sub openpage { $title = $_[0]; $menu = $_[1]; $extrahead = $_[2]; our $language; $colspan=2; print < $extrahead IPCop - $title
t h e   b a d   p a c k e t s   s t o p   h e r e
IPCOP v${version}
${title} $tr{'alt system'}:  ${hostname}        &am p;nbsp;    current public IP Address: $ip
END ; if ($menu == 1) { &showmenu(); } print <
END ; } sub closepage { print <
IPCop - Your Personal Internet Police
END ; } sub openbigbox { $width = $_[0]; $align = $_[1]; if ($errormessage) { $bgcolor = $colourerr; } else { $bgcolor = '#F6F4F4'; } print < END ; } sub closebigbox { print < END ; } sub openbox { $width = $_[0]; $align = $_[1]; $caption = $_[2]; if ($caption) { print "$caption\n"; } print <

END ; } sub closebox { print <

END ; } sub writehash { my $filename = $_[0]; my $hash = $_[1]; # write cgi vars to the file. open(FILE, ">${filename}") or die "Unable to write file $filename"; flock FILE, 2; foreach $var (keys %$hash) { $val = $hash->{$var}; # Darren Critchley Jan 17, 2003 added the following because when submitting with a graphic, the x and y # location of the mouse are submitted as well, this was being written to the settings file causing # some serious grief! This skips the variable.x and variable.y if (!($var =~ /(.x|.y)$/)) { if ($val =~ / /) { $val = "\'$val\'"; } if (!($var =~ /^ACTION/)) { print FILE "${var}=${val}\n"; } } } close FILE; } sub readhash { my $filename = $_[0]; my $hash = $_[1]; my ($var, $val); open(FILE, $filename) or die "Unable to read file $filename"; while () { chop; ($var, $val) = split /=/, $_, 2; if ($var) { $val =~ s/^\'//g; $val =~ s/\'$//g; $hash->{$var} = $val; } } close FILE; } sub getcgihash ($, $) { # pre: getcgihash (HASHREF $cgi_variables, BOOLEAN $params); # $cgi_variables: the hash where we want to store the posted info. # $params: type of data we're expecting (see later) # CGI request must be a POST # Upload files must be no bigger than approx. 2 Meg. # POSTs must be no bigger than 512k # post: returns NOTHING # $cgi_variables: now contains the data from the POST request # BUGS # design: no possibility for error checking (returns undef in # all cases # design: file uploads won't work if they exceed maximums # design: Smoothwall-style file uploads are broken - you need # to pass more information to get it now. my ($hash, $params) = @_; return if ($ENV{'REQUEST_METHOD'} ne 'POST'); # $params is a hashref, containing operation info # wantfile: BOOLEAN, whether or not we're expecting a file upload # filevar: SCALAR, name of the key in $hash to use to store the # filehandle to an uploaded file. # when $param == undef, it behaves as in Smoothwall. if (!$params->{'wantfile'}) { # we don't accept file uploads... $CGI::DISABLE_UPLOADS = 1; # POST requests are limited to 512k $CGI::POST_MAX = 512 * 1024; } else { # we do accept file uploads # allow POSTs up to 10 meg in size $CGI::POST_MAX = 10 * 1024 * 1024; } my $cgi = CGI->new (); $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/; my $referer = $1; $cgi->url() =~ m/^https?\:\/\/([^\/]+)/; my $servername = $1; return if ($referer ne $servername); my @parameter_list = $cgi->param (); # $hash is now loaded with the data from the POST request foreach my $key (@parameter_list) { $val = $cgi->param ($key); $val =~ s/^\s*(.*?)\s*$/$1/; $hash->{$key} = $val; } # why not use CGI::Vars for the above? Well, any multi-value params # coming in might break scripts (they don't expect \0 packed strings), # plus, we can't guarantee that they only read from the hash if (($params->{'wantfile'})&&($params->{'filevar'})) { # we want to load the filename into the hash $hash->{$params->{'filevar'}} = $cgi->upload ($params->{'filevar'}); } return; }