#!/usr/bin/perl
########################################################################
# COPYRIGHT NOTICE:
#
# Copyright 2008 FocalMedia.Net All Rights Reserved.
#
# Selling the code for this program without prior written consent
# from FocalMedia.Net is expressly forbidden. You may not
# redistribute this program in any shape or form.
#
# This program is distributed "as is" and without warranty of any
# kind, either express or implied. In no event shall the liability
# of FocalMedia.Net for any damages, losses and/or causes of action
# exceed the total amount paid by the user for this software.
#
########################################################################
#### EDIT HERE -- FOR WINDOWS/IIS BASED INSTALLATIONS ONLY #######
$config_cgi = "config.cgi"; ## <-- CHANGE THIS LINE TO THE FULL SERVER PATH TO config.cgi
# THE PATH ON A WINDOWS INSTALLATION WILL LOOK SOMETHING LIKE THIS:
# $config_cgi = "c:/inetpub/webpub/cgi-bin/pseek/config.cgi";
#### DO NOT CHANGE ANYTHING BELOW THIS LINE #################
#use FindBin;
#use lib $FindBin::Bin;
use CGI::Carp qw(fatalsToBrowser);
use CGI;
use DBI;
use pseek;
use fmspm;
&get_setup;
fmspm::check_spamb("rateit.cgi", "header", "$data_dir");
$q = CGI->new;
#################
print "Content-type: text/html\n\n";
if ($q->param('fct') eq ""){&rate_it_display;}
################
sub rate_it_display
{
$gsettings = new_gsettings tseek;
### CHECK IF REGISTRATION SYSTEM IS IN USE AND IF USER NEEDS TO BE LOGGED IN TO RATE LINKS
if (($gsettings->{addurl_reg_system} eq "Yes") and ($gsettings->{rateit_user_reg} eq "Yes"))
{
### CHECK IF USER IS LOGGED IN
$query = new CGI;
$usercookie = $query->cookie('cpuser');
$passcookie = $query->cookie('cppass');
if (($usercookie ne "") and ($passcookie ne ""))
{
if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";}
$dbh = DBI->connect($dsn, $db_username, $db_password);
if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; }
#$sql = "SELECT * FROM lnkusers WHERE rgsuser = '$passed_user' AND rgspass = '$passed_pass' AND activated = 'Y'";
$sql = "SELECT * FROM lnkusers WHERE rgsuser = '$usercookie' AND rgspass = '$passcookie'";
$sth = $dbh->prepare($sql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $sql";}
$rows = $sth->rows();
$sth->finish;
$dbh->disconnect;
if ($rows < 1)
{
$cp_template = pseek::get_file_contents("$data_dir/rgs_rrate.html");
$cp_template = pseek::ts_insert_template_includes($cp_template);
$cp_template = pseek::fill_vars($cp_template);
print $cp_template;
exit;
}
}
else
{
$cp_template = pseek::get_file_contents("$data_dir/rgs_rrate.html");
$cp_template = pseek::ts_insert_template_includes($cp_template);
$cp_template = pseek::fill_vars($cp_template);
print $cp_template;
exit;
}
}
$cid = $q->param('cid'); $cid =~ s/[^0-9]//g;
$lnkid = $q->param('id'); $lnkid =~ s/[^0-9]//g;
$rateit_template = pseek::get_file_contents("$data_dir/rate_it.html");
### CONNECT TO DB
if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";}
$dbh = DBI->connect($dsn, $db_username, $db_password);
if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; }
### GET CATEGORY
$wsql = "SELECT * FROM dirs WHERE cid = '$cid'";
$sth = $dbh->prepare($wsql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $wsql";}
$rows = $sth->rows();
if ($rows < 1) { print "Invalid Rate it Link."; exit; }
$lv = 0;
while ( @row = $sth->fetchrow() )
{
for ($ms = 2; $ms < 18; $ms++)
{
if ($row[$ms] ne "")
{
if ($gsettings->{dyn_stat} eq "Static")
{
$link_to_cat = $link_to_cat . pseek::encode_dir($row[$ms]) . "/";
}
else
{
$lv++;
$link_to_cat = $link_to_cat . pseek::encode_dir($row[$ms]) . "-";
}
$category = $category . $row[$ms] . "/";
}
}
}
$category = substr($category, 0, length($category) - 1);
if ($gsettings->{dyn_stat} eq "Static")
{
$category = "$category";
}
else
{
$link_to_cat = substr($link_to_cat, 0, length($link_to_cat) - 1);
$category = "$category";
}
$rateit_template =~ s/%%category%%/$category/g;
$rateit_template =~ s/!!category!!/$category/g;
##### GET LINK INFO
$sth = $dbh->prepare("SELECT * FROM links WHERE lnkid = '$lnkid'");
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror \n From: $sql";}
$rows = $sth->rows();
if ($rows < 1) { print "Invalid Rate it Link."; exit; }
### GET EXTRA KEYS/FIELDS
$keydata = pseek::get_file_contents("$data_dir/keys.dat");
@akeys = split (/\n/, $keydata);
$knr = @akeys;
$key_upload_data = pseek::get_file_contents("$data_dir/keysupl.dat");
@upl_items = split (/:-o_:/, $key_upload_data);
while ( @row = $sth->fetchrow() )
{
$title_with_link = $row[2];
$description = $row[3];
$url = $row[5];
$rating = $row[10];
$votes = $row[11];
$hits = $row[12];
$date = $row[17];
$rowcntr = 27;
foreach $keyitem(@akeys)
{
($keyname, $visible, $size, $searched, $descriptiont, $na, $imgk, $nmbr, $req, $allow_html, $carriage_pagebreak) = split (/\t/, $keyitem);
if ($nmbr eq "Upload")
{
if ($row[$rowcntr] eq "")
{
$rateit_template =~ s/!!$keyname!!/$na/g;
}
else
{
$apreapp = ""; $aapend = "";
foreach $upload_item (@upl_items)
{
($fieldname_t, $filetypes_t, $preappend_t, $append_t, $uploadsize_t) = split (/:o:-:o:/, $upload_item);
if ($keyname eq $fieldname_t) { $apreapp = $preappend_t; $aapend = $append_t; }
}
$upcrit = $apreapp . "$web_url/imagefiles/$lnkid/$keyname" . "." . $row[$rowcntr] . $aapend;
$rateit_template =~ s/!!$keyname!!/$upcrit/g;
}
}
elsif ($imgk eq "Yes")
{
if ($row[$rowcntr] ne ""){$imgcrit = "";} else { $imgcrit = $na; }
$rateit_template =~ s/%%$keyname%%/$imgcrit/gi;
$rateit_template =~ s/!!$keyname!!/$imgcrit/gi;
}
else
{
if ($allow_html eq "N") { $row[$rowcntr] =~ s/</g; $row[$rowcntr] =~ s/>/>/g; }
if ($carriage_pagebreak eq "Y") { $row[$rowcntr] =~ s/\n/
/gi; }
if ($row[$rowcntr] eq "") { $row[$rowcntr] = $na; }
$rateit_template =~ s/%%$keyname%%/$row[$rowcntr]/gi;
$rateit_template =~ s/!!$keyname!!/$row[$rowcntr]/gi;
}
$rowcntr++;
}
#### !!link_image!!
if ($rateit_template =~ /!!link_image!!/i)
{
$img_fname = "$web_dir/imagefiles/" . $row[0] . "." . $row[6];
$image_width = $gsettings->{image_width};
$image_height = $gsettings->{image_height};
if ($image_width > 0) { $imgw = qq[ width="$image_width" ]; }
if ($image_height > 0) { $imgh = qq[ height="$image_height" ]; }
if (-e "$img_fname")
{
$the_image_url = "$web_url/imagefiles/$row[0]" . "." . $row[6];
$the_link_image = qq[];
$rateit_template =~ s/!!link_image!!/$the_link_image/gi;
}
else
{
if ($gsettings->{default_image} =~ /http:/)
{
$the_image_url = $gsettings->{default_image};
$the_link_image = qq[];
$rateit_template =~ s/!!link_image!!/$the_link_image/gi;
}
else
{
$rateit_template =~ s/!!link_image!!//gi;
}
}
}
} ### END
#########
$date = pseek::decode_date($date);
if ($rating eq "") { $rating = 0; }
if ($votes eq "") { $votes = 0; }
if ($hits eq "") { $hits = 0; }
if (($url eq "http://") or ($url eq ""))
{
$title_with_link = "$title_with_link";
}
else
{
$title_with_link = "$title_with_link";
}
$rateit_template =~ s/%%title_with_link%%/$title_with_link/gi;
$rateit_template =~ s/!!title_with_link!!/$title_with_link/gi;
$rateit_template =~ s/%%description%%/$description/gi;
$rateit_template =~ s/!!description!!/$description/gi;
$rateit_template =~ s/%%url%%/$url/gi;
$rateit_template =~ s/!!url!!/$url/gi;
$rateit_template =~ s/%%itemurl%%/$url/gi;
$rateit_template =~ s/!!itemurl!!/$url/gi;
$rateit_template =~ s/%%rating%%/$rating/gi;
$rateit_template =~ s/!!rating!!/$rating/gi;
$rateit_template =~ s/%%votes%%/$votes/gi;
$rateit_template =~ s/!!votes!!/$votes/gi;
$rateit_template =~ s/%%hits%%/$hits/gi;
$rateit_template =~ s/!!hits!!/$hits/gi;
$rateit_template =~ s/%%date%%/$date/gi;
$rateit_template =~ s/!!date!!/$date/gi;
$rateit_template =~ s/!!add_to_favorites!!/$script_url\/favad\.cgi?id=$lnkid/gi;
#####
$rateit_template =~ s/!!id!!/$lnkid-$cid/gi;
$rateit_template =~ s/!!rate_it!!/$script_url\/rateit2.cgi/gi;
$rating_image = pseek::get_rating_images($rating);
$rateit_template =~ s/%%rating_image%%/$rating_image/gi;
$rateit_template =~ s/!!rating_image!!/$rating_image/gi;
##### iNSERT IMAGES
$sth->finish;
$dbh->disconnect;
$rateit_template = pseek::insert_images($rateit_template, "$script_url/go.cgi?id=$lnkid");
$rateit_template = pseek::ts_insert_template_includes($rateit_template);
$rateit_template = pseek::fill_vars($rateit_template, $gsettings->{dyn_stat});
$rateit_template = pseek::insert_go_back_buttons($rateit_template, $lnkid, $cid);
print $rateit_template;
}
sub get_setup
{
$exists = (-e "$config_cgi");
if ($exists > 0)
{
open (STP, "$config_cgi");
while (defined($line=))
{
if ($line =~ m/#/g)
{
$r = pos($line);
$line = substr($line, 0, $r - 1);
}
$line =~ s/\n//g;
if ($line =~ /^DB_NAME/){$db_name = &get_setup_line($line, DB_NAME);}
if ($line =~ /^DB_USERNAME/){$db_username = &get_setup_line($line, DB_USERNAME);}
if ($line =~ /^DB_PASSWORD/){$db_password = &get_setup_line($line, DB_PASSWORD);}
if ($line =~ /^MYSQL_HOSTNAME/){$mysql_hostname = &get_setup_line($line, MYSQL_HOSTNAME);}
if ($line =~ /^MYSQL_PORT/){$mysql_port = &get_setup_line($line, MYSQL_PORT);}
if ($line =~ /^SCRIPT_URL/){$script_url = &get_setup_line($line, SCRIPT_URL);}
if ($line =~ /^ADMIN_URL/){$admin_url = &get_setup_line($line, ADMIN_URL);}
if ($line =~ /^WEB_URL/){$web_url = &get_setup_line($line, WEB_URL);}
if ($line =~ /^WEB_DIR/){$web_dir = &get_setup_line($line, WEB_DIR);}
if ($line =~ /^DATA_DIR/){$data_dir = &get_setup_line($line, DATA_DIR);}
if ($line =~ /^USERNAME/){$username = &get_setup_line($line, USERNAME);}
if ($line =~ /^PASSWORD/){$password = &get_setup_line($line, PASSWORD);}
}
close (STP);
}
}
sub get_setup_line
{
my ($setup_line, $setup_var) = @_;
$crit = "\"";
$setup_line =~ m/$crit/g;
$r1 = pos($setup_line);
$setup_line =~ m/$crit/g;
$r2 = pos($setup_line);
$setup_line = substr($setup_line, $r1, ($r2 - $r1 - 1));
$return_val = $setup_line;
return ($return_val);
}
#### END CONFIGURATION ########################################################