OK

/* It should be set suid ! (chmod 4755 filename) */ #include #include #include #include #include #define STRLEN 2048 const char VERSION_STRING[]="GuestBook v1.0.31 19/08/1999"; char sp[STRLEN],s[STRLEN]; FILE *f1,*f2; static char* html2str(char* str) { int f; char *p; strcpy(sp,str); for (p=strchr(sp,'%'); p!=NULL; ) { sscanf(p+1,"%02X",&f); strcpy(p+1,p+3); *p=(char)f; p=strchr(p+1,'%'); } for (p=sp; p!=NULL; ) { p=strchr(p,'+'); if (p!=NULL) *p=' '; } return sp; } void ssi(char *fnm) { char s[256]; f2=fopen(fnm,"r"); if (f2!=NULL) { for (; !feof(f2); ) { fgets(s,STRLEN,f2); if (feof(f2)) break; if (*s=='\0') break; fputs(s,stdout); } fclose(f2); } else fprintf(stdout,"Cannot include %s",fnm); } int main(void) { char *p,*t,sav[STRLEN],u[STRLEN],name[60],email[33],*v,url[80],tmp[80],fnm[80],lang[5]; int cl,f; time_t timer; struct tm* ti; fprintf(stdout,"Content-type: text/html\n\n"); if ((char*)getenv("REQUEST_METHOD")==NULL) { fprintf(stdout,"This program can be run only from a HTML form using POST method.\n"); return 1; } if (strcmp((char*)getenv("REQUEST_METHOD"),"POST")) { fprintf(stdout,"This script should be referenced with a METHOD of POST.\n"); fprintf(stdout,"If you don't understand this, see this "); fprintf(stdout,"forms overview.\r"); return 1; } if ((char*)getenv("CONTENT_TYPE")!=NULL) { if (strcmp((char*)getenv("CONTENT_TYPE"),"application/x-www-form-urlencoded")) { fprintf(stdout,"This script can only be used to decode form results. \n"); return 1; } } fprintf(stdout,"OK\n"); cl=atoi(getenv("CONTENT_LENGTH")); fgets(s,STRLEN,stdin); if (strncmp(s,"fnm=",4)) { fprintf(stdout,"\rInvalid CGI calling. Missing variable: 'fnm'.\n"); fprintf(stdout,"

%s",s); return 1; } p=strchr(s,'&'); if (p==NULL) { fprintf(stdout,"\rInvalid CGI calling. Missing fields.\n"); fprintf(stdout,"

%s",s); return 1; } *p='\0'; sprintf(tmp,"/pub/www/dome/%s",s+4); strcpy(fnm,tmp); strcat(tmp,".tmp"); rename(fnm,tmp); f1=fopen(fnm,"w"); strcpy(s,p+1); if (strncmp(s,"lang=",5)) { fprintf(stdout,"\rInvalid CGI calling. Missing variable: 'lang'.\n"); fprintf(stdout,"

%s",s); return 1; } p=strchr(s,'&'); if (p==NULL) { fprintf(stdout,"\rInvalid CGI calling. Missing fields.\n"); fprintf(stdout,"

%s",s); return 1; } *p='\0'; strcpy(lang,s+5); strcpy(s,p+1); *email='\0'; timer=time(NULL); if (!strcmp(lang,"hu")) ssi("/pub/www/dome/_top.html"); else ssi("/pub/www/dome/_top.eng.html"); sprintf(sav,"\n",s); fprintf(f1,"%s",sav); for (;;) { t=s; for (p=s; p!=NULL; ) { t=p; p=strchr(t,'&'); if (p!=NULL) { *p='\0'; p++; } strcpy(u,html2str(t)); if (!strncmp(u,"name=",5)) strcpy(name,u+5); if (!strncmp(u,"email=",6) && strchr(u,'@')!=NULL) strcpy(email,u+6); if (!strncmp(u,"url=",4)) strcpy(url,u+4); if (!strncmp(u,"msg=",4)) { fprintf(f1,""); if (strchr(url,'.')==NULL) *url='\0'; for (f=strlen(url)-1; f>=0; f--) if (url[f]=='.') { if (strlen(url)-f<3 || strlen(url)-f>4) *url='\0'; break; } if (*name=='\0') strcpy(name,"?"); if (strchr(url,'.')==NULL || *url=='\0') fprintf(f1,"%s",name); else { if (strncmp(url,"http",4)) v=url; else { v=url+4; if (url[4]==':' && (url[5]=='/' || u[5]=='\\')) { v=url+6; if (url[6]=='/' || url[6]=='\\') v=url+7; } } fprintf(f1,"%s",v,name); } if (*email!='\0' && strchr(email,'.')!=NULL) fprintf(f1," (%s)",email,email); fprintf(f1,""); ti=localtime(&timer); if (!strcmp(lang,"hu")) { fprintf(f1,"%d. ",ti->tm_year+1900); switch (ti->tm_mon+1) { case 1: fprintf(f1,"január"); break; case 2: fprintf(f1,"február"); break; case 3: fprintf(f1,"március"); break; case 4: fprintf(f1,"április"); break; case 5: fprintf(f1,"május"); break; case 6: fprintf(f1,"június"); break; case 7: fprintf(f1,"július"); break; case 8: fprintf(f1,"augusztus"); break; case 9: fprintf(f1,"szeptemberr"); break; case 10: fprintf(f1,"október"); break; case 11: fprintf(f1,"november"); break; case 12: fprintf(f1,"december"); break; } fprintf(f1," %d. ",ti->tm_mday); } else { fprintf(f1,"%d ",ti->tm_mday); switch (ti->tm_mon+1) { case 1: fprintf(f1,"January"); break; case 2: fprintf(f1,"February"); break; case 3: fprintf(f1,"March"); break; case 4: fprintf(f1,"April"); break; case 5: fprintf(f1,"May"); break; case 6: fprintf(f1,"June"); break; case 7: fprintf(f1,"July"); break; case 8: fprintf(f1,"August"); break; case 9: fprintf(f1,"September"); break; case 10: fprintf(f1,"October"); break; case 11: fprintf(f1,"November"); break; case 12: fprintf(f1,"December"); break; } fprintf(f1," %d, ",ti->tm_year+1900); } fprintf(f1,"%d:%02d",ti->tm_hour,ti->tm_min); v=strstr(u+4,"