#!/usr/pkg/bin/perl ############################################################################## # formtexttofile.pl # # This is a general purpose script for taking text from input field "texttostore" # (as from an html form) and storing it in a file named in input field "outfile". %fields; &decode_vars; $max_included_text_length = 10000; $texttostore = $fields{"texttostore"}; $outfile = $fields{"outfile"}; $nextpage = $fields{"nextpage"}; open(OUTFL,">$outfile"); print OUTFL $texttostore; close (OUTFL); print "Content-type: text/html\n\n"; open (NEXTPAGEFL, $nextpage); @nextpage = ; print @nextpage; # Subroutine decode_vars parses the parameters passed from an html form, and puts # them in a hash called %fields. This subroutine is taken verbatim from bnbbook.pl # ((C) 1998 BigNoseBird.Com, Inc.), since it does apparently important things like # prevent server side include calls (a security issue). sub decode_vars { $i=0; if ( $ENV{'REQUEST_METHOD'} eq "GET") { $temp=$ENV{'QUERY_STRING'};} else { read(STDIN,$temp,$ENV{'CONTENT_LENGTH'});} #print "

fields: $temp

"; @pairs=split(/&/,$temp); foreach $item(@pairs) { ($key,$content)=split(/=/,$item,2); $content=~tr/+/ /; $content=~s/%(..)/pack("c",hex($1))/ge; #strip comments to prevent server side include calls $content =~ s///g; if ($HTML eq "NO") { $content =~ s/<([^>]|\n)*>//g; } else { $tocheck=$content; # (commented out by dn) &check_html; } if (length($content) > $max_included_text_length) { # (commented out by dn) $content=substr($content,1,$max_included_text_length); # should output an error somehow! } foreach $citem (@CENSORED) { $content =~ s/\b$citem\b/\*\*\*/gi; } $fields{$key}=$content; if ($key eq "required") { $content=~s/\012//g; $content=~s/\015//g; $content=~s/ //g; @mandatory=split(/,/,$content); } } }