Script perl ...

[Alessandro Ranellucci]

(Per chi non č stato su #fast6 ieri, Sound sono io :-)


On 1-10-2002 at 7:20, Antonio Laterza wrote:

 >Non ho capito esattamente dove siete arrivati con le prove e con le
 >funzionalitą del CGI


#!/usr/bin/perl -wT
# --------------------------------------------------------
# broker.pl
# --------------------------------------------------------
# version 1.1 (30-Sep-2002)
# [Alessandro Ranellucci <alex@primafila.net> - Fast6]
#
# This script gets a user ID passed in the query string, and
# retrieves the associated IPv6 subnet. The IPv6 subnet, along
# with the IPv4 address of the user, is then passed to a 
# script.
#
# Syntax for the database file:
# <user_id> <tab> <IPv6 subnet> <\n>
#
# Regular expression for user ID's:
# ^[0-9a-z_-]+$
#

use strict;

#
# CONFIGURATION:

my $BrokerScript = '/path/to/the-script';
my $DatabaseFile = '/path/to/the-database-file';

#
#



my %in = &parse_input;
my ($content, $user_ipv6, $cmd_output);

if (!$in{user}) {

    $content = qq!<form>Inserisci il tuo codice identificativo: 
    <input type=password size="20" name="user">
    <input type="submit" value=" Procedi "></form>!;
    &cgi_output($content);

} elsif ($in{user} !~ /^([0-9a-z_-]+)$/i) {

    $content = qq!<font color=red>Hai inserito un codice non valido.
Riprova:</font><br><br>
    <form>Inserisci il tuo codice identificativo: 
    <input type=password size="20" name="user">
    <input type="submit" value=" Procedi "></form>!;
    &cgi_output($content);
    
} else {

    $in{user} = $1;
    open(DB, "<$DatabaseFile") || &cgi_output("Errore interno: $!");
    while (<DB>) { /^$in{user}\t([0-9a-f:]+\/\d+)(\s*#.*)?$/ &&
($user_ipv6 = $1) }
    close DB;

    if (!$user_ipv6) {
        $content = qq!<font color=red>Hai inserito un codice non valido.
Riprova:</font><br><br>
        <form>Inserisci il tuo codice identificativo: 
        <input type=password size="20" name="user">
        <input type="submit" value=" Procedi "></form>!;
        &cgi_output($content);
    } else {
        $ENV{'PATH'} =
'/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin';
        delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
        $ENV{REMOTE_ADDR} =~ /^(\d+\.\d+\.\d+\.\d+)$/;
        $cmd_output = `$BrokerScript '$user_ipv6' '$1'`;
        $content = qq!<font color=red>Comando eseguito:</font><br><br>
        <pre>$cmd_output</pre>!;
        &cgi_output($content);
    }

}



# Useful subroutines:

sub parse_input {
   my ($input, @vars, $i, $loc, $key, $val, %in);
   return if !$ENV{'REQUEST_METHOD'};
   if ($ENV{'REQUEST_METHOD'} eq "GET")     { $input =
$ENV{'QUERY_STRING'} } 
   elsif ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $input,
$ENV{'CONTENT_LENGTH'}) }
   @vars = split(/&/, $input);
   foreach $i (0 .. $#vars) {
   $vars[$i] =~ s/\+/ /g;    ($key, $val) = split(/=/,$vars[$i],2);
   $key =~ s/%(..)/pack("c",hex($1))/ge;
   $val =~ s/%(..)/pack("c",hex($1))/ge;
   $in{$key} .= $val;  
   }  
   return %in;
}

sub cgi_output {
    my $content = shift;
    print "Content-type: text/html\n\n";
    print qq!<\!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
Transitional//EN">
<html>
<head>
<title>Fast6 Tunnel Broker</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#EEEEEE">
<table width="600" border="0" cellspacing="0" cellpadding="30"
align="center">
  <tr bgcolor="#FFFFFF"> 
    <td>
      <div align="center">
        <p><font size="7">Fast6 Tunnel Broker</font></p>
        <p align="center">$content</p>
      </div>
    </td>
  </tr>
</table>
</body>
</html>
    !;
    exit;
}