /$in{email}/)
		{ 
			return 0;
			close (HTFILE);
		}
	}
}

######### NOFROMFINISH SUBROUTINE ############
# Takes program through its paces.
sub nofromfinish
{
	&memail;
	&themmail;
	&sent;
	&output;
	exit;
}

############ MEMAIL SUBROUTINE ############
# sends email to $myemail (you) informing you
# that someone has used this script. IF you don't
# want email, set the me_mail value to 0.

sub memail
{
	if ($me_mail eq '1') 
	{
	open (MAIL, "|$mailprog $myemail") || &Error("Can't open $mailprog!");
	print MAIL "Reply-to: $in{name} <$in{email}>\n";
	print MAIL "From: $in{name} <$in{email}>\n";
	print MAIL "Subject:Scripts guestbook\n\n";
	print MAIL "Someone signed the Scripts guestbook\n\n";
	print MAIL "The guilty party is\n";
	print MAIL "$in{name} <$in{email}>\n";
	print MAIL "Their IP: $ENV{REMOTE_HOST}\n";
	print MAIL "Their comments:\n";
	print MAIL "$in{comments}\n";
	print MAIL " - $date\n";
	print MAIL "---------------------------\n";
	close (MAIL);
	}
}

############ THEMMAIL SUBROUTINE ############
# This sends email to the person who signs the guestbook.
sub themmail
{
	if ($them_mail eq '1' && $in{email}) 
	{
		open (MAIL, "|$mailprog -t") || &Error("Can\'t open $mailprog!");
		print MAIL "To: $in{email}\n";
		print MAIL "From: $from_mail\n";
		print MAIL "Subject: Thank you!\n\n";
		print MAIL "Dear $in{name},\n\n";
		print MAIL "$MailMessage";
		close (MAIL);
	}
}

############ CAPTURE SUBROUTINE ############
# This captures the email address, and saves it to the $mailfile. 
# Then it exits the program.
sub capture
{
	$reefer="$in{name}";
	($the_name, $trash) = split(/ / , $reefer);
	open(LIST, ">>$mailfile");
	print LIST "$in{email}\|$the_name,\n";
	close (LIST);
	exit;
}

############ NO_CIGAR SUBROUTINE ############
# The no_cigar subroutine was my very first subroutine <sniff>
# It is a basic error return html that informs the user that he or
# she has not filled out all the required fields. You should edit
# the html to fit your tastes. If you use an "\@" you should be sure
# to include the "\" before it, or this program will choke.
sub no_cigar
{
	&Header;
	print "<HTML><HEAD><TITLE>Form Incomplete</TITLE></HEAD>\n";
	print "<BODY bgcolor=white>\n";
	print "<H1>Form Incomplete</H1>\n";
	print "I'm sorry, $in{name}, the form was not filled completely.<br>\n";
	print "Please fill in the missing data below<p>\n";
	print "<hr noshade>\n";
	print "<form action=$newform method=post>\n";
	print "<input type=hidden name=FoundBy value=\"$in{FoundBy}\">\n";
	print "The data you entered:<br>\n";
	print "<table border=0 cellpadding=5>\n";
	print "<tr>\n";
	print "<td align=right>\n";
	print "Your name:</td><td align=left> <INPUT TYPE=text NAME=name SIZE=40 VALUE=\"$in{name}\">\n";
	print "</td></tr><tr><td align=right>  Your city:</td><td align=left> <INPUT TYPE=text NAME=city SIZE=40 value=\"$in{city}\">\n";
	print "</td></tr><tr><td align=right>  Your state:</td><td align=left> <INPUT TYPE=text NAME=state SIZE=40 value=\"$in{state}\">\n";
	print "</td></tr><tr><td align=right>  Your country:</td><td align=left> <INPUT TYPE=text NAME=country SIZE=40 value=\"$in{country}\">\n";
	print "</td></tr><tr><td align=right>  Your homepage address:</td><td align=left> <INPUT TYPE=text NAME=url SIZE=40 value=\"$in{url}\">\n";
	print "</td></tr><tr><td align=right>  Your homepage title:</td><td align=left> <INPUT TYPE=text NAME=PageTitle SIZE=40 value=\"$in{PageTitle}\">\n";
	print "</td></tr><tr><td align=right>  How you found us:</td><td align=left> $in{FoundBy}\n";
	print "</td></tr><tr><td align=right>  Your email address:</td><td align=left> <input type=text name=email size=40 value=\"$in{email}\">\n";
	print "</td></tr><tr><td colspan=2>Your comments:<br>\n";
	print "<textarea name=comments COLS=40 ROWS=7>$in{comments}</textarea>\n";
	print "</td></tr><tr><td colspan=2><center>     \n";
	print "<P>Once you have completed the form, submit using the button below.<p>\n";
	print "<input type=submit></form></center></td></tr></table>\n";
	print "<p>Thank you.<HR noshade size=1>\n";
	print "</BODY></HTML>\n";
	exit;
}

##### ADDBOOK SUBROUTINE
sub addbook
{
	&Header;
	print "<HTML><HEAD><TITLE>Sign our guestbook!</TITLE></HEAD>\n";
	print "<BODY bgcolor=white>\n";
	print "<H1>Sign $guestbooktitle</H1>\n";
	print "Please fill out the form below to sign our guestbook.<br>\n";
	print "or <a href=$newform?view>View the guestbook</a>\n";
	print "<hr noshade size=1><form action=$newform method=post>\n";
	print "<table border=0 cellpadding=5>\n";
	print "<tr><td align=right>\n";
	print "Your name:</td><td align=left> <INPUT TYPE=text NAME=name SIZE=40 VALUE=\"$in{name}\">\n";
	print "</td></tr><tr><td align=right>  Your city:</td><td align=left> <INPUT TYPE=text NAME=city SIZE=40 value=\"$in{city}\">\n";
	print "</td></tr><tr><td align=right>  Your state:</td><td align=left> <INPUT TYPE=text NAME=state SIZE=40 value=\"$in{state}\">\n";
	print "</td></tr><tr><td align=right>  Your country:</td><td align=left> <INPUT TYPE=text NAME=country SIZE=40 value=\"$in{country}\">\n";
	print "</td></tr><tr><td align=right>  Your homepage address:</td><td align=left> <INPUT TYPE=text NAME=url SIZE=40 value=\"http://\">\n";
	print "</td></tr><tr><td align=right>  Your homepage title:</td><td align=left> <INPUT TYPE=text NAME=PageTitle SIZE=40 value=\"$in{PageTitle}\">\n";
	print "</td></tr><tr><td align=right>  How you found us:</td><td align=left> <select name=FoundBy>@FoundByList </select>\n";
	print "</td></tr><tr><td align=right>  Your email address:</td><td align=left> <input type=text name=email size=40 value=\"$in{email}\">\n";
	print "</td></tr><tr><td colspan=2>Your comments:<br>\n";
	print "<textarea name=comments COLS=40 ROWS=7>$in{comments}</textarea>\n";
	print "</td></tr><tr><td colspan=2><center>     \n";
	print "<P>Once you have completed the form, submit using the button below.<p>\n";
	print "<input type=submit value=\"Add me\"><input type=reset></form></center></td></tr></table>\n";
	print "<p>Thank you.\n";
	print "<HR noshade size=1>\n";
	print "</BODY></HTML>\n";
	exit;
}

############ SENT SUBROUTINE ############
# This part of the program is the redirection screen they see
# when they have successfully entered data. You should edit the HTML
# to fit your own style. Be careful, though. Don't edit anything after the 
# </HTML> tag, and if you use anything with quotes, be sure to use this
# format: \"content\" If you don't, the program will choke.
sub sent
{
	&Header;
	print "<HTML><HEAD><TITLE>Entry successful</TITLE></HEAD>\n";
	print "<BODY bgcolor=white>\n";
	print "<H1>Entry successful!</H1>\n";
	print "<p>\n";
	print "<hr noshade>\n";
	print "<p>\n";
	print "<H2>$in{name}, I have received your entry</H2>\n";
	print "Thank you for signing my guestbook, \n";
	print "<b>$in{name}</b>.<p>\n";
	print "Here's what you entered:<br>\n";
	print "<table border=0 cellpadding=3>\n";
	print "<tr><td align=right>\n";
	print "<b>Date:</b></td><td align=left> $date</td></tr>\n";
	print "<tr><td align=right valign=top><b>Name:</b></td><td align=left> $in{name}</td></tr>\n";
	print "<Tr><td align=right><b>City:</b></td><td align=left> $in{city}</td></tr>\n";
	print "<Tr><td align=right><b>State:</b></td><td align=left> $in{state}</td></tr>\n";
	print "<Tr><td align=right><b>Country:</b></td><td align=left> $in{country}</td></tr>\n";
	print "<Tr><td align=right><b>Your URL:</b></td><td align=left> $in{url}</td></tr>\n";
	print "<Tr><td align=right><b>Homepage Title:</b></td><td align=left> $in{PageTitle}</td></tr>\n";
	print "<Tr><td align=right><b>Your email:</b></td><td align=left> $in{email}</td></tr>\n";
	print "<Tr><td align=right><b>How you found us:</b></td><td align=left> $in{FoundBy}</td></tr>\n";
	print "<tr><td colspan=2><B>Comments:<br></b>$in{comments}</td></tr>\n";
	print "</table>\n";
	print "<hr noshade size=1>\n";
	print "<a href=\"$newform\?view\">Click here</a> to go to the guestbook. You may need to hit\n";
	print "reload to see your entry.\n";
	print "<p>\n";
	print "<HR noshade>\n";
	print "<A HREF=\"$link\">Back to the home page</A>.\n";
	print "</BODY>\n";
	print "</HTML>\n";
}

############ OUTPUT SUBROUTINE ############
# This is the everlovin' output routine (finally!) that writes
# the user's information to the guestbook file.
sub output
{
	$in{name} =~ s/\|/ /g;
	$in{state} =~ s/\|/ /g;
	$in{city} =~ s/\|/ /g;
	$in{country} =~ s/\|/ /g;
	$in{email} =~ s/\|/ /g;
	$in{url} =~ s/\|/ /g;
	$in{PageTitle} =~ s/\|/ /g;
	$in{comments} =~ s/\|/ /g;
	$in{comments} =~ s/\r/ /g;
	$in{comments} =~ s/\n/ /g;
	open (FILE,"$bookfile") || &Error("Can\'t Open $bookfile: $!");
	@LINES=<FILE>;
	close (FILE);
	open (NEWFILE, ">$bookfile");
	print NEWFILE "$date\|$in{name}\|$in{city}\|$in{state}";
	print NEWFILE "\|$in{url}\|$in{PageTitle}\|$in{email}";
	print NEWFILE "\|$in{country}\|$in{FoundBy}\|$in{comments}\n";
	foreach $LINES (@LINES) 
	{
		print NEWFILE "$LINES";
	}
	close (NEWFILE);
}

############ NOPE SUBROUTINE ############
# Nope is by far my favorite subroutine name. This
# informs the user they have entered an invalid email
# address and give them a chance to fix it.
sub nope
{
	&Header("Wrong email");
	print "<H1>Sorry, $in{name}, the email address you entered is invalid</H1>\n";
	print "<p><hr noshade><p>\n";
	print "Please check below to ensure that the email address you entered is valid. Correct any errors and resubmit the form. Thanks.<br>\n";
	print "<hr noshade>\n";
	print "<form action=$newform method=post>\n";
	print "<input type=hidden name=name value=\"$in{name}\">\n";
	print "<input type=hidden name=city value=\"$in{city}\">\n";
	print "<input type=hidden name=state value=\"$in{state}\">\n";
	print "<input type=hidden name=country value=\"$in{country}\">\n";
	print "<input type=hidden name=url value=\"$in{url}\">\n";
	print "<input type=hidden name=PageTitle value=\"$in{PageTitle}\">\n";
	print "<input type=hidden name=FoundBy value=\"$in{FoundBy}\">\n";
	print "<input type=hidden name=comments value=\"$in{comments}\">\n";
	print "The email address should follow this format:<br>\n";
	print "<b>name\@domain.com</b><br>\n";
	print "<b>name</b>=user's name (for example, \"billybob\")<br>\n";
	print "<b>\@</b>=the \"at\" symbol to tell the email program where the email goes.<br>\n";
	print "<b>domain</b>=user's domain (for example, \"yahoo\")<br>\n";
	print "<b>.com</b>=one of many email suffixes (for example, \".com .net .org .edu .gov\", etc.)<br>\n";
	print "If your email address is missing the <B>\"\@\"</b> character or the <b>\".\" (dot)</b> character, the script won't sign the guestbook.\n";
	print "<br>This is the most common error. Check to ensure the email address contains the \@ and the dot.\n";
	print "<p>The data you entered:<br>\n";
	print "<table border=1 cellpadding=1>\n";
	print "<tr>\n";
	print "    <td align=right>\n";
	print "Your e-mail address:</td><td align=left> <INPUT TYPE=text NAME=email SIZE=40 value=\"$in{email}\">\n";
	print "</td></tr>\n";
	print "<tr><td colspan=2><center>     \n";
	print "<P>Once you have completed the form, submit using the button below.<p>\n";
	print "<input type=submit></form></center></td></tr></table>\n";
	print "<p>Thank you.<HR noshade size=1>\n";
	print "</BODY>\n";
	print "</HTML>\n";
	exit;
}

############ YOUAREBANNED SUBROUTINE ############
# This subroutine informs the user that you've banned them
# from using your guestbook and provides an email link for 
# them to appeal your decision.
sub youarebanned
{
	&Header("You are banned");
	print "<H1>BANNED FROM GUESTBOOK!</H1>\n";
	print "<p><hr noshade><p>\n";
	print "<H2>Sorry, $in{name}, you can't use this guestbook.</H2><p>\n";
	print "For some reason, you have been banned from this guestbook. I'm sorry. If you feel\n";
	print "you have been unjustly banned, please <a href=\"mailto:$myemail\">email the administrator</a>.<br>\n";
	print "Thanks.<HR noshade size=1>\n";
	print "<A HREF=\"$link\">Back to the home page</A>.\n";
	print "</BODY></HTML>\n";
	exit;
}

############ VIEWBOOK SUBROUTINE ############
sub viewbook
{
	&htmlhead;
	$page = 1;
	$howmanylines = 0;
	open (INFO, "$bookfile") || &Error("Can\'t open $bookfile. Reason: $!");
	@slammie = <INFO>;
	foreach $slammie (@slammie)
	{
		$howmanylines++;
	}
	if ($in{1}) 
	{
		$page = "$in{1}";
		$page =~ s/Page//gi;
		
	}
	$linecount = 1;
	open (INFO, "$bookfile") || &Error("Can\'t open $bookfile. Reason: $!");
	@information = <INFO>;
	foreach $information (@information)
	{
		if (($page-1)*10 <= $linecount) 
		{
			if ($linecount < $page*10)
			{
				($date, $name, $city, $state, $homepage, $pagetitle, $emailaddress, $country, $foundyou, $comments) = split(/\|/ , $information);
				@TestComment = split(/ /, $comments);
				foreach $TestComment (@TestComment)
				{
					if (length($TestComment) > 25)
					{
						$comments = "<i>FROM THE ADMINISTRATOR: </b>This user apparently tried to make the guestbook look funky by typing tons of characters in a row without a space. Please click on the e-mail address above and flame them.</i>\n";
					}
				}
				&htmlmiddle;
			}
		}
		$linecount++;  
	}
	print "<p><center><a href=$link>HOME</a></center>\n";	
	$remaining = $howmanylines-10*$page;     # number of older messages 
	$zepages = $howmanylines-10/$page;
	if ($remaining > 0) 
	{                   
		if ($remaining < 10) 
		{        # determine number on next page
			$next = $remaining;
		} 
		else 
		{
			$next = 10;
		}
		$nextpage = $page + 1 ;              # next page number
		print "<center><font size=2><b>More pages of guestbook entries:</b><br>";
		
		if ($page > 1)
		{
			$bottom = 1;
			until ($bottom == ($nextpage - 1))
			#until ($page eq 1) 
			{
				#$page = $page - 1;
				print "<a href=\"$newform?view\&page$bottom\">$bottom</a> \| ";
				$bottom++;
			}
		}
		else
		{
			print "Page 1 \|\n";
		}
		$thispage = $nextpage - 1 ;
		if ($thispage != 1)
		{
			print "You are here: $thispage \| ";
		}
		$morepages = $nextpage;
		until ($morepages*10 > $zepages) 
		{
			print " <a href=\"$newform?view\&page$morepages\">$morepages</a> \|";
			$morepages++;
		}
		if ($morepages*10-$zepages > 0) 
		{
			$smorepages = $morepages;
			print " <a href=\"$newform?view\&page$smorepages\">$smorepages</a>";
		}
	}
	&htmlfoot;
	close (INFO);
	exit; 
}



##### HTML HEAD #####
sub htmlhead
{
	if ($HeaderFile)
	{
		open (EXPLAIN, "$HeaderFile") || &Error("Can\'t open $HeaderFile $!");
		@Header = <EXPLAIN>;
		close (EXPLAIN);
		&Header;
		foreach $Headey (@Header)
		{
			print "$Headey";
			
		}
		print "<center><h1>$Hed{T}</h1>\n";
		print "(You can edit the script to display the entries however you want)</center>\n";
		print "<hr noshade size=1>\n";
	}
	else
	{
		&Header;
		print "<center>\n";
		print "<h1>$Hed{T}</h1>\n";
		print "(You can edit the script to display the entries however you want)</center>\n";
		print "<hr noshade size=1>\n";
	}
}

############ HTMLMIDDLE ############
sub htmlmiddle
{
	open (HELPER,"$template") || &Error("Can\'t Open $template: $!");
	@RULERS=<HELPER>;
	close (HELPER);
	foreach $rulers (@RULERS) 
	{
		$rulers =~ s/<date>/$date/gi;
		$rulers =~ s/<name>/$name/gi;
		$rulers =~ s/<emailaddress>/$emailaddress/gi;
		$rulers =~ s/<homepage>/$homepage/gi;
		$rulers =~ s/<pagetitle>/$pagetitle/gi;
		$rulers =~ s/<city>/$city/gi;
		$rulers =~ s/<state>/$state/gi;
		$rulers =~ s/<country>/$country/gi;
		$rulers =~ s/<foundyou>/$foundyou/gi;
		$rulers =~ s/<comments>/$comments/gi;
		if ($SpamConfound eq 'yes') 
		{
			$emailaddress =~ s/\@/\(at\)/gi;
		}
		print "$rulers";
	}

}
############ HTMLFOOT ############
sub htmlfoot
{
	if ($FooterFile)
	{
		open (FOOTER, "$FooterFile") || &Error("Can\'t open $FooterFile $!");
		@Footery = <FOOTER>;
		close (FOOTER);
		foreach $Footery (@Footery)
		{
			print "$Footery";
		}
	}

	print "</body></html>\n";
}
################### END OF PROGRAM. Nothing should
#appear after this line ##########################
