#!/usr/bin/perl
##########################################################################
#
# TITLE: email.cgi
#
# FUNCTION: web-based email portion of My Classifieds
#
# DATE: last edited 09-10-2003
#
# AUTHOR: Erin Spice
#
# PACKAGE: My Classifieds
#
# DETAILS: If this script is passed a data file name and an
# ad index number through the url, it gets the email address
# for the person who placed that ad and allows the user to
# email that person through a form. If no data file name and
# ad index number are specified, the webmasters email address
# is retrieved from lib/sitevariables.pm and used.
#
##########################################################################
# THINGS TO MAKE THE PROGRAM WORK ########################################
use CGI(-debug);
use lib "./lib";
use sitevariables;
use common;
use functions;
use lang;
package default;
############ BEGIN MAIN PROGRAM ##########################################
print "Content-type:text/html\n\n";
$cur = CGI->new();
$mode = $cur->param("mode");
if(!$mode) {
$content .= printcontactform();
}
if($mode eq "send"){
$content .= send_email();
}
print printpage($content);
### SEND_EMAIL ###########################################################
#
# TITLE: send_email
#
# INPUT: $adindex, $filename - name of category where ad is
# stored and adindex of the ad.
#
# FUNCTION: Gets data input by user for email purposes, checks
# for correct formats and hack attempts, sends the email to
# the appropriate email address, and prints out congratulatory
# success message.
#
# OUTPUT: $content to be sent to printpage(), including success
# message after email has been sent.
#
# FUNCTIONS CALLED: fcn::get_one_ad_array
# cmn::dienice
# emailbadboy
#
# CALLED BY: email.cgi
#
##########################################################################
sub send_email{
my $return;
my $to_email;
my $adindex = $cur->param('adindex');
my $filename = $cur->param('viewcategory');
$filename =~ s/[ _\s\/\.!#\$\&\\\[\]\(\),-=\+]//ig;
if($adindex && $filename){
my ($myemail,$mycategory,$mysubject,$myadtype,$mypicurl,$myadindex,$mydescrip,$mydatenum) = fcn::get_one_ad_array($filename,$adindex);
$to_email = $myemail;
$subject_email = "$subject_email";
$body_email = "$lang::name\: $name
$lang::email\: $from_email
$lang::phone\: $phone
$lang::message\: $body_email";
}else{
$to_email = $svb::webmaster;
$subject_email = "$subject_email";
$body_email = "$lang::feedback_from $name\:
$lang::email\: $from_email
$lang::phone\: $phone
$lang::message\: $body_email";
}
my $from_email = $cur->param("from_email");
my $phone = $cur->param("phone");
my $name = $cur->param("name");
my $body_email = $cur->param("data");
my $subject_email = $cur->param("subject_email");
if(!($phone || $from_email)) {
cmn::dienice("$lang::email_or_phone");
}
if($from_email && !($from_email =~ /[\w\-]+\@[\w\-]+\.[\w\-]+/)){
cmn::dienice("$lang::invalid_email");
}
if($to_email && !($to_email =~ /[\w\-]+\@[\w\-]+\.[\w\-]+/)){
emailbadboy();
cmn::dienice("$lang::bad_invalid_email");
}
if($phone && !($phone =~ /^[0-9]{6,16}$/ )) {
cmn::dienice("$lang::invalid_phone");
}
$body_email = "$lang::name\: $name
$lang::email\: $from_email
$lang::phone\: $phone
$lang::message\: $body_email";
email($to_email,$from_email,$phone,$name,$body_email,$subject_email);
$body_email =~ s/\n/ /ig;
$return .= "
";
return $return;
}
### PRINTPAGE ############################################################
#
# TITLE: printpage
#
# INPUT: $content - data from this script.
#
# FUNCTION: Adds $cmn::fuzzymonkey to the data received from the
# script and inserts that data into the template.
#
# OUTPUT: HTML for the entire page, printed out to the browser.
#
# FUNCTIONS CALLED: cmn::dienice
#
# CALLED BY: email.cgi
#
##########################################################################
sub printpage {
my $content = $_[0];
$content .= $cmn::fuzzymonkey;
my $page;
open (TEMPLATE, "$svb::templatefile")|| cmn::dienice("$lang::read_file_error $templatefile\: $!");
while (){
$page .= $_;
}
$page =~ s//$content/ig;
close TEMPLATE;
return $page;
}
### PRINTCONTACTFORM #####################################################
#
# TITLE: printcontactform
#
# INPUT: $adindex, $viewcategory - name of category where ad is
# stored and adindex of the ad.
#
# FUNCTION: Prints the standard form for the user to input the
# information to be emailed to the recipient, then sends that info
# to the subroutine for the email to be sent.
#
# OUTPUT: $content to be sent to printpage().
#
# FUNCTIONS CALLED: fcn::get_one_ad_array
# cmn::leftmenu
#
# CALLED BY: email.cgi
#
##########################################################################
sub printcontactform {
my $viewcategory = $cur->param('viewcategory');
my $adindex = $cur->param('adindex');
my $who = $lang::the_webmaster;
my $subject;
if ($adindex && $viewcategory){
$who = $lang::the_seller;
}
my $filename = $viewcategory;
$filename =~ s/[ _\s\/\.!#\$\&\\\[\]\(\),-=\+]//ig;
if($adindex && $filename){
open (INFILE,"./data/$filename.dat")||cmn::dienice("$lang::read_file_error ./data/$filename.dat\: $!!");
while (){
$line = $_;
($email,$itemcategory,$subject,$adtype,$picurl,$adindex1,$descrip,$datenum) = split(/###/,$line);
if ($adindex == $adindex1){
$mysubject = $subject;
}
}
close INFILE;
}
$return .= "
$lang::email_verb $who
";
$return .= cmn::leftmenu();
$return .= "
$svb::fontsmall $lang::email\:
$svb::fontsmall $lang::phone_number\:
$svb::fontsmall $lang::subject\:
$svb::fontsmall $lang::comments\:
";
return $return;
}
### EMAIL ################################################################
#
# TITLE: email
#
# INPUT: ($subject_email, $to_email, $from_email, $body_email)
#
# FUNCTION: Sends the email to the webmaster in the case of any
# malicious attacks or hack attemps.
#
# OUTPUT: Prints formatted message out to sendmail.
#
# FUNCTIONS CALLED: cmn::dienice
#
# CALLED BY: emailbadboy
#
##########################################################################
sub email {
my ($to_email,$from_email,$phone,$name,$body_email,$subject_email) = @_;
$subject_email = "My Classifieds: $subject_email";
open (MAIL, "| /usr/sbin/sendmail -oi -t" ) || dienice("could not open mail");
print MAIL <param("name");
$ip = $ENV{'REMOTE_ADDR'};
$QUERY_STRING = $ENV{'QUERY_STRING'};
$script = $ENV{'SCRIPT_FILENAME'};
$servername = $ENV{'SERVER_NAME'};
$subject_email = $cur->param("subject_email");
$subject_email = "$title $lang::feedback\: " . $subject_email;
$body_email = "$lang::hack_attempt. ($script, $servername, $ip, $lang::name\: $name!\n\n";
email();
}