#
# util.pl
# Copyright (c) 1996-1998 SurfUtah.Com
# written by Rus Berrett
#
# utilities file with common subroutines
# used by pretty much all of the library CGI scripts
#

##############################################################################
# common subroutines 
##############################################################################



################################################
# print the header information
sub print_header_info
{
  local ($title) = @_;

  print "Content-type: text/html\n\n";

  #
  # begin header, customize below if desired
  #
  print <<ENDHEAD;
<html>
<head>
<title>$title</title>
</head>
<body bgcolor=\"#ffffff\">
<!-- end header -->

ENDHEAD
  #
  # end header, customize above if desired
  #
}




################################################
# print the footer information
sub print_footer_info
{

  print "<!-- begin footer -->\n";

  #
  # begin footer, customize below if desired
  #
  print <<ENDFOOT;
</body>
</html>

ENDFOOT
  #
  # end footer, customize above if desired
  #
}






################################################
# get the variables by calling parse_form_data
# for example, "&parse_form_data(*array)"
# thanks Stacey  :)
sub parse_form_data
{
  local (*FORM_DATA) = @_;
  local ($request_method, $query_string, @key_value_pairs,
         $key_value, $key, $value);

  $request_method = $ENV{'REQUEST_METHOD'};

  if ($request_method eq "GET") {
    $query_string = $ENV{'QUERY_STRING'};
  } elsif ($request_method eq "POST") {
    read(STDIN, $query_string, $ENV{'CONTENT_LENGTH'});
  } else {   # neither POST nor GET
    $query_string = $ENV{'QUERY_STRING'};
  }

  @key_value_pairs = split(/&/, $query_string);

  foreach $key_value (@key_value_pairs) {
    ($key, $value) = split (/=/, $key_value);
    $key =~ tr/+/ /;
    $value =~ tr/+/ /;
    $value =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack ("C", hex($1))/eg;

    if (defined($FORM_DATA{$key})) {
      $FORM_DATA{$key} = join("|||", $FORM_DATA{$key}, $value);
    } else {
      $FORM_DATA{$key} = $value;
    }
  }
}

################################################
# get the variables by calling parse_form_data_no_append
# for example, "&parse_form_data_no_append(*array)"
# thanks Stacey  :)
sub parse_form_data_no_append
{
  local (*FORM_DATA) = @_;
  local ($request_method, $query_string, @key_value_pairs,
         $key_value, $key, $value);

  $request_method = $ENV{'REQUEST_METHOD'};

  if ($request_method eq "GET") {
    $query_string = $ENV{'QUERY_STRING'};
  } elsif ($request_method eq "POST") {
    read(STDIN, $query_string, $ENV{'CONTENT_LENGTH'});
  } else {   # neither POST nor GET
    $query_string = $ENV{'QUERY_STRING'};
  }

  @key_value_pairs = split(/&/, $query_string);

  foreach $key_value (@key_value_pairs) {
    ($key, $value) = split (/=/, $key_value);
    $key =~ tr/+/ /;
    $value =~ tr/+/ /;
    $value =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack ("C", hex($1))/eg;

    $FORM_DATA{$key} = $value;
  }
}

################################################
# print an error
sub return_error
{
  local ($message) = @_;

  print <<ENDERROR;
  &#160;<br>
  <h2><u>Unknown Error</u></h2>
  An unknown error has been encountered.
  The error message is listed below:
  <p>
  <ul>
  <b>$message</b>
  </ul>
  <p>
ENDERROR
  &print_footer_info();
  exit(1);
}

################################################
# check http referer (sic)
sub check_referer
{
  local ($print_header) = @_;

  $ENV{'HTTP_REFERER'} =~ /(.*)\/\/([a-zA-Z0-9:.]*)\/(.*)/;
  $referer = $2;
  ($referer) = (split(/\:/, $referer))[0];

  $valid = 0;
  foreach $valid_ref (@valid_referers) {
    if ($referer =~ /$valid_ref$/) {
      $valid = 1;
      last;
    }
  }
  if ($valid == 0) {
    # not happy crappy
    if ($print_header) {
      &print_header_info("Invalid HTTP_REFERER");
    }
    $errmsg = "Your HTTP_REFERER, \"$ENV{'HTTP_REFERER'}\" ";
    $errmsg .= "(SN=$referer), is not valid.";
    &return_error($errmsg);
  }
}

################################################
# split message into lines specified characters long
sub split_text
{
  local ($maxchar, $text) = @_;
  local ($index, $si, $newline, @lines);

  $index = 0;
  while ($text ne "") {
    $ni = index($text, "\n");
    if ($ni == -1) {
      $newline = $text;
      $text = "";
    }
    else {
      $newline = substr($text, 0, ($ni+1));
      $text = substr($text, ($ni+1));
    }
    while (length($newline) > $maxchar) {
      $si = rindex($newline, " ", $maxchar);
      $lines[$index++] = substr($newline, 0, ($si+1)) . "\n";
      $newline = substr($newline, ($si+1));
    }
    $lines[$index++] = $newline;
  }
  return(@lines);
}

################################################
# record suspicius activities to hacker log
sub log_invalid_request
{
  local ($variable) = @_;

  ($sec,$min,$hour,$mday,$mon,$year,$wday) = (localtime(time))[0,1,2,3,4,5,6];
  $month = (Jan,Feb,Mar,Apr,May,Jun,Jul,Aug,Sep,Oct,Nov,Dec)[$mon];
  $today = (Sun,Mon,Tue,Web,Thu,Fri,Sat)[$wday];
  $year += 1900;
  if (length($sec) == 1) { $sec = "0" . $sec }
  if (length($min) == 1) { $min = "0" . $min }
  if (length($hour) == 1) { $hour = "0" . $hour }
  open(LOG, ">>/tmp/hacker.log");
  print LOG "[$today $month $mday $hour:$min:$sec $year] ";
  print LOG "$ENV{'REMOTE_ADDR'} called $ENV{'SCRIPT_NAME'} ";
  print LOG "with $variable\n";
  close(LOG);
}

##############################################################################
# eof util.pl

1;