#!/usr/bin/perl use strict; use lib qw(/home/u484518444/domains/aklaat.com/public_html/cgi-bin); use CGI qw(:standard escapeHTML); use AklaatDB; use AklaatDB::Session; #------------------------------------------------------------------------------# # Create the desired cookie using the cookie() method. # Do this before calling the header() method, because the cookie must be # incorporated into the HTTP header. # # Note: Valid parameters for the cookie() call include: # ----------------------------------------------------- # # -domain a partial or complete domain name for which the # cookie is valid. Like '.devdaily.com' # for the entire domain (www.devdaily.com, # smtp.devdaily.com, etc.), or 'www.devdaily.com' # to refer to one server. # -expires (optional) The expiration date for this cookie. # +60s 60 seconds from now # +20m 20 minutes from now # +5h 5 hours from now # +1d 1 day from now # -3d 3 days ago # now immediately # +6M 6 months from now # +1y 1 year from now # Monday, 28-Dec-98 12:30:00 GMT # expire at this specific date & time # -name the name of the cookie (req'd) # -path (optional) If you specify this attribute, the # browser will check it against your script's URL # before returning the cookie. # The default is set to '/'. # -secure (optional) The cookie will only be sent if the CGI # request is occurring on a secure channel. # -value (req'd) The value of your cookie. This can be a # scalar value, array reference, or hash # reference. #------------------------------------------------------------------------------# my $ScriptLocation = "http://www.aklaat.com/cgi-bin"; my $baseurl = 'http://www.aklaat.com/'; my $mailprog = '/usr/sbin/sendmail'; my $basedir = '/home/u484518444/domains/aklaat.com/public_html/'; my $returnemail = 'admin@aklaat.com'; my ($count, @FileData, @temp, $name, $value, $buffer); if ($ENV{'REQUEST_METHOD'} eq 'POST') { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); } else { $buffer = $ENV{'QUERY_STRING'}; } if (defined (cookie ("aklaat_user_name"))) { print redirect(-url => 'pass_logon.pl'); exit(0); } my (@temp, $name, $value, %QUERY, %SETTINGS); @temp = split /&/, $buffer; for(@temp) # Get Query String and put it in hash %QUERY { ($name, $value) = split /=/, $_; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $QUERY{$name} = $value; } # If the cookie containing the session ID is present, use the ID to look up # an existing session. If the attempt fails or there was no cookie, create # a new session and prepare a cookie to send to the client that contains # the session ID. If all attempts to open a session fail, we can't continue. my $usernameCookie = cookie ("aklaat_user_name"); my $emailCookie = cookie ("aklaat_user_email"); my $realnameCookie = cookie ("aklaat_user_real_name"); my $http_referer = $ENV{'HTTP_REFERER'}; $http_referer =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # Convert all Hex back to regular characters if($http_referer =~ /$ScriptLocation/ || $SETTINGS{'accounts'} eq 'fullpublic' || $SETTINGS{'accounts'} eq 'viewonly') # Check to see if they came from different page { if($http_referer =~ /$ScriptLocation/) { if($ENV{'CONTENT_LENGTH'} != 0) {GetPostData();} # if POST info was sent, put information in hash %POST if($QUERY{'action'} eq 'VerifyLogOn') { VerifyLogOn(); } elsif($QUERY{'action'} eq 'ForgetPassword') { ForgetPassword(); } else { LogOn('', ''); } } } else { LogOn('', ''); } ############################################################# sub LogOn { my($error_email,$error_user_name) = @_; my ($email, $username, $password); print "Content-type:text/html\n\n"; print< �� HTMLTOP my $data_file="includes/style.htm"; open(DAT, "$basedir$data_file") || die("Could not open file!"); my @raw_data=; close(DAT); my $line; foreach $line (@raw_data) { print "$line"; } $data_file="includes/style1.htm"; open(DAT, "$basedir$data_file") || die("Could not open file!"); @raw_data=; close(DAT); foreach $line (@raw_data) { print "$line"; } $data_file="includes/script.htm"; open(DAT, "$basedir$data_file") || die("Could not open file!"); @raw_data=; close(DAT); foreach $line (@raw_data) { print "$line"; } print< A { TEXT-DECORATION: none } LI { color:#f0af21 } A:hover { COLOR: #cc0000; TEXT-DECORATION: underline } .home-title { FONT-SIZE: 17px; COLOR: #cc0000; FONT-FAMILY: "Simplified Arabic" } .home-text { FONT-SIZE: 15px; COLOR: #000000; FONT-FAMILY: "Simplified Arabic" } .sub-text { FONT-SIZE: 15px; COLOR: #cc4a00; FONT-FAMILY: "Simplified Arabic" } .V9 {FONT-FAMILY: 'Simplified Arabic'; FONT-SIZE: 15px; font-weight: bold} .T12 {FONT-SIZE: 12px; FONT-FAMILY: 'Tahoma'; font-weight: bold} .T14 {FONT-SIZE: 14px; FONT-FAMILY: 'Tahoma'; font-weight: bold} HTMLTOP require "../ui/top.pl"; print<

��

�� HTMLTOP if (defined ($QUERY{'filename'})) { print ""; } else { print ""; } print<�� .

HTMLTOP if ($error_user_name ne '') { print ""; } my $username = $QUERY{'username'}; my $password = $QUERY{'password'}; my $email = $QUERY{'email'}; print<

��
"; print " $error_user_name "; print "
��
��

�� ѿ �� ǿ
�� :
�� :

HTMLTOP if ($error_email ne '') { print "

$error_email

"; } print<

HTMLTOP require "../ui/nav.pl"; print "

"; $data_file="includes/key_press.htm"; open(DAT, "$basedir$data_file") || die("Could not open file!"); @raw_data=; close(DAT); foreach $line (@raw_data) { print "$line"; } print ""; exit(0); } ############################################################# sub VerifyLogOn { my($dbh, $sth, $userRealName, $email, $username, $password, $emailcontent); if ((AklaatDB::trim($QUERY{'username'}) ne '') && (AklaatDB::trim($QUERY{'password'}) ne '')) { $dbh = AklaatDB::connect (); $dbh->do ('SET NAMES CP1256'); $dbh->do ('SET COLLATION_CONNECTION=CP1256_GENERAL_CI'); $username = AklaatDB::trim($QUERY{'username'}); $password = AklaatDB::trim($QUERY{'password'}); $sth = $dbh->prepare ("SELECT realname, email FROM users WHERE username = '$username' AND password = '$password'"); $sth->execute (); while (my $ref = $sth->fetchrow_hashref ()) { $userRealName = $ref->{realname}; $email = $ref->{email}; } $dbh->disconnect (); my ($usernameCookie, $realnameCookie, $emailCookie); if ($userRealName ne '') { if ($QUERY{'chkSaveUserInfo'} eq 'on') { createCookies($username, $userRealName, $email, "+2y"); } else { createCookies($username, $userRealName, $email, "+3h"); } #SuccessfulLogOn($userRealName); } else { LogOn('','�� '); } } else { LogOn('','�� '); } exit(0); } ############################################################# sub ForgetPassword { my($dbh, $sth, $email, $username, $password, $emailcontent); if (AklaatDB::trim($QUERY{'email'}) ne '') { $dbh = AklaatDB::connect (); $dbh->do ('SET NAMES CP1256'); $dbh->do ('SET COLLATION_CONNECTION=CP1256_GENERAL_CI'); $email = AklaatDB::trim($QUERY{'email'}); $sth = $dbh->prepare ("SELECT username, password FROM users WHERE email = '$email'"); $sth->execute (); while (my $ref = $sth->fetchrow_hashref ()) { $username = $ref->{username}; $password = $ref->{password}; $emailcontent = "Greetings from aklaat.com!\nHere is the information you requested:\n\nUser Name: $username\nPassword: $password"; SendMail($returnemail, $email, 'aklaat.com Forgotten Password Notification',$emailcontent); } $sth->finish (); $dbh->disconnect (); if ($username ne '') { LogOn('�� ',''); } else { LogOn('�� ',''); } } else { LogOn('�� ',''); } exit(0); } ############################################################# sub createCookies { my ($username, $userRealName, $email, $period) = @_; my $usernameCookie = cookie (-name => "aklaat_user_name", -value => "$username", -expires => "$period"); my $realnameCookie = cookie (-name => "aklaat_user_real_name", -value => "$userRealName", -expires => "$period"); my $emailCookie = cookie (-name => "aklaat_user_email", -value => "$email", -expires => "$period"); if ($QUERY{'filename'} ne '') { if ($QUERY{'caller'} eq 'notify') { print redirect(-url => "http://www.aklaat.com/cgi-bin/notify/rate.pl?filename=$QUERY{'filename'}", -cookie => [ $usernameCookie, $realnameCookie, $emailCookie ]); } elsif ($QUERY{'caller'} eq 'my_recipes') { print redirect(-url => "http://www.aklaat.com/cgi-bin/notify/my_recipes.pl?filename=$QUERY{'filename'}", -cookie => [ $usernameCookie, $realnameCookie, $emailCookie ]); } else { print redirect(-url => "http://www.aklaat.com/cgi-bin/rates/PostRate.pl?filename=$QUERY{'filename'}", -cookie => [ $usernameCookie, $realnameCookie, $emailCookie ]); } } elsif ($QUERY{'caller'} eq 'update_profile') { print redirect(-url => "http://www.aklaat.com/cgi-bin/users/change_profile.pl", -cookie => [ $usernameCookie, $realnameCookie, $emailCookie ]); } elsif ($QUERY{'caller'} eq 'list_my_recipes') { print redirect(-url => "http://www.aklaat.com/cgi-bin/recipes/my_recipes.pl", -cookie => [ $usernameCookie, $realnameCookie, $emailCookie ]); } else { print redirect(-url => 'pass_logon.pl', -cookie => [ $usernameCookie, $realnameCookie, $emailCookie ]); } } ############################################################# sub SendMail { my ($from, $to, $subject, $content) = @_; # Open The Mail Program open(MAIL,"|$mailprog -t"); print MAIL "To: $to\n"; print MAIL "From: $from\n"; print MAIL "Subject: $subject\n"; print MAIL "$content\n\n"; print MAIL "-" x 75 . "\n\n"; close (MAIL); } ############################################################ sub GetPostData { my (@pairs, $pair, $name, $value, $buffer, $x, %POST); read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; # Change all +'s to spaces $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # Convert all Hex back to regular characters if($QUERY{'sub'} ne 'no') { $value =~ s/\/\>/g; $value =~ s/\|/\&\#124/g; $value =~ s/\=/\&\#61/g; $value =~ s/\r/
/g; # Replace hard returns $value =~ s/\n//g; # remove newlines $value =~ s/\cM//g; # remove ^M's } $POST{$name} = $value; } } ############################################################

������ ��� ���� ����� ����

��