jamaica
asked on
How to email form results to recipients by calling FormMail.pl from another form
I'm using a perl script form that creates allow users to enter info a form field and submit the results. The results are updated to a csv file, which I'm able to convert into an html page. My one and major problem is getting the form results to email to a set of recipients.
I decided to use Matt Wright's FormMail as a sub/secondary-form that will handle emailing the form results to the recipients. I did this by using the following my createcsv.pl perl script
$mailresult=`/usr/local/op t/abcxyz/a bc.xyz.com /cgi-bin/F ormMail.pl `;
print $mailresult;
I submitted the form but instead got a "Bad Referer" from FormMail.pl It also told me to add my 'abc.xyz.com' in the @referer, even though it was already there.
I tried moving the $mailresult line above to other sections within the createcsv but keep getting the same "Bad Referer". I've used FormMail.pl to be called from other .pl scripts but never came across this problem.
Anyone can help, it's highly appreciated.
I decided to use Matt Wright's FormMail as a sub/secondary-form that will handle emailing the form results to the recipients. I did this by using the following my createcsv.pl perl script
$mailresult=`/usr/local/op
print $mailresult;
I submitted the form but instead got a "Bad Referer" from FormMail.pl It also told me to add my 'abc.xyz.com' in the @referer, even though it was already there.
I tried moving the $mailresult line above to other sections within the createcsv but keep getting the same "Bad Referer". I've used FormMail.pl to be called from other .pl scripts but never came across this problem.
Anyone can help, it's highly appreciated.
> I submitted the form but instead got a "Bad Referer" from FormMail.pl It also told me to add my 'abc.xyz.com'
in the @referer, even though it was already there.
where are you running the form from, is it your pc where you have the likes of apache installed. i think if you add "127.0.0.1" and your internet protocol / IP address to the @referer, it will work.
in the @referer, even though it was already there.
where are you running the form from, is it your pc where you have the likes of apache installed. i think if you add "127.0.0.1" and your internet protocol / IP address to the @referer, it will work.
ASKER
It's run from an apache server, so I'm running directly off the server box.
I decided to add the following line
require='usr/local/opt/abc xyz/abc.xy z.com/cgi- bin/FormMa il.pl
This line executes FormMail.pl and emailed the form's results BUT it did not write the results to the csv file.
I got an error from the perl script that handles the csv file that the script was executed from html. I have a print "Content-type: text/html","\n\n"; in the csv.
I'll add 127.0.0.1 and see what I get.
Thanks!
From: lexxwern Date: 06/13/2002 09:57PM PST
>
where are you running the form from, is it your pc where you have the likes of apache installed. i think
if you add "127.0.0.1" and your internet protocol / IP address to the @referer, it will work.
I decided to add the following line
require='usr/local/opt/abc
This line executes FormMail.pl and emailed the form's results BUT it did not write the results to the csv file.
I got an error from the perl script that handles the csv file that the script was executed from html. I have a print "Content-type: text/html","\n\n"; in the csv.
I'll add 127.0.0.1 and see what I get.
Thanks!
From: lexxwern Date: 06/13/2002 09:57PM PST
>
where are you running the form from, is it your pc where you have the likes of apache installed. i think
if you add "127.0.0.1" and your internet protocol / IP address to the @referer, it will work.
ASKER
Can anyone help me with this? It's really important and I'm trying everything in my resource capacity.
did you try adding your ip and 127.0.0.1/localhost in the @referer?
ASKER
lexxwern, I added the ip 127.0.0.1 to the @referer but it did not work.
From: lexxwern Date: 06/16/2002 06:30PM PST
did you try adding your ip and 127.0.0.1/localhost in the @referer?
From: lexxwern Date: 06/16/2002 06:30PM PST
did you try adding your ip and 127.0.0.1/localhost in the @referer?
http://nms-cgi.sourceforge.net/
A better version of formmail, and they have a support list where they help you get it working.
A better version of formmail, and they have a support list where they help you get it working.
please post your code, there must be an error somewhere else.
ASKER
lexxwern, here's a copy of the perl script that creates the csv.
I tried using the $mailresult, that would call the basic FormMail.pl and email the form results.
Thanks for the help!
=====
#!/usr/local/opt/bin/perl
print "Content-type: text/html","\n\n";
$html_path="/opt/www/vhost s/xyz.abc. com/html/t est/respon se.html";
#----------------- some things to set here ------------------#
# Enter a value of either "+" or "-". This depends on whether your local time
# is after or before GMT.
$time_transfare_direction= "-";
# Enter the difference value of hours between your local time and GMT.
$time_transfare_hours="5";
# Enter the difference value of minutes between your local time and GMT.
$time_transfare_minutes="0 ";
# You can leave this value, but you can also enter a number of seconds to
# calebrate your time by the second.
$time_transfare_seconds="0 ";
# Enter field names you wish to make 'required'
$require[0]="FirstName";
$require[1]="LastName";
$require[2]="Email";
$require[3]="SBCUID";
$require[4]="Telephone";
$require[5]="Pager";
$require[6]="ApplicationGr oup";
$require[7]="DirectorRepor tTo";
$require[8]="ServiceName";
$require[9]="Monitoring";
$require[10]="ProvideDetai lsOfMonito ring";
#----- this line uses matt wright's basic formmail for emailing results --#
$mailresult=`/opt/www/vhos ts/xyz.abc .com/cgi-b in/FormMai l.pl`;
print $mailresult;
#----- this is the do the job section --------#
read(STDIN,$query_string,$ ENV{'CONTE NT_LENGTH' });
$time_gap=$time_transfare_ seconds+($ time_trans fare_minut es*60)+($t ime_transf are_hours* 60*60);
if($query_string !~ /\S|=/){
&produce_error(
"You Did not access the script through an HTML form"
);
}
unless($csv_file=&pick_up( "file",$qu ery_string )){
&produce_error(
"You did not provide your HTML form with a CSV file path."
);
}
@pairs=split("&",$query_st ring);
$l=0;
foreach $pair (@pairs){
if($pair=~/[;<>&\*`|]/){
&produce_error(
"Using [;<>&\*`|] meta-characters is frobidden for security reasons."
);
}
($e_names[$l],$e_values[$l ])=split(" =",$pair);
$e_names[$l]=~s/%([\dA-Fa- f][\dA-Fa- f])/pack(" C",hex($1) )/eg;
$e_names[$l]=~tr/+/ /;
$e_values[$l]=~s/%([\dA-Fa -f][\dA-Fa -f])/pack( "C",hex($1 ))/eg;
$e_values[$l]=~tr/+/ /;
if($e_names[$l]=~/"|,/){
$e_names[$l]=~s/"/""/g;
$e_names[$l]="\"".$e_names [$l]."\"";
}
if($e_values[$l]=~/"|,/){
$e_values[$l]=~s/"/""/g;
$e_values[$l]="\"".$e_valu es[$l]."\" ";
}
$l=$l+1;
}
$l_e_names=@e_names;
$l_e_values=@e_values;
$l_require=@require;
foreach $value (@e_names){
if(($value eq "date_local")||($value eq "time_local")||($value eq "date_gmt")||($value eq "time_gmt")||($value eq "http_referer")||($value eq "remote_host")||($value eq "remote_user")||($value eq "remote_addr")||($value eq "document_name")||($value eq "document_url")||($value eq "http_user_agent")||($valu e eq "#_record")||($value eq "user_email")||($value eq "#_approved")){
&produce_error(
"You cannot modify CSVform reserved variables through HTML form fields"
);
}
}
if($l_require != 0){
NEXT_REQ:
foreach $req (@require){
for($l=0;$l<=($l_e_names-1 );$l=$l+1) {
if($req eq ""){
next NEXT_REQ;
}
if($req=~/^$e_names[$l]$/) {
$got_it="yes";
if($e_values[$l] !~ /\S/){
&produce_error(
"field \"$req\" is a required field and should not be left blank."
);
}
}
}
if($got_it ne "yes"){
&produce_error(
"required field(s) is missing"
);
}
$got_it="";
}
}
$l_if_mail=@if_mail;
if($l_if_mail != 0){
NEXT_IF_M:
foreach $if_m (@if_mail){
for($l=0;$l<=($l_e_names-1 );$l=$l+1) {
if($if_m eq ""){
next NEXT_IF_M;
}
if($if_m=~/^$e_names[$l]$/ ){
if(&check_if_mail($e_value s[$l]) ==0){
&produce_error(
"field \"$e_names[$l]\" should contain a valid e-mail address"
);
}
}
}
}
}
@csv_lines=&modify_CSV($cs v_file);
$l_csv_lines=@csv_lines;
@headers=split(",",$csv_li nes[0]);
$l_headers=@headers;
foreach $header (@headers){
$header=&search_prepare($h eader);
}
NEXT_HEADER:
for($b=0;$b<=($l_headers-1 );$b=$b+1) {
for($c=0;$c<=($l_e_names-1 );$c=$c+1) {
if($headers[$b] eq "date_gmt"){
($secs,$mins,$hour,$mday,$ mon,$year, $wday,$yda y,$isdst)= gmtime(tim e);
$b_date="\""."$mday".",".( $mon+1).", ".(1900+$y ear)."\"";
$new_line[$b]=$b_date;
next NEXT_HEADER;
}
if($headers[$b] eq "date_local"){
$local_time=time;
if(($time_transfare_direct ion eq "")||($time_transfare_dire ction eq "+")){
$local_time=$local_time+$t ime_gap;
}
elsif($time_transfare_dire ction eq "-"){
$local_time=$local_time-$t ime_gap;
}
else{
&produce_error(
"You can only use \"+\" or \"-\" as value to variable \$time_transfare_direction "
);
}
($secs,$mins,$hour,$mday,$ mon,$year, $wday,$yda y,$isdst)= gmtime($lo cal_time);
$c_date="\""."$mday".",".( $mon+1).", ".(1900+$y ear)."\"";
$new_line[$b]=$c_date;
next NEXT_HEADER;
}
if($headers[$b] eq "time_local"){
$local_time=time;
if(($time_transfare_direct ion eq "")||($time_transfare_dire ction eq "+")){
$local_time=$local_time+$t ime_gap;
}
elsif($time_transfare_dire ction eq "-"){
$local_time=$local_time-$t ime_gap;
}
else{
&produce_error(
"You can only use \"+\" or \"-\" as value to variable \$time_transfare_direction "
);
}
($secs,$mins,$hour,$mday,$ mon,$year, $wday,$yda y,$isdst)= gmtime($lo cal_time);
$c_time="$secs".":"."$mins ".":"."$ho ur";
$new_line[$b]=$c_time;
next NEXT_HEADER;
}
if($headers[$b] eq "time_gmt"){
($secs,$mins,$hour,$mday,$ mon,$year, $wday,$yda y,$isdst)= gmtime(tim e);
$b_time="$secs".":"."$mins ".":"."$ho ur"." GMT";
$new_line[$b]=$b_time;
next NEXT_HEADER;
}
if($headers[$b] eq "http_referer"){
$new_line[$b]=$ENV{'HTTP_R EFERER'};
next NEXT_HEADER;
}
if($headers[$b] eq "remote_host"){
$new_line[$b]=$ENV{'REMOTE _HOST'};
next NEXT_HEADER;
}
if($headers[$b] eq "remote_addr"){
$new_line[$b]=$ENV{'REMOTE _ADDR'};
next NEXT_HEADER;
}
if($headers[$b] eq "remote_user"){
$new_line[$b]=$ENV{'REMOTE _USER'};
next NEXT_HEADER;
}
if($headers[$b] eq "document_name"){
$new_line[$b]=$ENV{'SCRIPT _NAME'};
next NEXT_HEADER;
}
if($headers[$b] eq "document_url"){
$new_line[$b]=$ENV{'PATH_T RANSLATED' };
next NEXT_HEADER;
}
if($headers[$b] eq "http_user_agent"){
$new_line[$b]=$ENV{'HTTP_U SER_AGENT' };
next NEXT_HEADER;
}
if($headers[$b] eq "#_record"){
$new_line[$b]=$l_csv_lines ;
next NEXT_HEADER;
}
if($headers[$b] eq "user_email"){
$new_line[$b]=$ENV{'HTTP_F ROM'};
next NEXT_HEADER;
}
if($headers[$b] eq "#_approved"){
$new_line[$b]="N";
next NEXT_HEADER;
}
if($headers[$b] eq $e_names[$c]){
$new_line[$b]=$e_values[$c ];
next NEXT_HEADER;
}
}
}
$l_new_line=@new_line;
if($l_new_line < 1){
&produce_error(
"Could not build a CSV database line.",
"Please check that fields' names included in HTML form are identical to some",
" headers in CSV file."
);
}
$produced_line=join(",",@n ew_line);
$produced_line .="\n";
if(open(CSV,">>$csv_file") ){
print CSV $produced_line;
close(CSV);
}
else{
&produce_error(
"Could not modify CSV file."
);
}
if(open(HTML,$html_path)){
@html_data=<HTML>;
print "@html_data";
}
close(CSV);
close(HTML);
exit(1);
sub check_if_mail{
if(($_[0]=~/(@.*@)|(\.\.)| (@\.)|(\.@ )|(^\.)/)| |($_[0]!~/ ^.+\@(\[?) [a-zA-Z0-9 \-\.]+\.([ a-zA-Z]{2, 3}|[0-9]{1 ,3})(\]?)$ /)){
return 0;
}
else{
return 1;
}
}
sub modify_CSV
{
if(open(CSV,$_[0])){
}
else{
&produce_error(
"Can't open CSV file.",
"Please, check that you have provided the cgi script with correct CSV file path.",
);
}
$ccc=0;
while($in_lin=<CSV>){
if($in_lin!~/\S/){
next;
}
$lines[$ccc]=$in_lin;
$ccc=$ccc+1;
}
$lines_length=@lines;
$lines_length=$lines_lengt h-1;
for($l=0;$l<=$lines_length ;$l=$l+1){
$lines[$l]=~s/""/%01/g;
while($lines[$l]=~/("[^"]+ ")/){
$match=$1;
$match=~s/"//g;
$match=~s/,/%02/g;
$lines[$l]=~s/("[^"]+")/$m atch/;
}
}
close(CSV);
chomp(@lines);
return @lines;
}
sub search_prepare{
$_[0]=~s/%01/"/g;
$_[0]=~s/%02/,/g;
return $_[0];
}
sub produce_error
{
print "<HTML><HEAD><TITLE>Error message</TITLE><BODY>\n";
print "<img border=\"0\" src=\"http://middleware.sbc.com/images/rejected.gif\"><HR>";
print "<CENTER><IFRAME MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=NO WIDTH=468 HEIGHT=60></IFRAME></CENTE R>";
print "<font face=\"Arial\"><B>Your intended use of the Datagate Install does not meet the minimum
requirements for Middleware.<BR>Please ensure that you meet the minimum requirements before installing
Datagate.</B></FONT><BR>";
print "<p align=\"center\"></p>";
print "<font face=\"Arial\">";
foreach $line (@_){
print "<B></b>$line</B><BR>\n";
}
print "<BR>Go back and revise your entries <a href=\"http://middleware.sbc.com\">Datagate Install</a>";
print "</FONT>";
print "<p align=\"center\"><font size=\"1\" face=\"Arial\"><a href=\"http://middleware.sbc.com\">Middleware.sbc.co m</a></fon t></p><hr> ";
print "<p align=\"right\"><b><font size=\"1\" face=\"Arial\">Contact Middleware<font color=\"#FF0000\"></font>< /font></b> <font face=\"Arial\" size=\"1\"> <a href=\"mailto:midware\@mom ail.sbc.co m\">middle wareweb</a ></font></ p>";
print "</BODY></HTML>";
exit(0);
return (1);
}
sub error_if_nonnumiric
{
if($val =~ /\D/){
&produce_error(
"Cannot use non-numiric values as right arguments of:",
"1- Greater than.",
"2- Less than.",
"3- Equal or greater than.",
"4- Equal or less than.",
"Operators."
);
}
return (1);
}
sub sweep_spaces{
$val=~s/^ +//;
$val=~s/ +$//;
$var=~s/^ +//;
$var=~s/ +$//;
}
sub translate_special_variable s{
($secs,$mins,$hour,$mday,$ mon,$year, $wday,$yda y,$isdst)= gmtime(tim e);
$b_time="$secs".":"."$mins ".":"."$ho ur"." GMT";
$b_date="$mday".",".($mon+ 1).",".(19 00+$year);
$_[0]=~s/<<#_matches>>/$_[ 1]/isg;
$_[0]=~s/<<#_total>>/$_[2] /isg;
$_[0]=~s/<<#_date>>/$b_dat e/isg;
$_[0]=~s/<<#_time>>/$b_tim e/isg;
return $_[0];
}
sub pick_up{
if(($_[1]=~/^$_[0]=([^&\b] +)/i)||($_ [1]=~/&$_[ 0]=([^&\b] +)/i)){
$pick=$+;
$pick=~s/%([\dA-Fa-f][\dA- Fa-f])/pac k("C",hex( $1))/eg;
$pick=~tr/+/ /;
$_[1]=~s/$_[0]=[^&\b]+//i;
$_[1]=~s/&&/&/g;
$_[1]=~s/^&//g;
$_[1]=~s/&$//g;
}
else{
return 0;
}
return $pick;
}
I tried using the $mailresult, that would call the basic FormMail.pl and email the form results.
Thanks for the help!
=====
#!/usr/local/opt/bin/perl
print "Content-type: text/html","\n\n";
$html_path="/opt/www/vhost
#----------------- some things to set here ------------------#
# Enter a value of either "+" or "-". This depends on whether your local time
# is after or before GMT.
$time_transfare_direction=
# Enter the difference value of hours between your local time and GMT.
$time_transfare_hours="5";
# Enter the difference value of minutes between your local time and GMT.
$time_transfare_minutes="0
# You can leave this value, but you can also enter a number of seconds to
# calebrate your time by the second.
$time_transfare_seconds="0
# Enter field names you wish to make 'required'
$require[0]="FirstName";
$require[1]="LastName";
$require[2]="Email";
$require[3]="SBCUID";
$require[4]="Telephone";
$require[5]="Pager";
$require[6]="ApplicationGr
$require[7]="DirectorRepor
$require[8]="ServiceName";
$require[9]="Monitoring";
$require[10]="ProvideDetai
#----- this line uses matt wright's basic formmail for emailing results --#
$mailresult=`/opt/www/vhos
print $mailresult;
#----- this is the do the job section --------#
read(STDIN,$query_string,$
$time_gap=$time_transfare_
if($query_string !~ /\S|=/){
&produce_error(
"You Did not access the script through an HTML form"
);
}
unless($csv_file=&pick_up(
&produce_error(
"You did not provide your HTML form with a CSV file path."
);
}
@pairs=split("&",$query_st
$l=0;
foreach $pair (@pairs){
if($pair=~/[;<>&\*`|]/){
&produce_error(
"Using [;<>&\*`|] meta-characters is frobidden for security reasons."
);
}
($e_names[$l],$e_values[$l
$e_names[$l]=~s/%([\dA-Fa-
$e_names[$l]=~tr/+/ /;
$e_values[$l]=~s/%([\dA-Fa
$e_values[$l]=~tr/+/ /;
if($e_names[$l]=~/"|,/){
$e_names[$l]=~s/"/""/g;
$e_names[$l]="\"".$e_names
}
if($e_values[$l]=~/"|,/){
$e_values[$l]=~s/"/""/g;
$e_values[$l]="\"".$e_valu
}
$l=$l+1;
}
$l_e_names=@e_names;
$l_e_values=@e_values;
$l_require=@require;
foreach $value (@e_names){
if(($value eq "date_local")||($value eq "time_local")||($value eq "date_gmt")||($value eq "time_gmt")||($value eq "http_referer")||($value eq "remote_host")||($value eq "remote_user")||($value eq "remote_addr")||($value eq "document_name")||($value eq "document_url")||($value eq "http_user_agent")||($valu
&produce_error(
"You cannot modify CSVform reserved variables through HTML form fields"
);
}
}
if($l_require != 0){
NEXT_REQ:
foreach $req (@require){
for($l=0;$l<=($l_e_names-1
if($req eq ""){
next NEXT_REQ;
}
if($req=~/^$e_names[$l]$/)
$got_it="yes";
if($e_values[$l] !~ /\S/){
&produce_error(
"field \"$req\" is a required field and should not be left blank."
);
}
}
}
if($got_it ne "yes"){
&produce_error(
"required field(s) is missing"
);
}
$got_it="";
}
}
$l_if_mail=@if_mail;
if($l_if_mail != 0){
NEXT_IF_M:
foreach $if_m (@if_mail){
for($l=0;$l<=($l_e_names-1
if($if_m eq ""){
next NEXT_IF_M;
}
if($if_m=~/^$e_names[$l]$/
if(&check_if_mail($e_value
&produce_error(
"field \"$e_names[$l]\" should contain a valid e-mail address"
);
}
}
}
}
}
@csv_lines=&modify_CSV($cs
$l_csv_lines=@csv_lines;
@headers=split(",",$csv_li
$l_headers=@headers;
foreach $header (@headers){
$header=&search_prepare($h
}
NEXT_HEADER:
for($b=0;$b<=($l_headers-1
for($c=0;$c<=($l_e_names-1
if($headers[$b] eq "date_gmt"){
($secs,$mins,$hour,$mday,$
$b_date="\""."$mday".",".(
$new_line[$b]=$b_date;
next NEXT_HEADER;
}
if($headers[$b] eq "date_local"){
$local_time=time;
if(($time_transfare_direct
$local_time=$local_time+$t
}
elsif($time_transfare_dire
$local_time=$local_time-$t
}
else{
&produce_error(
"You can only use \"+\" or \"-\" as value to variable \$time_transfare_direction
);
}
($secs,$mins,$hour,$mday,$
$c_date="\""."$mday".",".(
$new_line[$b]=$c_date;
next NEXT_HEADER;
}
if($headers[$b] eq "time_local"){
$local_time=time;
if(($time_transfare_direct
$local_time=$local_time+$t
}
elsif($time_transfare_dire
$local_time=$local_time-$t
}
else{
&produce_error(
"You can only use \"+\" or \"-\" as value to variable \$time_transfare_direction
);
}
($secs,$mins,$hour,$mday,$
$c_time="$secs".":"."$mins
$new_line[$b]=$c_time;
next NEXT_HEADER;
}
if($headers[$b] eq "time_gmt"){
($secs,$mins,$hour,$mday,$
$b_time="$secs".":"."$mins
$new_line[$b]=$b_time;
next NEXT_HEADER;
}
if($headers[$b] eq "http_referer"){
$new_line[$b]=$ENV{'HTTP_R
next NEXT_HEADER;
}
if($headers[$b] eq "remote_host"){
$new_line[$b]=$ENV{'REMOTE
next NEXT_HEADER;
}
if($headers[$b] eq "remote_addr"){
$new_line[$b]=$ENV{'REMOTE
next NEXT_HEADER;
}
if($headers[$b] eq "remote_user"){
$new_line[$b]=$ENV{'REMOTE
next NEXT_HEADER;
}
if($headers[$b] eq "document_name"){
$new_line[$b]=$ENV{'SCRIPT
next NEXT_HEADER;
}
if($headers[$b] eq "document_url"){
$new_line[$b]=$ENV{'PATH_T
next NEXT_HEADER;
}
if($headers[$b] eq "http_user_agent"){
$new_line[$b]=$ENV{'HTTP_U
next NEXT_HEADER;
}
if($headers[$b] eq "#_record"){
$new_line[$b]=$l_csv_lines
next NEXT_HEADER;
}
if($headers[$b] eq "user_email"){
$new_line[$b]=$ENV{'HTTP_F
next NEXT_HEADER;
}
if($headers[$b] eq "#_approved"){
$new_line[$b]="N";
next NEXT_HEADER;
}
if($headers[$b] eq $e_names[$c]){
$new_line[$b]=$e_values[$c
next NEXT_HEADER;
}
}
}
$l_new_line=@new_line;
if($l_new_line < 1){
&produce_error(
"Could not build a CSV database line.",
"Please check that fields' names included in HTML form are identical to some",
" headers in CSV file."
);
}
$produced_line=join(",",@n
$produced_line .="\n";
if(open(CSV,">>$csv_file")
print CSV $produced_line;
close(CSV);
}
else{
&produce_error(
"Could not modify CSV file."
);
}
if(open(HTML,$html_path)){
@html_data=<HTML>;
print "@html_data";
}
close(CSV);
close(HTML);
exit(1);
sub check_if_mail{
if(($_[0]=~/(@.*@)|(\.\.)|
return 0;
}
else{
return 1;
}
}
sub modify_CSV
{
if(open(CSV,$_[0])){
}
else{
&produce_error(
"Can't open CSV file.",
"Please, check that you have provided the cgi script with correct CSV file path.",
);
}
$ccc=0;
while($in_lin=<CSV>){
if($in_lin!~/\S/){
next;
}
$lines[$ccc]=$in_lin;
$ccc=$ccc+1;
}
$lines_length=@lines;
$lines_length=$lines_lengt
for($l=0;$l<=$lines_length
$lines[$l]=~s/""/%01/g;
while($lines[$l]=~/("[^"]+
$match=$1;
$match=~s/"//g;
$match=~s/,/%02/g;
$lines[$l]=~s/("[^"]+")/$m
}
}
close(CSV);
chomp(@lines);
return @lines;
}
sub search_prepare{
$_[0]=~s/%01/"/g;
$_[0]=~s/%02/,/g;
return $_[0];
}
sub produce_error
{
print "<HTML><HEAD><TITLE>Error message</TITLE><BODY>\n";
print "<img border=\"0\" src=\"http://middleware.sbc.com/images/rejected.gif\"><HR>";
print "<CENTER><IFRAME MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=NO WIDTH=468 HEIGHT=60></IFRAME></CENTE
print "<font face=\"Arial\"><B>Your intended use of the Datagate Install does not meet the minimum
requirements for Middleware.<BR>Please ensure that you meet the minimum requirements before installing
Datagate.</B></FONT><BR>";
print "<p align=\"center\"></p>";
print "<font face=\"Arial\">";
foreach $line (@_){
print "<B></b>$line</B><BR>\n";
}
print "<BR>Go back and revise your entries <a href=\"http://middleware.sbc.com\">Datagate Install</a>";
print "</FONT>";
print "<p align=\"center\"><font size=\"1\" face=\"Arial\"><a href=\"http://middleware.sbc.com\">Middleware.sbc.co
print "<p align=\"right\"><b><font size=\"1\" face=\"Arial\">Contact Middleware<font color=\"#FF0000\"></font><
print "</BODY></HTML>";
exit(0);
return (1);
}
sub error_if_nonnumiric
{
if($val =~ /\D/){
&produce_error(
"Cannot use non-numiric values as right arguments of:",
"1- Greater than.",
"2- Less than.",
"3- Equal or greater than.",
"4- Equal or less than.",
"Operators."
);
}
return (1);
}
sub sweep_spaces{
$val=~s/^ +//;
$val=~s/ +$//;
$var=~s/^ +//;
$var=~s/ +$//;
}
sub translate_special_variable
($secs,$mins,$hour,$mday,$
$b_time="$secs".":"."$mins
$b_date="$mday".",".($mon+
$_[0]=~s/<<#_matches>>/$_[
$_[0]=~s/<<#_total>>/$_[2]
$_[0]=~s/<<#_date>>/$b_dat
$_[0]=~s/<<#_time>>/$b_tim
return $_[0];
}
sub pick_up{
if(($_[1]=~/^$_[0]=([^&\b]
$pick=$+;
$pick=~s/%([\dA-Fa-f][\dA-
$pick=~tr/+/ /;
$_[1]=~s/$_[0]=[^&\b]+//i;
$_[1]=~s/&&/&/g;
$_[1]=~s/^&//g;
$_[1]=~s/&$//g;
}
else{
return 0;
}
return $pick;
}
hello,
in the file you provided i could not find @referer. please post the code where @referer is defined. it can be in some other file that you got whne you downloaded formmail.
in the file you provided i could not find @referer. please post the code where @referer is defined. it can be in some other file that you got whne you downloaded formmail.
ASKER
@referer is coded in FormMail.pl.
Here's the codes for Matt Wright's basic formmail.
===Formmail.pl===
#!/usr/local/opt/bin/perl
########################## ########## ########## ########## ########## ########## ##
# FormMail Version 1.6 #
# Copyright 1995-1997 Matt Wright mattw@worldwidemart.com #
# Created 06/09/95 Last Modified 05/02/97 #
# Matt's Script Archive, Inc.: http://www.worldwidemart.com/scripts/ #
$mailprog = '/usr/lib/sendmail';
# @referers allows forms to be located only on servers which are defined #
# in this field. This security fix from the last version which allowed #
# anyone on any server to use your FormMail script on their web site. #
@referers = ('xyz.abc.com','123.456.78 9.012','un ixserverna me.abc.com ','xyz','1 27.0.0.1') ;
# Done #
########################## ########## ########## ########## ########## ########## ##
# Check Referring URL
&check_url;
# Retrieve Date
&get_date;
# Parse Form Contents
&parse_form;
# Check Required Fields
&check_required;
# Return HTML Page or Redirect User
&return_html;
# Send E-Mail
&send_mail;
sub check_url {
# Localize the check_referer flag which determines if user is valid. #
local($check_referer) = 0;
# If a referring URL was specified, for each valid referer, make sure #
# that a valid referring URL was passed to FormMail. #
if ($ENV{'HTTP_REFERER'}) {
foreach $referer (@referers) {
if ($ENV{'HTTP_REFERER'} =~ m|https?://([^/]*)$referer |i) {
$check_referer = 1;
last;
}
}
}
else {
$check_referer = 1;
}
# If the HTTP_REFERER was invalid, send back an error. #
if ($check_referer != 1) { &error('bad_referer') }
}
sub get_date {
# Define arrays for the day of the week and month of the year. #
@days = ('Sunday','Monday','Tuesda y','Wednes day',
'Thursday','Friday','Satur day');
@months = ('January','February','Mar ch','April ','May','J une','July ',
'August','September','Octo ber','Nove mber','Dec ember');
# Get the current time and format the hour, minutes and seconds. Add #
# 1900 to the year to get the full 4 digit year. #
($sec,$min,$hour,$mday,$mo n,$year,$w day) = (localtime(time))[0,1,2,3, 4,5,6];
$time = sprintf("%02d:%02d:%02d",$ hour,$min, $sec);
$year += 1900;
# Format the date. #
$date = "$days[$wday], $months[$mon] $mday, $year at $time";
}
sub parse_form {
# Define the configuration associative array. #
%Config = ('recipient','', 'subject','',
'Email','', 'RequestorName','',
'redirect','', 'bgcolor','',
'background','', 'link_color','',
'vlink_color','', 'text_color','',
'alink_color','', 'title','',
'sort','', 'print_config','',
'required','', 'env_report','',
'return_link_title','', 'return_link_url','',
'print_blank_fields','', 'missing_fields_redirect', '');
# Determine the form's REQUEST_METHOD (GET or POST) and split the form #
# fields up into their name-value pairs. If the REQUEST_METHOD was #
# not GET or POST, send an error. #
if ($ENV{'REQUEST_METHOD'} eq 'GET') {
# Split the name-value pairs
@pairs = split(/&/, $ENV{'QUERY_STRING'});
}
elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
}
else {
&error('request_method');
}
# For each name-value pair: #
foreach $pair (@pairs) {
# Split the pair up into individual variables. #
local($name, $value) = split(/=/, $pair);
# Decode the form encoding on the name and value variables. #
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
# If they try to include server side includes, erase them, so they
# aren't a security risk if the html gets returned. Another
# security hole plugged up.
$value =~ s/<!--(.|\n)*-->//g;
# If the field name has been specified in the %Config array, it will #
# return a 1 for defined($Config{$name}}) and we should associate #
# this value with the appropriate configuration variable. If this #
# is not a configuration form field, put it into the associative #
# array %Form, appending the value with a ', ' if there is already a #
# value present. We also save the order of the form fields in the #
# @Field_Order array so we can use this order for the generic sort. #
if (defined($Config{$name})) {
$Config{$name} = $value;
}
else {
if ($Form{$name} && $value) {
$Form{$name} = "$Form{$name}, $value";
}
elsif ($value) {
push(@Field_Order,$name);
$Form{$name} = $value;
}
}
}
# The next six lines remove any extra spaces or new lines from the #
# configuration variables, which may have been caused if your editor #
# wraps lines after a certain length or if you used spaces between field #
# names or environment variables. #
$Config{'required'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'required'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'env_report'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'env_report'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'print_config'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'print_config'} =~ s/(\s+)?\n+(\s+)?//g;
# Split the configuration variables into individual field names. #
@Required = split(/,/,$Config{'require d'});
@Env_Report = split(/,/,$Config{'env_rep ort'});
@Print_Config = split(/,/,$Config{'print_c onfig'});
}
sub check_required {
# Localize the variables used in this subroutine. #
local($require, @error);
if (!$Config{'recipient'}) {
if (!defined(%Form)) { &error('bad_referer') }
else { &error('no_recipient') }
}
# For each require field defined in the form: #
foreach $require (@Required) {
# If the required field is the Email field, the syntax of the Email #
# address if checked to make sure it passes a valid syntax. #
if ($require eq 'Email' && !&check_Email($Config{$req uire})) {
push(@error,$require);
}
# Otherwise, if the required field is a configuration field and it #
# has no value or has been filled in with a space, send an error. #
elsif (defined($Config{$require} )) {
if (!$Config{$require}) {
push(@error,$require);
}
}
# If it is a regular form field which has not been filled in or #
# filled in with a space, flag it as an error field. #
elsif (!$Form{$require}) {
push(@error,$require);
}
}
# If any error fields have been found, send error message to the user. #
if (@error) { &error('missing_fields', @error) }
}
sub return_html {
# Local variables used in this subroutine initialized. #
local($key,$sort_order,$so rted_field );
# If redirect option is used, print the redirectional location header. #
if ($Config{'redirect'}) {
print "Location: $Config{'redirect'}\n\n";
}
# Otherwise, begin printing the response page. #
else {
# Print HTTP header and opening HTML tags. #
print "Content-type: text/html\n\n";
print "<html>\n <head>\n";
# Print out title of page #
if ($Config{'title'}) { print " <title>$Config{'title'}</t itle>\n" }
else { print " <title>Thank You</title>\n" }
print " </head>\n <body";
# Get Body Tag Attributes #
&body_attributes;
# Close Body Tag #
print ">\n <center>\n";
# Print custom or generic title. #
if ($Config{'title'}) { print " <h1>$Config{'title'}</h1>\ n" }
else { print " <h1>Thank You For Filling Out This Form</h1>\n" }
print "</center>\n";
print "Below is what you submitted to $Config{'recipient'} on ";
print "$date<p><hr size=1 width=75\%><p>\n";
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel ds'} || $Form{$field}) {
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Set the temporary $sort_order variable to the sorting order, #
# remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$sort_order = $Config{'sort'};
$sort_order =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$sort_order =~ s/(\s+)?\n+(\s+)?//g;
$sort_order =~ s/order://;
@sorted_fields = split(/,/, $sort_order);
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel ds'} || $Form{$sorted_field}) {
print "<b>$sorted_field:</b> $Form{$sorted_field}<p>\n" ;
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel ds'} || $Form{$field}) {
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
print "<p><hr size=1 width=75%><p>\n";
# Check for a Return Link and print one if found. #
if ($Config{'return_link_url' } && $Config{'return_link_title '}) {
print "<ul>\n";
print "<li><a href=\"$Config{'return_lin k_url'}\"> $Config{'r eturn_link _title'}</ a>\n";
print "</ul>\n";
}
# Print the page footer. #
print <<"(END HTML FOOTER)";
<hr size=1 width=75%><p>
<center><font size=-1><a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 -1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a></font></center>
</body>
</html>
(END HTML FOOTER)
}
}
sub send_mail {
# Localize variables used in this subroutine. #
local($print_config,$key,$ sort_order ,$sorted_f ield,$env_ report);
# Open The Mail Program
# open(MAIL,"|$mailprog -t");
if ($Config{'from_Email'}) { open(MAIL,"|$mailprog -f $Config{'Email'} -t"); }
else { open(MAIL,"|$mailprog -t"); }
print MAIL "To: $Config{'recipient'}\n";
if ($Config{'cc_Email'}) { print MAIL "Cc: $Config{'Email'}\n"; }
print MAIL "From: $Config{'Email'} ($Config{'RequestorName'}) \n";
# Check for Message Subject
if ($Config{'subject'}) { print MAIL "Subject: $Config{'subject'}- VANTIVE NUMBER $Config{'vantive_result'}\ n\n" }
else { print MAIL "Subject: WWW Form Submission\n\n" }
print MAIL "Below is the result of your MQSERIES CONFIG REQUEST form. **PLEASE NOTE VANTIVE NUMBER** It was submitted by\n";
print MAIL "$Config{'RequestorName'} ($Config{'Email'}) on $date $Config{'vantive_result'}\ n";
print MAIL "-" x 75 . "\n\n";
if (@Print_Config) {
foreach $print_config (@Print_Config) {
if ($Config{$print_config}) {
print MAIL "$print_config: $Config{$print_config}\n\n ";
}
}
}
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel ds'} || $Form{$field} ||
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$Config{'sort'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'sort'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'sort'} =~ s/order://;
@sorted_fields = split(/,/, $Config{'sort'});
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel ds'} || $Form{$sorted_field} ||
$Form{$sorted_field} eq '0') {
print MAIL "$sorted_field: $Form{$sorted_field}\n\n";
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel ds'} || $Form{$field} ||
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
print MAIL "-" x 75 . "\n\n";
# Send any specified Environment Variables to recipient. #
foreach $env_report (@Env_Report) {
if ($ENV{$env_report}) {
print MAIL "$env_report: $ENV{$env_report}\n";
}
}
close (MAIL);
}
sub check_Email {
# Initialize local Email variable with input to subroutine. #
$Email = $_[0];
# If the e-mail address contains: #
if ($Email =~ /(@.*@)|(\.\.)|(@\.)|(\.@) |(^\.)/ ||
# the e-mail address contains an invalid syntax. Or, if the #
# syntax does not match the following regular expression pattern #
# it fails basic syntax verification. #
$Email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.] +\.([a-zA- Z]{2,3}|[0 -9]{1,3})( \]?)$/) {
# Basic syntax requires: one or more characters before the @ sign, #
# followed by an optional '[', then any number of letters, numbers, #
# dashes or periods (valid domain/IP characters) ending in a period #
# and then 2 or 3 letters (for domain suffixes) or 1 to 3 numbers #
# (for IP addresses). An ending bracket is also allowed as it is #
# valid syntax to have an Email address like: user@[255.255.255.0] #
# Return a false value, since the e-mail address did not pass valid #
# syntax. #
return 0;
}
else {
# Return a true value, e-mail verification passed. #
return 1;
}
}
sub body_attributes {
# Check for Background Color
if ($Config{'bgcolor'}) { print " bgcolor=\"$Config{'bgcolor '}\"" }
# Check for Background Image
if ($Config{'background'}) { print " background=\"$Config{'back ground'}\" " }
# Check for Link Color
if ($Config{'link_color'}) { print " link=\"$Config{'link_color '}\"" }
# Check for Visited Link Color
if ($Config{'vlink_color'}) { print " vlink=\"$Config{'vlink_col or'}\"" }
# Check for Active Link Color
if ($Config{'alink_color'}) { print " alink=\"$Config{'alink_col or'}\"" }
# Check for Body Text Color
if ($Config{'text_color'}) { print " text=\"$Config{'text_color '}\"" }
}
sub error {
# Localize variables and assign subroutine input. #
local($error,@error_fields ) = @_;
local($host,$missing_field ,$missing_ field_list );
if ($error eq 'bad_referer') {
if ($ENV{'HTTP_REFERER'} =~ m|^https?://([\w\.]+)|i) {
$host = $1;
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Bad Referrer - Access Denied</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Bad Referrer - Access Denied</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The form attempting to use
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a>
resides at <tt>$ENV{'HTTP_REFERER'}</ tt>, which is not allowed to access
this cgi script.<p>
If you are attempting to configure FormMail to run with this form, you need
to add the following to \@referers, explained in detail in the README file.<p>
Add <tt>'$host'</tt> to your <tt><b>\@referers</b></tt> array.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
else {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>FormMail v1.6</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>FormMail</font></t h></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><th><tt><font size=+1>Copyright 1995 - 1997 Matt Wright<br>
Version 1.6 - Released May 02, 1997<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive,
Inc.</a></font></tt></th>< /tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
elsif ($error eq 'request_method') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Request Method</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Request Method</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The Request Method of the Form you submitted did not match
either <tt>GET</tt> or <tt>POST</tt>. Please check the form and make sure the
<tt>method=</tt> statement is in upper case and matches <tt>GET</tt> or <tt>POST</tt>.<p>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'no_recipient') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: No Recipient</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: No Recipient</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>No Recipient was specified in the data sent to FormMail. Please
make sure you have filled in the 'recipient' form field with an e-mail
address. More information on filling in recipient form fields can be
found in the README file.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'missing_fields') {
if ($Config{'missing_fields_r edirect'}) {
print "Location: $Config{'missing_fields_re direct'}\n \n";
}
else {
foreach $missing_field (@error_fields) {
$missing_field_list .= " <li>$missing_field\n";
}
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Blank Fields</title>
</head>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Blank Fields</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The following fields were left blank in your submission form:<p>
<ul>
$missing_field_list
</ul><br>
These fields must be filled in before you can successfully submit the form.<p>
Please use your browser's back button to return to the form and try again.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
exit;
}
Here's the codes for Matt Wright's basic formmail.
===Formmail.pl===
#!/usr/local/opt/bin/perl
##########################
# FormMail Version 1.6 #
# Copyright 1995-1997 Matt Wright mattw@worldwidemart.com #
# Created 06/09/95 Last Modified 05/02/97 #
# Matt's Script Archive, Inc.: http://www.worldwidemart.com/scripts/ #
$mailprog = '/usr/lib/sendmail';
# @referers allows forms to be located only on servers which are defined #
# in this field. This security fix from the last version which allowed #
# anyone on any server to use your FormMail script on their web site. #
@referers = ('xyz.abc.com','123.456.78
# Done #
##########################
# Check Referring URL
&check_url;
# Retrieve Date
&get_date;
# Parse Form Contents
&parse_form;
# Check Required Fields
&check_required;
# Return HTML Page or Redirect User
&return_html;
# Send E-Mail
&send_mail;
sub check_url {
# Localize the check_referer flag which determines if user is valid. #
local($check_referer) = 0;
# If a referring URL was specified, for each valid referer, make sure #
# that a valid referring URL was passed to FormMail. #
if ($ENV{'HTTP_REFERER'}) {
foreach $referer (@referers) {
if ($ENV{'HTTP_REFERER'} =~ m|https?://([^/]*)$referer
$check_referer = 1;
last;
}
}
}
else {
$check_referer = 1;
}
# If the HTTP_REFERER was invalid, send back an error. #
if ($check_referer != 1) { &error('bad_referer') }
}
sub get_date {
# Define arrays for the day of the week and month of the year. #
@days = ('Sunday','Monday','Tuesda
'Thursday','Friday','Satur
@months = ('January','February','Mar
'August','September','Octo
# Get the current time and format the hour, minutes and seconds. Add #
# 1900 to the year to get the full 4 digit year. #
($sec,$min,$hour,$mday,$mo
$time = sprintf("%02d:%02d:%02d",$
$year += 1900;
# Format the date. #
$date = "$days[$wday], $months[$mon] $mday, $year at $time";
}
sub parse_form {
# Define the configuration associative array. #
%Config = ('recipient','', 'subject','',
'Email','', 'RequestorName','',
'redirect','', 'bgcolor','',
'background','', 'link_color','',
'vlink_color','', 'text_color','',
'alink_color','', 'title','',
'sort','', 'print_config','',
'required','', 'env_report','',
'return_link_title','', 'return_link_url','',
'print_blank_fields','', 'missing_fields_redirect',
# Determine the form's REQUEST_METHOD (GET or POST) and split the form #
# fields up into their name-value pairs. If the REQUEST_METHOD was #
# not GET or POST, send an error. #
if ($ENV{'REQUEST_METHOD'} eq 'GET') {
# Split the name-value pairs
@pairs = split(/&/, $ENV{'QUERY_STRING'});
}
elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
}
else {
&error('request_method');
}
# For each name-value pair: #
foreach $pair (@pairs) {
# Split the pair up into individual variables. #
local($name, $value) = split(/=/, $pair);
# Decode the form encoding on the name and value variables. #
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9]
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9]
# If they try to include server side includes, erase them, so they
# aren't a security risk if the html gets returned. Another
# security hole plugged up.
$value =~ s/<!--(.|\n)*-->//g;
# If the field name has been specified in the %Config array, it will #
# return a 1 for defined($Config{$name}}) and we should associate #
# this value with the appropriate configuration variable. If this #
# is not a configuration form field, put it into the associative #
# array %Form, appending the value with a ', ' if there is already a #
# value present. We also save the order of the form fields in the #
# @Field_Order array so we can use this order for the generic sort. #
if (defined($Config{$name})) {
$Config{$name} = $value;
}
else {
if ($Form{$name} && $value) {
$Form{$name} = "$Form{$name}, $value";
}
elsif ($value) {
push(@Field_Order,$name);
$Form{$name} = $value;
}
}
}
# The next six lines remove any extra spaces or new lines from the #
# configuration variables, which may have been caused if your editor #
# wraps lines after a certain length or if you used spaces between field #
# names or environment variables. #
$Config{'required'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'required'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'env_report'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'env_report'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'print_config'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'print_config'} =~ s/(\s+)?\n+(\s+)?//g;
# Split the configuration variables into individual field names. #
@Required = split(/,/,$Config{'require
@Env_Report = split(/,/,$Config{'env_rep
@Print_Config = split(/,/,$Config{'print_c
}
sub check_required {
# Localize the variables used in this subroutine. #
local($require, @error);
if (!$Config{'recipient'}) {
if (!defined(%Form)) { &error('bad_referer') }
else { &error('no_recipient') }
}
# For each require field defined in the form: #
foreach $require (@Required) {
# If the required field is the Email field, the syntax of the Email #
# address if checked to make sure it passes a valid syntax. #
if ($require eq 'Email' && !&check_Email($Config{$req
push(@error,$require);
}
# Otherwise, if the required field is a configuration field and it #
# has no value or has been filled in with a space, send an error. #
elsif (defined($Config{$require}
if (!$Config{$require}) {
push(@error,$require);
}
}
# If it is a regular form field which has not been filled in or #
# filled in with a space, flag it as an error field. #
elsif (!$Form{$require}) {
push(@error,$require);
}
}
# If any error fields have been found, send error message to the user. #
if (@error) { &error('missing_fields', @error) }
}
sub return_html {
# Local variables used in this subroutine initialized. #
local($key,$sort_order,$so
# If redirect option is used, print the redirectional location header. #
if ($Config{'redirect'}) {
print "Location: $Config{'redirect'}\n\n";
}
# Otherwise, begin printing the response page. #
else {
# Print HTTP header and opening HTML tags. #
print "Content-type: text/html\n\n";
print "<html>\n <head>\n";
# Print out title of page #
if ($Config{'title'}) { print " <title>$Config{'title'}</t
else { print " <title>Thank You</title>\n" }
print " </head>\n <body";
# Get Body Tag Attributes #
&body_attributes;
# Close Body Tag #
print ">\n <center>\n";
# Print custom or generic title. #
if ($Config{'title'}) { print " <h1>$Config{'title'}</h1>\
else { print " <h1>Thank You For Filling Out This Form</h1>\n" }
print "</center>\n";
print "Below is what you submitted to $Config{'recipient'} on ";
print "$date<p><hr size=1 width=75\%><p>\n";
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Set the temporary $sort_order variable to the sorting order, #
# remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$sort_order = $Config{'sort'};
$sort_order =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$sort_order =~ s/(\s+)?\n+(\s+)?//g;
$sort_order =~ s/order://;
@sorted_fields = split(/,/, $sort_order);
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel
print "<b>$sorted_field:</b> $Form{$sorted_field}<p>\n"
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
print "<p><hr size=1 width=75%><p>\n";
# Check for a Return Link and print one if found. #
if ($Config{'return_link_url'
print "<ul>\n";
print "<li><a href=\"$Config{'return_lin
print "</ul>\n";
}
# Print the page footer. #
print <<"(END HTML FOOTER)";
<hr size=1 width=75%><p>
<center><font size=-1><a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 -1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a></font></center>
</body>
</html>
(END HTML FOOTER)
}
}
sub send_mail {
# Localize variables used in this subroutine. #
local($print_config,$key,$
# Open The Mail Program
# open(MAIL,"|$mailprog -t");
if ($Config{'from_Email'}) { open(MAIL,"|$mailprog -f $Config{'Email'} -t"); }
else { open(MAIL,"|$mailprog -t"); }
print MAIL "To: $Config{'recipient'}\n";
if ($Config{'cc_Email'}) { print MAIL "Cc: $Config{'Email'}\n"; }
print MAIL "From: $Config{'Email'} ($Config{'RequestorName'})
# Check for Message Subject
if ($Config{'subject'}) { print MAIL "Subject: $Config{'subject'}- VANTIVE NUMBER $Config{'vantive_result'}\
else { print MAIL "Subject: WWW Form Submission\n\n" }
print MAIL "Below is the result of your MQSERIES CONFIG REQUEST form. **PLEASE NOTE VANTIVE NUMBER** It was submitted by\n";
print MAIL "$Config{'RequestorName'} ($Config{'Email'}) on $date $Config{'vantive_result'}\
print MAIL "-" x 75 . "\n\n";
if (@Print_Config) {
foreach $print_config (@Print_Config) {
if ($Config{$print_config}) {
print MAIL "$print_config: $Config{$print_config}\n\n
}
}
}
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$Config{'sort'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'sort'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'sort'} =~ s/order://;
@sorted_fields = split(/,/, $Config{'sort'});
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel
$Form{$sorted_field} eq '0') {
print MAIL "$sorted_field: $Form{$sorted_field}\n\n";
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
print MAIL "-" x 75 . "\n\n";
# Send any specified Environment Variables to recipient. #
foreach $env_report (@Env_Report) {
if ($ENV{$env_report}) {
print MAIL "$env_report: $ENV{$env_report}\n";
}
}
close (MAIL);
}
sub check_Email {
# Initialize local Email variable with input to subroutine. #
$Email = $_[0];
# If the e-mail address contains: #
if ($Email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)
# the e-mail address contains an invalid syntax. Or, if the #
# syntax does not match the following regular expression pattern #
# it fails basic syntax verification. #
$Email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]
# Basic syntax requires: one or more characters before the @ sign, #
# followed by an optional '[', then any number of letters, numbers, #
# dashes or periods (valid domain/IP characters) ending in a period #
# and then 2 or 3 letters (for domain suffixes) or 1 to 3 numbers #
# (for IP addresses). An ending bracket is also allowed as it is #
# valid syntax to have an Email address like: user@[255.255.255.0] #
# Return a false value, since the e-mail address did not pass valid #
# syntax. #
return 0;
}
else {
# Return a true value, e-mail verification passed. #
return 1;
}
}
sub body_attributes {
# Check for Background Color
if ($Config{'bgcolor'}) { print " bgcolor=\"$Config{'bgcolor
# Check for Background Image
if ($Config{'background'}) { print " background=\"$Config{'back
# Check for Link Color
if ($Config{'link_color'}) { print " link=\"$Config{'link_color
# Check for Visited Link Color
if ($Config{'vlink_color'}) { print " vlink=\"$Config{'vlink_col
# Check for Active Link Color
if ($Config{'alink_color'}) { print " alink=\"$Config{'alink_col
# Check for Body Text Color
if ($Config{'text_color'}) { print " text=\"$Config{'text_color
}
sub error {
# Localize variables and assign subroutine input. #
local($error,@error_fields
local($host,$missing_field
if ($error eq 'bad_referer') {
if ($ENV{'HTTP_REFERER'} =~ m|^https?://([\w\.]+)|i) {
$host = $1;
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Bad Referrer - Access Denied</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Bad Referrer - Access Denied</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The form attempting to use
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a>
resides at <tt>$ENV{'HTTP_REFERER'}</
this cgi script.<p>
If you are attempting to configure FormMail to run with this form, you need
to add the following to \@referers, explained in detail in the README file.<p>
Add <tt>'$host'</tt> to your <tt><b>\@referers</b></tt>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
else {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>FormMail v1.6</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>FormMail</font></t
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><th><tt><font size=+1>Copyright 1995 - 1997 Matt Wright<br>
Version 1.6 - Released May 02, 1997<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive,
Inc.</a></font></tt></th><
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
elsif ($error eq 'request_method') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Request Method</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Request Method</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The Request Method of the Form you submitted did not match
either <tt>GET</tt> or <tt>POST</tt>. Please check the form and make sure the
<tt>method=</tt> statement is in upper case and matches <tt>GET</tt> or <tt>POST</tt>.<p>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'no_recipient') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: No Recipient</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: No Recipient</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>No Recipient was specified in the data sent to FormMail. Please
make sure you have filled in the 'recipient' form field with an e-mail
address. More information on filling in recipient form fields can be
found in the README file.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'missing_fields') {
if ($Config{'missing_fields_r
print "Location: $Config{'missing_fields_re
}
else {
foreach $missing_field (@error_fields) {
$missing_field_list .= " <li>$missing_field\n";
}
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Blank Fields</title>
</head>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Blank Fields</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The following fields were left blank in your submission form:<p>
<ul>
$missing_field_list
</ul><br>
These fields must be filled in before you can successfully submit the form.<p>
Please use your browser's back button to return to the form and try again.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
exit;
}
#!/usr/local/opt/bin/perl
########################## ########## ########## ########## ########## ########## ##
# FormMail Version 1.6 #
# Copyright 1995-1997 Matt Wright mattw@worldwidemart.com #
# Created 06/09/95 Last Modified 05/02/97 #
# Matt's Script Archive, Inc.: http://www.worldwidemart.com/scripts/ #
$mailprog = '/usr/lib/sendmail';
# @referers allows forms to be located only on servers which are defined #
# in this field. This security fix from the last version which allowed #
# anyone on any server to use your FormMail script on their web site. #
@referers = ('xyz.abc.com','123.456.78 9.012','un ixserverna me.abc.com ','xyz','1 27.0.0.1') ;
# Done #
########################## ########## ########## ########## ########## ########## ##
# Check Referring URL
&check_url;
# Retrieve Date
&get_date;
# Parse Form Contents
&parse_form;
# Check Required Fields
&check_required;
# Return HTML Page or Redirect User
&return_html;
# Send E-Mail
&send_mail;
sub check_url {
# Localize the check_referer flag which determines if user is valid. #
local($check_referer) = 1;
# If a referring URL was specified, for each valid referer, make sure #
# that a valid referring URL was passed to FormMail. #
# If the HTTP_REFERER was invalid, send back an error. #
if ($check_referer != 1) { &error('bad_referer') }
}
sub get_date {
# Define arrays for the day of the week and month of the year. #
@days = ('Sunday','Monday','Tuesda y','Wednes day',
'Thursday','Friday','Satur day');
@months = ('January','February','Mar ch','April ','May','J une','July ',
'August','September','Octo ber','Nove mber','Dec ember');
# Get the current time and format the hour, minutes and seconds. Add #
# 1900 to the year to get the full 4 digit year. #
($sec,$min,$hour,$mday,$mo n,$year,$w day) = (localtime(time))[0,1,2,3, 4,5,6];
$time = sprintf("%02d:%02d:%02d",$ hour,$min, $sec);
$year += 1900;
# Format the date. #
$date = "$days[$wday], $months[$mon] $mday, $year at $time";
}
sub parse_form {
# Define the configuration associative array. #
%Config = ('recipient','', 'subject','',
'Email','', 'RequestorName','',
'redirect','', 'bgcolor','',
'background','', 'link_color','',
'vlink_color','', 'text_color','',
'alink_color','', 'title','',
'sort','', 'print_config','',
'required','', 'env_report','',
'return_link_title','', 'return_link_url','',
'print_blank_fields','', 'missing_fields_redirect', '');
# Determine the form's REQUEST_METHOD (GET or POST) and split the form #
# fields up into their name-value pairs. If the REQUEST_METHOD was #
# not GET or POST, send an error. #
if ($ENV{'REQUEST_METHOD'} eq 'GET') {
# Split the name-value pairs
@pairs = split(/&/, $ENV{'QUERY_STRING'});
}
elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
}
else {
&error('request_method');
}
# For each name-value pair: #
foreach $pair (@pairs) {
# Split the pair up into individual variables. #
local($name, $value) = split(/=/, $pair);
# Decode the form encoding on the name and value variables. #
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
# If they try to include server side includes, erase them, so they
# aren't a security risk if the html gets returned. Another
# security hole plugged up.
$value =~ s/<!--(.|\n)*-->//g;
# If the field name has been specified in the %Config array, it will #
# return a 1 for defined($Config{$name}}) and we should associate #
# this value with the appropriate configuration variable. If this #
# is not a configuration form field, put it into the associative #
# array %Form, appending the value with a ', ' if there is already a #
# value present. We also save the order of the form fields in the #
# @Field_Order array so we can use this order for the generic sort. #
if (defined($Config{$name})) {
$Config{$name} = $value;
}
else {
if ($Form{$name} && $value) {
$Form{$name} = "$Form{$name}, $value";
}
elsif ($value) {
push(@Field_Order,$name);
$Form{$name} = $value;
}
}
}
# The next six lines remove any extra spaces or new lines from the #
# configuration variables, which may have been caused if your editor #
# wraps lines after a certain length or if you used spaces between field #
# names or environment variables. #
$Config{'required'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'required'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'env_report'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'env_report'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'print_config'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'print_config'} =~ s/(\s+)?\n+(\s+)?//g;
# Split the configuration variables into individual field names. #
@Required = split(/,/,$Config{'require d'});
@Env_Report = split(/,/,$Config{'env_rep ort'});
@Print_Config = split(/,/,$Config{'print_c onfig'});
}
sub check_required {
# Localize the variables used in this subroutine. #
local($require, @error);
if (!$Config{'recipient'}) {
if (!defined(%Form)) { &error('bad_referer') }
else { &error('no_recipient') }
}
# For each require field defined in the form: #
foreach $require (@Required) {
# If the required field is the Email field, the syntax of the Email #
# address if checked to make sure it passes a valid syntax. #
if ($require eq 'Email' && !&check_Email($Config{$req uire})) {
push(@error,$require);
}
# Otherwise, if the required field is a configuration field and it #
# has no value or has been filled in with a space, send an error. #
elsif (defined($Config{$require} )) {
if (!$Config{$require}) {
push(@error,$require);
}
}
# If it is a regular form field which has not been filled in or #
# filled in with a space, flag it as an error field. #
elsif (!$Form{$require}) {
push(@error,$require);
}
}
# If any error fields have been found, send error message to the user. #
if (@error) { &error('missing_fields', @error) }
}
sub return_html {
# Local variables used in this subroutine initialized. #
local($key,$sort_order,$so rted_field );
# If redirect option is used, print the redirectional location header. #
if ($Config{'redirect'}) {
print "Location: $Config{'redirect'}\n\n";
}
# Otherwise, begin printing the response page. #
else {
# Print HTTP header and opening HTML tags. #
print "Content-type: text/html\n\n";
print "<html>\n <head>\n";
# Print out title of page #
if ($Config{'title'}) { print " <title>$Config{'title'}</t itle>\n" }
else { print " <title>Thank You</title>\n" }
print " </head>\n <body";
# Get Body Tag Attributes #
&body_attributes;
# Close Body Tag #
print ">\n <center>\n";
# Print custom or generic title. #
if ($Config{'title'}) { print " <h1>$Config{'title'}</h1>\ n" }
else { print " <h1>Thank You For Filling Out This Form</h1>\n" }
print "</center>\n";
print "Below is what you submitted to $Config{'recipient'} on ";
print "$date<p><hr size=1 width=75\%><p>\n";
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel ds'} || $Form{$field}) {
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Set the temporary $sort_order variable to the sorting order, #
# remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$sort_order = $Config{'sort'};
$sort_order =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$sort_order =~ s/(\s+)?\n+(\s+)?//g;
$sort_order =~ s/order://;
@sorted_fields = split(/,/, $sort_order);
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel ds'} || $Form{$sorted_field}) {
print "<b>$sorted_field:</b> $Form{$sorted_field}<p>\n" ;
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel ds'} || $Form{$field}) {
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
print "<p><hr size=1 width=75%><p>\n";
# Check for a Return Link and print one if found. #
if ($Config{'return_link_url' } && $Config{'return_link_title '}) {
print "<ul>\n";
print "<li><a href=\"$Config{'return_lin k_url'}\"> $Config{'r eturn_link _title'}</ a>\n";
print "</ul>\n";
}
# Print the page footer. #
print <<"(END HTML FOOTER)";
<hr size=1 width=75%><p>
<center><font size=-1><a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 -1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a></font></center>
</body>
</html>
(END HTML FOOTER)
}
}
sub send_mail {
# Localize variables used in this subroutine. #
local($print_config,$key,$ sort_order ,$sorted_f ield,$env_ report);
# Open The Mail Program
# open(MAIL,"|$mailprog -t");
if ($Config{'from_Email'}) { open(MAIL,"|$mailprog -f $Config{'Email'} -t"); }
else { open(MAIL,"|$mailprog -t"); }
print MAIL "To: $Config{'recipient'}\n";
if ($Config{'cc_Email'}) { print MAIL "Cc: $Config{'Email'}\n"; }
print MAIL "From: $Config{'Email'} ($Config{'RequestorName'}) \n";
# Check for Message Subject
if ($Config{'subject'}) { print MAIL "Subject: $Config{'subject'}- VANTIVE NUMBER $Config{'vantive_result'}\ n\n"
}
else { print MAIL "Subject: WWW Form Submission\n\n" }
print MAIL "Below is the result of your MQSERIES CONFIG REQUEST form. **PLEASE NOTE VANTIVE NUMBER**
It was submitted by\n";
print MAIL "$Config{'RequestorName'} ($Config{'Email'}) on $date $Config{'vantive_result'}\ n";
print MAIL "-" x 75 . "\n\n";
if (@Print_Config) {
foreach $print_config (@Print_Config) {
if ($Config{$print_config}) {
print MAIL "$print_config: $Config{$print_config}\n\n ";
}
}
}
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel ds'} || $Form{$field} ||
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$Config{'sort'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'sort'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'sort'} =~ s/order://;
@sorted_fields = split(/,/, $Config{'sort'});
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel ds'} || $Form{$sorted_field} ||
$Form{$sorted_field} eq '0') {
print MAIL "$sorted_field: $Form{$sorted_field}\n\n";
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel ds'} || $Form{$field} ||
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
print MAIL "-" x 75 . "\n\n";
# Send any specified Environment Variables to recipient. #
foreach $env_report (@Env_Report) {
if ($ENV{$env_report}) {
print MAIL "$env_report: $ENV{$env_report}\n";
}
}
close (MAIL);
}
sub check_Email {
# Initialize local Email variable with input to subroutine. #
$Email = $_[0];
# If the e-mail address contains: #
if ($Email =~ /(@.*@)|(\.\.)|(@\.)|(\.@) |(^\.)/ ||
# the e-mail address contains an invalid syntax. Or, if the #
# syntax does not match the following regular expression pattern #
# it fails basic syntax verification. #
$Email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.] +\.([a-zA- Z]{2,3}|[0 -9]{1,3})( \]?)$/) {
# Basic syntax requires: one or more characters before the @ sign, #
# followed by an optional '[', then any number of letters, numbers, #
# dashes or periods (valid domain/IP characters) ending in a period #
# and then 2 or 3 letters (for domain suffixes) or 1 to 3 numbers #
# (for IP addresses). An ending bracket is also allowed as it is #
# valid syntax to have an Email address like: user@[255.255.255.0] #
# Return a false value, since the e-mail address did not pass valid #
# syntax. #
return 0;
}
else {
# Return a true value, e-mail verification passed. #
return 1;
}
}
sub body_attributes {
# Check for Background Color
if ($Config{'bgcolor'}) { print " bgcolor=\"$Config{'bgcolor '}\"" }
# Check for Background Image
if ($Config{'background'}) { print " background=\"$Config{'back ground'}\" " }
# Check for Link Color
if ($Config{'link_color'}) { print " link=\"$Config{'link_color '}\"" }
# Check for Visited Link Color
if ($Config{'vlink_color'}) { print " vlink=\"$Config{'vlink_col or'}\"" }
# Check for Active Link Color
if ($Config{'alink_color'}) { print " alink=\"$Config{'alink_col or'}\"" }
# Check for Body Text Color
if ($Config{'text_color'}) { print " text=\"$Config{'text_color '}\"" }
}
sub error {
# Localize variables and assign subroutine input. #
local($error,@error_fields ) = @_;
local($host,$missing_field ,$missing_ field_list );
if ($error eq 'bad_referer') {
if ($ENV{'HTTP_REFERER'} =~ m|^https?://([\w\.]+)|i) {
$host = $1;
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Bad Referrer - Access Denied</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Bad Referrer - Access Denied</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The form attempting to use
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a>
resides at <tt>$ENV{'HTTP_REFERER'}</ tt>, which is not allowed to access
this cgi script.<p>
If you are attempting to configure FormMail to run with this form, you need
to add the following to \@referers, explained in detail in the README file.<p>
Add <tt>'$host'</tt> to your <tt><b>\@referers</b></tt> array.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
else {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>FormMail v1.6</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>FormMail</font></t h></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><th><tt><font size=+1>Copyright 1995 - 1997 Matt Wright<br>
Version 1.6 - Released May 02, 1997<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive,
Inc.</a></font></tt></th>< /tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
elsif ($error eq 'request_method') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Request Method</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Request Method</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The Request Method of the Form you submitted did not match
either <tt>GET</tt> or <tt>POST</tt>. Please check the form and make sure the
<tt>method=</tt> statement is in upper case and matches <tt>GET</tt> or <tt>POST</tt>.<p>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'no_recipient') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: No Recipient</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: No Recipient</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>No Recipient was specified in the data sent to FormMail. Please
make sure you have filled in the 'recipient' form field with an e-mail
address. More information on filling in recipient form fields can be
found in the README file.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'missing_fields') {
if ($Config{'missing_fields_r edirect'}) {
print "Location: $Config{'missing_fields_re direct'}\n \n";
}
else {
foreach $missing_field (@error_fields) {
$missing_field_list .= " <li>$missing_field\n";
}
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Blank Fields</title>
</head>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Blank Fields</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The following fields were left blank in your submission form:<p>
<ul>
$missing_field_list
</ul><br>
These fields must be filled in before you can successfully submit the form.<p>
Please use your browser's back button to return to the form and try again.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
exit;
}
i modified it . this should work.
##########################
# FormMail Version 1.6 #
# Copyright 1995-1997 Matt Wright mattw@worldwidemart.com #
# Created 06/09/95 Last Modified 05/02/97 #
# Matt's Script Archive, Inc.: http://www.worldwidemart.com/scripts/ #
$mailprog = '/usr/lib/sendmail';
# @referers allows forms to be located only on servers which are defined #
# in this field. This security fix from the last version which allowed #
# anyone on any server to use your FormMail script on their web site. #
@referers = ('xyz.abc.com','123.456.78
# Done #
##########################
# Check Referring URL
&check_url;
# Retrieve Date
&get_date;
# Parse Form Contents
&parse_form;
# Check Required Fields
&check_required;
# Return HTML Page or Redirect User
&return_html;
# Send E-Mail
&send_mail;
sub check_url {
# Localize the check_referer flag which determines if user is valid. #
local($check_referer) = 1;
# If a referring URL was specified, for each valid referer, make sure #
# that a valid referring URL was passed to FormMail. #
# If the HTTP_REFERER was invalid, send back an error. #
if ($check_referer != 1) { &error('bad_referer') }
}
sub get_date {
# Define arrays for the day of the week and month of the year. #
@days = ('Sunday','Monday','Tuesda
'Thursday','Friday','Satur
@months = ('January','February','Mar
'August','September','Octo
# Get the current time and format the hour, minutes and seconds. Add #
# 1900 to the year to get the full 4 digit year. #
($sec,$min,$hour,$mday,$mo
$time = sprintf("%02d:%02d:%02d",$
$year += 1900;
# Format the date. #
$date = "$days[$wday], $months[$mon] $mday, $year at $time";
}
sub parse_form {
# Define the configuration associative array. #
%Config = ('recipient','', 'subject','',
'Email','', 'RequestorName','',
'redirect','', 'bgcolor','',
'background','', 'link_color','',
'vlink_color','', 'text_color','',
'alink_color','', 'title','',
'sort','', 'print_config','',
'required','', 'env_report','',
'return_link_title','', 'return_link_url','',
'print_blank_fields','', 'missing_fields_redirect',
# Determine the form's REQUEST_METHOD (GET or POST) and split the form #
# fields up into their name-value pairs. If the REQUEST_METHOD was #
# not GET or POST, send an error. #
if ($ENV{'REQUEST_METHOD'} eq 'GET') {
# Split the name-value pairs
@pairs = split(/&/, $ENV{'QUERY_STRING'});
}
elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
}
else {
&error('request_method');
}
# For each name-value pair: #
foreach $pair (@pairs) {
# Split the pair up into individual variables. #
local($name, $value) = split(/=/, $pair);
# Decode the form encoding on the name and value variables. #
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9]
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9]
# If they try to include server side includes, erase them, so they
# aren't a security risk if the html gets returned. Another
# security hole plugged up.
$value =~ s/<!--(.|\n)*-->//g;
# If the field name has been specified in the %Config array, it will #
# return a 1 for defined($Config{$name}}) and we should associate #
# this value with the appropriate configuration variable. If this #
# is not a configuration form field, put it into the associative #
# array %Form, appending the value with a ', ' if there is already a #
# value present. We also save the order of the form fields in the #
# @Field_Order array so we can use this order for the generic sort. #
if (defined($Config{$name})) {
$Config{$name} = $value;
}
else {
if ($Form{$name} && $value) {
$Form{$name} = "$Form{$name}, $value";
}
elsif ($value) {
push(@Field_Order,$name);
$Form{$name} = $value;
}
}
}
# The next six lines remove any extra spaces or new lines from the #
# configuration variables, which may have been caused if your editor #
# wraps lines after a certain length or if you used spaces between field #
# names or environment variables. #
$Config{'required'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'required'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'env_report'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'env_report'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'print_config'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'print_config'} =~ s/(\s+)?\n+(\s+)?//g;
# Split the configuration variables into individual field names. #
@Required = split(/,/,$Config{'require
@Env_Report = split(/,/,$Config{'env_rep
@Print_Config = split(/,/,$Config{'print_c
}
sub check_required {
# Localize the variables used in this subroutine. #
local($require, @error);
if (!$Config{'recipient'}) {
if (!defined(%Form)) { &error('bad_referer') }
else { &error('no_recipient') }
}
# For each require field defined in the form: #
foreach $require (@Required) {
# If the required field is the Email field, the syntax of the Email #
# address if checked to make sure it passes a valid syntax. #
if ($require eq 'Email' && !&check_Email($Config{$req
push(@error,$require);
}
# Otherwise, if the required field is a configuration field and it #
# has no value or has been filled in with a space, send an error. #
elsif (defined($Config{$require}
if (!$Config{$require}) {
push(@error,$require);
}
}
# If it is a regular form field which has not been filled in or #
# filled in with a space, flag it as an error field. #
elsif (!$Form{$require}) {
push(@error,$require);
}
}
# If any error fields have been found, send error message to the user. #
if (@error) { &error('missing_fields', @error) }
}
sub return_html {
# Local variables used in this subroutine initialized. #
local($key,$sort_order,$so
# If redirect option is used, print the redirectional location header. #
if ($Config{'redirect'}) {
print "Location: $Config{'redirect'}\n\n";
}
# Otherwise, begin printing the response page. #
else {
# Print HTTP header and opening HTML tags. #
print "Content-type: text/html\n\n";
print "<html>\n <head>\n";
# Print out title of page #
if ($Config{'title'}) { print " <title>$Config{'title'}</t
else { print " <title>Thank You</title>\n" }
print " </head>\n <body";
# Get Body Tag Attributes #
&body_attributes;
# Close Body Tag #
print ">\n <center>\n";
# Print custom or generic title. #
if ($Config{'title'}) { print " <h1>$Config{'title'}</h1>\
else { print " <h1>Thank You For Filling Out This Form</h1>\n" }
print "</center>\n";
print "Below is what you submitted to $Config{'recipient'} on ";
print "$date<p><hr size=1 width=75\%><p>\n";
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Set the temporary $sort_order variable to the sorting order, #
# remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$sort_order = $Config{'sort'};
$sort_order =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$sort_order =~ s/(\s+)?\n+(\s+)?//g;
$sort_order =~ s/order://;
@sorted_fields = split(/,/, $sort_order);
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel
print "<b>$sorted_field:</b> $Form{$sorted_field}<p>\n"
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel
print "<b>$field:</b> $Form{$field}<p>\n";
}
}
}
print "<p><hr size=1 width=75%><p>\n";
# Check for a Return Link and print one if found. #
if ($Config{'return_link_url'
print "<ul>\n";
print "<li><a href=\"$Config{'return_lin
print "</ul>\n";
}
# Print the page footer. #
print <<"(END HTML FOOTER)";
<hr size=1 width=75%><p>
<center><font size=-1><a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 -1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a></font></center>
</body>
</html>
(END HTML FOOTER)
}
}
sub send_mail {
# Localize variables used in this subroutine. #
local($print_config,$key,$
# Open The Mail Program
# open(MAIL,"|$mailprog -t");
if ($Config{'from_Email'}) { open(MAIL,"|$mailprog -f $Config{'Email'} -t"); }
else { open(MAIL,"|$mailprog -t"); }
print MAIL "To: $Config{'recipient'}\n";
if ($Config{'cc_Email'}) { print MAIL "Cc: $Config{'Email'}\n"; }
print MAIL "From: $Config{'Email'} ($Config{'RequestorName'})
# Check for Message Subject
if ($Config{'subject'}) { print MAIL "Subject: $Config{'subject'}- VANTIVE NUMBER $Config{'vantive_result'}\
}
else { print MAIL "Subject: WWW Form Submission\n\n" }
print MAIL "Below is the result of your MQSERIES CONFIG REQUEST form. **PLEASE NOTE VANTIVE NUMBER**
It was submitted by\n";
print MAIL "$Config{'RequestorName'} ($Config{'Email'}) on $date $Config{'vantive_result'}\
print MAIL "-" x 75 . "\n\n";
if (@Print_Config) {
foreach $print_config (@Print_Config) {
if ($Config{$print_config}) {
print MAIL "$print_config: $Config{$print_config}\n\n
}
}
}
# Sort alphabetically if specified: #
if ($Config{'sort'} eq 'alphabetic') {
foreach $field (sort keys %Form) {
# If the field has a value or the print blank fields option #
# is turned on, print out the form field and value. #
if ($Config{'print_blank_fiel
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
# If a sort order is specified, sort the form fields based on that. #
elsif ($Config{'sort'} =~ /^order:.*,.*/) {
# Remove extraneous line breaks and spaces, remove the order: #
# directive and split the sort fields into an array. #
$Config{'sort'} =~ s/(\s+|\n)?,(\s+|\n)?/,/g;
$Config{'sort'} =~ s/(\s+)?\n+(\s+)?//g;
$Config{'sort'} =~ s/order://;
@sorted_fields = split(/,/, $Config{'sort'});
# For each sorted field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $sorted_field (@sorted_fields) {
if ($Config{'print_blank_fiel
$Form{$sorted_field} eq '0') {
print MAIL "$sorted_field: $Form{$sorted_field}\n\n";
}
}
}
# Otherwise, default to the order in which the fields were sent. #
else {
# For each form field, if it has a value or the print blank #
# fields option is turned on print the form field and value. #
foreach $field (@Field_Order) {
if ($Config{'print_blank_fiel
$Form{$field} eq '0') {
print MAIL "$field: $Form{$field}\n\n";
}
}
}
print MAIL "-" x 75 . "\n\n";
# Send any specified Environment Variables to recipient. #
foreach $env_report (@Env_Report) {
if ($ENV{$env_report}) {
print MAIL "$env_report: $ENV{$env_report}\n";
}
}
close (MAIL);
}
sub check_Email {
# Initialize local Email variable with input to subroutine. #
$Email = $_[0];
# If the e-mail address contains: #
if ($Email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)
# the e-mail address contains an invalid syntax. Or, if the #
# syntax does not match the following regular expression pattern #
# it fails basic syntax verification. #
$Email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]
# Basic syntax requires: one or more characters before the @ sign, #
# followed by an optional '[', then any number of letters, numbers, #
# dashes or periods (valid domain/IP characters) ending in a period #
# and then 2 or 3 letters (for domain suffixes) or 1 to 3 numbers #
# (for IP addresses). An ending bracket is also allowed as it is #
# valid syntax to have an Email address like: user@[255.255.255.0] #
# Return a false value, since the e-mail address did not pass valid #
# syntax. #
return 0;
}
else {
# Return a true value, e-mail verification passed. #
return 1;
}
}
sub body_attributes {
# Check for Background Color
if ($Config{'bgcolor'}) { print " bgcolor=\"$Config{'bgcolor
# Check for Background Image
if ($Config{'background'}) { print " background=\"$Config{'back
# Check for Link Color
if ($Config{'link_color'}) { print " link=\"$Config{'link_color
# Check for Visited Link Color
if ($Config{'vlink_color'}) { print " vlink=\"$Config{'vlink_col
# Check for Active Link Color
if ($Config{'alink_color'}) { print " alink=\"$Config{'alink_col
# Check for Body Text Color
if ($Config{'text_color'}) { print " text=\"$Config{'text_color
}
sub error {
# Localize variables and assign subroutine input. #
local($error,@error_fields
local($host,$missing_field
if ($error eq 'bad_referer') {
if ($ENV{'HTTP_REFERER'} =~ m|^https?://([\w\.]+)|i) {
$host = $1;
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Bad Referrer - Access Denied</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Bad Referrer - Access Denied</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The form attempting to use
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a>
resides at <tt>$ENV{'HTTP_REFERER'}</
this cgi script.<p>
If you are attempting to configure FormMail to run with this form, you need
to add the following to \@referers, explained in detail in the README file.<p>
Add <tt>'$host'</tt> to your <tt><b>\@referers</b></tt>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
else {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>FormMail v1.6</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>FormMail</font></t
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><th><tt><font size=+1>Copyright 1995 - 1997 Matt Wright<br>
Version 1.6 - Released May 02, 1997<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive,
Inc.</a></font></tt></th><
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
elsif ($error eq 'request_method') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Request Method</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Request Method</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The Request Method of the Form you submitted did not match
either <tt>GET</tt> or <tt>POST</tt>. Please check the form and make sure the
<tt>method=</tt> statement is in upper case and matches <tt>GET</tt> or <tt>POST</tt>.<p>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'no_recipient') {
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: No Recipient</title>
</head>
<body bgcolor=#FFFFFF text=#000000>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: No Recipient</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>No Recipient was specified in the data sent to FormMail. Please
make sure you have filled in the 'recipient' form field with an e-mail
address. More information on filling in recipient form fields can be
found in the README file.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
elsif ($error eq 'missing_fields') {
if ($Config{'missing_fields_r
print "Location: $Config{'missing_fields_re
}
else {
foreach $missing_field (@error_fields) {
$missing_field_list .= " <li>$missing_field\n";
}
print <<"(END ERROR HTML)";
Content-type: text/html
<html>
<head>
<title>Error: Blank Fields</title>
</head>
<center>
<table border=0 width=600 bgcolor=#9C9C9C>
<tr><th><font size=+2>Error: Blank Fields</font></th></tr>
</table>
<table border=0 width=600 bgcolor=#CFCFCF>
<tr><td>The following fields were left blank in your submission form:<p>
<ul>
$missing_field_list
</ul><br>
These fields must be filled in before you can successfully submit the form.<p>
Please use your browser's back button to return to the form and try again.<hr size=1>
<center><font size=-1>
<a href="http://www.worldwidemart.com/scripts/formmail.shtml">FormMail</a> V1.6 © 1995 - 1997 Matt Wright<br>
A Free Product of <a href="http://www.worldwidemart.com/scripts/">Matt's Script Archive, Inc.</a>
</font></center>
</td></tr>
</table>
</center>
</body>
</html>
(END ERROR HTML)
}
}
exit;
}
i modified it . this should work.
ASKER
lexx, thank you for all your effort put into this but I'm still not getting it to work, i.e., the sendmail isn't going through to the recipient -- no mail sent through and getting the "Bad Referer" error shown below.
Content-type: text/html
Bad Referrer - Access Denied
The form attempting to use FormMail resides at http://xyz.abc.com/test/test.html, which is not allowed to access this cgi script.
If you are attempting to configure FormMail to run with this form, you need to add the following to @referers, explained in detail in the README file.
Add 'xyz.abc.com' to your @referers array.
Content-type: text/html
Bad Referrer - Access Denied
The form attempting to use FormMail resides at http://xyz.abc.com/test/test.html, which is not allowed to access this cgi script.
If you are attempting to configure FormMail to run with this form, you need to add the following to @referers, explained in detail in the README file.
Add 'xyz.abc.com' to your @referers array.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
lexx, again, I must thank you for your time spending on this ...
I've tried the above but still not getting to work, the "Bad referer" pointing to the @referer.
The form method I'm using is POST, but whenever I use GET it submits the form results through the sendmail to the recipient list BUT it the csv does not get updated.
If I use form method POST, the csv gets updated but the sendmail mailresults does not work and points to the "Bad Referer".
I've tried the above but still not getting to work, the "Bad referer" pointing to the @referer.
The form method I'm using is POST, but whenever I use GET it submits the form results through the sendmail to the recipient list BUT it the csv does not get updated.
If I use form method POST, the csv gets updated but the sendmail mailresults does not work and points to the "Bad Referer".
ASKER
lexx, I'm feeling so exhausted and fedup with this script, it's not funny.
I will go ahead and award you points for the effort you have put into this, though it's not resolved.
Let me know if you're comfortable with that.
I will go ahead and award you points for the effort you have put into this, though it's not resolved.
Let me know if you're comfortable with that.
its really sorry that it didn't workout. there must be something that we are totally overlooking.
please post the solution if you find it in the future.
the points are not required but are (obviously) okay with me.
regards.
please post the solution if you find it in the future.
the points are not required but are (obviously) okay with me.
regards.
ASKER
I'm still working on it and would love to find the solution and definitely will make the post here once as I have it figured out. BUT ...
It has turns out that the email notification is now needed if the user makes a selection, e.g., the form has a "Yes|No" checkbox, if the user selects "No", then an email notification must be sent out. I think I better come up with a different perl script to handle that but I'm uncertain ....
I will award you points for your efforts as I appreciate it so much.
NOTE: Administrators, half points will be awarded to lexxwern for the effort he has placed into this, though we have not come up with the final solution. I definitely will post the solution once as I have it resolved, it will be useful for others.
Thanks lexxwern!
It has turns out that the email notification is now needed if the user makes a selection, e.g., the form has a "Yes|No" checkbox, if the user selects "No", then an email notification must be sent out. I think I better come up with a different perl script to handle that but I'm uncertain ....
I will award you points for your efforts as I appreciate it so much.
NOTE: Administrators, half points will be awarded to lexxwern for the effort he has placed into this, though we have not come up with the final solution. I definitely will post the solution once as I have it resolved, it will be useful for others.
Thanks lexxwern!
ASKER
I'm still working on it and would love to find the solution and definitely will make the post here once as I have it figured out. BUT ...
It has turns out that the email notification is now needed if the user makes a selection, e.g., the form has a "Yes|No" checkbox, if the user selects "No", then an email notification must be sent out. I think I better come up with a different perl script to handle that but I'm uncertain ....
I will award you points for your efforts as I appreciate it so much.
NOTE: Administrators, half points will be awarded to lexxwern for the effort he has placed into this, though we have not come up with the final solution. I definitely will post the solution once as I have it resolved, it will be useful for others.
Thanks lexxwern!
It has turns out that the email notification is now needed if the user makes a selection, e.g., the form has a "Yes|No" checkbox, if the user selects "No", then an email notification must be sent out. I think I better come up with a different perl script to handle that but I'm uncertain ....
I will award you points for your efforts as I appreciate it so much.
NOTE: Administrators, half points will be awarded to lexxwern for the effort he has placed into this, though we have not come up with the final solution. I definitely will post the solution once as I have it resolved, it will be useful for others.
Thanks lexxwern!
ASKER
Bad Referrer - Access Denied
The form attempting to use FormMail resides at http://abc.xyz.com/teststuff/test.html, which is not allowed to access this cgi script.
If you are attempting to configure FormMail to run with this form, you need to add the following to @referers, explained in detail in the README file.
Add abc.xyz.com' to your @referers array.