هذا الأول
================
require("libs.cgi");
$in{'cgiurl'} = $cgiurl;
if($parsessi){
use LWP::UserAgent;
$ua = new LWP::UserAgent;
}
$| = 1; # Flush Output Right Away
eval { &main; }; # Trap any fatal errors so the program hopefully
if ($@) {
&cgierr("fatal error: $@");
}
exit;
sub main{
print "Content-type: text/html\n\n";
&getdata();
($in{'command'} eq '')&&(&ShowSearchForm);
($in{'command'} eq 'login')&&(&Login);
($in{'command'} eq 'query')&&(&Query);
#all require password below
&GetLogin;
($in{'command'} eq 'manage')&&(&Manage);
($in{'command'} eq 'aae')&&(&AddExtExcludes);
($in{'command'} eq 'ade')&&(&AddDirectoryExcludes);
($in{'command'} eq 'ae')&&(&AddIgnore);
($in{'command'} eq 'as')&&(&AddSkip);
($in{'command'} eq 'gu')&&(&GoUp);
($in{'action'} eq '-=Update=-')&&(&UpdateSearchForm);
($in{'command'} eq 'agi')&&(&AddGlobalIgnore);
exit;
}
sub Login{
&PageOut('t_login.htm');
exit;
}
sub GetLogin{
&GetCookies;
$in{'UserName'} = $cookie{'UserName'};
$in{'PassWord'} = $cookie{'PassWord'};
if(!$in{'UserName'}){
&PageOut('t_login.htm');
exit;
}
else{
(($in{'UserName'} ne $username)||(($in{'PassWord'} ne $password)))&&(&PError("Error. Invalid username or password"));
}
}
sub UpdateSearchForm{
$style = $in{'style'};
(!$style)&&($style = '1');
open(DB,">setup.cgi");
print DB <<"EOF";
\$cgiurl = '$cgiurl'; #<-- URL of this script.
\$rooturl = '$rooturl';
\$rootpath = '$rootpath';
\$parsessi='$parsessi'; #<-- default '0', if set to '1' parse Server Side Includes
\$username = '$username'; #<-- username to enter management screens.
\$password = '$password'; #<-- password to enter management screens.
\$style = '$style';
EOF
close DB;
&Manage;
exit;
}
sub Query{
(!$in{'terms'})&&(&PError("Error. Please enter something to search for."));
#find real root in case it was given as symlink
$wami = `pwd`;chomp $wami;
chdir($rootpath);
$rootpath = `pwd`;chomp $rootpath;
chdir("$wami");
$ma = `pwd`;chomp $ma;
&LoadVars;
&GetGlobalIgnore;
&GetFiles($rootpath);
##start actual search
foreach $i (sort keys %ftsearch){
&SearchFile($i);
}
chdir($ma);
(!$in{'count'})&&($in{'count'} = '0');
(!$in{'searchresults'})&&($in{'searchresults'} = '<br><font face=verdana size=2><b>لايوجد مطابق لشروط البحث</b></font>');
$in{$in{'mcase'}} = 'selected';
$in{$in{'mbool'}} = 'selected';
&PageOut("t_searchresults.htm");
exit;
}
sub SearchFile{
undef $/;
local($file) = @_;
open(FILE,"$file")||print "$!:$file<br>";
$data = <FILE>;
close FILE;
$/="\n";
if($parsessi){
&CheckForSSI;
}
($title) = $data =~ /\<title\>(.+)\<\/title\>/i;
($keywords) = $data =~ /\<meta\s+name=\"keywords\"\s+content=\"(.+)\".*\>/i;
($description) = $data =~ /\<meta\s+name=\"description\"\s+content=\"(.+)\".*\>/i;
&DeHTML;
$data .= "$title\n$keywords\n$description";
if($in{'mbool'} eq 'AND'){
if($in{'mcase'} eq 'Insensitive'){
if($data =~ /$in{'terms'}/i){
&DisplayFound;
#print "Found: $in{'terms'}<br>";
}
}
else{
if($data =~ /$in{'terms'}/){
&DisplayFound;
#print "Found: $in{'terms'}<br>";
}
}
}
else{
@aq = split(/\s+/,$in{'terms'});
foreach $k (@aq){
if($in{'mcase'} eq 'Insensitive'){
if($data =~ /$k/i){
&DisplayFound;
#print "Found: $in{'terms'}<br>";
}
}
else{
if($data =~ /$k/){
&DisplayFound;
#print "Found: $in{'terms'}<br>";
}
}
}
}
}
sub DisplayFound{
$in{'count'}++;
$title = sprintf("%.69s",$title);
($metadesc) = $description =~ /(\b.{1,150}\b)/s;
($metadesc)&&($metadesc = "<br><font size=2 face=verdana>Description: $metadesc</font>");
$description = $data;
$url = $file;
$url =~ s/$rootpath\///;
$url = $rooturl.$url;
$rurl = $url;
$url = "javascript
:window.opener.location='$url';window.close();";
if($in{'mbool'} eq 'AND'){
if($in{'mcase'} eq 'Insensitive'){
($description) = $description =~ /(\b.{1,100}$in{'terms'}.{1,100}\b)/si;
$description =~ s/($in{'terms'})/<span class=\"hilite\">$1<\/span>/gsi;
}
else{
($description)= $description =~ /(\b.{1,100}$in{'terms'}.{1,100}\b)/s;
$description =~ s/($in{'terms'})/<span class=\"hilite\">$1<\/span>/gs;
}
}
else{
@aq = split(/\s+/,$in{'terms'});
if($in{'mcase'} eq 'Insensitive'){
($description) = $description =~ /(\b.{1,100}$aq[0].{1,100}\b)/si;
foreach $k (@aq){
$description =~ s/($k)/<span class=\"hilite\">$1<\/span>/gsi;
}
}
else{
($description)= $description =~ /(\b.{1,100}$aq[0].{1,100}\b)/s;
foreach $k (@aq){
$description =~ s/($k)/<span class=\"hilite\">$1<\/span>/gs;
}
}
}
#$description = sprintf("%.200s",$description);
(!$title)&&($title='Untitled');
$in{'searchresults'} .= qq!
<p><font face="Verdana" size="2">$in{'count'}. <a href="$url">$title</a></font>
$metadesc
</p>
<ul>
<li><font face="Verdana" size="2"><font color="#000000">$description</font></li>
<li><font face="Verdana" size="2">URL: <font color="#0000FF"><u><a href="$url">$rurl</a></u></font></font></li>
</ul>
!;
}
sub DeHTML{
#########################################################
# next we'll remove all the <script> tags
#########################################################
$data =~ s/<script.*?<\/script>//gsix;
#########################################################
# next we'll remove all the <tags>
#########################################################
$data =~ s/<[^>]+>//gsx;
#########################################################
# first we'll shoot all the <!-- comments -->
#########################################################
$data =~ s{ <! # comments begin with a `<!'
# followed by 0 or more comments;
(.*?) # this is actually to eat up comments in non
# random places
( # not suppose to have any white space here
# just a quick start;
-- # each comment starts with a `--'
.*? # and includes all text up to and including
-- # the *next* occurrence of `--'
\s* # and may have trailing while space
# (albeit not leading white space XXX)
)+ # repetire ad libitum XXX should be * not +
(.*?) # trailing non comment text
> # up to a `>'
}{
if ($1 || $3) { # this silliness for embedded comments in tags
"<!$1 $3>";
}
}gesx; # mutate into nada, nothing, and niente
#########################################################
# stray tags
#########################################################
$data =~ s/<!--//g;
$data =~ s/-->//g;
#########################################################
#multiple returns
#########################################################
$data =~ s/ {1,255}/ /sg;
$data =~ s/\s{2,255}/\n/g;
#########################################################
#Get rid of binary data
#########################################################
$data =~ s/[^A-Za-z0-9ا-ي\"\'\n,\.\?\!\@\#\$\%\^\&\*\(\)\-\_\=\+\]\[\{\}\]]/ /sg
;
return;
}
sub GetFiles{
local($cdir)=@_;
local($i);
local($a);
local(@files);
chdir($cdir);
$a = `pwd`;chomp $a;
opendir(DIR,".");
@files = readdir(DIR);
close DIR;
foreach $i (@files){
next if ($i =~ /^\./);
#get excluded/skipped files and filter
($ext) = $i =~ /.*\.(\w*)$/;
next if ($efext{$ext});
$relpath = "$a/$i";
#remove root
$relpath =~ s/^$rootpath\///;
#print "CD: $cdir - RP: $relpath Root: $rootpath<br>";
($status,$wl) = &FindStatus($relpath);
if($wl eq 'searched'){
#print "G: $a/$i<br>";;
if(-d "$i"){&GetFiles("$i")};
if(-T "$i"){$ftsearch{"$a/$i"}=1};
if($i =~ /\.doc$/i){$ftsearch{"$a/$i"}=1};
if($i =~ /\.mdb$/i){$ftsearch{"$a/$i"}=1};
if($i =~ /\.pdf$/i){$ftsearch{"$a/$i"}=1};
if($i =~ /\.ppt$/i){$ftsearch{"$a/$i"}=1};
if($i =~ /\.xls$/i){$ftsearch{"$a/$i"}=1};
}
}
chdir('..');
}
sub ShowSearchForm{
($in{'style'})&&($style=$in{'style'});
($style eq '1')&&(&PageOut("t_searchform.htm"));
($style eq '2')&&(&PageOut("t_searchform1.htm"));
($style eq '3')&&(&PageOut("t_searchform2.htm"));
(!$style)&&(&PageOut("t_searchform.htm"));
exit;
}
sub AddSkip{
&LoadVars;
($in{'cdir'})&&($cdir .='/');
$fts = "$in{'cdir'}$in{'f'}";
$fts =~ s/\/\//\//;
delete $ignore{$in{'f'}};
if(!$skip{$fts}){
$skip{$fts} = 1;
}
else{
delete $skip{$fts};
}
&WriteBackVars;
&Manage;
exit;
}
sub AddIgnore{
&LoadVars;
($in{'cdir'})&&($cdir .='/');
$fts = "$in{'cdir'}$in{'f'}";
$fts =~ s/\/\//\//;
delete $skip{$fts};
if(!$ignore{$in{'f'}}){
$ignore{$in{'f'}} = 1;
}
else{
delete $ignore{$in{'f'}};
}
&WriteBackVars;
&Manage;
exit;
}
sub WriteBackVars{
#write all back to file
open(DB,">g_skip.cgi");
foreach $i (keys %skip){
print DB "$i\n";
}
close DB;
#write all back to file
open(DB,">g_ignore.cgi");
foreach $i (keys %ignore){
print DB "$i\n";
}
close DB;
}
sub AddGlobalIgnore{
open(DB,">g_file_ext_ignore.cgi");
print DB "$in{'efileext'}\n";
close DB;
open(DB,">g_dir_ignore.cgi");
print DB "$in{'edirname'}\n";
close DB;
&Manage;
exit;
}
sub GetGlobalIgnore{
open(DB,"g_file_ext_ignore.cgi");
$in{'efileext'} = <DB>;
chomp $in{'efileext'};
close DB;
open(DB,"g_dir_ignore.cgi");
$in{'edirname'} = <DB>;
chomp $in{'edirname'};
close DB;
@tmp = split(/\s*,\s*/,$in{'efileext'});
foreach $i (@tmp){
$efext{$i} = 1;
if($i =~ /^\*/){
$i =~ s/\*//;
push(@efextrear,$i);
}
if($i =~ /\*$/){
$i =~ s/\*//;
push(@efextfront,$i);
}
}
@tmp = split(/\s*,\s*/,$in{'edirname'});
foreach $i (@tmp){
$edir{$i} = 1;
if($i =~ /^\*/){
$i =~ s/\*//;
push(@edirrear,$i);
}
if($i =~ /\*$/){
$i =~ s/\*//;
push(@edirfront,$i);
}
}
}
sub GoUp{
#take off last directory
$in{'cdir'} =~ s/[^\/]*\/$//;
&Manage;
exit;
}
sub Manage{
&GetGlobalIgnore;
&LoadVars;
##remove any excess '//'
$in{'cdir'} =~ s/\/\//\//;
$a = `pwd`;chomp $a;
##go to root
chdir("$rootpath");
#if in subdir .. go to subdir
($in{'nd'})&&($in{'cdir'} = "$in{'cdir'}$in{'nd'}/");
($in{'cdir'})&&(chdir("$in{'cdir'}"));
##
#$in{'currentdir'} = "$rootpath/$in{'cdir'}";
##remove any excess '//'
$in{'currentdir'} =~ s/\/\//\//;
@allurl = split(/\//,$in{'cdir'});
foreach $x (@allurl){
$z .= "$x/";
$in{'currentdir'} .= "/<a href=\"javascript
:JumpTo('$z')\">$x</a>";
}
$in{'currentdir'} = "/<a href=\"javascript
:JumpTo('')\">[root]</a>$in{'currentdir'}";
##get dirs/files
opendir(DIR,".");
@all = readdir(DIR);
close DIR;
##read dirs
foreach $i (sort (@all)){
next if (! -d "$i");
next if ($i =~ /^\./);
#check to see if its a skipped
($status,$wl) = &FindStatus($i);
$il=$i;$il =~ s/'/\\'/g;
($wl eq 'searched')?($url="javascript
:GoTo('$il')")$url='javascript
:NoGo()');
($wl eq 'ignored')?($bi = '-=UnIgnore=-')$bi='-=Ignore=-');
($wl eq 'skipped')?($bs = '-=UnSkip=-')$bs = '-=Skip=-');
$line = qq!
<tr>
<td align="left"><a href="$url"><font face="Verdana" size="2"><img src="images/folder.gif" border="0" width="18" height="16"></font></a></td>
<td align="left"><a href="$url"><font color="#0000ff" size="2" face="Verdana">$i</font></a></td>
<td align="center"><font size="2" face="Verdana" color="#FF0000"><b>$status</b></font></td>
<td align="left"><font face="Verdana" size="2"><input type="button" value="$bs" onClick="Skip('$il')"><input type="button" value="$bi" onClick="Ignore('$il')"></font></td>
</tr>
!;
($wl eq 'searched')&&($in{'directory'} .= $line);
($wl eq 'ignored')&&($in{'ignoredir'} .= $line);
($wl eq 'skipped')&&($in{'skipdir'} .= $line);
}
##read files
foreach $i (sort (@all)){
next if (-d "$i");
next if ($i =~ /^\./);
#get excluded/skipped files and filter
($ext) = $i =~ /.*\.(\w*)$/;
next if ($efext{$ext});
($status,$wl) = &FindStatus($i);
($wl eq 'ignored')?($bi = '-=UnIgnore=-')$bi='-=Ignore=-');
($wl eq 'skipped')?($bs = '-=UnSkip=-')$bs = '-=Skip=-');
$il=$i;$il =~ s/'/\\'/g;
$el="$in{'cdir'}$i";$el=~ s/([^\w&=\/\.])/'%'.sprintf("%.2x",ord($1))/ge;$el="$rooturl$el";
$line = qq!
<tr>
<td align="left"><font face="Verdana" size="2"><img src="images/document.gif" border="0" width="18" height="16"></font></td>
<td align="left"><a href="$el" target="_blank"><font color="#0000ff" size="2" face="Verdana">$i</font></a></td>
<td align="center"><font size="2" face="Verdana" color="#FF0000"><b>$status</b></font></td>
<td align="left"><font face="Verdana" size="2"><input type="button" value="$bs" onClick="Skip('$il')"><input type="button" value="$bi" onClick="Ignore('$il')"></font></td>
</tr>
!;
($wl eq 'searched')&&($in{'files'} .= $line);
($wl eq 'ignored')&&($in{'ignorefiles'} .= $line);
($wl eq 'skipped')&&($in{'skipfiles'} .= $line);
}
(!$in{'ignorefiles'})&&(!$in{'ignoredir'})&&(!$in{'directory'})&&(!$in{'files'})&&($in{'files'} = "<tr><td colspan=4>Directory Empty</td></tr>");
(($in{'ignorefiles'})||($in{'ignoredir'}))&&($in{'ignoredir'} = "<tr><td colspan=4><b><font size=2 face=\"Verdana\"><br>Ignored files and Directories</td></tr>\n$in{'ignoredir'}");
(($in{'skipfiles'})||($in{'skipdir'}))&&($in{'skipdir'} = "<tr><td colspan=4><b><font size=2 face=\"Verdana\"><br>Skipped files and Directories</td></tr>\n$in{'skipdir'}");
chdir("$a");
(!$in{'style'})?($in{'S1'} = 'checked')$in{'S'.$style} = 'checked');
$tcgiurl = $cgiurl;
$tcgiurl =~ s/([^\w\s\n])/'&#'.ord($1).';'/ge;
$in{'directlinks'} = qq|
<a href="$cgiurl" target="_blank">$tcgiurl</a><br>
|;
$tcgiurl = $cgiurl;
$tcgiurl =~ s/http:\/\/.*?\//\//i;
$in{'ssllinks'} = qq|
<!--#include virtual="$tcgiurl" --><br>
|;
&PageOut("t_manage.htm");
exit;
}
sub LoadVars{
#load in skipped files
#print "In Load<br>";
#clear'm out
undef %skip;
undef %ignore;
open(DB,"g_skip.cgi");
while(<DB>{
chomp;
#print "\$skip{$_} = 1;<br>";
$skip{$_} = 1;
}
close DB;
open(DB,"g_ignore.cgi");
while(<DB>{
chomp;
#print "\$ignore{$_} = 1;<br>";
$ignore{$_} = 1;
}
close DB;
}
sub FindStatus{
local($file) = @_;
$ftc = "$in{'cdir'}$file";
#print "S:$skip{$ftc} = \$skip{$ftc}<br>";
##make sure we are only searching a filename and not directory.
#get the real name
$file = &GetRealName($file);
if($skip{$ftc}){
$status = qq!<font size="2" face="Verdana" color="#FF00FF"><b>Skipped</b></font>!;
$wl = 'skipped';
}
elsif($ignore{$file}){
$status = qq!<font size="2" face="Verdana" color="#FF0000"><b>Ignored</b>!;
$wl='ignored';
}
else{
$status = qq!<font size="2" face="Verdana" color="#008000"><b>Searched</b>!;
$wl='searched';
}
return $status,$wl;
}
sub GetRealName{
local($filename) = @_;
if ($filename =~ /\//) {
@array = split(/\//, $filename);
$real_name = pop(@array);
} elsif ($filename =~ /\\/) {
@array = split(/\\/, $filename);
$real_name = pop(@array);
} else {
$real_name = "$filename";
}
return $real_name;
}
sub CheckForSSI{
#########################################################
# do we have includes?
#########################################################
($ssitest) = $data =~ /<!--#include\s+virtual=\"(.*?)\"\s*-->/i;
if($ssitest){
$url = $file;
$url =~ s/$rootpath\///;
$url = $rooturl.$url;
#(print "F: $url I: $ssitest<br>");
$data = RetrieveByURL($url);
}
}
sub RetrieveByURL{
local($file) = @_;
local($data);
#print "In retreive by URL: $file<br>";
my $req = new HTTP::Request 'GET',$file;
my $res = $ua->request($req);
$data = $res->content;
return $data;
}
================
وهذا الملف الثاني
======
sub GetCookies{
$cookies = $ENV{'HTTP_COOKIE'};
@allcookies = split(/;\s*/,$cookies);
foreach $i (@allcookies){
($name,$value) = split(/\s*=\s*/,$i);
$cookie{$name}=$value;
}
}
1;
sub Escape{
foreach $i (keys %in){
$in{$i} =~ s/'/''/g;
}
}
sub UnEscape{
foreach $i (keys %in){
$in{$i} =~ s/''/'/g;
}
}
1;
sub get_date{
local($today);
$today = ctime(time);
return $today;
#
}
1;
sub cgierr {
# --------------------------------------------------------
# Displays any errors and prints out FORM and ENVIRONMENT
# information. Useful for debugging.
if (!$html_headers_printed) {
print "Content-type: text/plain\n\n";
$html_headers_printed = 1;
}
print "<PRE>\nCGI Error: $!\n";
print "Message: $_[0]\n\n";
print "_________Form Variables __________\n";
foreach $key (sort keys %in) {
print "$key: \t$in{$key}\n";
}
print "\n_________Environment Variables__________\n";
foreach $env (sort keys %ENV) {
print "$env: \t$ENV{$env}\n";
}
print "\n</PRE>";
exit;
}
1;
sub PageOut{
#format
#&PageOut("${templatedir}t_catlist.htm")|| die print "SHOWCATS: $!<br>";
local($file) = @_;
open(OUT,"$file");
while(<OUT>{
$_ =~ s/in\((\w+)\)/$in{$1}/g;
print;
}
close OUT;
}
1;
sub getdata{
local($usecgi)=@_;
if($usecgi){
use CGI;
$query = new CGI;
@names = $query->param;
foreach $i (@names){
$in{$i} = $query->param("$i");
}
}
else{
# Read in text
if ($ENV{'REQUEST_METHOD'} eq "GET") {
$in = $ENV{'QUERY_STRING'};
} elsif ($ENV{'REQUEST_METHOD'} eq "POST") {
for ($i = 0; $i < $ENV{'CONTENT_LENGTH'}; $i++) {
$in .= getc;
}
}
@in = split(/&/,$in);
foreach $i (0 .. $#in) {
# Convert plus's to spaces
$in[$i] =~ s/\+/ /g;
# Convert %XX from hex numbers to alphanumeric
$in[$i] =~ s/%(..)/pack("c",hex($1))/ge;
# Split into key and value.
$loc = index($in[$i],"=");
$key = substr($in[$i],0,$loc);
$val = substr($in[$i],$loc+1);
$in{$key} .= '\0' if (defined($in{$key})); # \0 is the multiple separator
$in{$key} .= $val;
}
}
}
sub check_email {
# Initialize local email variable with input to subroutine. #
$email = $_[0];
# If the e-mail address contains: #
if ($email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/ ||
# the e-mail address contains an invalid syntax. Or, if the #
# syntax does not match the following regular expression pattern #
# it fails basic syntax verification. #
$email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/) {
# Basic syntax requires: one or more characters before the @ sign, #
# followed by an optional '[', then any number of letters, numbers, #
# dashes or periods (valid domain/IP characters) ending in a period #
# and then 2 or 3 letters (for domain suffixes) or 1 to 3 numbers #
# (for IP addresses). An ending bracket is also allowed as it is #
# valid syntax to have an email address like: user@[255.255.255.0] #
# Return a false value, since the e-mail address did not pass valid #
# syntax. #
return 0;
}
else {
# Return a true value, e-mail verification passed. #
return 1;
}
}
1;
sub PError{
local($message,$c) = @_;
if($c){
print<<"EOF";
<body bgcolor=#C0C0C0>
<script language=javascript>
alert("$message");
window.close();
</script>
EOF
}
else{
print<<"EOF";
<body bgcolor=#C0C0C0>
<script language=javascript>
alert("$message");
history.back();
</script>
EOF
}
exit;
}
1;
sub escape{
local(*var) = @_;
$var =~ s/([^\w\s\n])/'&#'.ord($1).';'/ge;
}
1;
sub unescape{
local(*var) = @_;
$var =~ s/&#(\d+);/pack("c",$1)/ge;
}
1;
sub ctime {
@DoW = ('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday');
@MoY = ('January','February','March','April','May','June',
'July','August','September','October','November','December');
local($time) = @_;
local($[) = 0;
local($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst);
# Determine what time zone is in effect.
# Use GMT if TZ is defined as null, local time if TZ undefined.
# There's no portable way to find the system default timezone.
$TZ = defined($ENV{'TZ'}) ? ( $ENV{'TZ'} ? $ENV{'TZ'} : 'GMT' ) : '';
($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) =
($TZ eq 'GMT') ? gmtime($time) : localtime($time);
# Hack to deal with 'PST8PDT' format of TZ
# Note that this can't deal with all the esoteric forms, but it
# does recognize the most common: [:]STDoff[DST[off][,rule]]
if($TZ=~/^([^:\d+\-,]{3,})([+-]?\d{1,2}(:\d{1,2}){0,2})([^\d+\-,]{3,})?/){
$TZ = $isdst ? $4 : $1;
}
$TZ .= ' ' unless $TZ eq '';
$year += 1900;
$mon++;
return sprintf("%.2d/%.2d/%4d", $mon, $mday, $year);
}
1;
$url='javascript:NoGo()');
