#!/usr/local/bin/perl -T -I.
#
# IF PERL IS IN A DIFFERENT LOCATION, CHANGE THE ABOVE LINE!
#
# comment.cgi
#
# This script will add a new comment for a story to the
# webpage for that story, and will e-mail the author.
#
# Make sure we have at least the requisite version of Perl
require 5.002;
# Import all the necessary variables
use AutomatedArchiveSettings;
# Conversion
use TextToHTML;
unshift(@INC, @LIBDIR);
require 'cgi-lib.pl';
require 'formLib.pl';
require 'convertLib.pl';
require 'archiveLib.pl';
# Name of file to log messages to
$LOGFILE = "$FILEDIR/uploadLog";
# Everything this creates should be world-readable and writeable
umask(000);
# Need to set a default path if using taint checks
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
# The name of this script
$SCRIPTURL = &MyBaseUrl;
# Read in the user input
$ret = &ReadParse(*in);
if (! $ret) {
&CgiDie("Incorrect filename entered");
}
# Filename input
$in{'filename'} =~ s/[^0-9a-zA-Z_\.\/]//g;
$in{'filename'} =~ s/\.\.//g; ;
$in{'filename'} =~ s#/([^/]*)?/#/$1#g;
if ($in{'filename'} =~ m/^(.*)$/) {$filename = $1;}
$fileLocation = "$ARCHIVE/$filename" . "_" . "$COMMENTSUFFIX";
# File type input
if ($in{'filetype'} =~ m/(\w+)/) {$filetype = $1;}
# Email input
if ($in{'email'} =~ m/(\w[\w-.]*)\@([\w-.]+)/) {$email = "$1\@$2";}
# Title input
if ($in{'title'} =~ m/([\w\s\'_\,\:\;\?\!]+)/) {$title = $1;}
# Page number
if ($in{'page'} !~ m/1/) {
&printCommentForm;
} else {
# Page with comment has been submitted
# Get submitter's email and comment
if ($in{'cmt_name'} =~ m/([\w\s]+)/) {
$cmt_name = "$1";
}
if ($in{'cmt_email'} =~ m/(\w[\w-.]*)\@([\w-.]+)/) {
$cmt_email = "$1\@$2";
}
# Get rid of all tags
$in{'comment'} = &stripTags($in{'comment'});
# Replace double blank lines with BRs
$in{'comment'} =~ s/\n\s*\n/
/g;
$in{'comment'} =~ s/\s*\n$/ /g;
if ($in{'comment'} =~ m/^(.*)$/) {$comment = $1;}
if (length($cmt_name) < 1 || length($comment) < 1) {
&CgiDie("Name and comment must be entered!");
}
# Get the date and time
($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) =
localtime(time);
$mon++;
if ($mon < 10) {$mon = "0" . $mon;}
if ($mday < 10) {$mday = "0" . $mday;}
$year += 1900;
&addComment;
&emailComment;
# Now go to the comment page itself
$loc = "$ARCHIVEURL/$filename" . "_" . "$COMMENTSUFFIX";
print "Location: $loc\n\n";
}
# END
sub addComment
{
$block = "";
$ncomments = 0;
# Put the new comment at the top
if (length($cmt_email) > 1) {
$block .= "From: $cmt_name
\n";
} else {
$block .= "From: $cmt_name
\n";
}
$block .= "Date: $mon/$mday/$year | \n";
$block .= $comment;
$block .= "\n |
\n";
$ncomments++;
# Add old comments if any
if (-e $fileLocation) {
open (COMMENTS, "$fileLocation");
$incmt = 0;
while () {
if (m/^/) {
$incmt = 1;
next;
}
if (m/^/) {
$incmt = 0;
last;
}
if (m/^/) {
$ncomments++;
}
if ($incmt) {
$block .= $_;
}
}
close COMMENTS;
}
# Now we actually print the page
# Set up the background
$background = &getTagBody;
# Set up the line
$line = &getTagHR;
# content table tag
$table = &getTagTable;
# Get open & close forms
$open = &getTagFormOpen;
$close = &getTagFormClose;
open (COMMENTS, ">$fileLocation");
print COMMENTS<Comments on $title
$COMMENT_STYLESHEET
$background
$COMMENT_TITLE
$open
Number of comments: $ncomments
(post new comment)
$table
$block
(post new comment)
$close