Gossamer Forum: Products: Links 2.0: Customization: Reciprocal Links mod works, validation does not

I looked the code over (shown below) and it looks okay to me. What do you make of it?

#!/usr/local/bin/perl

# -------------

# Links

# -------------

# Links Manager

#

# File: add.cgi

# Description: Adds a record marked unvalidated to the database and

# optionally emails someone.

# Author: Alex Krohn

# Email: alex@gossamer-threads.com

# Web: http://www.gossamer-threads.com/

# Version: 2.01

#

# (c) 1998 Gossamer Threads Inc.

#

# This script is not freeware! Please read the README for full details

# on registration and terms of use.

# =====================================================================

#

# Setup Notes:

# Make sure the require statement below points to the config file.

# Required Librariers

# --------------------------------------------------------

eval {

($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); # Get the script location: UNIX /

($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); # Get the script location: Windows \

require "admin/links.cfg"; # Change this to full path to links.cfg if you have problems.

require "$db_lib_path/db_utils.pl";

require "$db_lib_path/links.def";

$build_use_templates ?

require "$db_lib_path/site_html_templates.pl" :

require "$db_lib_path/site_html.pl";

};

if ($@) {

print "Content-type: text/plain\n\n";

print "Error including libraries: $@\n";

print "Make sure they exist, permissions are set properly, and paths are set correctly.";

exit;

}

# ========================================================

eval { &main; }; # Trap any fatal errors so the program hopefully

if ($@) { &cgierr("fatal error: $@"); } # never produces that nasty 500 server error page.

exit; # There are only two exit calls in the script, here and in in &cgierr.

sub main {

# --------------------------------------------------------

local (%in) = &parse_form;

# We are processing the form.

if (keys %in != 0) {

&process_form;

}

# Otherwise we are displaying the form (in site_html.pl).

else {

if ($db_single_category) {

my %is_valid = map { $_ => 1 } &category_list;

$ENV{'HTTP_REFERER'} =~ s,/[^/]+\.[^/]+$,,;

$ENV{'HTTP_REFERER'} =~ m,$build_root_url/(.+?)/?$,;

$is_valid{$1} ? &site_html_add_form ($1) : &site_html_add_form ();

}

else {

&site_html_add_form ();

}

}

}

sub process_form {

# --------------------------------------------------------

my ($key, $status, $line, $output);

# Check the referer.

if (@db_referers and $ENV{'HTTP_REFERER'}) {

$found = 0;

foreach (@db_referers) {

$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;

}

if (!$found) {

&site_html_add_failure ("Auto submission is not allowed in this directory. Please visit the site to add your entry.");

return;

}

}

# This will set system fields like Validated to their proper values.

foreach $key (keys %add_system_fields) {

$in{$key} = $add_system_fields{$key};

}

# Set date variable to today's date.

$in{$db_cols[$db_modified]} = &get_date;

open (ID, "<$db_links_id_file_name") or &cgierr("error in process_form. unable to open id file: $db_links_id_file_name. Reason: $!");

$in{$db_key} = <ID> + 1; # Get next ID number

close ID;

# Validate the form input..

$status = &validate_record(%in);

if ($status eq "ok") {

open (DB, "<$db_file_name") or &cgierr("Error : unable to open db file: $db_file_name. Reason: $!");

$found = 0;

LINE: while (<DB>) {

(/^#/) and next LINE;

(/^\s*$/) and next LINE;

chomp;

@data = &split_decode($_);

if ($data[$db_user] eq $in{'Username'}) {

$found = 1;

last LINE;

}

}

close DB;

$found and &site_html_add_failure("Username already exists.") and return;

# Update the counter.

open (ID, ">$db_links_id_file_name") or &cgierr("error in get_defaults. unable to open id file: $db_links_id_file_name. Reason: $!");

flock(ID, 2) unless (!$db_use_flock);

print ID $in{$db_key}; # update counter.

close ID; # automatically removes file lock

$pass = $in{'Password'};

$in{'Password'} = reverse $pass;

# Print out the validate input to a "validation database" where it is stored until

# the admin decides to add it into the real database.

open (VAL, ">>$db_file_name") or &cgierr("error in add_record. unable to open validate file: $db_valid_name. Reason: $!");

flock(VAL, 2) unless (!$db_use_flock);

print VAL &join_encode(%in);

close VAL; # automatically removes file lock

# Send the admin an email message notifying of new addition.

&send_email;

# Send the visitor to the success page.

&site_html_add_success;

}

else {

&site_html_add_failure($status);

}

}

sub send_email {

# --------------------------------------------------------

# Sends an email to the admin, letting him know that there is

# a new link waiting to be validated. No error checking as we don't

# want users to see the informative &cgierr output.

# Check to make sure that there is an admin email address defined.

$db_admin_email or &cgierr("Admin Email Address Not Defined in config file!");

my $to = $db_admin_email;

my $from = $in{$db_cols[$db_contact_email]};

my $subject = "Addition to Database: $in{'Title'}\n";

my $msg = qq|

The following link is awaiting validation:

Title: $in{'Title'}

URL: $in{'URL'}

Recip URL: $in{'recip'}

Category: $in{'Category'}

Description: $in{'Description'}

Contact Name: $in{'Contact Name'}

Contact Email: $in{'Contact Email'}

Username: $in{'Username'}

Password: Hidden

Remote Host: $ENV{'REMOTE_HOST'}

Referer: $ENV{'HTTP_REFERER'}

To validate, please go to:

$db_script_url

Sincerely,

Links Manager.

|;

# Then mail it away!

require "$db_lib_path/Mailer.pm";

my $mailer = new Mailer ( { smtp => $db_smtp_server,

sendmail => $db_mail_path,

from => $from,

subject => $subject,

to => $to,

msg => $msg,

log => $db_mailer_log

} ) or return;

$mailer->send or return;

}