#Discus user profile editor script #------------------------------------------------------------------------------- #This script is copyright (c) 1997-98 by Kevin W. Paulisse and William F. Polik, #all rights reserved. You may not modify or delete this copyright header. #The use of this product is subject to a license agreement. Contact Kevin #Paulisse (paulisse@mulliken.chem.hope.edu) for further information. #------------------------------------------------------------------------------- open (FILE, "$discus_conf"); @file = ; close (FILE); $evals = ""; foreach $line (@file) { if ($line =~ /^(\w+)=(.*)/) { $varname = $1; $value = $2; $value =~ s/'/\\'/g; $evals .= "\$$varname='$value'; "; } } eval($evals); require "$admin_dir/source/src-board-subs-common"; &parse_form; &read_cookie; if ($FORM{'action'} eq "profile") { @result = &check_password($FORM{'username'}, $FORM{'password'}); undef @groups; undef @valid; undef @groupindex; foreach $result (@result) { chop ($result) if $result =~ /\n$/; ($username, $pass, $email, $fullname, $profile, $wantemail, $lastcheck, $group) = split(/:/, $result); next if $profile == 0; push (@groups, $group); push (@valid, $result); } foreach $key (keys(%FORM)) { $FORM{$key} =~ s/[:<>;]//g; } @notifyoptions = split(/,/, $FORM{'notify'}); $tally = 0; foreach $num (@notifyoptions) { $tally += $num; } $FORM{"group"} =~ s/[^\w,]//g; @dogroups = split(/,/, $FORM{"group"}); foreach $valid (@valid) { ($username, $pass, $email, $fullname, $profile, $wantemail, $lastcheck, $group) = split(/:/, $valid); &ex('change_profile', "users", $FORM{"username"}, $FORM{"email"}, $FORM{"fullname"}, "*", $tally, "*", $group) if (grep(/^$group$/, @dogroups) || $FORM{"synchronize"} eq "on"); } $FORM{"action"} = "congratsprofile"; } if ($FORM{'action'} eq "password") { @result = &check_password($FORM{"username"}, $FORM{"password"}); undef @groups; undef @valid; undef @groupindex; foreach $result (@result) { chop ($result) if $result =~ /\n$/; ($username, $pass, $email, $fullname, $profile, $wantemail, $lastcheck, $group) = split(/:/, $result); next if $profile == 0; push (@groups, $group); push (@valid, $result); } $FORM{"group"} =~ s/[^\w,]//g; @dogroups = split(/,/, $FORM{"group"}); foreach $valid (@valid) { ($username, $pass, $email, $fullname, $profile, $wantemail, $lastcheck, $group) = split(/:/, $valid); ($password_save) = &ex('change_password', "users", $FORM{"username"}, $FORM{"pass1"}, $FORM{"pass2"}, $group) if (grep(/^$group$/, @dogroups) || $FORM{"synchronize"} eq "on"); $FORM{"password"} = $FORM{"pass1"}; } &print_cookie_string($FORM{'username'}, length($FORM{'password'}), $password_save); $FORM{"action"} = "congratspassword"; } if ($FORM{'action'} =~ /congrats/) { &header; $what = $L{BPRPROFILECHANGED} if $FORM{'action'} =~ /profile/; $what = $L{BPRPASSWORDCHANGED} if $FORM{'action'} =~ /password/; &ex('printuntil', 1, 1, 0, "$L{BPRCONGRATS}"); print "$L{BPRCONGRATS}\n

\n"; for ($i = 3; $i <= 9; $i += 2) { &ex('printuntil', $i, $i, 0, ""); } print "

$what

\n"; print "

$L{BPRCLICKRETURN} $title\n"; for ($i = 11; $i <= 17; $i += 2) { &ex('printuntil', $i, $i, 0, ""); } exit(0); } if ($FORM{'action'} eq "profilemenu") { @result = &check_password ($FORM{'username'}, $FORM{'password'}); &error_message("Authentication Error", "Your username/password combination is invalid to access the user profile manager. (If you are a moderator, you must access the moderator profile manager through the administration program.)") if @result == 0; undef @groups; undef @valid; undef @new; undef @groupindex; foreach $result (@result) { chop ($result) if $result =~ /\n$/; ($username, $pass, $email, $fullname, $profile, $wantemail, $lastcheck, $group) = split(/:/, $result); $password_save = $pass; next if $profile == 0; push (@groups, $group); push (@valid, $result); $newresult = join(":", $email, $fullname, $profile, $wantemail, $lastcheck); push (@new, $newresult) if !grep(/^$newresult$/, @new); } &error_message("Access Error", "Your username/password combination is correct; however, you do not have permission to edit your profile. Contact your discussion moderator regarding this problem.") if scalar(@valid) == 0; ($bg, $txt, $link, $foo, $alink, $face, $size, $img) = &ex('extract_colorsonly'); &print_cookie_string($FORM{'username'}, length($FORM{'password'}), $password_save); &header; &ex('printuntil', 1, 1, 0, "$L{BPREDITORTITLE}"); print "$L{BPREDITORTITLE}\n"; for ($i = 3; $i <= 9; $i += 2) { &ex('printuntil', $i, $i, 0, ""); } print "

$L{BPREDITORTITLE}

\n"; if (@new == 1) { print "\n

"; } else { print "$L{BPRMORETHANONEDIFF}

\n"; foreach $group (sort(@groups)) { print "

\u$group

\n"; } print "

\n"; $ctr = 0; foreach $group (sort(@groups)) { print "\n"; print "\n"; $ctr += 1; print "

\n" if $ctr != @groups; } print "

\n"; } print "

$L{BPRCHANGEPASS}

\n"; print "\n"; for ($i = 11; $i <= 17; $i += 2) { eval '&printuntil($i, $i, 0, "");'; } exit(0); } if ($FORM{'action'} eq "") { ($bg, $txt, $foo, $foo, $foo, $face, $size, $img) = &ex('extract_colorsonly', 1); &header; &ex('printuntil', 1, 1, 0, "$L{BPRTITLE}"); print "$L{BPRTITLE}\n"; print "

\n"; for ($i = 3; $i <= 9; $i += 2) { &ex('printuntil', $i, $i, 0, ""); } print "$L{BPRMESSAGE}

\n"; print "

\n"; for ($i = 11; $i <= 17; $i += 2) { &ex('printuntil', $i, $i, 0, ""); } exit(0); } sub check_password { local ($username, $guess) = @_; $user_check = $username; $user_check =~ tr/A-Z/a-z/; local (@result, @passwd_line, $line); open(PASSWD,"$admin_dir/users.txt") || &error_message("Verify Password Error", "Cannot open password file (users.txt) for reading!"); @passwd_line = ; close(PASSWD); $ok = ""; foreach $line (@passwd_line) { chop ($line) if $line =~ /\n/; ($user, $pass, $foo, $foo, $foo, $foo, $foo, $group_test) = split(/:/, $line); if ($user eq $user_check) { $test_pass = crypt($guess, $pass); $ok = ""; $ok = "Yes" if $test_pass eq $pass; $ok = "No" if $guess eq ""; $ok = "No" if $pass eq ""; if ($ok eq "Yes") { push (@result, $line); } } } return @result; }

$L{BPRUSERNAME}	"; print "
"; print "$L{BPRPASSWORD}	\n"; print "