#!/usr/bin/perl use CGI::Carp qw(fatalsToBrowser); # World Wide Messenger Version 6.0 MySQL Version by World Wide Creations (TM) # Copyright ©1999-2004 World Wide Creations All Rights Reserved # # As part of the installation process, you agree # to accept the terms of this Agreement. This Agreement is # a legal contract, which specifies the terms of the license # and warranty limitation between you and World Wide Creations # You should carefully read the following terms and conditions before # installing or using this software. Unless you have a different license # agreement obtained from World Wide Creations, installation or use of this software # indicates your acceptance of the license and warranty limitation terms # contained in this Agreement. If you do not agree to the terms of this # Agreement, promptly delete and destroy all copies of the Software. # # VERSIONS OF SOFTWARE #----------------------------------------------------------------------- # Only one copy of the registered version of The World Wide Messenger may used # on one web site owned by one owner or an entity. # # LICENSE TO REDISTRIBUTE #----------------------------------------------------------------------- # Distributing the software and/or documentation with other products # (commercial or otherwise) or by any means without # World Wide Creations prior written permission is forbidden. # All rights to the World Wide Messenger software and documentation not expressly # granted under this Agreement are reserved to World Wide Creations. # # DISCLAIMER OR WARRANTY #----------------------------------------------------------------------- # THIS SOFTWARE AND ACCOMPANYING DOCUMENTATION ARE PROVIDED # "AS IS" AND WITHOUT WARRANTIES AS TO PERFORMANCE OF # MERCHANTABILITY OR ANY OTHER WARRANTIES WHETHER EXPRESSED OR # IMPLIED. BECAUSE OF THE VARIOUS HARDWARE AND SOFTWARE # ENVIRONMENTS INTO WHICH THE WORLD WIDE MESSENGER MAY BE USED, # NO WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE IS OFFERED. THE # USER MUST ASSUME THE ENTIRE RISK OF USING THIS PROGRAM. ANY # LIABILITY OF WORLD WIDE CREATIONS WILL BE LIMITED EXCLUSIVELY TO # PRODUCT REPLACEMENT OR REFUND OF PURCHASE PRICE. IN NO CASE # SHALL WORLD WIDE CREATIONS BE LIABLE FOR ANY INCIDENTAL, SPECIAL # OR CONSEQUENTIAL DAMAGES OR LOSS, INCLUDING, WITHOUT # LIMITATION, LOST PROFITS OR THE INABILITY TO USE EQUIPMENT OR # ACCESS DATA, WHETHER SUCH DAMAGES ARE BASED UPON A BREACH OF # EXPRESS OR IMPLIED WARRANTIES, BREACH OF CONTRACT, NEGLIGENCE, # STRICT TORT, OR ANY OTHER LEGAL THEORY. THIS IS TRUE EVEN IF WORLD # WIDE CREATIONS IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN # NO CASE WILL WORLD WIDE CREATIONS'S LIABILITY EXCEED THE AMOUNT # OF THE LICENSE FEE ACTUALLY PAID BY LICENSEE TO WORLD WIDE # CREATIONS. BEGIN { $0 =~ m~(.*)(\\|/)~; $the_main_path = $1; $the_main_path =~ s~\\~/~g; if ($the_main_path eq "") { $the_main_path = $ENV{'SCRIPT_FILENAME'}; $the_main_path =~ s/\/messenger.cgi//g; } ## If all else fails then define and uncomment the next line (No trailing slash!); $the_main_path = "/home/users/eulinx.com/eu-root/public_html/CGI-BIN/messenger"; $SIG{__WARN__} = sub { $warn_error++; } } use lib $the_main_path; #use Time::HiRes qw(gettimeofday tv_interval); #$start_time = [ gettimeofday ]; require 'functions.cgi'; require 'calendar.cgi'; use CGI qw/:standard :escapeHTML/; use CGI::Cookie; use Net::POP3; use MIME::Parser; use MIME::Head; use MIME::Entity; #use Net::SMTP; use Mail::Address; use URI::Escape; use HTML::Scrubber; use LWP::UserAgent; $pub_key = 'asdf_zxcvnmpoiyh'; if ($ARGV[0] eq 'Do_Mail') { &Get_Setup; if($settings{"basepath"} eq "") { $settings{"basepath"} = $the_main_path; } &Get_Msgs; &Globals; &Do_Mail; } if ($ARGV[0] eq 'Do_Paypal') { &Get_Setup; if($settings{"basepath"} eq "") { $settings{"basepath"} = $the_main_path; } &Get_Msgs; &Globals; &Do_Paypal; } else { Initialize(); } ################################################# No More Editing Required. ### Main Mail Routine sub Do_Mail { my($message,$messages,$msgid,@pops,@temp_pops); if ($_[0]) { @pops = Get_POP($_[0]); foreach $item(@pops) { chomp($item); @temp_pops = split(/\|\|/,$item); $pop = Net::POP3->new( $temp_pops[1] , Timeout => 10 ); if (defined($pop)) { defined ($pop->login($temp_pops[2], $temp_pops[3])); $messages = $pop->list; foreach $msgid (keys %$messages) { Do_Parse($msgid,$_[0],$temp_pops[4]); } $pop->quit(); } else { $message .= "$message{58} $temp_pops[1] $! $@"; } } return $message; } $pop = Net::POP3->new( $settings{"popserver"} , Timeout => 10 ); if (defined($pop)) { defined ($pop->login($settings{"popuser"}, $settings{"poppass"})); $messages = $pop->list; foreach $msgid (keys %$messages) { Do_Parse($msgid); } $pop->quit(); } else { open (FH,">$settings{\"basepath\"}/temp/data.cgi"); print FH "Popserver is not responding: $! and $@"; close FH; } } ### Parse the email sub Do_Parse { my($parser,$line,$entity,$id,$from,$to,$cc,$subject,$head,$header,$the_id,$the_email,$size,$text_message,$contenter,$html_message,$temper_file_att,$virus_message,%content_id,@att,@all_received,@parts,@allfiles); $id = ($_[0] + time); my $x = Check_Record("mail","id",$id); while($x eq "OK") { $id++; $x = Check_Record("mail_index","id",$id); } $size = $pop->list($_[0]); $header = $pop->top($_[0]); $line = $pop->get($_[0]); open(FH,">$settings{\"basepath\"}/temp/data.cgi"); print FH @$line; close FH; $parser = new MIME::Parser; $parser->output_dir("$settings{\"basepath\"}/temp"); $parser->output_prefix("$id"); $entity = $parser->parse_data($line); $head = $entity->head; #$head->decode; $from = $head->get('From',0); @all_received = $head->get('Received'); @from_addresses = Mail::Address->parse($from); $to = $head->get('To',0); @to_addresses = Mail::Address->parse($to); $cc = $head->get('Cc',0); @cc_addresses = Mail::Address->parse($cc); $subject = $head->get('Subject',0); foreach $ent ($entity->parts_DFS) { @parts = $ent->parts; foreach $part(@parts) { if ($part->bodyhandle) { $part_head = $part->head; $the_id = $part_head->get('Content-ID'); $the_id =~ s/[<>]//gm; $the_id = Strip_Returns($the_id); $content_id{$the_id} = $part_head->recommended_filename unless ($the_id eq ""); $temper_file_att = $part_head->recommended_filename; ###Virus scanning if ($settings{'anti-virus'} == 1) { if (Virus_Scan("$settings{'basepath'}/temp/$temper_file_att") == 3) { $virus_message = $message{108}; $virus_message =~ s//$temper_file_att/gm; open(FH,">$settings{'basepath'}/temp/$message{107}"); print FH $virus_message; close FH; unlink("$settings{'basepath'}/temp/$temper_file_att"); $temper_file_att = $message{107}; } } ### End virus scanning push(@att,$temper_file_att); } } opendir THEDIR, "$settings{\"basepath\"}/temp" or oops("Unable to open directory: $!"); @allfiles = readdir THEDIR; closedir THEDIR; foreach $file (sort { int($b) <=> int($a) } @allfiles) { if ("$settings{\"basepath\"}/temp/$file" =~ /$id/) { open(FH,"$settings{\"basepath\"}/temp/$file"); @file = ; close (FH); unlink("$settings{\"basepath\"}/temp/$file"); $the_email = join("",@file); if ($file =~ /htm/) { if (%content_id) { foreach $key (keys %content_id) { $contenter = uri_escape($content_id{$key}); $the_email =~ s/\Qcid:$key\E/$url\?Show_Image&$id&$contenter/gm; } $html_message .= $the_email; unlink("$settings{\"basepath\"}/temp/$file"); } else { $html_message .= $the_email; } } else { $text_message .= $the_email; } } } } $to = Get_Address($_[1],@to_addresses); $cc = Get_Address($_[1],@cc_addresses); if (defined($from_addresses[0])) { $from = $from_addresses[0]->address(); } else { $from = $settings{'lost_from'}; } Save_Mail($id,$to,$cc,$from,$subject,$html_message,$text_message,$size,\@att,\@$header,\@all_received,$_[1]); foreach $item (@att) { if ($item eq "") { next; } Strip_Returns($item); unlink("$settings{\"basepath\"}/temp/$item"); } $pop->delete($_[0]) unless ($_[2] eq "OFF"); } ### Main Menu sub Main_Menu { Validate_User_Id($user,$pass); Content(); my($sched_message); @my_date = Get_Date(time,1); my $mon = ($my_date[4] + 1); my $yr = ($my_date[5] + 1900); my $day = $my_date[3]; my @cal_data = Print_Calendar($user,$mon,$yr,$day,1); my $is_sched = Is_Cal_Event($user,$mon,$yr,$day); my @mailbox_usage = Get_Mail_Usage($user); my $unread = Get_New($user); if ($unread eq "") { $unread = 0; } my ($mail,$sent,$logins,$date_joined,$premium,$last_login,$mail_count,$ip,$password,$question1,$question2,$question3,$question4,$question5,$question6,$question7,$question8,$question9,$question10,$max,$current_storage,$tier) = Get_User_Stats($user); if ($premium eq "YES") { $premium = $message{111}; } else { $premium = $message{112}; } $date_joined = Get_Date($date_joined); $last_login = Get_Date($last_login); if ($is_sched ne "") { $sched_message = $message{99}; } else { $sched_message = $message{100}; } $sched_message =~ s//$url/gm; @register = Get_Template("$settings{\"basepath\"}/templates","main_menu.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//@cal_data/gm; $item =~ s//$user/gm; $item =~ s//$sched_message/gm; $item =~ s//@mailbox_usage/gm; $item =~ s//$date_joined/gm; $item =~ s//$logins/gm; $item =~ s//$last_login/gm; $item =~ s//$ip/gm; $item =~ s//$tier/gm; $item =~ s//$mail/gm; $item =~ s//$unread/gm; $item =~ s//$sent/gm; $item =~ s//$premium/gm; $item =~ s//$mail_count/gm; $item =~ s//$max/gm; $item =~ s//$current_storage/gm; print $item; } } ### Upgrade Accounts sub Upgrade { Validate_User_Id($user,$pass); Content(); my ($tier_1_cost,$tier_1_bytes) = split(/ /,$settings{'tier_1'}); my ($tier_2_cost,$tier_2_bytes) = split(/ /,$settings{'tier_2'}); my ($tier_3_cost,$tier_3_bytes) = split(/ /,$settings{'tier_3'}); @register = Get_Template("$settings{\"basepath\"}/templates","upgrade.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$tier_1_bytes/gm; $item =~ s//$tier_1_cost/gm; $item =~ s//$tier_2_bytes/gm; $item =~ s//$tier_2_cost/gm; $item =~ s//$tier_3_bytes/gm; $item =~ s//$tier_3_cost/gm; $item =~ s//$settings{'icon_path'}/gm; $item =~ s//$settings{'paypal_email'}/gm; $item =~ s//$user/gm; print $item; } } ### Upgrade is successful sub Upgrade_Success { Content(); @register = Get_Template("$settings{\"basepath\"}/templates","upgrade_success.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; print $item; } } ### Automatically handle PayPal subscriptions sub Do_Paypal { my($query,$value,%variable); read (STDIN, $query, $ENV{'CONTENT_LENGTH'}); $query .= '&cmd=_notify-validate'; my $ua = new LWP::UserAgent; my $req = new HTTP::Request 'POST','http://www.paypal.com/cgi-bin/webscr'; $req->content_type('application/x-www-form-urlencoded'); $req->content($query); my $res = $ua->request($req); my @pairs = split(/&/, $query); my $count = 0; foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $variable{$name} = $value; $count++; } my $receiver_email = $variable{'receiver_email'}; my $item_number = $variable{'item_number'}; my $txn = $variable{'txn_type'}; my $payment_status = $variable{'payment_status'}; my $payment_gross = $variable{'payment_gross'}; my $payment_status = $variable{'payment_status'}; my ($tier_1,$size1) = split(/ /,$settings{'tier_1'}); my ($tier_2,$size2) = split(/ /,$settings{'tier_2'}); my ($tier_3,$size3) = split(/ /,$settings{'tier_3'}); if ((!($payment_status eq "Pending")) || (!($payment_status eq "Refunded"))) { if ($txn eq 'subscr_payment') { if ($payment_gross == $tier_1) { if (User_Exists($item_number) eq "OK") { Change_Max($item_number,$size1); Change_Prem($item_number,"NO"); Update_Tier($item_number,$message{115}); } } elsif ($payment_gross == $tier_2) { if (User_Exists($item_number) eq "OK") { Change_Max($item_number,$size2); Change_Prem($item_number,"NO"); Update_Tier($item_number,$message{116}); } } elsif ($payment_gross == $tier_3) { if (User_Exists($item_number) eq "OK") { Change_Max($item_number,$size3); Change_Prem($item_number,"NO"); Update_Tier($item_number,$message{117}); } } } if (($txn eq 'subscr_cancel') || ($txn eq 'subscr_failed') || ($payment_status eq "Refunded")) { Change_Max($item_number,$settings{'default_user_size'}); Change_Prem($item_number,"YES"); Update_Tier($item_number,$message{118}); } } open(FH,">>$settings{'basepath'}/temp/paypal.cgi"); print FH "$item_name | $receiver_email | $item_number | $invoice | $payment_status | $payment_gross | $txn_id | $txn\n\n"; close FH; print "content-type: text/plain\n\nOK\n"; } ### Get mailbox usage data sub Get_Mail_Usage { my ($users_max_limit,$current_storage) = Check_File_Limit($_[0]); my $percent; $percent = sprintf('%.0f', ($current_storage / $users_max_limit) * 100); my $total = sprintf('%.0f', ($users_max_limit / 1000)); my @register = Get_Template("$settings{\"basepath\"}/templates","mailbox_usage.htm"); foreach $item (@register) { $item =~ s//$percent/gm; $item =~ s//$total/gm; } @register; } ### Log Out sub Log_Out { delete_cookie('name'); &Login; } ### Folder filtering sub Folder_Filter { Validate_User_Id($user,$pass); Content(); my($temp,$folders,$checker,$checked,$subject,$message,$email); my @folds = Get_Folders($user); if ($folds[0] eq "") { Manage_Folders($message{95}); } else { if ($ARGV[1]) { ($subject,$message,$email) = Get_Folder_Filter_Data($user,$ARGV[1]); } foreach $item(@folds) { chomp($item); $temp = $settings{'folder_filter_folders'}; $temp =~ s//$url\?Folder_Filter\&/gm; $temp =~ s//$item/gm; if ($item eq $ARGV[1]) { $checker = " CHECKED"; } else { $checker = (); } $temp =~ s//$checker/gm; $folders .= $temp; } @register = Get_Template("$settings{\"basepath\"}/templates","folderfilter.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$_[0]/gm; $item =~ s//$url/gm; $item =~ s//$folders/gm; $item =~ s//$subject/gm; $item =~ s//$message/gm; $item =~ s//$email/gm; print $item; } } } ### Process folder filter sub Proc_Folder_Filter { Validate_User_Id($user,$pass); Content(); if ($form{'FOLDER'} eq "") { &Folder_Filter($message{96}); } else { Insert_Folder_Filter($user,$form{'FOLDER'},$form{'SUBJECT'},$form{'MESSAGE'},$form{'ADDRESS'}); &Folder_Filter($message{98}); } } ### Load notification form sub Notification { Validate_User_Id($user,$pass); Content(); my ($email,$aim,$client) = Get_Notification($user); @register = Get_Template("$settings{\"basepath\"}/templates","notification.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$_[0]/gm; $item =~ s//$url/gm; $item =~ s//$email/gm; $item =~ s//$aim/gm; print $item; } } ###Process Notification sub Proc_Notification { Validate_User_Id($user,$pass); Content(); &oops($message{80}) unless (lc($form{'EMAIL'}) ne lc($user)); my @dom_check = split(/\@/, lc($form{'EMAIL'})); if (Valid_Domain($dom_check[1]) eq "OK") { &oops($message{110}); } Insert_Notification($user,$form{'EMAIL'},$form{'AIM'},$form{'IM'}); &Notification($message{79}); } ### Display Calendar sub Display_Calendar { Validate_User_Id($user,$pass); my($submit,$timer,$mon,$yr,$day,@my_date); Content(); if ($_[0] eq $message{76}) { $ARGV[1] = $_[4]; $ARGV[2] = $_[5]; $ARGV[3] = $_[6]; } if ($_[3]) { $submit = $message{76}; } else { $submit = $message{75}; } if ($_[2] eq "") { $_[2] = $message{74}; } if ($ARGV[1] ne "") { $mon = $ARGV[1]; $yr = $ARGV[2]; $day = $ARGV[3]; } else { @my_date = Get_Date(time,1); $mon = ($my_date[4] + 1); $yr = ($my_date[5] + 1900); $day = $my_date[3]; $ARGV[1] = $mon; $ARGV[2] = $yr; $ARGV[3] = $day; } my @cal_data = Print_Calendar($user,$mon,$yr,$day); my @sched_data = Print_Schedule($user,$mon,$yr,$day,$ARGV[4]); @register = Get_Template("$settings{\"basepath\"}/templates","calendar.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$_[0]/gm; $item =~ s//$url/gm; if ($_[7]) { $item =~ s//"); } else { push(@sound_select,""); } } } if ($sound_on eq "ON") { $checked3 = " CHECKED"; } if ($html eq "ON") { $checked1 = " CHECKED"; } if ($sig_on eq "ON") { $checked2 = " CHECKED"; } if ($encoding ne "") { $selected = ""; } @register = Get_Template("$settings{\"basepath\"}/templates","mailoptions.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$checked1/gm; $item =~ s//$checked2/gm; $item =~ s//$checked3/gm; $item =~ s//$selected/gm; $item =~ s//@sound_select/gm; $item =~ s//$sig/gm; $item =~ s//$_[0]/gm; print $item; } } ### Process Mail Options sub Proc_Mail_Options { Validate_User_Id($user,$pass); Content(); if (!(-e "$settings{'icon_base_path'}/sounds/$form{'SOUND'}")) { oops($message{109}); } Save_Mail_Options($user,$form{'HTML'},$form{'SIGNATURE_ON'},$form{'SIGNATURE'},$form{'ENCODING'},$form{'SOUND_ON'},$form{'SOUND'}); Mail_Options($message{59}); } ### Check POP boxes sub Check_POP { Validate_User_Id($user,$pass); Content(); my $message = Do_Mail($user); $ARGV[0] = "Inbox"; $ARGV[1] = 0; $ARGV[2] = $form{'FOLDER'}; Inbox($message); } ### Add POP boxes sub Add_POP { Validate_User_Id($user,$pass); my($checked); Content(); my($editor,$temp_pop,$pop,@temp_pops); if ($_[1]) { $editor = $message{50}; } else { $editor = $message{49}; $checked = " CHECKED"; } if ($_[5] eq "ON") { $checked = " CHECKED"; } @pops = Get_POP($user); foreach $item(@pops) { chomp($item); @temp_pops = split(/\|\|/,$item); $temp_pop = $settings{'pop_table'}; $temp_pop =~ s//$temp_pops[0]/gm; $temp_pop =~ s//$temp_pops[1]/gm; $temp_pop =~ s//$temp_pops[2]/gm; $pop .= $temp_pop; } @register = Get_Template("$settings{\"basepath\"}/templates","addpop.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$editor/gm; $item =~ s//$_[0]/gm; $item =~ s//$pop/gm; $item =~ s//$message{50}/gm; $item =~ s//$message{51}/gm; $item =~ s//$_[1]/gm; $item =~ s//$_[2]/gm; $item =~ s//$_[3]/gm; $item =~ s//$checked/gm; print $item; } } ### Process POP addition sub Proc_Add_POP { Validate_User_Id($user,$pass); my($null,@pops); Content(); if ($form{'DELETE'} ne "ON") { $form{'DELETE'} = "OFF"; } if ($form{'EDIT-DELETE'} eq $message{50}) { &oops($message{52}) unless ($form{'select_pop'}); my ($id,$pop,$pop_user,$pop_pass,$to_delete) = Get_POP_Info($user,$form{'select_pop'}); &Add_POP($null,$id,$pop,$pop_user,$pop_pass,$to_delete); } elsif ($form{'EDIT-DELETE'} eq $message{51}) { &oops($message{52}) unless ($form{'select_pop'}); Delete_POP($user,$form{'select_pop'}); &Add_POP($message{57}); } elsif ($form{'SUBMIT'} eq $message{50}) { &oops($message{52}) unless ($form{'POP_SERVER'}); &oops($message{52}) unless ($form{'orig_pop'}); &oops($message{53}) unless ($form{'POP_USERNAME'}); &oops($message{54}) unless ($form{'POP_PASS'}); Update_POP($user,$form{'POP_SERVER'},$form{'POP_USERNAME'},$form{'POP_PASS'},$form{'orig_pop'},$form{'DELETE'}); &Add_POP($message{56}); } else { &oops($message{52}) unless ($form{'POP_SERVER'}); &oops($message{53}) unless ($form{'POP_USERNAME'}); &oops($message{54}) unless ($form{'POP_PASS'}); Add_POP_Record($user,$form{'POP_SERVER'},$form{'POP_USERNAME'},$form{'POP_PASS'},$form{'DELETE'}); Add_POP($message{55}); } } ### Bounce handler sub Do_Bounce { my($error_message,$bounce_message,$bounce_subject,$smtp,$smtp_message); my ($null,$to,$from,$subject,$line) = @_; if ($_[0] eq 1) { $error_message = "bounce_no_user.cgi"; } else { $error_message = "bounce_attachment.cgi"; } if ($_[0] eq 3) { $error_message = "bounce_suspended.cgi"; } open(FH,"$settings{\"basepath\"}/$error_message") or oops("Cannot open bounce file! $!"); while () { $bounce_message .= $_; } close FH; $bounce_subject = $settings{"bounce_subject"}; $bounce_subject =~ s//$subject/gm; my $top = MIME::Entity->build(Type =>"multipart/mixed",From => $settings{"bounce_address"}, To => $from, Subject => $bounce_subject); $top->attach(Data => $bounce_message, Type => "text/plain"); $top->attach(Data => $line, Type => "text/plain"); if ($settings{"sendmail"}) { open MAIL, "| $settings{\"sendmail_path\"} -t" or oops("Sendmail: $!"); $top->print(\*MAIL); close MAIL; } else { $smtp_message = $top->stringify; $smtp= Net::SMTP->new($settings{"smtp_server"}, Debug => 0,); $smtp->mail($settings{"bounce_address"}); $smtp->to($from); $smtp->data(); $smtp->datasend($smtp_message); $smtp->dataend(); $smtp->quit; } } ### Notify email sub Do_Notify_Mail { my($error_message,$bounce_message,$bounce_subject,$smtp,$smtp_message); my ($email_not,$subject,$itemr,$mail_count,$folder) = @_; $error_message = "notify.cgi"; open(FH,"$settings{\"basepath\"}/$error_message") or oops("Cannot open bounce file! $!"); while () { $bounce_message .= $_; } close FH; $bounce_message =~ s//$itemr/gm; $bounce_message =~ s//$subject/gm; $bounce_message =~ s//$folder/gm; $bounce_message =~ s//$mail_count/gm; $bounce_subject = $settings{"notify_subject"}; $bounce_subject =~ s//$subject/gm; my $top = MIME::Entity->build(Type =>"multipart/mixed",From => $settings{"bounce_address"}, To => $email_not, Subject => $bounce_subject); $top->attach(Data => $bounce_message, Type => "text/plain"); if ($settings{"sendmail"}) { open MAIL, "| $settings{\"sendmail_path\"} -t" or oops("Sendmail: $!"); $top->print(\*MAIL); close MAIL; } else { $smtp_message = $top->stringify; $smtp= Net::SMTP->new($settings{"smtp_server"}, Debug => 0,); $smtp->mail($settings{"bounce_address"}); $smtp->to($from); $smtp->data(); $smtp->datasend($smtp_message); $smtp->dataend(); $smtp->quit; } } ### Manage Contacts sub Manage_Contacts { Validate_User_Id($user,$pass); my($contact_message,$contact_list); Content(); my @contacts = Get_Contact_List($user); foreach $item(@contacts) { chomp($item); $contact_list .= ""; } if ($_[1] eq $message{35}) { $contact_message = $message{35}; } else { $contact_message = $message{34}; } @register = Get_Template("$settings{\"basepath\"}/templates","managecontacts.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s/-->/$_[0]/gm; $item =~ s//$message{36}/gm; $item =~ s//$message{37}/gm; $item =~ s//$contact_message/gm; $item =~ s//$_[0]/gm; $item =~ s//$contact_list/gm; $item =~ s//$_[2]/gm; $item =~ s//$_[3]/gm; $item =~ s//$_[4]/gm; $item =~ s//$_[5]/gm; $item =~ s//$_[6]/gm; $item =~ s//$_[7]/gm; $item =~ s//$_[8]/gm; $item =~ s//$_[9]/gm; $item =~ s//$_[10]/gm; $item =~ s//$_[11]/gm; $item =~ s//$_[12]/gm; $item =~ s//$_[2]/gm; print $item; } } ### Process the contacts sub Proc_Manage_Contacts { Validate_User_Id($user,$pass); my($null); if ($form{'SUBMIT_CONTACT'} eq $message{34}) { if ($form{'EMAIL'} !~ m/.+\@.+/) { &Manage_Contacts("$message{16} $form{'EMAIL'}"); } if(Check_Record("contact","id","$user\|$form{'EMAIL'}") eq "OK") { &Manage_Contacts($message{38}); } Add_Contact($user,$form{'EMAIL'},$form{'QUESTION1'},$form{'QUESTION2'},$form{'QUESTION3'},$form{'QUESTION4'},$form{'QUESTION5'},$form{'QUESTION6'},$form{'QUESTION7'},$form{'QUESTION8'},$form{'QUESTION9'},$form{'QUESTION10'}); Manage_Contacts($message{39}); } elsif ($form{'SUBMIT_CONTACT'} eq $message{35}) { if ($form{'EMAIL'} !~ m/.+\@.+/) { &Manage_Contacts("$message{16} $form{'EMAIL'}"); } if(Check_Record("contact","id","$user\|$form{'ORIG_MAIL'}") ne "OK") { &Manage_Contacts($message{40}); } Update_Contact($user,$form{'ORIG_MAIL'},$form{'EMAIL'},$form{'QUESTION1'},$form{'QUESTION2'},$form{'QUESTION3'},$form{'QUESTION4'},$form{'QUESTION5'},$form{'QUESTION6'},$form{'QUESTION7'},$form{'QUESTION8'},$form{'QUESTION9'},$form{'QUESTION10'}); &Manage_Contacts($message{41}); } elsif ($form{'SUBMIT'} eq $message{37}) { if ($form{'ADDRESSES'} !~ m/.+\@.+/) { &Manage_Contacts("$message{16} $form{'ADDRESSES'}"); } my($question1,$question2,$question3,$question4,$question5,$question6,$question7,$question8,$question9,$question10) = Get_Contact("$user|$form{'ADDRESSES'}"); &Manage_Contacts($null,$message{35},$form{'ADDRESSES'},$question1,$question2,$question3,$question4,$question5,$question6,$question7,$question8,$question9,$question10); } elsif ($form{'SUBMIT'} eq $message{36}) { if(Check_Record("contact","id","$user\|$form{'ADDRESSES'}") ne "OK") { &Manage_Contacts($message{38}); } my($question1,$question2,$question3,$question4,$question5,$question6,$question7,$question8,$question9,$question10) = Get_Contact("$user|$form{'ADDRESSES'}"); Delete_Contact($user,$form{'ADDRESSES'}); &Manage_Contacts($message{41}); } else { &Manage_Contacts($message{42}); } } ### Load spam filter page sub Spam_Filter { my($subject,$message,$email,$action,$rbl,$check1,$check2,$check3,$check4); Content(); ($subject,$message,$email,$action,$rbl) = Spam_Info($user); chomp($subject,$message,$email,$action); if ($action eq "DELETE") { $check2 = " CHECKED"; } else { $check1 = " CHECKED"; } if ($rbl eq "1") { $check3 = " CHECKED"; } else { $check4 = " CHECKED"; } @register = Get_Template("$settings{\"basepath\"}/templates","spamfilter.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$message/gm; $item =~ s//$subject/gm; $item =~ s//$email/gm; $item =~ s//$check1/gm; $item =~ s//$check2/gm; $item =~ s//$check3/gm; $item =~ s//$check4/gm; $item =~ s//$settings{"blacklist"}/gm; print $item; } } ### Process spam form sub Proc_Spam_Filter { Validate_User_Id($user,$pass); Content(); Strip_Returns($subject); Do_Spam_Update($user,$form{'SPAM_SUBJECT'},$form{'SPAM_MESSAGE'},$form{'SPAM_ADDRESS'},$form{'SPAM_ACTION'},$form{'BLACKLIST'}); &Spam_Filter($message{31}); } ### Load folder manager sub Manage_Folders { Validate_User_Id($user,$pass); my($folder_list,@fold_array); Content(); @fold_array = Get_Folders($user); foreach $item (@fold_array) { chomp($item); $folder_list .= ""; } @register = Get_Template("$settings{\"basepath\"}/templates","managefolders.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$folder_list/gm; $item =~ s//$_[0]/gm; print $item; } } ### Process folders sub Proc_Manage_Folders { Validate_User_Id($user,$pass); Content(); my(@fold_array); Validate_User_Id($user,$pass); Content(); @fold_array = split(/\:\:/, $form{'alllist'}); Add_Delete_Folders($user,\@fold_array); &Manage_Folders($message{28}); } ### Load Options Screen sub Options { Validate_User_Id($user,$pass); Content(); @register = Get_Template("$settings{\"basepath\"}/templates","options.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; print $item; } } ### Checks to see if sender is blacklisted sub Check_RBL { my $results; if (($settings{$_[0]}) || ($_[0] eq "127.0.0.1")) { return $results; } else { my $host = Invert_Address($_[0]); if (gethostbyname($host . '.' . $settings{"blacklist"})) { $results = "SPAM"; }; return $results; } } #### Invert IP address of host for RBL sub Invert_Address { my $host = $_[0]; my ($results, @addresses,@ret); if ($host =~ /^\d+\.\d+\.\d+\.\d+$/) { push @ret, join('.', reverse split(/\./, $host)); } else { @addresses = (gethostbyname($host))[4]; } foreach my $addr (@addresses) { push @ret, join('.', reverse unpack('C4', $addr)); } $results = join(//,@ret); $results; } ### Display the inbox sub Inbox { my($header_a,$counts,$folder,$template,$page_linker,$x,$i,$t,$page_link,$counter,$count,$size,$date,$thedate,$temp_link,@sizer,@mail_array,@temp_array,@inbox_data); Validate_User_Id($user,$pass); Do_Mail() unless ($settings{'do_cron'} == 1); $ARGV[2] = uri_unescape($ARGV[2]); if ($ARGV[2] eq "") { $ARGV[2] = $message{21}; } Content(); my $order = "asc"; if ($ARGV[3] eq $order) { $order = "desc"; } my $direction_icon = ""; $count = Get_Mail_Count($user,$ARGV[2]); $counts = $count / $settings{"inbox_rows"}; $counter = $settings{"inbox_rows"}; $page_linker = $settings{"page_link"}; if ($ARGV[1] > 0) { $page_linker =~ s//1<\/a>/gm; } else { $page_linker =~ s//1/gm unless ($count < $settings{"inbox_rows"}); } $page_link .= $page_linker; for ($i = 1; $i < $counts; $i++) { $page_linker = $settings{"page_link"}; $y = $i + 1; if ($ARGV[1] == $counter) { $page_linker =~ s//$y/gm; } else { $page_linker =~ s//$y<\/a>/gm; } $page_linker =~ s//$y<\/a>/gm; $page_link .= $page_linker; $counter = ($counter + $settings{"inbox_rows"}); } #### Returns: $mail_id,$mail_to,$mail_from,$subject,$mail_size,$date,$status if ($ARGV[2] ne $message{23}) { @mail_array = Get_Mail_Index($user,$ARGV[1],$ARGV[2],$ARGV[4],$ARGV[3]); } else { @mail_array = Get_Mail_Index_Sent($user,$ARGV[1],$ARGV[2],$ARGV[4],$ARGV[3]); } $inbox_counter = ($#mail_array + 1); $x = 1; foreach $item(@mail_array) { @temp_array = split(/\,/,$item); chomp($temp_array[3]); chomp($temp_array[$#temp_array]); $date = Get_Date($temp_array[5]); $size = ($temp_array[4] / 1000); if ($size < 1) { $size = "<1"; } @sizer = split(/\./,$size); $temp_link = $settings{"inbox_link_layout"}; $temp_link =~ s//$x/gm; $temp_link =~ s//$url/gm; $temp_link =~ s//$temp_array[2]/gm; $temp_link =~ s//$temp_array[0]/gm; if (length($temp_array[3]) > $settings{"subject_subst"}) { $temp_array[3] = substr($temp_array[3],0,$settings{"subject_subst"}); $temp_array[3] .= $settings{"subject_append"}; } $temp_link =~ s//$temp_array[3]/gm; $temp_link =~ s//$sizer[0]/gm; $folder = $ARGV[2]; $folder = uri_escape($folder); $temp_link =~ s//$folder/gm; if (Get_Header($temp_array[0]) eq $settings{'admin_header'}) { $temp_link =~ s///gm; } elsif ($temp_array[6] ne "read") { $temp_link =~ s///gm; } if (Is_Attach($temp_array[0]) ne "") { $temp_link =~ s///gm; } $temp_link =~ s//$date/gm; push(@inbox_data,$temp_link); $x++; } $thedate = Get_Date(time); if($#mail_array < 0) { $template = "empty_inbox.htm"; } else { $template = "inbox.htm"; } @register = Get_Template("$settings{\"basepath\"}/templates","$template"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//@inbox_data/gm; $item =~ s//$page_link/gm; $item =~ s//$ARGV[2]/gm; $item =~ s//$folder_list/gm; $item =~ s//$folder_list_links/gm; $item =~ s//$message{22}/gm; $item =~ s//$message{21}/gm; $item =~ s//$message{23}/gm; $item =~ s//$message{24}/gm; $item =~ s//$message{26}/gm; $item =~ s//$message{27}/gm; $item =~ s//$message{29}/gm; $item =~ s//$_[0]/gm; $item=~ s//$ARGV[1]/gm; $item=~ s//$order/gm; if ($ARGV[4] eq "size") { $item=~ s//$direction_icon/gm; } if ($ARGV[4] eq "from") { $item=~ s//$direction_icon/gm; } if ($ARGV[4] eq "subject") { $item=~ s//$direction_icon/gm; } if (($ARGV[4] eq "date") || ($ARGV[4] eq "")) { $item=~ s//$direction_icon/gm; } print $item; } } ### Empty trash sub Empty_Trash { Validate_User_Id($user,$pass); Empty_Folder($user,$message{22}); &Inbox($message{32}); } ### Do inbox requests sub Proc_Inbox_Request { Validate_User_Id($user,$pass); my($results,$message_return); Content(); if ($form{'SUBMIT'} eq $message{26}) { foreach $key(keys %form) { if ($key =~ /MSG/) { if (Verify_Mess_Owner($user,$form{$key}) ne "OK") { oops($message{19}) unless ($form{'FOLDER'} eq $message{23}); } if (($form{'FOLDER'} eq $message{22}) || ($form{'FOLDER'} eq $message{24}) || ($form{'FOLDER'} eq $message{23})) { if ($form{'FOLDER'} eq $message{23}) { if (Verify_Mess_Owner_Sent($user,$form{$key}) ne "OK") { oops($message{19}); } Delete_Message_Sent($user,$form{$key}); } Delete_Message($user,$form{$key}); $message_return = $message{47}; } else { Temp_Delete_Message($user,$form{$key}); $message_return = $message{46}; } } } } elsif ($form{'SUBMIT'} eq $message{27}) { if ($form{'FOLDER'} eq $message{23}) { &oops($message{44}); } foreach $key(keys %form) { if ($key =~ /MSG/) { $results = Verify_Mess_Owner($user,$form{$key}); if ($results ne "OK") { oops($message{19}); } Move_Message($user,$form{$key},$form{'FOLDER_SELECT'}); $message_return = $message{48}; } } } elsif ($form{'SUBMIT'} eq $message{29}) { $form{'FOLDER'} = $form{'JUMP_FOLDER_SELECT'}; } $ARGV[0] = "Inbox"; $ARGV[1] = 0; $ARGV[2] = $form{'FOLDER'}; &Inbox($message_return); } ### Read The Email sub Read_Email { Validate_User_Id($user,$pass,$mail_to,$cc,$mail_from,$subject,$message); my($html_tag,$safe,$att_string,$message,@att_array); Content(); if($ARGV[2] eq $message{23}) { if (Verify_Mess_Owner_Sent($user,$ARGV[1]) ne "OK") { oops($message{19}); } ($mail_to,$cc,$mail_from,$subject,$message,$html_tag) = Get_Message_Sent($ARGV[1]); } else { if (Verify_Mess_Owner($user,$ARGV[1]) ne "OK") { oops($message{19}); } ($mail_to,$cc,$mail_from,$subject,$message,$html_tag) = Get_Message($ARGV[1]); @att_array = Get_Att_List($ARGV[1]); } foreach $item(@att_array) { chomp($item); $safe = uri_escape($item); $att_string .= "$item "; } $message = Remove_Bad_HTML($message); @register = Get_Template("$settings{\"basepath\"}/templates","printmail.htm"); foreach $item (@register) { if ($item =~ //) { Header() unless ($ARGV[3] eq "Printer_Friendly"); } if ($item =~ //) { Footer() unless ($ARGV[3] eq "Printer_Friendly"); } $item =~ s//$url/gm; $item =~ s//$mail_from/gm; $item =~ s//$mail_to/gm; $item =~ s//$cc/gm; $item =~ s//$subject/gm; $item =~ s//$att_string/gm; $item =~ s//$message/gm; $item =~ s//$ARGV[1]/gm; $item =~ s//$ARGV[2]/gm; $item =~ s//$folder_list/gm; $item =~ s//$folder_list_links/gm; print $item; } } ### Delete Email sub Delete_Email { my($results); Validate_User_Id($user,$pass); Content(); if($ARGV[2] eq $message{23}) { if (Verify_Mess_Owner_Sent($user,$ARGV[1]) ne "OK") { oops($message{19}); } Delete_Message_Sent($user,$ARGV[1]); $ARGV[0] = "Inbox"; $ARGV[1] = 0; $ARGV[2] = $message{23}; &Inbox($message{47}); } else { $results = Verify_Mess_Owner($user,$ARGV[1]); if ($results ne "OK") { oops($message{19}); } if ($ARGV[2] ne $message{22}) { Temp_Delete_Message($user,$ARGV[1]); } else { Delete_Message($user,$ARGV[1]); } $ARGV[0] = "Inbox"; $ARGV[1] = 0; $ARGV[2] = $form{'FOLDER'}; &Inbox($message{47}); } } ### Get Mail Header sub Print_Header { Validate_User_Id($user,$pass); Content(); if (Verify_Mess_Owner($user,$ARGV[1]) ne "OK") { oops($message{19}); } my ($header) = Get_Header($ARGV[1]); $header =~ s/[\r\n]/
/gm; @register = Get_Template("$settings{\"basepath\"}/templates","mailheader.htm"); foreach $item (@register) { $item =~ s//$header/gm; print $item; } } ### Remove malicious HTML from HTML messages. sub Remove_Bad_HTML { my $scrubber = HTML::Scrubber->new( allow => [ qw[ p b i u hr br img tr td table div a ] ] ); my @default = ( 0 => { '*' => 1, 'href' => qr{^(?!(?:java)?script)}i, 'src' => qr{^(?!(?:java)?script)}i, 'cite' => '(?i-xsm:^(?!(?:java)?script))', 'language' => 0, 'name' => 1, 'onblur' => 0, 'onchange' => 0, 'onclick' => 0, 'ondblclick' => 0, 'onerror' => 0, 'onfocus' => 0, 'onkeydown' => 0, 'onkeypress' => 0, 'onkeyup' => 0, 'onload' => 0, 'onmousedown' => 0, 'onmousemove' => 0, 'onmouseout' => 0, 'onmouseover' => 0, 'onmouseup' => 0, 'onreset' => 0, 'onselect' => 0, 'onsubmit' => 0, 'onunload' => 0, 'src' => 0, 'type' => 0, } ); $scrubber->default( @default ); $scrubber->rules( img => { src => 1, alt => 1,'*' => 0,}, b => 1,); my $message = $scrubber->scrub($_[0]); $message; } ### Display Image sub Show_Image { my($img,$ext); Validate_User_Id($user,$pass); $_[2] = uri_unescape($_[2]); $_[2] =~ s/.+\.//gm; $_[2] =~ tr,a-z,A-Z,; my %mime = mime(); $img = Get_Image($ARGV[1],$ARGV[2]); $ext = $mime{$_[2]}; if ($ext eq "") { $ext = "application/octet-stream" } print "Content-Disposition: inline; filename=\"$ARGV[2]\"\n"; print "Content-Length: " . length($img) . "\n"; print "Content-type: $ext\n\n"; binmode($img); binmode(STDOUT); print $img; } ### Display the mail form sub Create_Email { Validate_User_Id($user,$pass); my($total_mail_count); &Clean_Mail_Count($user); my (@user_array) = Get_User_Stats($user); my ($max_mail) = Count_Mail_Count($user); chomp($user_array[4]); if ($user_array[4] eq "NO") { $total_mail_count = $settings{'max_mail_basic'}; } else { $total_mail_count = $settings{'max_mail_premium'}; } if ($max_mail >= $total_mail_count) { &oops($message{'124'}); } $do_create_java = 1; my($results,$null,$contact_list,$html_tag,$checked,@form_box); my ($att); my ($null,$to,$cc,$bcc,$subject,$rich,$mess) = @_; my($html,$sig_on,$sig,$encoding) = Get_Mail_Options($user); if ($null) { $checked = " CHECKED" unless ($rich ne "off"); } else { if ($html eq "ON") { $checked = " CHECKED"; } } if ($ARGV[1]) { $results = Verify_Mess_Owner($user,$ARGV[1]); if ($results ne "OK") { if (Verify_Mess_Owner_Sent($user,$ARGV[1]) ne "OK") { oops($message{19}); } } ($null,$null,$to,$subject,$mess,$html_tag) = Get_Message($ARGV[1],1); if ($html_tag == 1) { $checked = " CHECKED"; } else { undef $checked; } } my @contacts = Get_Contact_List($user); foreach $item(@contacts) { chomp($item); $contact_list .= ""; } Delete_Temp_Attachments($user) unless ($_[0]); $att = Get_Temp_Attachments($user); my $admin_check = " Send To All Users"; if($ENV{'HTTP_USER_AGENT'} =~ /MSIE/) { @form_box = Get_Template("$settings{\"basepath\"}/templates","msiesend.htm"); foreach (@form_box) { $_ =~ s//$settings{"icon_path"}/gm; $_ =~ s//$mess/gm; $_ =~ s//$checked/gm; if (lc($user) eq lc($settings{'admin'})) { $_ =~ s//$admin_check/gm; } } } else { @form_box = Get_Template("$settings{\"basepath\"}/templates","nssend.htm"); foreach (@form_box) { $_ =~ s//$mess/gm; if (lc($user) eq lc($settings{'admin'})) { $_ =~ s//$admin_check/gm; } } } Content(); if ($ARGV[2]) { undef $to; } else { $ARGV[1] = ""; } @register = Get_Template("$settings{\"basepath\"}/templates","sendmail.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } if ($_[0] != 1) { $item =~ s//$_[0]/gm; } if (lc($user) eq lc($settings{'admin'})) { $item =~ s//$admin_check/gm; } $item =~ s//$url/gm; $item =~ s//$message{14}/gm; $item =~ s//$to/gm; $item =~ s//$contact_list/gm; $item =~ s//$cc/gm; $item =~ s//$bcc/gm; $item =~ s//$subject/gm; $item =~ s//$att/gm; $item =~ s//$mess/gm; $item =~ s//$message{113}/gm; $item =~ s//$checked/gm; $item =~ s//@form_box/gm; $item =~ s//$ARGV[1]/gm; $item =~ s//$settings{"icon_path"}/gm; print $item; } $do_create_java = (); } ### Process the email form sub Proc_Create_Email { Validate_User_Id($user,$pass); my($total_mail_count); my (@user_array) = Get_User_Stats($user); my ($max_mail) = Count_Mail_Count($user); chomp($user_array[4]); if ($user_array[4] eq "NO") { $total_mail_count = $settings{'max_mail_basic'}; } else { $total_mail_count = $settings{'max_mail_premium'}; } if ($max_mail >= $total_mail_count) { &oops($message{'124'}); } Content(); my($entity,$advert,$id,$cider,$fwd_data,$file_name,$att,$realname,$ext,$smtp_message,$results,$to,$cc,$bcc,$mime_type,@att_list,@bcc_form,@bcc_temp,@fwd_array,%content); if ($form{'SEND'} eq "$message{113}") { Delete_Temp_Attachments($user); Create_Email(1,$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); exit; } elsif ($form{'SEND'} eq "$message{14}") { $file_name = param('ATTACH'); $realname = $file_name; if ($realname eq "") { oops($message{15}); } if (Temp_Att_Count($user) >= $settings{'max_attach'}) { Create_Email($message{'105'},$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); } else { $realname =~ s/.+\\//i; while(<$file_name>){ $att .= $_; } ### Virus scan if ($settings{'anti-virus'} == 1) { open(FH,">$settings{'basepath'}/temp/$user.vtf"); print FH $att; close FH; if (Virus_Scan("$settings{'basepath'}/temp/$user.vtf") == 3) { Create_Email($message{'106'},$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); unlink("$settings{'basepath'}/temp/$user.vtf"); exit; } unlink("$settings{'basepath'}/temp/$user.vtf"); } ### End virus scan Insert_Temp_Att($user,$realname,$att); Create_Email(1,$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); exit; } } else { if ($form{'send_all'}) { &Admin_Send_All; } else { ($form{'TO'},$form{'CC'},$form{'BCC'}) = Strip_Dup_Add($form{'TO'},$form{'CC'},$form{'BCC'}); $results = Validate_Addresses($form{'TO'}); if ($results ne "OK") { Create_Email("$message{16} $results",$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); exit; } if ($form{'CC'}) { $results = Validate_Addresses($form{'CC'}); if ($results ne "OK") { Create_Email("$message{16} $results",$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); exit; } } if ($form{'BCC'}) { $results = Validate_Addresses($form{'BCC'}); if ($results ne "OK") { Create_Email("$message{16} $results",$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'richtext'},$form{'body'}); exit; } } if ($form{'SUBJECT'} eq "") { $form{'SUBJECT'} = $message{17}; } $form{'SUBJECT'} = Strip_Returns($form{'SUBJECT'}); $form{'TO'} = Strip_Returns($form{'TO'}); $form{'CC'} = Strip_Returns($form{'CC'}); $form{'BCC'} = Strip_Returns($form{'BCC'}); @bcc_form = split(/\,/,$form{'BCC'}); foreach $item (@bcc_form) { @bcc_temp = split(/\@/,$item); if(Valid_Domain($bcc_temp[1]) eq "OK") { $bcc .= "$item,"; undef $item;} } chop($bcc); $form{'BCC'} = join(//,@bcc_form); my $top = MIME::Entity->build(Type =>"multipart/mixed",From => $user, To => $form{'TO'}, Subject => $form{'SUBJECT'}, Cc => $form{'CC'}, Bcc => $form{'BCC'}, 'X-Mailer' => "World Wide Messenger By WorldWideCreations.com", 'X-Original-Sender' => $ENV{'REMOTE_ADDR'}, 'X-Abuse' => "Abuse contact: $settings{'abuse_address'}", Encoding => -SUGGEST); if ($form{'richtext'}) { $mime_type = "text/html"; } else { $mime_type = "text/plain"; } $id = time; Add_Sent($id,$user,$form{'TO'},$form{'CC'},$form{'BCC'},$form{'SUBJECT'},$form{'body'},$mime_type); Update_Mail_Stats("sent",$user); my($html,$sig_on,$sig,$encoding) = Get_Mail_Options($user); if($encoding eq "") { $encoding = $settings{'default_encoding'}; } if (($sig_on) && ($sig)) { if ($mime_type eq "text/plain") { $sig = "$sig"; } else { $sig = "
$sig

"; } } if ($mime_type eq "text/plain") { $register = join(/\n/,Get_Template("$settings{\"basepath\"}","text_advertisement.cgi")); } else { $register = join(/\n/,Get_Template("$settings{\"basepath\"}","html_advertisement.cgi")); } $entity = MIME::Entity->build( Type => $mime_type, Encoding => -SUGGEST, 'X-Mailer' => undef, Data => "$form{'body'}$sig$register"); $top->add_part($entity); $att = Get_Temp_Attachments($user); @att_list = split(/\,/,$att); foreach $item(@att_list) { chomp($item); $att = Get_Temp_Att_Data($user,$item); $file_name = $item; $item =~ s/.+\.//gm; $item =~ tr,a-z,A-Z,; my %mime = mime(); $ext = $mime{$item}; if ($ext eq "") { $ext = "application/octet-stream" } $top->attach(Data => $att, Filename => $file_name, Type => "$ext", Encoding => "base64"); } if ($form{'FWD'} ne "") { $id = time; if (Verify_Mess_Owner($user,$form{'FWD'}) ne "OK") { oops($message{19}); } @fwd_array = Get_Att_List($form{'FWD'}); foreach $item(@fwd_array) { chomp($item); $cider = "$url\?Show_Image\&$form{'FWD'}\&$item"; $cider = escapeHTML($cider); if ($form{'body'} =~ /http:\/\/?.+\Q$cider\E/i) { $form{'body'} =~ s/http:\/\/?.+\Q$cider\E/cid:$id/gi; $content{$item} = $id; $id++; } } } foreach $item (@fwd_array) { chomp($item); $fwd_data = Get_Image($form{'FWD'},$item); $file_name = $item; $item =~ s/.+\.//gm; $item =~ tr,a-z,A-Z,; $ext = $mime{$item}; if ($ext eq "") { $ext = "application/octet-stream" } $top->attach(Data => $fwd_data, Filename => $file_name, Type => "$ext", Encoding => "base64", Id => $content{$file_name}); } if ($settings{"sendmail"}) { open MAIL, "| $settings{\"sendmail_path\"} -t" or oops("Sendmail: $!"); $top->print(\*MAIL); close MAIL; } else { $smtp_message = $top->stringify; $smtp= Net::SMTP->new($settings{"smtp_server"}, Debug => 0,); $smtp->mail($user); $smtp->to($form{'TO'}); $smtp->data(); $smtp->datasend($smtp_message); $smtp->dataend(); $smtp->quit; } if($bcc ne "") { $form{'TO'} = $bcc; $form{'CC'} = (); $form{'BCC'} = (); &Proc_Create_Email; } Delete_Temp_Attachments($user); } Add_Mail_Count($user); $ARGV[0] = "Inbox"; $ARGV[1] = 0; $ARGV[2] = $form{'FOLDER'}; &Inbox($message{45}); } } ### Display Login Form sub Login { my (@domain_options,$forgot); Content(); @domains = Get_Domains($settings{"domains"}); foreach $item (@domains) { $item = Strip_Returns($item); push(@domain_options,""); } if ($_[1]) { $forgot = $settings{'forgot_answer'}; $forgot =~ s//$_[1]/gm; $forgot =~ s//$_[2]/gm; @register = Get_Template("$settings{\"basepath\"}/templates","forgotpw.htm"); } else { $forgot = $settings{'forgot_pass'}; $forgot =~ s//@domain_options/gm; @register = Get_Template("$settings{\"basepath\"}/templates","login.htm");} foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } if ($_[0]) { $item =~ s//$_[0]/gm; } $item =~ s//$url/gm; $item =~ s//$ARGV[0]/gm; $item =~ s//@domain_options/gm; $item =~ s//$forgot/gm; $item =~ s//$ENV{'SCRIPT_URI'}/gm; $item =~ s//$settings{"icon_path"}/gm; print $item; } exit; } ### Display Retrieve Password Form sub retrievepw { my (@domain_options,$forgot); Content(); @domains = Get_Domains($settings{"domains"}); foreach $item (@domains) { $item = Strip_Returns($item); push(@domain_options,""); } if ($_[1]) { $forgot = $settings{'forgot_answer'}; $forgot =~ s//$_[1]/gm; $forgot =~ s//$_[2]/gm; } else { $forgot = $settings{'forgot_pass'}; $forgot =~ s//@domain_options/gm; } @register = Get_Template("$settings{\"basepath\"}/templates","retrievepw.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } if ($_[0]) { $item =~ s//$_[0]/gm; } $item =~ s//$url/gm; $item =~ s//$ARGV[0]/gm; $item =~ s//@domain_options/gm; $item =~ s//$forgot/gm; $item =~ s//$settings{"icon_path"}/gm; print $item; } exit; } sub Proc_Login { my ($comm,$null); if ($form{'forgot'} ne "") { if ($form{'DO_LOST'}) { &Login($message{90}) unless ($form{'ANSWER'}); my ($answer,$temppass) = Get_Answer($form{'USERNAME_ORIG'}); if (lc($answer) eq lc($form{'ANSWER'})) { &Login("$message{93}$temppass"); exit; } else { &Login($message{94}); } } if (User_Exists("$form{'USERNAME_LOST'}\@$form{'DOMAIN_LOST'}") ne "OK") { retrievepw($message{12}); } elsif (Valid_Domain($form{'DOMAIN_LOST'}) ne "OK") { Login($message{10}); } my $question = Get_Question("$form{'USERNAME_LOST'}\@$form{'DOMAIN_LOST'}"); Login($message{92},$question,"$form{'USERNAME_LOST'}\@$form{'DOMAIN_LOST'}"); } else { if (($form{'USERNAME'} !~ /\A[0-9A-Za-z\._]+\Z/) || ($form{'USERNAME'} eq "")) { Login($message{6}); } elsif (Valid_Domain($form{'DOMAIN'}) ne "OK") { Login($message{10}); } elsif (User_Exists("$form{'USERNAME'}\@$form{'DOMAIN'}") ne "OK") { Login($message{12}); } elsif (Validate_User($form{'USERNAME'},$form{'PASSWORD'},$form{'DOMAIN'}) ne "OK") { Login($message{13}); } else { my $cookie_value = Encrypt("$form{'USERNAME'}\@$form{'DOMAIN'}|$form{'PASSWORD'}",$pub_key,$pub_key); my $cookie = new CGI::Cookie(-name=>'name',-value=>$cookie_value); print "Set-Cookie: $cookie\n"; $user = "$form{'USERNAME'}\@$form{'DOMAIN'}"; $pass = $form{'PASSWORD'}; Update_Login($user); &Main_Menu; #&Inbox; } } } ### Register sub Register { &oops("You must set the setup variable to 0 before you can register.") unless ($settings{'setup'} == 0); my (@domain_options); Content(); @domains = Get_Domains($settings{"domains"}); foreach $item (@domains) { $item = Strip_Returns($item); push(@domain_options,""); } @register = Get_Template("$settings{\"basepath\"}/templates","register.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } if ($_[0]) { $item =~ s//$_[11]/gm; } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$_[1]/gm; $item =~ s//$_[2]/gm; $item =~ s//$_[3]/gm; $item =~ s//$_[4]/gm; $item =~ s//$_[5]/gm; $item =~ s//$_[6]/gm; $item =~ s//$_[7]/gm; $item =~ s//$_[8]/gm; $item =~ s//$_[9]/gm; $item =~ s//$_[10]/gm; $item =~ s//@domain_options/gm; print $item; } exit; } ### Process Registration sub Proc_Register { &oops("You must set the setup variable to 0 before you can register.") unless ($settings{'setup'} == 0); my %users = Get_Banned_Usernames(); if (($form{'USERNAME'} !~ /\A[0-9A-Za-z\._]+\Z/) || ($form{'USERNAME'} eq "")) { Return_Reg_Error($message{6}); } if ($users{lc($form{'USERNAME'})}) { oops($message{102}); } elsif (Valid_Domain($form{'DOMAIN'}) ne "OK") { Return_Reg_Error($message{10}); } elsif (User_Exists("$form{'USERNAME'}\@$form{'DOMAIN'}") eq "OK") { Return_Reg_Error($message{9}); } elsif ($form{'PASSWORD'} ne $form{'PASSWORD2'}) { Return_Reg_Error($message{4}); } elsif ($form{'PASSWORD'} eq "") { Return_Reg_Error($message{5}); } elsif ($form{'QUESTION1'} eq "") { Return_Reg_Error($message{7}); } elsif ($form{'QUESTION2'} eq "") { Return_Reg_Error($message{8}); } else { Content(); $results = Save_Reg($form{'USERNAME'},$form{'PASSWORD'},$form{'DOMAIN'},$form{'QUESTION1'},$form{'QUESTION2'},$form{'QUESTION3'},$form{'QUESTION4'},$form{'QUESTION5'},$form{'QUESTION6'},$form{'QUESTION7'},$form{'QUESTION8'},$form{'QUESTION9'},$form{'QUESTION10'}); if ($results eq "OK") { Insert_Welcome_Message("$form{'USERNAME'}\@$form{'DOMAIN'}"); Update_Tier("$form{'USERNAME'}\@$form{'DOMAIN'}",$message{118}); &Login($message{120}); } else { oops($message{11}); } } exit; } ### Process Header sub Header { my($java,$is_new,$temper,$is_sched); my @mailbox_usage_header_footer = Get_Mail_Usage_headerfooter($user); if (($ARGV[0] eq "Create_Email") || ($form{'SEND'} eq "$message{14}") || ($form{'SEND'} eq "$message{113}") || ($do_create_java == 1)) { $java = qq~ ~; } elsif ($ARGV[0] eq "Read_Email") { $java = qq~ ~; } elsif ($ARGV[0] eq "Inbox") { open(FH,"$settings{\"basepath\"}/templates/checkbox_java.htm"); while () { $java .= $_; } close FH; $java =~ s//$inbox_counter/gm; } else { $java = (); } ($folder_list_links,$folder_list) = Get_Folder_Links($user); if (($ARGV[0] eq "Inbox") && ($ARGV[2] eq "Inbox")) { if(Get_New($user) ne "") { my($html,$sig_on,$sig,$encoding,$sound_on,$sound) = Get_Mail_Options($user); if ($sound_on eq "ON") { $temper = ""; } } } @header = Get_Template("$settings{\"basepath\"}/templates","header.htm"); foreach $item (@header) { $item =~ s//@mailbox_usage_header_footer/gm; $item =~ s//$url/gm; $item =~ s//$user/gm; $item =~ s//$settings{'admin_link'}/gm unless (lc($user) ne lc($settings{'admin'})); $item =~ s//$settings{"icon_path"}/gm; $item =~ s//$java/gm; $item =~ s//$temper/gm; $item =~ s//$folder_list_links/gm; } print @header; } ### Get mailbox usage data for header/footer sub Get_Mail_Usage_headerfooter { my ($users_max_limit,$current_storage) = Check_File_Limit($_[0]); my $percent; $percent = sprintf('%.0f', ($current_storage / $users_max_limit) * 100); my $total = sprintf('%.0f', ($users_max_limit / 1000)); my @register = Get_Template("$settings{\"basepath\"}/templates","mailbox_usage_headerfooter.htm"); foreach $item (@register) { $item =~ s//$percent/gm; $item =~ s//$total/gm; ##$item =~ s//$url/gm; } @register; } ### Process Footer sub Footer { my($is_sched); my @my_date = Get_Date(time,1); if(Is_Sched($user,($my_date[4] + 1),($my_date[5] + 1900),$my_date[3]) ne"") { $is_sched = $settings{'reminder'}; $is_sched =~ s//$settings{'icon_path'}/gm; } @footer = Get_Template("$settings{\"basepath\"}/templates","footer.htm"); foreach $item (@footer) { $item =~ s//$url/gm; $item =~ s//$user/gm; $item =~ s//$is_sched/gm; $item =~ s//$settings{"icon_path"}/gm; $item =~ s//$folder_list_links/gm; $item =~ s//$settings{'admin_link'}/gm unless (lc($user) ne lc($settings{'admin'})); } print @footer; #$end_time = [ gettimeofday ]; #$elapsed = tv_interval($start_time,$end_time); #print "

Execution took $elapsed secs." } ### Empty spam sub Empty_Spam { Validate_User_Id($user,$pass); Empty_Folder($user,$message{24}); &Inbox($message{121}); } ################################################### Main functions ### Parse Incoming Data sub Parse_Incoming_Data { %form = (); if ($ENV{'CONTENT_LENGTH'} > $settings{"max_bytes"}) { oops($message{1}); } @stdins = param(); foreach $pair (@stdins) { $form{$pair} = param($pair); } } ### Error Handler sub oops { Content(); my ($buckd, $luckd, $errorline) = caller; if ((-e $settings{"basepath"} . "/templates/oops.htm") && (-r $settings{"basepath"} . "/templates/oops.htm")) { @register = Get_Template($settings{"basepath"} . "/templates","oops.htm"); my $error = $_[0]; foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$error/gm; $item =~ s//$errorline/gm; print $item; } } else { print "There was an error with this operation: $_[0]"; } exit; } ### Template Function sub Get_Template { my ($path,$file) = @_; if ($path =~ /templates/) { if ($user ne "") { my $template = Get_User_Template($user); if (($template ne "") && (-d "$settings{'basepath'}/templates/$template") && ($template ne "Admin") && ($template !~ /\./) && ($path !~ /Admin/)) { $path = "$path/$template"; } } } &oops("$message{2} $path/$file") unless (open(THEFILE, "$path/$file")); (@Template_Contents) = ; close THEFILE; @Template_Contents; } ### Build Arguement Index sub Command_Hash { my %commander = ( 'Register', "Register", 'Empty_Spam',"Empty_Spam", 'retrievepw',"retrievepw", 'Proc_Register', "Proc_Register", 'Create_Tables', "Create_Tables", 'Login', "Login", 'Proc_Login', "Proc_Login", 'Show_Version', "Show_Version", 'Do_Mail',"Do_Mail", 'Select_Template',"Select_Template", 'Proc_Select_Template',"Proc_Select_Template", 'Create_Email', "Create_Email", 'Proc_Create_Email', "Proc_Create_Email", 'Inbox',"Inbox", 'Show_Image',"Show_Image", 'Read_Email',"Read_Email", 'Delete_Email',"Delete_Email", 'Proc_Inbox_Request',"Proc_Inbox_Request", 'Options',"Options", 'Manage_Folders',"Manage_Folders", 'Proc_Manage_Folders',"Proc_Manage_Folders", 'Spam_Filter',"Spam_Filter", 'Proc_Spam_Filter',"Proc_Spam_Filter", 'Empty_Trash',"Empty_Trash", 'Manage_Contacts',"Manage_Contacts", 'Proc_Manage_Contacts',"Proc_Manage_Contacts", 'Print_Header',"Print_Header", 'Add_POP',"Add_POP", 'Proc_Add_POP',"Proc_Add_POP", 'Check_POP',"Check_POP", 'Mail_Options',"Mail_Options", 'Proc_Mail_Options',"Proc_Mail_Options", 'Edit_Profile',"Edit_Profile", 'Proc_Edit_Profile',"Proc_Edit_Profile", 'Display_Calendar',"Display_Calendar", 'Add_Calendar',"Add_Calendar", 'Delete_Schedule',"Delete_Schedule", 'Modify_Schedule',"Modify_Schedule", 'Notification',"Notification", 'Proc_Notification',"Proc_Notification", 'Proc_Folder_Filter',"Proc_Folder_Filter", 'Folder_Filter',"Folder_Filter", 'Log_Out',"Log_Out", 'Main_Menu',"Main_Menu", 'Admin',"Admin", 'Ban_Usernames',"Ban_Usernames", 'Proc_Ban_Usernames',"Proc_Ban_Usernames", 'Ban_IP',"Ban_IP", 'Proc_Ban_IP',"Proc_Ban_IP", 'Edit_Messages',"Edit_Messages", 'Proc_Edit_Messages',"Proc_Edit_Messages", 'Add_Welcome_Message',"Add_Welcome_Message", 'Proc_Add_Welcome_Message',"Proc_Add_Welcome_Message", 'Edit_Adverts',"Edit_Adverts", 'Proc_Edit_Adverts',"Proc_Edit_Adverts", 'Edit_Bounce',"Edit_Bounce", 'Proc_Edit_Bounce',"Proc_Edit_Bounce", 'Users',"Users", 'User_Details',"User_Details", 'Login_As',"Login_As", 'Confirm_Delete_User',"Confirm_Delete_User", 'Delete_User',"Delete_User", 'Backup',"Backup", 'Do_Backup',"Do_Backup", 'Do_Restore',"Do_Restore", 'Delete_Suspended',"Delete_Suspended", 'Proc_Delete_Suspended',"Proc_Delete_Suspended", 'Upgrade',"Upgrade", 'Upgrade_Success',"Upgrade_Success", 'Change_Settings',"Change_Settings", 'Proc_Change_Settings',"Proc_Change_Settings", 'Question',"Question", 'Preview_Pane',"Preview_Pane", ); } ### Specify Content sub Content { if (!($contenttype)) { print "Content-type: text/html\n"; print "Pragma: no-cache\n"; print "Cache-control: no-cache\n"; print "Expires: Mon, 06 May 1996 04:57:00 GMT\n"; print "\n"; $contenttype = 1; } } ### Show Version Number sub Show_Version { Content(); print $version; } ### Get Script Variables sub Get_Setup { my (@splitter); open(FH,"./setup.cgi") or &oops("Cannot find setup.cgi file. This is normally a basepath error, please read the readme file about setting \$the_main_path variable for these instances."); while() { @splitter = split(/ /, $_, 2); $splitter[1] = Strip_Returns($splitter[1]); $settings{$splitter[0]} = $splitter[1]; } $settings{'admin_link'} =~ s//$ENV{'SCRIPT_NAME'}/gm; close(FH); if ($settings{'basepath'} eq "") { if ($the_main_path ne "") { $settings{'basepath'} = $the_main_path; } else { $settings{'basepath'} = "."; } } } ### Get oops and other messages sub Get_Msgs { my (@splitter); open(FH,"$settings{\"basepath\"}/messages.cgi") or &oops("Cannot find messages.cgi file. This is normally a basepath error, please check your basepath."); while () { @splitter = split(/ /, $_, 2); $splitter[1] = Strip_Returns($splitter[1]); $message{$splitter[0]} = $splitter[1]; } close(FH); if ($settings{'setup'} == 0) { if ($settings{'ip_ban'} == 1) { my %ips = Get_Banned_IPs(); foreach (keys %ips) { if (($_ ne "") && ($ENV{'REMOTE_ADDR'} =~ m/$_/)) { oops($message{103}); } } } } } ### Initialize Script And Begin sub Initialize { $contenttype = (); &Get_Setup; if($settings{"basepath"} eq "") { $settings{"basepath"} = $the_main_path; } &Get_Msgs; &Globals; &Parse_Incoming_Data; @ARGV = split(/\\*\&/, $ENV{'QUERY_STRING'}); $ARGV[0] =~ s/\W//g; if ($settings{'setup'} == 1) { if ($ARGV[0] eq 'Change_Settings') { &Change_Settings; } elsif ($form{'action'} eq 'Proc_Change_Settings') { &Proc_Change_Settings(); } elsif ($ARGV[0] eq 'Question') { &Question; } else { &oops("You still have the setup variable set to 1, please set to 0 to continue"); } } &Routine_Caller; } ### Routes Routine sub Routine_Caller { %commandhash = Command_Hash(); if ($commandhash{$ARGV[0]}) { $rtrt = $commandhash{$ARGV[0]}; $rtrt =~ s/ //gm; chomp($rtrt); goto (&$rtrt); exit; } elsif ($commandhash{$form{'action'}}) { $rtrt = $commandhash{$form{'action'}}; $rtrt =~ s/ //gm; chomp($rtrt); goto (&$rtrt); exit; } else { &Login; } } ### Global Variables sub Globals { my($cookie); $url = $ENV{'SCRIPT_NAME'}; $version = "6.1.1"; %Cookies = CGI::Cookie->fetch; if (defined($Cookies{'name'})) { $cookie = $Cookies{'name'}->value; } ($user,$pass) = split(/\|/,Decrypt($cookie,$pub_key,$pub_key),2); } ### Check Referrer sub Get_Referrer { if ($ENV{'HTTP_REFERER'}) { foreach $referer (@referers) { if ($ENV{'HTTP_REFERER'} =~ m|https?://([^/]*)$referer|i) { $check_referer = 1; last; } } } else { $check_referer = 1; } return $check_referer; } ### Decrypt Email Address And Cookie sub Decrypt { my ($encrypted, $key, $pub_key) = @_; $encrypted =~ s/Þ/\&/gm; $encrypted =~ s/[\n\r\t\f]//eg; my ($cr,$index,$decode,$decode2,$char,$key_char,$dec_string,$decrypted) = ''; while ( length($key) < length($encrypted) ) { $key .= $key } $key=substr($key,0,length($encrypted)); while ($index < length($encrypted)) { $decode = sprintf("%1x", index($pub_key, substr($encrypted,$index,1))); $index++; $decode2 = sprintf("%1x", index($pub_key, substr($encrypted,$index,1))); $index++; $dec_string .= chr(hex("$decode$decode2")); } $index=0; while( $index < length($dec_string) ) { $char = substr($dec_string,$index,1); $key_char = substr($key,$index,1); $decrypted .= chr(ord($char) ^ ord($key_char)); $index++; } $cr = '·¨ '; $decrypted =~ s/$cr/\r/g; return &rot13($decrypted); } ### Encrypt Email Address And Cookie sub Encrypt { my ($source,$key,$pub_key) = @_; my ($cr,$index,$char,$key_char,$enc_string,$encode,$first, $second,$let1,$let2,$encrypted,$escapes) = ''; $source = &rot13($source); $cr = '·¨ '; $source =~ s/[\n\f]//g; $source =~ s/[\r]/$cr/g; while ( length($key) < length($source) ) { $key .= $key } $key=substr($key,0,length($source)); while ($index < length($source)) { $char = substr($source,$index,1); $key_char = substr($key,$index,1); $enc_string .= chr(ord($char) ^ ord($key_char)); $index++; } for (0..255) { $escapes{chr($_)} = sprintf("%2x", $_); } $index=0; while ($index < length($enc_string)) { $char = substr($enc_string,$index,1); $encode = $escapes{$char}; $first = substr($encode,0,1); $second = substr($encode,1,1); $let1=substr($pub_key, hex($first),1); $let2=substr($pub_key, hex($second),1); $encrypted .= "$let1$let2"; $index++; } $encrypted =~ s/\&/Þ/gm; return $encrypted; } ### Encryption sub rot13{ my $source = shift (@_); $source =~ tr /[a-m][n-z]/[n-z][a-m]/; $source =~ tr /[A-M][N-Z]/[N-Z][A-M]/; $source = reverse($source); return $source; } ### Delete Cookie sub delete_cookie { my(@to_delete) = @_; my($name); foreach $name (@to_delete) { undef $Cookies{$name}; my $cookie_value = Encrypt("$form{'USERNAME'}\@$form{'DOMAIN'}|$form{'PASSWORD'}",$pub_key,$pub_key); my $cookie = new CGI::Cookie(-name=>'name',-value=>$cookie_value,-expires=>'12-31-1970'); print "Set-Cookie: $cookie\n"; print "Set-Cookie: $name=deleted; expires=Thu, 01-Jan-1970 00:00:00 GMT;\n"; } } ########################### Admin Routines ### Main Admin Routine sub Admin { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","admin.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$_[0]/gm; print $item; } } #### I am here to answer all your questions sub Question { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my (%questions,@splitter); open(FH,"$settings{'basepath'}/questions.cgi"); while() { @splitter = split(/ /, $_, 2); $splitter[1] = Strip_Returns($splitter[1]); $questions{$splitter[0]} = $splitter[1]; } close(FH); my $answer = $questions{$ARGV[1]}; @register = Get_Template("$settings{\"basepath\"}/templates/Admin","question.htm"); foreach $item (@register) { $item =~ s//$url/gm; $item =~ s//$answer/gm; $item =~ s//$ARGV[1]/gm; print $item; } exit; } #### Change Setup Settings sub Change_Settings { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my($bolder,$form_final,@setup_split); open(FH,"$settings{'basepath'}/setup.cgi"); my @setup = ; close FH; foreach (@setup) { @setup_split = split(/ /, $_, 2); $setup_split[0] = Strip_Returns($setup_split[0]); $setup_split[1] = Strip_Returns($setup_split[1]); if ($setup_split[0] eq "basepath") { if ($setup_split[1] eq "") { if ($the_main_path ne "") { $setup_split[1] = $the_main_path; } else { $setup_split[1] = "."; } } } if ($setup_split[0] eq "icon_base_path") { if ($setup_split[1] eq "") { if ($the_main_path ne "") { $setup_split[1] = $ENV{'DOCUMENT_ROOT'}; } } } if ($setup_split[0] eq "icon_path") { if ($setup_split[1] eq "") { if ($the_main_path ne "") { $setup_split[1] = "http://$ENV{'HTTP_HOST'}"; } } } my %bold_hash = ( basepath => 1, dbtype => 1, dbname => 1, dbhost => 1, dbuser => 1, dbpass => 1, dbsuff => 1, icon_path => 1, setup => 1, admin => 1, icon_base_path => 1, ); if (exists $bold_hash{$setup_split[0]}) { $bolder = ""; } else { $bolder = ""; } $setup_split[1] = escapeHTML($setup_split[1]); $form_final .= "$bolder$setup_split[0]"; } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","change_settings.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$_[0]/gm; $item =~ s//$url/gm; $item =~ s//$form_final/gm; print $item; } exit; } ### Process the change in settings sub Proc_Change_Settings { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my %bold_hash = ( basepath => 1, dbtype => 1, dbname => 1, dbhost => 1, dbuser => 1, dbpass => 1, dbsuff => 1, icon_path => 1, setup => 1, admin => 1, icon_base_path => 1, ); foreach $key (keys %bold_hash) { if ($form{$key} eq "") { &Change_Settings("You MUST define the $form{$key} variable!"); exit; } } if (($form{'setup'} == 0) && ($form{'domains'} eq "")) { &oops("You must setup a domain before you can change the setup value to 0. This MUST contain the domain name that the email address of the variable admin uses"); } my @admin_dom = split(/\@/,$form{'admin'}); open(FH,"./setup.cgi"); my @setup = ; close FH; foreach (@setup) { @setup_split = split(/ /, $_, 2); $setup_split[0] = Strip_Returns($setup_split[0]); $setup_split[1] = $form{$setup_split[0]}; $_ = "$setup_split[0] $setup_split[1]\n"; } open(FH,">./setup.cgi") or oops("Cannot write to setup.cgi file, make sure this file has write permissions"); print FH @setup; close FH; &Get_Setup; &Create_Tables; &Change_Settings("Settings have been Changed"); exit; } ### Delete Suspended Users sub Delete_Suspended { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","confirm_delete_suspend.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; print $item; } } ### Backup and restore screen sub Backup { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","backup.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$_[0]/gm; $item =~ s//$url/gm; print $item; } } ### Delete the user sub Delete_User { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } Delete_User_Complete($ARGV[1]); my $message_ret = "$ARGV[1] Deleted"; $ARGV[1] = (); Users($message_ret); } ### Are you sure you want to delete this user? sub Confirm_Delete_User { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","confirmdelete.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$ARGV[1]/gm; print $item; } } ### Admin logs in as a user sub Login_As { Validate_User_Id($user,$pass); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my ($password,@junk) = Get_Reg_Info($ARGV[1]); my $cookie_value = Encrypt("$ARGV[1]|$password",$pub_key,$pub_key); my $cookie = new CGI::Cookie(-name=>'name',-value=>$cookie_value); print "Set-Cookie: $cookie\n"; $user = $ARGV[1]; $pass = $password; Update_Login($user); &Main_Menu; } ### User Details sub User_Details { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } if ($ARGV[2] eq "Change_Prem") { Change_Prem($ARGV[1],$ARGV[3]); $_[0] = "Premium status changed."; } if ($form{'action2'} eq 'change_max') { Change_Max($form{'USER'},$form{'SIZE'}); $_[0] = "Mailbox size changed."; $ARGV[1] = $form{'USER'}; } if ($form{'action2'} eq 'reset_password') { &oops("Passwords do not match") unless ($form{'PASSWORD'} eq $form{'PASSWORD2'}); Change_Pass($form{'USER'},$form{'PASSWORD'}); $ARGV[1] = $form{'USER'}; } my ($mail,$sent,$logins,$date_joined,$premium,$last_login,$mail_count,$ip,$password,$question1,$question2,$question3,$question4,$question5,$question6,$question7,$question8,$question9,$question10,$max,$current_storage,$tier) = Get_User_Stats($ARGV[1]); if ($mail_count eq "") { $mail_count = 0; } if ($current_storage eq "") { $current_storage = 0; } $date_joined = Get_Date($date_joined); $last_login = Get_Date($last_login); @register = Get_Template("$settings{\"basepath\"}/templates/Admin","userdetails.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$ARGV[1]/gm; $item =~ s//$date_joined/gm; $item =~ s//$logins/gm; $item =~ s//$last_login/gm; $item =~ s//$ip/gm; $item =~ s//$mail/gm; $item =~ s//$tier/gm; $item =~ s//$sent/gm; $item =~ s//$premium/gm; $item =~ s//$mail_count/gm; $item =~ s//$max/gm; $item =~ s//$current_storage/gm; $item =~ s//$question1/gm; $item =~ s//$question2/gm; $item =~ s//$question3/gm; $item =~ s//$question4/gm; $item =~ s//$question5/gm; $item =~ s//$question6/gm; $item =~ s//$question7/gm; $item =~ s//$question8/gm; $item =~ s//$question9/gm; $item =~ s//$question10/gm; print $item; } } ### List out the users sub Users { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } if (!($ARGV[1])) { $ARGV[1] = "a"; } my @userlist = Get_User_List($ARGV[1]); foreach (@userlist) { $_ = "$_
"; } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","users.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//@userlist/gm; print $item; } } ### Edit Bounce Messages sub Edit_Bounce { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } open(FH,"$settings{'basepath'}/bounce_attachment.cgi") or oops("Cannot find bounce_attachment: $!"); my (@atter) = ; close FH; my $att = join(/\n/,@atter); open(FH,"$settings{'basepath'}/bounce_no_user.cgi") or oops("Cannot find bounce_no_user: $!"); my (@userer) = ; close FH; my $iser = join(/\n/,@userer); open(FH,"$settings{'basepath'}/bounce_suspended.cgi") or oops("Cannot find bounce_suspended: $!"); my (@susp) = ; close FH; my $suspend = join(/\n/,@susp); @register = Get_Template("$settings{\"basepath\"}/templates/Admin","editbounce.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$att/gm; $item =~ s//$iser/gm; $item =~ s//$suspend/gm; print $item; } } ### Process Bounce Messages sub Proc_Edit_Bounce { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } open(FH,">$settings{'basepath'}/bounce_attachment.cgi") or oops("Cannot write to bounce_attachment.cgi, make sure you have proper permissions on this file and your basepath is correct: $!"); print FH $form{'ATTACH'}; close FH; open(FH,">$settings{'basepath'}/bounce_no_user.cgi") or oops("Cannot write to bounce_no_user.cgi, make sure you have proper permissions on this file and your basepath is correct: $!"); print FH $form{'UNKNOWN'}; close FH; open(FH,">$settings{'basepath'}/bounce_suspended.cgi") or oops("Cannot write to bounce_suspended.cgi, make sure you have proper permissions on this file and your basepath is correct: $!"); print FH $form{'SUSPEND'}; close FH; &Edit_Bounce("Bounces Updated"); } ### Edit Advertisements sub Edit_Adverts { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } open(FH,"$settings{'basepath'}/text_advertisement.cgi") or oops("Cannot find text_advertisement: $!"); my (@texter) = ; close FH; my $text = join(/\n/,@texter); open(FH,"$settings{'basepath'}/html_advertisement.cgi") or oops("Cannot find html_advertisement: $!"); my (@htmler) = ; close FH; my $html = join(/\n/,@htmler); @register = Get_Template("$settings{\"basepath\"}/templates/Admin","editadverts.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$text/gm; $item =~ s//$html/gm; print $item; } } ### Process Edit Advertisements sub Proc_Edit_Adverts { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } open(FH,">$settings{'basepath'}/text_advertisement.cgi") or oops("Cannot write to text_advertisement.cgi, make sure you have proper permissions on this file and your basepath is correct: $!"); print FH $form{'TEXT'}; close FH; open(FH,">$settings{'basepath'}/html_advertisement.cgi") or oops("Cannot write to html_advertisement.cgi, make sure you have proper permissions on this file and your basepath is correct: $!"); print FH $form{'HTML'}; close FH; &Edit_Adverts("Advertisements Updated"); } ### Add a welcome message sub Add_Welcome_Message { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my($checked,$checked2); open(FH,"$settings{'basepath'}/welcomemessage.cgi"); my ($type,$subject,@welcome_message) = ; close FH; $type = Strip_Returns($type); $subject = Strip_Returns($subject); my $welcome_mess = join(/\n/, @welcome_message); if ($type eq "text") { $checked = " CHECKED"; } else { $checked2 = " CHECKED"; } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","addwelcomemessage.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$subject/gm; $item =~ s//$checked/gm; $item =~ s//$checked2/gm; $item =~ s//$welcome_mess/gm; print $item; } } ### Process Welcome Message sub Proc_Add_Welcome_Message { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } &oops("You did not enter a subject") unless ($form{"SUBJECT"}); &oops("You did not enter a Message") unless ($form{"MESSAGE"}); open(FH,">$settings{'basepath'}/welcomemessage.cgi") or oops("Cannot write to welcomemessage.cgi, make sure you have proper permissions on this file and your basepath is correct: $!"); print FH "$form{'TYPE'}\n$form{'SUBJECT'}\n$form{'MESSAGE'}"; close FH; Add_Welcome_Message("Welcome Message Processed"); } ### Edit Message Routine sub Edit_Messages { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my($messages); foreach $key (sort { $a <=> $b } keys %message) { $messages .= "# $key:

"; } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","editmessages.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$_[0]/gm; $item =~ s//$messages/gm; print $item; } } ### Process Message Editing sub Proc_Edit_Messages { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } foreach $key (keys %message) { if (!($form{$key})) { &oops("You left message $key blank!"); } } if ($form{21} ne $message{21}) { Change_System_Folder($form{21},$message{21}); } if ($form{22} ne $message{22}) { Change_System_Folder($form{22},$message{22}); } if ($form{23} ne $message{23}) { Change_System_Folder($form{23},$message{23}); } if ($form{24} ne $message{24}) { Change_System_Folder($form{24},$message{24}); } open(FH,">$settings{'basepath'}/messages.cgi") or oops("Cannot Open setup.cgi file, please check permissions or basepath: $!"); foreach $key (sort { $a <=> $b } keys %message) { print FH "$key $form{$key}\n"; } close FH; Get_Msgs(); Edit_Messages("Settings Updated"); } ### Ban IP Addresses sub Ban_IP { Validate_User_Id($user,$pass); Content(); my($ip_list); my %ips = Get_Banned_IPs(); foreach $key (keys %ips) { $ip_list .= ""; } if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","banip.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$ip_list/gm; $item =~ s//$_[0]/gm; print $item; } } ### Process Banned IP's sub Proc_Ban_IP { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my @ip_array = split(/\:\:/, $form{'alllist'}); Add_Delete_Ban_IPs(@ip_array); Ban_IP("IPS Updated"); } ### Ban Usernames sub Ban_Usernames { Validate_User_Id($user,$pass); Content(); my($user_list); my %users = Get_Banned_Usernames(); foreach $key (keys %users) { $user_list .= ""; } if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } @register = Get_Template("$settings{\"basepath\"}/templates/Admin","banusernames.htm"); foreach $item (@register) { if ($item =~ //) { Admin_Header(); } if ($item =~ //) { Admin_Footer(); } $item =~ s//$url/gm; $item =~ s//$user_list/gm; $item =~ s//$_[0]/gm; print $item; } } ### Process Usernames sub Proc_Ban_Usernames { Validate_User_Id($user,$pass); Content(); if (lc($user) ne lc($settings{'admin'})) { &oops($message{101}); } my @user_array = split(/\:\:/, $form{'alllist'}); Add_Delete_Ban_Usernames(@user_array); Ban_Usernames("Usernames Updated"); } ### Process Header sub Admin_Header { @header = Get_Template("$settings{\"basepath\"}/templates/Admin","header.htm"); foreach $item (@header) { $item =~ s//$url/gm; $item =~ s//$user/gm; $item =~ s//$settings{'admin_link'}/gm; $item =~ s//$settings{"icon_path"}/gm; } print @header; } ### Process Footer sub Admin_Footer { @footer = Get_Template("$settings{\"basepath\"}/templates/Admin","footer.htm"); foreach $item (@footer) { $item =~ s//$url/gm; $item =~ s//$user/gm; $item =~ s//$settings{"icon_path"}/gm; $item =~ s//$settings{'admin_link'}/gm; } print @footer; #$end_time = [ gettimeofday ]; #$elapsed = tv_interval($start_time,$end_time); #print "

Execution took $elapsed secs." } #################### Functions New To Mess 6.1.0 from 6.1 ### Select Template Hack sub Select_Template { Validate_User_Id($user,$pass); my($file,$options); Content(); $options = ""; opendir THEDIR, "$settings{'basepath'}/templates" or oops("Unable to open directory: $!"); my @allfiles = readdir THEDIR; closedir THEDIR; foreach $file (@allfiles) { if ((-d "$settings{'basepath'}/templates/$file") && ($file ne "Admin") && ($file !~ /\./)) { $options .= ""; } } @register = Get_Template("$settings{\"basepath\"}/templates","templates.htm"); foreach $item (@register) { if ($item =~ //) { Header(); } if ($item =~ //) { Footer(); } $item =~ s//$url/gm; $item =~ s//$options/gm; $item =~ s//$_[0]/gm; print $item; } } sub Proc_Select_Template { Validate_User_Id($user,$pass); if (((-d "$settings{'basepath'}/templates/$form{'TEMPLATE'}") && ($form{'TEMPLATE'} ne "Admin") && ($form{'TEMPLATE'} !~ /\./)) || ($form{'TEMPLATE'} eq $message{125})) { Add_Template($user,$form{'TEMPLATE'}); &Select_Template($message{126}); } else { &oops($message{127}); } } sub Preview_Pane { Validate_User_Id($user,$pass,$mail_to,$cc,$mail_from,$subject,$message); my($html_tag,$safe,$att_string,$message,@att_array); Content(); if ($ARGV[1] eq "0") { print $message{123}; } else { if($ARGV[2] eq $message{23}) { if (Verify_Mess_Owner_Sent($user,$ARGV[1]) ne "OK") { oops($message{19}); } ($mail_to,$cc,$mail_from,$subject,$message,$html_tag) = Get_Message_Sent($ARGV[1]); } else { if (Verify_Mess_Owner($user,$ARGV[1]) ne "OK") { oops($message{19}); } ($mail_to,$cc,$mail_from,$subject,$message,$html_tag) = Get_Message($ARGV[1]); @att_array = Get_Att_List($ARGV[1]); } foreach $item(@att_array) { chomp($item); $safe = uri_escape($item); $att_string .= "$item "; } $message = Remove_Bad_HTML($message); @register = Get_Template("$settings{\"basepath\"}/templates","printpane.htm"); foreach $item (@register) { $item =~ s//$url/gm; $item =~ s//$message/gm; $item =~ s//$ARGV[1]/gm; $item =~ s//$ARGV[2]/gm; print $item; } } }