software-archive/ncsa-httpd
2
Fork 0
mirror of https://github.com/NishiOwO/ncsa-httpd.git synced 2025-04-21 08:44:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
ncsa-httpd/cgi-bin/mail

342 lines
13 KiB
Perl
Executable File
Raw Blame History

#!/usr/local/bin/perl
# ======================================================================
# WebMonitor Standalone Module: mail
#
# CGI script for providing form and script
# to send mail to configured system users
#
# required files: mail.list
# Text file with users nicknames and
# email addresses in the format of
# <nickname>:<email address>
# Keep "mail.list" in same directory as mail script
# NOTE: you can even have group aliases!
# just separate the addresses with commas
# Make sure you 'chmod 0644 mail.list' so the server can read it
# +-----------------------------------------
# Example: |webmaster:admin@machine
# |john-doe:jdoe
# |carlos:cpero@ncsa.uiuc.edu
# |group:leader@domain.com,member@domain.com
# +-----------------------------------------
# ======================================================================
# Carlos A. Pero (cpero@ncsa.uiuc.edu) last update 10/17/95
# ======================================================================
# Documentation for WebMonitor can be found at
# <URL:http://hoohoo.ncsa.uiuc.edu/webmonitor/>
# ======================================================================
# This code is in the public domain. Specifically, we give to the public
# domain all rights for future licensing of the source code, all resale
# rights, and all publishing rights.
#
# We ask, but do not require, that the following message be included in
# all derived works:
#
# Portions developed at the National Center for Supercomputing
# Applications at the University of Illinois at Urbana-Champaign.
#
#
# THE UNIVERSITY OF ILLINOIS GIVES NO WARRANTY, EXPRESSED OR IMPLIED,
# FOR THE SOFTWARE AND/OR DOCUMENTATION PROVIDED, INCLUDING, WITHOUT
# LIMITATION, WARRANTY OF MERCHANTABILITY AND WARRANTY OF FITNESS FOR A
# PARTICULAR PURPOSE.
# ======================================================================
# For the greatest security, this script relies on a 'mail.list' file
# with a list of authorized nicknames and email address which can receive
# email through this mail script.
#
# For greater scalability, the '@AUTHDOMAINS' array can be used to store
# a list of domains. Any email address ending with one of these domains
# can use this script to receive email. In this case, the full email
# address becomes the 'nickname'.
# ======================================================================
# This script can be referenced 2 ways for the best flexibility:
#
# DIRECTLY, <A HREF="/cgi-bin/mail?nickname">
# This will generate an email form for the person named in 'nickname',
# and if they exist in the 'mail.list' file.
# If no 'nickname' is specified in the QUERY_STRING when the script is
# first invoked, or the nickname cannot be found in the 'mail.list',
# an email form with a SELECT box of all valid nicknames is generated.
# When the email form is submitted, it will call itself via method of POST,
# and send the email to the recipient, outputting a confirmation message.
# If the HTTP_REFERER was trasmitted when the script was first invoked,
# there will be a hyperlink available to go back to that page (such as
# the user's home page).
#
# FORWARDING RESULTS, <FORM METHOD="POST" ACTION="/cgi-bin/mail?nickname">
# This will forward the results from the FORM, which can exist anywhere,
# to the recipient specified by 'nickname'. Since the 'nickname' is in
# the QUERY_STRING, the FORM *must* use the METHOD="POST", otherwise the
# recipient's nickname will be blown away.
# Users may want to include a:
# <INPUT TYPE="hidden" NAME="next-url" VALUE="/~user/received.html">
# If this is present in the FORM input, the client will be redirected
# to this HTML file as a confirmation message instead of the default.
# In addition, the user can also define any of the following input names
# in their form to better customize the output mailed back to them.
# <INPUT TYPE="hidden" NAME="subject" VALUE="My survey results">
# <INPUT TYPE="hidden" NAME="from-name" VALUE="Average Web user">
# <INPUT TYPE="hidden" NAME="from-email" VALUE="jdoe@domain.com">
# These values will then be used in the header of the email message.
# Otherwise, default values will be substituted.
# ======================================================================
########################################################################
########## Configurable variables ######################################
$SENDMAIL = '/usr/lib/sendmail';
# The location of your sendmail binary
@AUTHDOMAINS = ('');
# List of lower-case Internet domains that can use this script
# such as ('ncsa.uiuc.edu', 'domain.com')
## Also, make sure the first line of this script points
## to your PERL binary
########## Nothing else to change ######################################
########################################################################
$ENV{'SCRIPT_NAME'} =~ m#(/.*/)(.*)$#;
$SCRIPTDIR = $1;
$SCRIPT = $2;
#### Do standard HTTP stuff ####
&cgi_receive;
&cgi_decode;
&cgi_header;
#### Load mail.list into associative array ####
open (MAILNAMES, "mail.list") || die ("$SCRIPT: Can't open mail.list: $!\n");
while (<MAILNAMES>) {
chop;
($nick, $addr) = split(/:/, $_);
$ADDRESS{$nick} = $addr;
}
close (MAILNAMES);
#### Figure out who the information should be sent to ####
if ($ENV{'QUERY_STRING'} =~ /\@/) {
#### User specified a full email address ####
($machine = $') =~ tr/A-Z/a-z/;
undef $FLAG{'authorized'};
for ($[ .. $#AUTHDOMAINS) {
$FLAG{'authorized'} = $AUTHDOMAINS[$_], last if ($ENV{'QUERY_STRING'} =~ /$AUTHDOMAINS[$_]$/);
}
&error_blank_field('an authorized email address') unless ($FLAG{'authorized'});
$recipient = $ENV{'QUERY_STRING'};
$extraaction = "?$recipient";
}
elsif ($ENV{'QUERY_STRING'}) {
#### User specified a nickname ####
$nickname = $ENV{'QUERY_STRING'};
&error_blank_field('a valid recipient nickname') unless ($ADDRESS{$nickname});
$recipient = $ADDRESS{$nickname};
$extraaction = "?$nickname";
}
elsif ($FORM{'nickname'}) {
#### Input is coming from listbox, ready for forwarding ####
$nickname = $FORM{'nickname'};
&error_blank_field('a valid recipient nickname') unless ($ADDRESS{$nickname});
$recipient = $ADDRESS{$FORM{'nickname'}};
}
elsif ($ENV{'REQUEST_METHOD'} eq "POST") {
#### I don't know who the information was for ####
&error_blank_field('a valid recipient');
}
#### Output a default email form if not POSTing already ####
&print_form unless ($ENV{'REQUEST_METHOD'} eq "POST");
#### Check for require fields
foreach $field (@requirefields) {
&error_blank_field($field) unless ($FORM{$field});
}
#### Fill in missing fields for forwarding FORM results ####
($FORM{'subject'}) || ($FORM{'subject'} = "FORM results");
($FORM{'from-email'}) || ($FORM{'from-email'} = $recipient);
($FORM{'from-name'}) || ($FORM{'from-name'} = "WebMonitor mail");
open (MAIL, "| $SENDMAIL $recipient") || die ("$SCRIPT: Can't open $mailprog: $!\n");
print MAIL "Reply-to: $FORM{'from-email'} ($FORM{'from-name'})\n";
print MAIL "From: $FORM{'from-email'} ($FORM{'from-name'})\n";
print MAIL "To: $recipient\n";
print MAIL "Subject: $FORM{'subject'}\n";
print MAIL "X-Comments: =============================================================\n";
print MAIL "X-Comments: NOTE: This message was sent through the WebMonitor mail form\n";
print MAIL "X-Comments: =============================================================\n";
print MAIL "X-Comments: HOST: $ENV{'REMOTE_HOST'} ($ENV{'REMOTE_ADDR'})\n";
print MAIL "X-Comments: BROWSER: $ENV{'HTTP_USER_AGENT'}\n";
print MAIL "X-Comments: REFERER: $FORM{'previous-url'}\n" if ($FORM{'previous-url'});
print MAIL "X-Comments: =============================================================\n";
print MAIL "\n";
&dump_values(FORM, MAIL);
print MAIL "\n";
close (MAIL);
#### Now, redirect if "next-url" is included
if ($FORM{'next-url'}) {
print "Location: $FORM{'next-url'}\n";
print "\n";
exit;
}
#### Prevent HTML output
foreach $key (keys %FORM) {
$FORM{$key} =~ s/</\&lt;/g;
$FORM{$key} =~ s/>/\&gt;/g;
}
#### Output confirmation message ####
print qq|<HTML><HEAD><TITLE>WebMonitor-Email Sent</TITLE></HEAD><BODY>\n|;
print qq|<H1>$ENV{'SERVER_NAME'} Email Sent</H1>\n|;
print qq|The following message has been sent.\n|;
print qq|You can now return to <A HREF="$FORM{'previous-url'}">where you were</A>.\n| if ($FORM{'previous-url'});
print qq|<HR>\n|;
print "<PRE>\n";
print "Reply-to: $FORM{'from-email'} ($FORM{'from-name'})\n";
print "From: $FORM{'from-email'} ($FORM{'from-name'})\n";
print "To: $recipient\n";
print "Subject: $FORM{'subject'}\n";
print "\n";
&dump_values(FORM, STDOUT);
print "\n";
print "</PRE>\n";
print "</BODY></HTML>\n";
exit;
#####################################################################
#### SUBROUTINES ####################################################
sub error_blank_field {
local($variable) = @_;
print "\n" if ($FORM{'next-url'});
print "<HTML><HEAD><TITLE>WebMonitor-Email Error</TITLE></HEAD><BODY>\n";
print "<H1>Error!</H1>\n";
print "You did not fill in $variable.\n";
print "</BODY></HTML>\n";
exit;
}
sub cgi_header {
print "Content-type: text/html\n";
print "\n" unless ($FORM{'next-url'});
}
sub cgi_receive {
if ($ENV{'REQUEST_METHOD'} eq "POST") {
read(STDIN, $incoming, $ENV{'CONTENT_LENGTH'});
}
else {
$incoming = $ENV{'QUERY_STRING'};
}
}
sub cgi_decode {
@pairs = split(/&/, $incoming);
foreach (@pairs) {
($name, $value) = split(/=/, $_);
$name =~ tr/+/ /;
$value =~ tr/+/ /;
$name =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie;
$value =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie;
#### Strip out semicolons unless for special character
$value =~ s/;/$$/g;
$value =~ s/&(\S{1,6})$$/&\1;/g;
$value =~ s/$$/ /g;
$value =~ s/\|/ /g;
$value =~ s/^!/ /g; ## Allow exclamation points in sentences
#### Split apart any directive prefixes
#### NOTE: colons are reserved to delimit these prefixes
@parts = split(/:/, $name);
$name = $parts[$#parts];
if (grep(/^require$/, @parts)) {
push (@requirefields, $name);
}
if (grep(/^ignore$/, @parts)) {
push (@ignorefields, $name);
}
if (grep(/^dynamic$/, @parts)) {
#### For simulating a checkbox
#### It may be dynamic, but useless if nothing entered
next if ($value eq "");
$name = $value;
$value = "on";
}
#### Skip generally blank fields
next if ($value eq "");
#### Allow for multiple values of a single name
$FORM{$name} .= ", " if ($FORM{$name});
$FORM{$name} .= $value;
#### Add to ordered list if not on list already
push (@fields, $name) unless (grep(/^$name$/, @fields));
}
}
sub dump_values {
local($env, $handle) = @_;
($handle eq "STDOUT") && (print $handle "<PRE>\n");
foreach $field (@fields) {
next if (grep(/^$field$/, @ignorefields));
if ($FORM{$field} =~ /[\cM\n]/) {
print $handle "($field)\n";
print $handle "-" x 75, "\n", $FORM{$field}, "\n", "-" x 75, "\n";
}
else {
print $handle "($field) $FORM{$field}\n";
}
}
($handle eq "STDOUT") && (print $handle "</PRE>\n");
}
sub print_form {
print qq|<HTML><HEAD><TITLE>WebMonitor-Email Form</TITLE></HEAD><BODY>\n|;
print qq|<H1>$ENV{'SERVER_NAME'} <A HREF="http://hoohoo.ncsa.uiuc.edu/webmonitor/module-mail.html">Email Form</A></H1>\n|;
print qq|<FORM METHOD="POST" ACTION="$ENV{'SCRIPT_NAME'}$extraaction">\n|;
print qq|<HR>\n|;
print qq|<INPUT TYPE="submit" VALUE="Send Email"> to |;
if ($nickname) {
print qq|<I>$recipient</I> <B>($nickname)</B>\n|;
}
elsif ($recipient) {
print qq|<I>$recipient</I>\n|;
}
else {
print qq|<SELECT NAME="ignore:nickname">\n|;
print qq|<OPTION>Select name...\n|;
foreach $nick (sort keys %ADDRESS) {
print qq|<OPTION>$nick\n|;
}
print qq|</SELECT>\n|;
}
print qq|<HR>\n|;
print qq|<PRE>|;
print qq| Your Name: <INPUT NAME="require:ignore:from-name" SIZE="30">\n|;
print qq|Email Address: <INPUT NAME="require:ignore:from-email" SIZE="30">\n|;
print qq| Subject: <INPUT NAME="ignore:require:subject" SIZE="40"> <INPUT TYPE="reset" VALUE="Clear Message">\n|;
print qq|</PRE>\n|;
print qq|<TEXTAREA NAME="require:message" ROWS="15" COLS="75"></TEXTAREA>\n|;
print qq|<INPUT TYPE="hidden" NAME="ignore:previous-url" VALUE="$ENV{'HTTP_REFERER'}">\n|;
print qq|</FORM>\n|;
print qq|</BODY></HTML>\n|;
exit;
}
Reference in New Issue View Git Blame Copy Permalink