#!/usr/local/bin/perl
################
|
You may change other basic setting and HTML or a part of HTML (see the advice for a little learnt).
Or you may change something a little more than HTML (see the advice for a good HTML user).
Handling inputs
Now you may try some real "Perl" scripting.
###############
# main script # ############### : : $value =~ s/%0D%0A/<br>/g; $value =~ s/%0A/<br>/g; $value =~ s/%0D/<br>/g; $value =~ s/%09/ /g; $value =~ s/%3C/</g; $value =~ s/%3E/>/g; |
The three lines at the top change return_key (LF+CR for windows, LF for UNIX and CR for Macintosh) to <BR> (HTML tag for return_key). You can ignore all "return" and put entire article into one paragraph by replacing <br> by a space, such as $value =~ s/%0D%0A/ /g; etc.
The middle one, $value =~ s/%09/ /g; changes a tab to five spaces. Firstly, HTML cannot understand an ordinary tab. And secondly, I assigned a tab a special meaning within the perl scripting. So, this conversion is technically necessary. But if you do not like it, you may have a space (just like setup.cgi) instead of 5 between "$value =~ s/%09/" and "/g;" which converts a tab to a space and looks
$value =~ s/%09/ /g;
prof Board's bbs.cgi does not accept HTML tags sent by a guest. If you want HTML tags able, delete the last two lines
$value =~ s/%3C/</g;
and
$value =~ s/%3E/>/g;
But you do so only after you learn the message board security and understand the risk your board masters are going to take.
Tighter security by "private_html"
If you can have "private_html" in your directory which can not be seen from the net, you can enhance the security level by placing secret.dat in it. First, create "private_html" outside of "public_html" in your directory if you do not have it yet. You are going to create/upload a blank file secret.dat in it. But before the file upload, open setup.cgi and find
### secret directory ### |
### secret directory ###
chdir "/your_directory/private_html/" or &error1($erro5,$erro3,$!); |
### base directory ### |
### base directory ###
chdir $basdir or &error2($erro5,$erro3,$!); |
### secret directory ###
chdir $basdir or &error1("LINE-274",$erro5,$erro3,$!); |
### secret directory ###
chdir "/your_directory/private_html/" or &error1("LINE-274",$erro5,$erro3,$!); |
Tighter security by deleting secret.dat
If you are going to have a limited number of message boards (maybe 20 or 30) and you creat them at once, you can increase the security by importing the secret.dat into bbs.cgi. (And setup.cgi and secret.dat must be deleted from the web site once the set up is finished.)
Open bbs.cgi and find ID & password check
#########################
# check ID and password # ######################### sub check { ### secret directory ### chdir $basdir or &error1("LINE-274",$erro5,$erro3,$!); $crptd = crypt($data{'pswd'},$seed); open(DATAF, "<$sfile") or &error1("LINE-278",$erro1,$erro3,$!);
|
#########################
# check ID and password # ######################### sub check { $list = <<'USER_LIST'; USER_LIST $crptd = crypt($data{'pswd'},$seed); local(@user) = split(/\n/, $list); foreach (@user) {
|
a zaFtxccKBrJRg a a@a.com
b zalUnUsS29UUQ b b@b.com c za3M6dhjwtOaw c c@c.com |
#########################
# check ID and password # ######################### sub check { $list = <<'USER_LIST'; a zaFtxccKBrJRg a a@a.com b zalUnUsS29UUQ b b@b.com c za3M6dhjwtOaw c c@c.com USER_LIST $crptd = crypt($data{'pswd'},$seed); local(@user) = split(/\n/, $list); foreach (@user) {
|
Handling message-board index
You can change the way the new link is added to the link page when a new user created a message board.
#############################
# create new board (action) # ############################# : : ### new link start ### : : ### add link ### : print LOCK $dataf; if ($dataf =~ /^<!--NEW USER-->/) { print LOCK "<!--$udir--><a href=\"$udir/$ifile\"><b>$data{'title'}</b></a><br>$data{'desi'}<hr>\n"; $newbd = "New MessageBoard is made"; } |
### add link ###
: if ($dataf =~ /^<!--NEW USER-->/) { print LOCK "<!--$udir--><a href=\"$udir/$ifile\"><b>$data{'title'}</b></a><br>$data{'desi'}<hr>\n"; $newbd = "New MessageBoard is made"; } print LOCK $dataf; |
If you do not need the link page, you may delete, not just the above part, but everything between ### new link start ### to ### new link end ### and insert
### new link start ###
unlink $tfile or &error1($erro1,$erro9,$!); ### new link end ### |
### old link start ###
unlink $tfile or &error1($erro1,$erro9,$!); ### old link end ### |
Handling data for a guest's message
In bbs.cgi
#################
# add new entry # ################# : : $posted = gmtime($time); |
By default, guest's email address will be hidden into his name when he posts an article on a board.
#################
# add new entry # ################# : : if ($data{'email'}) {$data{'name'} = "<a href=\"mailto:$data{'email'}\">$data{'name'}</a>";} |
#################
# add new entry # ################# : : if ($data{'email'}) {$data{'email'} = "<a href=\"mailto:$data{'email'}\">$data{'email'}</a>";} |
Ban access
You can limit the access by checking the IP address, $ENV{'REMOTE_ADDR'} or checking the browser, $ENV{'HTTP_USER_AGENT'}. To ban an IP address, go to
################
# main script # ################ if ($ENV{'REQUEST_METHOD'} ne 'POST') {&admin;} |
and insert |
################
# main script # ################ if ($ENV{'REMOTE_ADDR'} eq '123.456.78.90') {die "You cannot be here\n";} if ($ENV{'REQUEST_METHOD'} ne 'POST') {&admin;} |