#!/usr/bin/perl use CGI::Carp qw(fatalsToBrowser); $basepath = '/var/www/www.letterville.com/htdocs/csBanner'; # # csBanner - v1.86 - 052002 # # Some Windows based servers required the following. # push(@INC,"/path/to/csBanner/directory"); ##################################################################### # # # Copyright � 1999-2001 CGISCRIPT.NET - All Rights Reserved # # # ##################################################################### # # # THIS COPYRIGHT INFORMATION MUST REMAIN INTACT # # AND MAY NOT BE MODIFIED IN ANY WAY # # # ##################################################################### # # When you downloaded this script you agreed to accept the terms # of this Agreement. This Agreement is a legal contract, which # specifies the terms of the license and warranty limitation between # you and CGISCRIPT.NET. You should carefully read the following # terms and conditions before installing or using this software. # Unless you have a different license agreement obtained from # CGISCRIPT.NET, installation or use of this software indicates # your acceptance of the license and warranty limitation terms # contained in this Agreement. If you do not agree to the terms of this # Agreement, promptly delete and destroy all copies of the Software. # # Versions of the Software # Only one copy of the registered version of CGISCRIPT.NET # may used on one web site. # # License to Redistribute # Distributing the software and/or documentation with other products # (commercial or otherwise) or by other than electronic means without # CGISCRIPT.NET's prior written permission is forbidden. # All rights to the CGISCRIPT.NET software and documentation not expressly # granted under this Agreement are reserved to CGISCRIPT.NET. # # Disclaimer of Warranty # THIS SOFTWARE AND ACCOMPANYING DOCUMENTATION ARE PROVIDED "AS IS" AND # WITHOUT WARRANTIES AS TO PERFORMANCE OF MERCHANTABILITY OR ANY OTHER # WARRANTIES WHETHER EXPRESSED OR IMPLIED. BECAUSE OF THE VARIOUS HARDWARE # AND SOFTWARE ENVIRONMENTS INTO WHICH CGISCRIPT.NET MAY BE USED, NO WARRANTY # OF FITNESS FOR A PARTICULAR PURPOSE IS OFFERED. THE USER MUST ASSUME THE # ENTIRE RISK OF USING THIS PROGRAM. ANY LIABILITY OF CGISCRIPT.NET WILL BE # LIMITED EXCLUSIVELY TO PRODUCT REPLACEMENT OR REFUND OF PURCHASE PRICE. # IN NO CASE SHALL CGISCRIPT.NET BE LIABLE FOR ANY INCIDENTAL, SPECIAL OR # CONSEQUENTIAL DAMAGES OR LOSS, INCLUDING, WITHOUT LIMITATION, LOST PROFITS # OR THE INABILITY TO USE EQUIPMENT OR ACCESS DATA, WHETHER SUCH DAMAGES ARE # BASED UPON A BREACH OF EXPRESS OR IMPLIED WARRANTIES, BREACH OF CONTRACT, # NEGLIGENCE, STRICT TORT, OR ANY OTHER LEGAL THEORY. THIS IS TRUE EVEN IF # CGISCRIPT.NET IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO CASE WILL # CGISCRIPT.NET' LIABILITY EXCEED THE AMOUNT OF THE LICENSE FEE ACTUALLY PAID # BY LICENSEE TO CGISCRIPT.NET. # # Credits: # Andy Angrick - Programmer - angrick@cgiscript.net # Mike Barone - Design - mbarone@cgiscript.net # # For information about this script or other scripts see # http://www.cgiscript.net # # Thank you for trying out our script. # If you have any suggestions or ideas for a new innovative script # please direct them to suggest@cgiscript.net. Thanks. # ######################################################################## # Config Variables # ######################################################################## (! -e "$basepath/setup.cgi")?($nosetup=1):(require("$basepath/setup.cgi")); $flock=1; ######################################################################## # End Config Variables # ######################################################################## require("$basepath/libs.cgi"); $in{'cgiurl'} = $cgiurl.'/csBanner.cgi'; (!$htmlpath)&&($htmlpath=$cgipath); (!$htmlurl)&&($htmlurl=$cgiurl); $in{'htmlurl'} = $htmlurl; $edd = "default%2edb"; $dd="default"; $in{'cinfo'} = qq|

Powered by csBanner - � 2000,2001 CGIScript.net |; $| = 1; &main; exit; sub main{ ($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i)?(&getdata(1)):(&getdata()); ($in{'command'} eq 'click')&&(&ClickThrough); print "Content-type: text/html\n\n"; $in{'database'} =~ s/%(..)/pack("c",hex($1))/ge; $in{'database'} =~ s/([^\w&=])/'%'.sprintf("%.2x",ord($1))/ge; ($in{'command'} eq '')&&($nosetup)&&(&Setup); ($in{'command'} eq 'savesetup')&&(($nosetup)?(&SaveSetup):(&PError("Error. Permission denied."))); ($in{'command'} eq "login")&&(&Login); ($in{'command'} eq "")&&(&ShowBanners); &GetLogin; ($in{'command'} eq "adddb")&&(&AddDB); ($in{'command'} eq "showupload")&&(&ShowUpload); ($in{'command'} eq "upload")&&(&Upload); ($in{'command'} eq "add")&&(&Add); ($in{'command'} eq "showlinks")&&(&ShowLinks); ($in{'command'} eq "showadd")&&(&ShowAdd); ($in{'command'} eq "manage")&&(&ShowList); ($in{'command'} eq "showlinks")&&(&ShowLinks); ($in{'command'} eq "vld")&&(&ViewLogDetail); ($in{'command'} eq "resetlogs")&&(&ResetLogs); ($in{'command'} eq "setstyles")&&(&SetStyles); ($in{'command'} eq "reorder")&&(&Reorder); ($in{'command'} eq "showedit")&&(&ShowEdit); ($in{'command'} eq "savechanges")&&(&SaveChanges); ($in{'command'} eq "delete")&&(&Delete); ($in{'command'} eq "view")&&(&ViewOne); ($in{'command'} eq "showadv")&&(&ShowAdv); ($in{'command'} eq "deletedb")&&(&DeleteDB); ($in{'command'} eq "showadddb")&&(&ShowAddDB); ($in{'command'} eq "showcolor")&&(&ShowColor); ($in{'command'} eq "setcolor")&&(&SetColor); ($in{'command'} eq "refresh")&&(&Refresh); } sub ShowLinks{ $ssi = $in{'cgiurl'}; $ssi =~ s/http:\/\/.*?\//\//i; $in{'database'} =~ s/\%/\%25/g; $in{'ssiurl'} = " "; $in{'jsurl'} = " "; $in{'ssiurls'} = " "; $in{'jsurls'} = " "; &PageOut("$htmlpath/t_show_links.htm"); exit; } sub ClickThrough{ my $sfile = &CheckSafe("$htmlpath/$in{'group'}"); open(DB,"$sfile"); $found = 0; while(){ chop; (@fields) = split(/\~/,$_); ($fields[0] eq $in{'id'})&&($found = 1)&&(last); } close DB; if($found){ foreach $i (0..$#fields){ $fields[$i] =~ s/&#(\d+);/pack("c",$1)/ge; $fields[$i] =~ s/\\n/\n/g; } &LogMe(2); print "Location: $fields[2]\n\n"; } else{ print "Content-type: text/html\n\n no record found"; } exit; } sub SlideShow{ (!$in{'group'})&&($in{'group'} = 'default%252edb'); (-e "$htmlpath/$in{'group'}.style")?(require "$htmlpath/$in{'group'}.style"):(require "$htmlpath/styles.pl"); $mgroup = $in{'group'}; $ac=0; $in{'group'} =~ s/\%/\%25/g; my $xgroup = $in{'group'}; $delay = $in{'d'}*1000; my $sfile = &CheckSafe("$htmlpath/$mgroup"); open(DBO,"$sfile"); while(){ chomp; (@fields) = split(/\~/,$_); foreach $i (0..$#fields){ $fields[$i] =~ s/&#(\d+);/pack("c",$1)/ge; } ($fields[7] eq 'SP')&&($fields[3] = '_self'); ($fields[7] eq 'NW')&&($fields[3] = '_blank'); &LogMe(1); if($fields[8]){ $fields[8] =~ s/\\n//g; $ohtml = $fields[8]; $fields[8] =~ s/"/\\\\"/g; $html = $fields[8]; } else{ $html = qq||; $ohtml = qq||; } if($fields[2]){ $surl = qq||; $eurl = ''; $surl2 = ""; } $ab .= qq|bannerArray[$ac] = "$surl$html$eurl";\n|; $ac++; } close DBO; (!$fb)&&($fb="$surl2$ohtml"); if($in{'js'} ne 'Y'){ $ab =~ s/\\\\/\\/g; } $o = qq|

$fb
|; if($ab){ if($in{'js'}){ &OutJS($o); } else{ print $o; } } else{ print "\n"; } exit; } sub ShowBanners{ ($in{'ss'} eq 'Y')&&(&SlideShow); (!$in{'group'})&&($in{'group'} = 'default%252edb'); (-e "$htmlpath/$in{'group'}.style")?(require "$htmlpath/$in{'group'}.style"):(require "$htmlpath/styles.pl"); my $sfile = &CheckSafe("$htmlpath/$in{'group'}.pool"); open(DB,"$sfile")||print "$!:$htmlpath/$in{'group'}.pool
"; while(){ chomp; push(@b,$_); } close DB; $t = $#b+1; open(DB,"$htmlpath/$in{'group'}.count"); $w = ; close DB; $w++; ($w > $t)&&($w=1); open(DB,">$htmlpath/$in{'group'}.count"); print DB $w; close DB; $id = $b[$w-1]; &CheckSafe("$htmlpath/$in{'group'}"); open(DB,"$htmlpath/$in{'group'}"); $found = 0; while(){ chop; (@fields) = split(/\~/,$_); ($fields[0] eq $id)&&($found = 1)&&(last); } close DB; if($found){ foreach $i (0..$#fields){ $fields[$i] =~ s/&#(\d+);/pack("c",$1)/ge; $fields[$i] =~ s/\\n/\n/g; } ($fields[7] eq 'SP')&&($fields[3] = '_self'); ($fields[7] eq 'NW')&&($fields[3] = '_blank'); &LogMe(1); $in{'group'} =~ s/\%/\%25/g; if($fields[8]){ $html = $fields[8]; } else{ $html = ""; } if($fields[2]){ $surl = ""; $eurl = ''; } if($in{'position'} eq 'TOP'){ $top = "$surl$fields[1]$eurl"; $bottom = "$surl$html$eurl"; } elsif($in{'position'} eq 'BOTTOM'){ $bottom = "$surl$fields[1]$eurl"; $top = "$surl$html$eurl"; } else{ $top = "$surl$html$eurl"; } if($in{'js'}){ $o = "
$top
$bottom
"; &OutJS($o); } else{ print "
$top
$bottom
"; } } else{ print "Error. No id found.
"; } exit; } sub GetLogin{ &GetCookies; $in{'UserName'} = $cookie{'UserName'}; $in{'PassWord'} = $cookie{'PassWord'}; if(!$in{'UserName'}){ &PageOut("$htmlpath/t_login.htm"); exit; } else{ if(($in{'UserName'} eq $username)&&($in{'PassWord'} eq $password)){ #good to go. $in{'mpage'} = 'manager'; return; } &PError("Error. Invalid username or password"); } } sub Login{ &GetDatabases; &PageOut("$htmlpath/t_login.htm"); exit; } sub AddDB{ (!$in{'groupdb'})&&(&PError("Error. Please Enter a Group Name.")); $in{'groupdb'} .= '.db'; $in{'groupdb'} =~ s/([^\w&=])/'%'.sprintf("%.2x",ord($1))/ge; (-e "$htmlpath/$in{'groupdb'}")&&(&PError("Error. Group already exists. Please use another name.")); &CheckSafe("${htmlpath}/$in{'groupdb'}"); open(DB,">${htmlpath}/$in{'groupdb'}"); close DB; mkdir "${htmlpath}/banners/$in{'groupdb'}",0775; print <<"EOF"; EOF } sub Setup{ $cgipath = `pwd`;chomp $cgipath; $cgiurl = "$ENV{'HTTP_HOST'}/$ENV{'SCRIPT_NAME'}"; $cgiurl =~ s/\/csBanner.cgi//i; $cgiurl =~ s/\/\//\//g; $cgiurl = "http://".$cgiurl; $rooturl = "http://$ENV{'HTTP_HOST'}"; $rootpath = $ENV{'DOCUMENT_ROOT'}; $setup = "\$cgiurl = '$cgiurl'; \$cgipath = '$cgipath'; \$username='demo'; \$password='demo'; 1; "; print <<"EOF"; csBanner Setup
Current contents of your setup.cgi file
Please verify the information and modify if needed:

Definitions:

\$cgiurl = Full URL to the csBanner DIRECTORY
\$cgipath = Full PATH to the csBanner DIRECTORY
\$username = username to enter management screens
\$password = password to enter management screens

Normal Installation Instructions:

In most cases, the script is already configured. Change the \$username and \$password variables to your liking and click 'Save'. If the setup portion of the script cannot find your sites variables automatically, you will might have to enter those in the above text area.

CGI-BIN Installation Instructions:

If your hosting service will not let you run scripts outside your cgi-bin directory, then follow these procedures:

Copy all the *.cgi files to a directory in your cgi-bin directory, making sure they are chmod'd to 755. For example, you could create a /cgi-bin/csBanner/ directory and place csBanner.cgi, libs.cgi, and setup.cgi if this file exists.

Create a directory outside your cgi-bin directory and copy all the remaining files and subdirectories there. For example, you could create a /cgi-script/csBanner and place the files there.

Edit the above variables (or manually edit setup.cgi) to the following:
\$cgiurl = URL to the csBanner directory INSIDE your cgi-bin directory (where the script is installed).
\$cgipath = FULL PATH to the csBanner directory INSIDE your cgi-bin directory (where the script is installed).
\$rooturl = Full URL to your website
\$rootpath = Full PATH to your website directory
ADD THE FOLLOWING VARIABLES TO THE ABOVE CONFIGURATION OR MANUALLY EDIT setup.cgi:
\$htmlurl =  FULL URL to the csBanner directory OUTSIDE your cgi-bin directory (where the remaining files where installed)
\$htmlpath = FULL PATH to the csBanner directory OUTSIDE your cgi-bin directory (where the remaining files where installed)
For Example, your new setup.cgi file might look something like this:
\$cgiurl='http://www.cgiscript.net/cgi-bin/csBanner';
\$cgipath='/www/vhosts/cgiscript.net/cgi-bin/csBanner';
\$htmlurl='http://www.cgiscript.net/cgi-script/csBanner';
\$htmlpath='/www/vhosts/cgiscript.net/cgi-script/csBanner';
\$username='myusername';
\$password=',mypassword';
1;

(note: the '1' at the end is to prevent errors from perl if \$password was left empty)

EOF exit; } sub SaveSetup{ (-e "$basepath/setup.cgi")&&(&PError("Error. Access Denied")); $in{'setup'} =~ s/\r*\n/\n/g; open(SETUP,">$basepath/setup.cgi"); print SETUP $in{'setup'}; print SETUP "\n"; close SETUP; print <<"EOF"; EOF exit; } sub DeleteDB{ (!$in{'database'})&&(&PError("Error. No group specified.")); $vdb = $in{'database'}; $vdb =~ s/%(..)/pack("c",hex($1))/ge; unlink("$htmlpath/$in{'database'}%2edb"); unlink("$htmlpath/$in{'database'}%2edb.style"); opendir(DIR,"$htmlpath/banners/$in{'database'}%2edb"); @files = readdir(DIR); close DIR; foreach $i (@files){ next if ($i =~ /^\./); unlink("$htmlpath/banners/$in{'database'}%2edb/$i"); } rmdir("$htmlpath/banners/$in{'database'}%2edb"); print <<"EOF"; EOF } sub Refresh{ &SetStyle; &ShowAdv; exit; } sub ShowUpload{ &PageOut("$htmlpath/t_upload.htm"); exit; } sub Upload{ (-e "$htmlpath/$in{'database'}.style")?(require "$htmlpath/$in{'database'}.style"):(require "$htmlpath/styles.pl"); $rn = &GetRealName($in{'file'}); &CheckExt($rn); $orn = &GetRealName($in{'oldf'}); unlink("$htmlpath/banners/$in{'database'}/$orn"); ($ext) = $rn =~ /.*\.(\w*)$/; &SaveFile($in{'file'},"$htmlpath/banners/$in{'database'}/$rn"); print <<"EOF"; EOF } sub ShowColor{ $in{'c'.$in{'cc'}} = checked; &PageOut("$htmlpath/color_selector.htm"); exit; } sub SetColor{ (-e "$htmlpath/$in{'database'}.style")?($dbs = "$htmlpath/$in{'database'}.style"):($dbs = "${htmlpath}/styles.pl"); &CheckSafe("${dbs}"); open(ADV,"${dbs}")||die print "$! - ${dbs}"; &CheckSafe("$htmlpath/$in{'database'}.style.tmp"); open(TMP,">$htmlpath/$in{'database'}.style.tmp"); while(){ (!/'\$in{'$in{'fieldname'}'}'/)&&(!/1;/)&&(print TMP $_); } $in{'colorselect'} =~ s/\\//g; $in{'colorselect'} =~ s/\"//g; print TMP "\$in{'$in{'fieldname'}'} = \"$in{'colorselect'}\";\n1;\n"; close ADV; close TMP; @s = stat("$htmlpath/$in{'database'}.style.tmp"); ($s[7]>0)&&(rename("$htmlpath/$in{'database'}.style.tmp","$htmlpath/$in{'database'}.style")); print <<"EOF"; EOF } sub ShowAddDB{ &PageOut("${htmlpath}/t_adddb.htm"); exit; } sub SetStyle{ &CheckSafe("$htmlpath/$in{'database'}.style"); open(STYLE,">$htmlpath/$in{'database'}.style"); foreach $i (sort keys(%in)){ $in{$i} =~ s/&#(\d+);/pack("c",$1)/ge; next if (($i eq 'command')||($i eq 'cgiurl')); next if (($i eq 'database')||($i eq 'imagedir')); next if (($i eq 'format')||($i eq 'managementname')); next if (($i eq 'UserName')||($i eq 'PassWord')); next if (($i eq 'htmlurl')||($i eq 'htmlpath')); next if (($i eq 'cgiurl')||($i eq 'cgipath')); $in{$i} =~ s/\\//g; $in{$i} =~ s/@/\\@/g; $in{$i} =~ s/"/\\"/g; print STYLE "\$in{'$i'}=\"$in{$i}\";\n"; } print STYLE "1;\n"; close STYLE; } sub SetStyles{ &SetStyle; print <<"EOF"; EOF exit; } sub ShowAd{ (-e "$htmlpath/$in{'database'}.style")?(require "$htmlpath/$in{'database'}.style"):(require "$htmlpath/styles.pl"); ###full page $in{"selfTitleText$in{'fTitleText'}"}='selected'; (!$in{'position'})&&($in{'BOTTOM'} = 'checked'); (!$in{'imgBorder'})&&($in{'imgBorder'} = '0'); $in{$in{'position'}} = "checked"; $in{'description'} =~ s/([<>"])/'&#'.ord($1).';'/ge; $in{'URL'} =~ s/([<>"])/'&#'.ord($1).';'/ge; $in{'target'} =~ s/([<>"])/'&#'.ord($1).';'/ge; $in{'BannerURL'} =~ s/([<>"])/'&#'.ord($1).';'/ge; } sub ShowAdv{ &ShowAd; &PageOut("$htmlpath/t_banner_advanced_settings.htm"); exit; } sub ShowList{ $flip=1; &GetDatabases; &GetLogs; ##get total count &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); while($line=){ $tc++; } close DB; &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); while($line=){ chomp $line; $count ++; (@fields) = split(/\~/,$line); foreach $i (0..$#fields){ $fields[$i] =~ s/&#(\d+);/pack("c",$1)/ge; $fields[$i] =~ s/([<>"])/'&#'.ord($1).';'/ge; } ##make select for $i (1..$tc){ ($i == $count)?($sel = 'selected'):($sel=''); $in{'rowsel'} .= ""; } ($flip==1)?($bgc='#CCCCCC'):($bgc='#FFFFFF'); $flip=$flip * -1; (!$imp{$fields[0]})&&($imp{$fields[0]}='0'); (!$clk{$fields[0]})&&($clk{$fields[0]}='0'); (!$per{$fields[0]})&&($per{$fields[0]}='0'); $desc = $fields[1]; $desc =~ s/([^\w])/'%'.sprintf("%.2x",ord($1))/ge; if($fields[8]){ $fields[8] =~ s/&#(\d+);/pack("c",$1)/ge; $fields[8] =~ s/\\n/\n/g; $html = $fields[8]; } else{ $html = ""; } $in{'line'} .= qq| ��

Impressions Click-Thru %
$imp{$fields[0]} $clk{$fields[0]} $per{$fields[0]}
$html
$fields[1]
|; $in{'rowsel'}=''; } close DB; (!$in{'line'})&&($in{'line'}="No banners configured"); &PageOut("$htmlpath/t_manage.htm"); exit; } sub GetDatabases{ opendir(IMG,"$htmlpath/"); @dbfiles = grep(/edb$/,readdir(IMG)); closedir(IMG); $dfound=0; foreach $i (sort @dbfiles){ $seldb=''; $dbo = $i; $dbo =~ s/%(..)/pack("c",hex($1))/ge; $dbo =~ s/\.db//g; (!$in{'database'})&&($seldb='selected')&&($in{'database'} = $i)&&($dfound=1); ($i eq $in{'database'})&&($seldb = 'selected'); $in{'databases'} .= "\n"; } (!$dfound)&&(!$in{'databases'})&&($in{'database'} = $edd)&&($in{'databases'} = ""); } sub Delete{ $id = $in{'id'}; &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"+<$htmlpath/$in{'database'}"); ($flock)&&(flock(DB,2)); while(){ (@fields) = split(/\~/,$_); ($fields[0] eq $id)&&($myfile = $fields[4]); push(@l,$_) unless ($fields[0] eq $id); } seek(DB, 0, 0); foreach (@l) { print DB $_; } truncate(DB, tell(DB)); close DB; ($flock)&&(flock(TMP,8)); $myfile =~ s/&#(\d+);/pack("c",$1)/ge; $myrn = &GetRealName($myfile); ($myrn)&&(unlink("$htmlpath/links/$in{'database'}/$myrn")); &ReCalPool; print <<"EOF"; EOF exit; } sub SaveChanges{ &CheckVars; (-e "$htmlpath/$in{'database'}.style")?(require "$htmlpath/$in{'database'}.style"):(require "$htmlpath/styles.pl"); $id = $in{'id'}; (!$in{'weight'})&&($in{'weight'} = '1'); foreach $i (keys(%in)){ $in{$i} =~ s/&#(\d+);/pack("c",$1)/ge; } &GetOutVars; &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"+<$htmlpath/$in{'database'}"); ($flock)&&(flock(DB,2)); while(){ (@fields) = split(/\~/,$_); ($fields[0] eq $id)?(push(@l,"$newentry\n")):(push(@l,$_)); } if (@l) { seek(DB, 0, 0); foreach (@l) { print DB $_; } truncate(DB, tell(DB)); } close DB; ($flock)&&(flock(TMP,8)); &ReCalPool; print <<"EOF"; EOF exit; } sub ShowEdit{ &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); $found = 0; while(){ chop; (@fields) = split(/\~/,$_); ($fields[0] eq $in{'id'})&&($found = 1)&&(last); } if($found){ foreach $i (0..$#fields){ $fields[$i] =~ s/&#(\d+);/pack("c",$1)/ge; $fields[$i] =~ s/\\n/\n/g; } foreach $i (0..$#fields){ $fields[$i] =~ s/([<>"])/'&#'.ord($1).';'/ge; } $in{'id'} = $fields[0]; $in{'description'} = $fields[1]; $in{'URL'} = $fields[2]; $in{'target'} = $fields[3]; $in{'BannerURL'} = $fields[4]; $in{'BannerHTML'} = $fields[8]; $in{'BannerHTML'} =~ s/\\n/\n/g; $in{'weight'} = $fields[5]; $authorization = $fields[6]; $in{"a$authorization"} = 'checked'; $in{'sbutton'} = ' Save Changes '; $in{'command'} = 'savechanges'; (!$authorization)&&($in{'aY'} = 'checked'); $in{$fields[7]} = 'checked'; (!$in{$fields[7]})&&($in{'SP'} = 'checked'); close HTML; &PageOut("$htmlpath/t_add_banner.htm"); } else{ print "Error. No record found."; } exit; } sub Add{ &CheckVars; (-e "$htmlpath/$in{'database'}.style")?(require "$htmlpath/$in{'database'}.style"):(require "$htmlpath/styles.pl"); (!$in{'weight'})&&($in{'weight'} = '1'); ##get highest ID in DB for unique ID. &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); ($flock)&&(flock(DB,2)); $id = 0; while(){ ($idt,@rest) = split("~",$_); ($idt > $id)&&($id = $idt); } close DB; ($flock)&&(flock(DB,8)); $id++; &GetOutVars; &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); ($flock)&&(flock(DB,2)); open(DBT,">$htmlpath/$in{'database'}.tmp"); ($flock)&&(flock(DBT,2)); print DBT "$newentry\n"; while(){ print DBT $_; } close DB; close DBT; rename("$htmlpath/$in{'database'}.tmp","$htmlpath/$in{'database'}"); &ReCalPool; print <<"EOF"; EOF exit; } sub GetOutVars{ $description = $in{'description'}; $description =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $url = $in{'URL'}; $url =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $target = $in{'target'}; $target =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $BannerURL = $in{'BannerURL'}; $BannerURL =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $BannerHTML = $in{'BannerHTML'}; $BannerHTML =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $BannerHTML =~ s/\r*\n/\\n/g; $weight = $in{'weight'}; $weight =~ s/([^\w\s])/'&#'.ord($1).';'/ge; $ptarg = $in{'ptarg'}; $authorization = $in{'authorization'}; $newentry = "$id~$description~$url~$target~$BannerURL~$weight~$authorization~$ptarg~$BannerHTML"; $newentry =~ s/\r\n/\\n/g; $newentry =~ s/\n/\\n/g; } sub ShowAdd{ $in{'sbutton'} = ' Add Banner '; $in{'command'} = 'add'; (!$in{'authorization'})?($in{'aY'} = 'checked'):($in{'a'.$in{'authorization'}} = 'checked'); (!$in{'ptarg'})?($in{'SP'} = 'checked'):($in{$in{'ptarg'}} = 'checked'); #(!$in{'URL'})&&($in{'URL'} = "http://"); &PageOut("$htmlpath/t_add_banner.htm"); exit; } sub Reorder{ ##get total count &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); while($line=){ $tc++; @f=split("~",$line); ($in{'order_'.$tc} > $tc)&&($pre='2'); ($in{'order_'.$tc} < $tc)&&($pre='0'); ($in{'order_'.$tc} == $tc)&&($pre='1'); $o = sprintf("%.3d",$in{'order_'.$tc}); $l{$o.$pre.'-'.$f[0]} = $line; } close DB; open(OUT,">$htmlpath/~$in{'database'}"); for $i (sort keys %l){ print OUT $l{$i}; } close OUT; $tc=0; $in{'w'} = 'lowform'; @s = stat("$htmlpath/~$in{'database'}"); ($s[7]>0)&&(rename("$htmlpath/~$in{'database'}","$htmlpath/$in{'database'}")); &ShowList; } sub GetRealName{ local($filename) = @_; if ($filename =~ /\//) { @array = split(/\//, $filename); $real_name = pop(@array); } elsif ($filename =~ /\\/) { @array = split(/\\/, $filename); $real_name = pop(@array); } else { $real_name = "$filename"; } return $real_name; } sub SaveFile { local($filename,$outfile)=@_; $dm=0; &CheckExt($outfile); (! -e "$htmlpath/banners/$in{'database'}")&&(mkdir "$htmlpath/banners/$in{'database'}",0755); &CheckSafe("$outfile"); if (!open(OUTFILE, ">$outfile")) { &PError("Error. There was an error saving your attachment."); } binmode(OUTFILE); while ($bytesread = read($filename,$buffer,1024)) { $totalbytes += $bytesread; if(($in{'maxsize'})&&($totalbytes > ($in{'maxsize'} * 1000))){ close OUTFILE; unlink("$outfile"); &PError("Error. Maximum filesize exceeded."); } print OUTFILE $buffer; } close($filename); close(OUTFILE); } sub CheckExt{ local($rn) = @_; #check file extension. if($in{'fta'}){ ($ext) = $rn =~ /.*\.(\w*)$/; (@fx) = split(",",$in{'fta'}); foreach $i (@fx){ ($i =~ /$ext/i)&&($found=1); } (!$found)&&(&PError("Error. Only $in{'fta'} types are permitted")); } $found=0; if($in{'ftr'}){ ($ext) = $rn =~ /.*\.(\w*)$/; (@fx) = split(",",$in{'ftr'}); foreach $i (@fx){ ($i =~ /$ext/i)&&($found=1); } ($found)&&(&PError("Error. $in{'ftr'} types are NOT permitted")); } } sub ReCalPool{ &CheckSafe("$htmlpath/$in{'database'}"); open(DB,"$htmlpath/$in{'database'}"); while(){ (@f) = split("~",$_); next if ($f[6] eq 'N'); $count++; $banner{$f[0]} = $f[5]; } close DB; foreach $i (keys %banner){ for $x (1..$banner{$i}){ push(@b,$i); } } srand(time|$$); $t = $#b+1; while(!$finished){ $r = int(rand($t)); next if ($u{$r}); $u{$r} = 1; $mc++; $random[$mc] = $b[$r]; #print "$mc = $b[$r];
"; ($mc == $t)&&($finished=1); ($mc == 1000)&&($finished=1); } &CheckSafe("$htmlpath/$in{'database'}.pool"); open(DB,">$htmlpath/$in{'database'}.pool"); ($flock)&&(flock(DB,2)); foreach $i (1..$#b+1){ next if (!$random[$i]); print DB "$random[$i]\n"; } close DB; ($flock)&&(flock(DB,8)); } sub OutJS{ local($o) = @_; $o =~ s/\r*\n/\n/g; (@lines) = split("\n",$o); foreach $i (@lines){ $i =~ s/\"/\\"/g; $i =~ s/\(/\\(/g; $i =~ s/\)/\\)/g; $i =~ s/script/scr\"\+\"ipt/gsi; print "document.write(\"$i\\n\");\n"; } exit; } sub LogMe{ local($t) = @_; (-e "$htmlpath/$in{'group'}.style")?(require "$htmlpath/$in{'group'}.style"):(require "$htmlpath/styles.pl"); if($in{'dl'}){ &CheckSafe("$htmlpath/$in{'group'}.log"); open(DB,">>$htmlpath/$in{'group'}.log"); ($flock)&&(flock(DB,2)); $mt = time; print DB "$mt\t$fields[0]\t$ENV{'HTTP_REFERER'}\t$ENV{'REMOTE_ADDR'}\t$t\n"; close DB; ($flock)&&(flock(DB,2)); } else{ if($t==1){ dbmopen(%imp,"$htmlpath/$in{'group'}.imp",0644); $imp{$fields[0]}++; dbmclose %imp; } else{ dbmopen(%clk,"$htmlpath/$in{'group'}.clk",0644); $clk{$fields[0]}++; dbmclose %clk; } } &AutoResetLogs; } sub GetLogs{ (-e "$htmlpath/$in{'database'}.style")?(require "$htmlpath/$in{'database'}.style"):(require "$htmlpath/styles.pl"); &GetNoIP; dbmopen(%timp,"$htmlpath/$in{'database'}.imp",0644); foreach $i (keys %timp){ $imp{$i} = $timp{$i}; } dbmclose %timp; dbmopen(%tclk,"$htmlpath/$in{'database'}.clk",0644); foreach $i (keys %tclk){ $clk{$i} = $tclk{$i}; } dbmclose %tclk; &CheckSafe("$htmlpath/$in{'database'}.log"); open(DB,"$htmlpath/$in{'database'}.log"); while(){ chomp; (@l) = split("\t",$_); next if ($np{$l[3]}); ($l[4] eq '1')&&($imp{$l[1]}++); ($l[4] eq '2')&&($clk{$l[1]}++); } close DB; foreach $t (keys %imp){ ($clk{$t})&&($per{$t} = sprintf("%.2f",($clk{$t}/$imp{$t})*100)); } } sub ViewLogDetail{ (-e "$htmlpath/$in{'database'}.style")?(require "$htmlpath/$in{'database'}.style"):(require "$htmlpath/styles.pl"); $id = $in{'id'}; $type = $in{'type'}; $desc = $in{'desc'}; &GetNoIP; &GetLogs; print <<"EOF";
Lifetime Stats
Impressions$imp{$id}
Click-throughs$clk{$id}


EOF &CheckSafe("$htmlpath/$in{'database'}.log"); open(DB,"$htmlpath/$in{'database'}.log"); ($type == 1)?($title = 'Impressions'):($title = 'Click-throughs'); print <<"EOF"; EOF while(){ chomp; ($ts,$myid,$referer,$ipaddr,$mytype) = split("\t",$_); next if ($myid != $id); next if ($mytype != $type); next if ($np{$ipaddr}); (!$referer)&&($referer = 'none'); $ipz{$ipaddr}++; $refz{$referer}++; $date = &ctime($ts); $mytotal++; print qq||; } print qq||; print "
$title
$desc (current log file)
DateIP AddressReferrer
$date $ipaddr $referer 
Total:$mytotal
"; close DB; foreach $i (keys %ipz){ $idx = sprintf("%.9d",$ipz{$i}); $ipzt{$idx."\t".$i}=1; } foreach $i (keys %refz){ $idx = sprintf("%.9d",$refz{$i}); $refzt{$idx."\t".$i}=1; } print <<"EOF";

EOF foreach $i (sort {$b cmp $a} keys %refzt){ ($i,$r) = split("\t",$i); $i=$i+0; ($c++)&&($c==11)&&(last); print qq||; } print "
Top 10 Referrers
$desc (current log file)
Referrer 
$r$i
"; print <<"EOF";

EOF $c=0; foreach $i (sort {$b cmp $a} keys %ipzt){ ($i,$r) = split("\t",$i); $i=$i+0; ($c++)&&($c==11)&&(last); print qq||; } @s = stat("$htmlpath/$in{'database'}.log"); print <<"EOF";
Top 10 IP Addresses
$desc (current log file)
IP 
$r$i
Log file size: $s[7] bytes
EOF exit; } sub GetNoIP{ @noip = split(/\r*\n/,$in{'ipnotlog'}); foreach $i (@noip){ $np{$i}=1; } } sub CheckVars{ (!$in{'description'})&&(&PError2("Error. Please enter a description.")); (!$in{'BannerURL'})&&(!$in{'BannerHTML'})&&(&PError2("Error. Please enter either a banner URL or HTML code.")); (!$in{'weight'})&&(&PError2("Error. Please enter a weight")); (!$in{'ptarg'})&&(&PError2("Error. Please enter a target")); ($in{'BannerHTML'})&&($in{'BannerURL'} = $in{'BannerHTML'}); } sub AutoResetLogs{ @s = stat("$htmlpath/$in{'group'}.log"); (!$in{'rl'})&&(return); ($s[7] < ($in{'rl'}*1000000))&&(return); &GetLogs; dbmopen(%timp,"$htmlpath/$in{'group'}.imp",0644); foreach $i (keys %imp){ $timp{$i} = $imp{$i}; } dbmclose %timp; dbmopen(%tclk,"$htmlpath/$in{'group'}.clk",0644); foreach $i (keys %clk){ $tclk{$i}=$clk{$i}; } dbmclose %tclk; ($in{'group'})&&(unlink("$htmlpath/$in{'group'}.log")); } sub ResetLogs{ (!$in{'database'})&&(&PError("Error. No log file specified")); &GetLogs; dbmopen(%timp,"$htmlpath/$in{'database'}.imp",0644); foreach $i (keys %imp){ $timp{$i} = $imp{$i}; } dbmclose %timp; dbmopen(%tclk,"$htmlpath/$in{'database'}.clk",0644); foreach $i (keys %clk){ $tclk{$i}=$clk{$i}; } dbmclose %tclk; unlink("$htmlpath/$in{'database'}.log"); print <<"EOF"; EOF exit; } sub PError2{ local($mess) = @_; ($in{'command'} eq 'add')?($in{'command'} = 'showadd'):($in{'command'} = 'showedit'); print <<"EOF"; EOF exit; } sub CheckSafe{ my ($file) = @_; ($file =~ /\.\./)&&(&PError("Error. Invalid filename")); ($file =~ /\|/)&&(&PError("Error. Invalid filename")); return $file; }