📄 rating.cgi

📁 --黑客防线-精华奉献本(攻册)
💻 CGI
字号:
#!/usr/bin/perl
#------------------------------------------------------#
#　　　　　　　　　本程序为Yuzi工作室提供　  　　　　　#
#　　　　　　　　Yuzi论坛3000(BBS3000)v4.00　　　　　　#
#------------------------------------------------------#
$cgipa=".";  # CGI程序文件的绝对路径
######################
## 以下部分不需修改 ##
######################
require "$cgipa/setup.cgi";
&GetCookies;
$cgiurl= "rating.cgi";
if($Cookies{username} eq ""){
&okview("对不起，您目前的身份是访客，请先登陆！");exit;
}
open(TITLESyu,"$filepath/yhzl/$Cookies{username}.cgi");
$ayu=<TITLESyu>;
close(TITLESyu);
($rpass)=split(/\t/,$ayu);
if($rpass ne $Cookies{password}){&okview("您的密码错误！");}
##########
if ($ENV{'REQUEST_METHOD'} eq "POST") {
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
}
else {
$buffer = $ENV{'QUERY_STRING'};
}
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value=~tr/+/ /;
$value=~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value=~s/\t/&nbsp;&nbsp;&nbsp; /g;
$value=~s/>/&gt;/g;
$value=~s/</&lt;/g;
$value=~s/\n/\<br\>/g;
$FORM{$name} = $value;
}
$menu=$FORM{'menu'};
if($menu eq "rating"){&rating;exit;}
else{
if ($FORM{'selname'} eq ""){&okview("对不起，用户名不能为空！");}
open (TMP,"$filepath/yhzl/$FORM{'selname'}.cgi");
$line=<TMP>;
close(TMP);
($rdpassword,$rusername,$rdmail,$rdhome,$rlast,$rdqm,$rdsex,$rdwork,$rdcity,$rdlove,$rfy,$rhf,$tu,$jiao,$iewin,$QQ,$photo,$rating,$levelname,$level)=split(/\t/,$line);
if($rating eq ""){$rating=0;}
if ($rating > 9){$sel="<input type=radio name=rat value=del CHECKED>减少威望";}
elsif ($rating < -9){$sel="<input type=radio name=rat value=add CHECKED>增加威望";}else{$sel="<input type=radio name=rat value=add CHECKED>增加威望<input type=radio name=rat value=del>减少威望";}
&css;
print <<EOF;
<HTML><head><META HTTP-EQUIV=Content-Type CONTENT=text/html; charset=gb2312></head><body leftMargin=0 topMargin=0>
<table border=0 width=100% bgcolor=007CD0 cellspacing=0 
cellpadding=0 height=99%>
   <tr>
    <td width=100% height=20> 
      <p align=center><a href=yhreg.cgi?menu=viewuser&username=$rusername target=_blank><font color="#FFFFFF">$rusername</a>的威望是：$rating</font> 
    </td>
  </tr>
  <tr>
    <td width=100% height=44>
      <table border=0 width=100% cellspacing=0 cellpadding=0 height=60>
        <tr>
          <td width=100% bgcolor=F8F8F8 height=38>
            <table border=0 width=100% cellspacing=3>
              <tr><form action="rating.cgi" method="post">
                <td width=100% align="center">
                  <input type=hidden name=menu value=rating>
		<input type=hidden name=selname value=$rusername>
                <input type=hidden name=id value=$FORM{'id'}>
                <input type=hidden name=slttitle value=$FORM{'slttitle'}>
                <input type=hidden name=ttitle value=$FORM{'ttitle'}>
$sel<br><br><input type=submit value=确认 name=submit 
style=position:relative;color:#000000;font-family:宋体;font-size:9pt;height:19 size="15">
                    <input type=reset value=取消 name=submit2 OnClick="window.close();"
style=position:relative;color:#000000;font-family:宋体;font-size:9pt;height:19 size="15">
                  </td></form>
              </tr>
            </table>
          </td>
        </tr>
        <tr><td bgcolor=F8F8F8 height=18 align="right">操作者：$Cookies{username}&nbsp;</td>
          </tr>
      </table>
    </td>
  </tr>
</table></body></html>
EOF
exit;
}
################
sub rating{
unless ( -e "$filepath/yhzl/$FORM{'selname'}.cgi"){&okview("社区不存在此用户的数据！");}
unless ( -e "$filepath/list/$FORM{'id'}/$FORM{'slttitle'}"){&okview("社区不存在此贴子的数据！");}
open (FILE, "$filepath/data/rank");
@rank1 = <FILE>;
close(FILE);
foreach $ranks1 (@rank1) {
chomp($ranks1);
if ($ranks1 eq $Cookies{username}){$rankss1="ok";}
if ($ranks1 eq $FORM{'selname'}){$rankss2="ok";}
}
if($rankss2 eq ok){&okview("对不起，不能给管理人员加减威望！");}
if($rankss1 ne ok && $Cookies{username} ne $admname){&okview("对不起，您没有此项操作的权限！");}
open(PSD,"$filepath/yhzl/$FORM{'selname'}.cgi");
$line=<PSD>;
close(PSD);
($rdpassword,$rusername,$rdmail,$rdhome,$rlast,$rdqm,$rdsex,$rdwork,$rdcity,$rdlove,$rfy,$rhf,$tu,$jiao,$iewin,$QQ,$photo,$rating,$levelname,$level,$lastlytime,$lastlytopic,$realname,$birthday,$shengxiao,$blood,$constellation,$character,$belief,$marital,$education,$college)=split(/\t/,$line);
if ($rating eq ""){$rating=0;}
$oldrat=$rating;
if ($FORM{'rat'} eq "add"){$rating=$rating+1;}
elsif ($FORM{'rat'} eq "del"){$rating=$rating-1;}
else {&okview("对不起，威望值输入不正确！");}
if (($rating > 10)||($rating < -10)){&okview("威望值只能介于-10和10之间！");}
open(PSD,">$filepath/yhzl/$FORM{'selname'}.cgi");
print PSD $rdpassword."\t".$rusername."\t".$rdmail."\t".$rdhome."\t".$rlast."\t".$rdqm."\t".$rdsex."\t".$rdwork."\t".$rdcity."\t".$rdlove."\t".$rfy."\t".$rhf."\t".$tu."\t".$jiao."\t$iewin\t".$QQ."\t".$photo."\t".$rating."\t".$levelname."\t".$level."\t".$lastlytime."\t"."$lastlytopic\t".$realname."\t".$birthday."\t".$shengxiao."\t".$blood."\t".$constellation."\t".$character."\t".$belief."\t".$marital."\t".$education."\t".$college;
close(PSD);
open(TEMP,"$filepath/data/rating");
@hastitless=<TEMP>;
close(TEMP);
if (length($FORM{'ttitle'}) > 20) {$FORM{'ttitle'} = substr($FORM{'ttitle'},0,20);$FORM{'ttitle'}.="...";}
open(TMP,">$filepath/data/rating")||&okview("系统无法建立文件，请检查 $filepath/data 目录属性是否为“777”");
print TMP "$FORM{'selname'}\t$oldrat\t$rating\t$Cookies{username}\t<a href=bbs$Cookies{style}.cgi?id=$FORM{'id'}&menu=show&slttitle=$FORM{'slttitle'} target=_blank>$FORM{'ttitle'}</a>\t$thistime\n";
for($i=0;$i<=18;$i++){$m=@hastitless[$i];print TMP "$m";}
close(TMP);
chmod(0666,"$filepath/data/rating");
print "Content-type: text/html\n\n";
print "<script>window.close();</script>";
exit;
}
######################### END OF SCRIPT #########################
💿 文件大小 537 K
👤 上传用户 invill
📂 所属分类 Internet/网络编程
🏷️ 相关标签

#黑客
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -