#!/usr/bin/perl ########################################################## # CSVedit Xtra 03/Apr/2005 # © 1999-2005 EZscripting.com # Script by Alexandre Golovkine & Babelnotes.be ########################################################## my $prog_name = "csvedit.pl"; my $base_file = "database.txt"; my $template = "edit-template.htm"; my $records = 50; my $textPrevious = "Previous"; my $textNext = "Next"; my $pageSelectorRange = 5; my $no_match = "Sorry, no results found!"; my $line_break = '
'; ########################################################## my $multyOn = 0; my $DBname = "database"; my %DB = ( $base_file => "default", "database2.txt" => "database2", "database3.txt" => "database3", "database4.txt" => "database4", "database5.txt" => "database5", "database6.txt" => "database6" ); ########################################################## #Password protection my $Username = ''; my $Password = ''; ########################################################## # Advanced Settings for adding new records my $REMOTE_ADDR = 0; my $HTTP_USER_AGENT = 0; my $DATE = 1; my $ID_autoincrement = 1; my $ID_autoincrement_name = "ID"; ########################################################## my $separator = '|'; my $change = "I"; ########################################################## my @no_show_fields = (''); my @no_edit_fields = ('Title', 'Author', 'Year', 'Condition', 'Price', 'Email'); my $add_fields = 0; my $delete_fields = 0; my $kill_html_tags = 0; ########################################################## #table & big textbox description my @textareas = (""); my $table_width = 570; my $rows = 4; my $cols = 40; my $text_box = 50; ########################################################## # Advanced Settings file upload my $file_upload = 1; my $file_upload_optional = 1; my $default_file = 'none.jpg'; my @file_upload_fields = "Upload"; my $rename_file = 1; my $max_size = 100000; my @required_file_types = ("txt", "jpg", "jpeg", "tif", "gif"); my $error_max_size = "Your file is too big!"; my $error_file_type = "File type is not valid!"; my $file_dir = "/usr/home/sites/www.starwarestoys.com/web/cgipgms/wanted"; my $fileURL = "http://www.starwarestoys.com/cgipgms/wanted/"; ########################################################## # EZscripting.com © 1999 - 2005 # The scripts are available for private and commercial use # Once purchased this script can be used in any website you build personally # You may not sell the script in any format to anybody # The scripts may only be distributed by EZscripting.com # Do not post or email all or part of the this code in any form whatsoever # The redistribution of modified versions of the scripts is prohibited # EZscripting.com accepts no responsibility or liability # whatsoever for any damages however caused when using our services or scripts # By downloading and using this script you agree to the terms and conditions ########################################################## use CGI qw/:standard :cgi-lib/; use CGI::Carp qw(fatalsToBrowser); %FORM = Vars(); @field = param; my $a++; foreach $key (keys %FORM) { $FORM{$key} =~ s/%(..)/pack("c",hex($1))/ge; $FORM{$key} =~ s/\Q$separator/$change/g; $FORM{$key} =~ s/"/"/g; $FORM{$key} =~ s/'/'/g; $FORM{$key} =~ s///g if $kill_html_tags; $FORM{$key} =~ s/<([^>]|\n)*>//g if $kill_html_tags; $FORM{$key} =~ s/\n/$line_break/g; # added to strip line breaks $FORM{$key} =~ s/\r//g; } if($Username){ %COOKIES = get_cookie('USER_Login'); if($FORM{login}){ if($FORM{password} eq $Password && $FORM{login} eq $Username){ print "Set-Cookie: USER_Login=login&$FORM{login}&pass&$FORM{password}; path=/\n"; print "Location: $prog_name\n\n"; exit; } else{error("Incorrect account!");} } elsif(!$COOKIES{login}){promt();} elsif($COOKIES{pass} ne $Password or $COOKIES{login} ne $Username){promt();} } @date=localtime(); $date[4]++; $date[5]+=1900; $date="$date[5]-$date[4]-$date[3]"; error("Error: Bad record separator!") if !$separator or $separator eq $change or $separator=~m /["'\.\\\/\&;]/; $my_separator=$separator; $my_separator="\\".$separator if $separator eq '|'or $separator eq ',' or $separator eq '.'; if($FORM{$DBname}){ $base_file = $FORM{$DBname}; $qsAdd = "&$DBname=$FORM{$DBname}"; } if ($file_upload){ for(@file_upload_fields){$FileUploadFileds{$_}++}; $file_dir=~s!/\Z!!; $fileURL=~s!/\Z!!; $enctype=qq~ENCTYPE="multipart/form-data"~; } my $text; edit() if $FORM{action} eq 'edit'; add() if $FORM{action} eq 'add'; save() if $FORM{action} eq 'save'; # delet() if $FORM{action} eq 'delete'; add_field() if $FORM{action} eq 'add_field'; delete_field() if $FORM{action} eq 'delete_field'; print "Content-type: text/html\n\n"; my $type=1; $text = "$FORM{message}
" if $FORM{message}; read_base($FORM{start}); exit; ############################################################## sub delete_field{ my @data = read_file(); my $name = shift; $name =~ s/ /_/g; my $a=0; chomp $data[0]; @fields = split($my_separator, $data[0]); my $ftxt; for(@fields){$ftxt .= ""; foreach(@fields){ $option.="current db: " if $multyOn; $text .= "
search in field  
"; if(@selected<1){ $text .= "


$no_match"; html_text($text); return; }; my $end = $FORM{page}*$records + $records; $end = $total if $end>$total; for($a=$FORM{page}*$records; $a<=$end-1; $a++){ chomp $selected[$a]; @line=split($my_separator, $selected[$a]); $b=0; $text .= " Record #".($a+1).""; foreach(@fields) { $line[$b]&&=qq~$line[$b]~ if $FileUploadFileds{$_}; $text .= " $_:$line[$b]" if show_this($_); $b++; } $text .= "delete edit"; } $text .= " Pages: "; $query = "&search=$FORM{search}&field=$FORM{field}" if $FORM{search}; #set page selector $text .= "$textPrevious " if $FORM{page}>0; my $pageStart=0; my $pageEnd = $total/$records-1 if $records; if($pageSelectorRange){ $pageEnd = int($pageEnd+0.5); $pageStart= $FORM{page}-int($pageSelectorRange/2) if $FORM{page}>int($pageSelectorRange/2); $pageEnd=$pageStart+$pageSelectorRange-1 if $pageStart+$pageSelectorRange-1<$pageEnd; $pageStart= $pageEnd-$pageSelectorRange+1 if $pageEnd-$pageSelectorRange+1>=0; } for($pages=$pageStart; $pages <= $pageEnd; $pages++){ $p=$pages+1; if($FORM{page}==$pages){$text.= " $p";} else{$text.= qq| $p|;} } $text.= " $textNext" if $FORM{page} < $total/$records-1 && $records; $text .= ""; html_text($text); } sub read_file{ my $file=shift; $file = $base_file unless $file; open(F, $file) || error("Can't open file $file!"); my @data = ; close F; return @data; } sub error{ print "Content-type: text/html\n\n" unless $type; print "Error


$_[0]

"; exit; } sub save_file{ ($file=param($_[0]))=~m/([^\\\/]*\.\w*\Z)/i; if (((!defined($file)) || ($file eq "")) && ($file_upload_optional)) { return "$default_file"; } $filename=$1; if (($filename eq $default_file) && (!$rename_file) && ($file_upload_optional)) { error("This filename is not allowed
"); } $filename=~m/.*\.(\w*\Z)/i; my $type = $1; my $found=0; foreach(@required_file_types){$found =1 if lc $_ eq lc $type} error($error_file_type) unless $found; my $tmp_size =0; if($rename_file){ $filename = $_[0]."_".int(rand(10000)).".".$type; while(-e $filename){$filename = $_[0]."_".int(rand(10000)).".".$type;} } open(FILE,">$file_dir/$filename") || error("Can't save file $filename"); binmode FILE; while ($bytesread=read($file,$buffer,1024)) { print FILE $buffer; $tmp_size+=1024; if($max_size<$tmp_size){ close FILE; unlink "$file_dir/$filename"; error("$error_max_size"); } } close(FILE); return "$filename"; } sub get_record{ my $text = $_[0]; $text =~ s{<<(.*?)>>}{exists($INSERT{$1}) ? $INSERT{$1} : ""}gsex; return $text; } sub get_html{ my @txt = read_file($_[0]); my $txt; foreach(@txt){$txt.=$_;} $txt=~/(.*)