#!/usr/local/bin/perl # mymail # Modificato da Gianni Mecca # ====================================================================== # WebMonitor Standalone Module: mail # # CGI script for providing form and script # to send mail to configured system users # # required files: mymail.list # Text file with users nicknames and # email addresses in the format of # : # Keep "mymail.list" in same directory as mymail script # NOTE: you can even have group aliases! # just separate the addresses with commas # Make sure you 'chmod 0644 mymail.list' so the server can read it # +----------------------------------------- # Example: |webmaster:admin@machine # |john-doe:jdoe # |carlos:cpero@ncsa.uiuc.edu # |group:leader@domain.com,member@domain.com # +----------------------------------------- # ====================================================================== # Carlos A. Pero (cpero@ncsa.uiuc.edu) last update 10/17/95 # ====================================================================== # Documentation for WebMonitor can be found at # # ====================================================================== # This code is in the public domain. Specifically, we give to the public # domain all rights for future licensing of the source code, all resale # rights, and all publishing rights. # # We ask, but do not require, that the following message be included in # all derived works: # # Portions developed at the National Center for Supercomputing # Applications at the University of Illinois at Urbana-Champaign. # # # THE UNIVERSITY OF ILLINOIS GIVES NO WARRANTY, EXPRESSED OR IMPLIED, # FOR THE SOFTWARE AND/OR DOCUMENTATION PROVIDED, INCLUDING, WITHOUT # LIMITATION, WARRANTY OF MERCHANTABILITY AND WARRANTY OF FITNESS FOR A # PARTICULAR PURPOSE. # ====================================================================== # For the greatest security, this script relies on a 'mail.list' file # with a list of authorized nicknames and email address which can receive # email through this mail script. # # For greater scalability, the '@AUTHDOMAINS' array can be used to store # a list of domains. Any email address ending with one of these domains # can use this script to receive email. In this case, the full email # address becomes the 'nickname'. # ====================================================================== # This script can be referenced 2 ways for the best flexibility: # # DIRECTLY, # This will generate an email form for the person named in 'nickname', # and if they exist in the 'mymail.list' file. # If no 'nickname' is specified in the QUERY_STRING when the script is # first invoked, or the nickname cannot be found in the 'mymail.list', # an email form with a SELECT box of all valid nicknames is generated. # When the email form is submitted, it will call itself via method of POST, # and send the email to the recipient, outputting a confirmation message. # If the HTTP_REFERER was trasmitted when the script was first invoked, # there will be a hyperlink available to go back to that page (such as # the user's home page). # # FORWARDING RESULTS,
# This will forward the results from the FORM, which can exist anywhere, # to the recipient specified by 'nickname'. Since the 'nickname' is in # the QUERY_STRING, the FORM *must* use the METHOD="POST", otherwise the # recipient's nickname will be blown away. # Users may want to include a: # # If this is present in the FORM input, the client will be redirected # to this HTML file as a confirmation message instead of the default. # In addition, the user can also define any of the following input names # in their form to better customize the output mailed back to them. # # # # These values will then be used in the header of the email message. # Otherwise, default values will be substituted. # ====================================================================== ######################################################################## ########## Configurable variables ###################################### $SENDMAIL = '/usr/lib/sendmail'; # The location of your sendmail binary @AUTHDOMAINS = (''); # List of lower-case Internet domains that can use this script # such as ('ncsa.uiuc.edu', 'domain.com') ## Also, make sure the first line of this script points ## to your PERL binary ########## Nothing else to change ###################################### ######################################################################## $ENV{'SCRIPT_NAME'} =~ m#(/.*/)(.*)$#; $SCRIPTDIR = $1; $SCRIPT = $2; #### Do standard HTTP stuff #### &cgi_receive; &cgi_decode; &cgi_header; #### Load mail.list into associative array #### open (MAILNAMES, "mymail.list") || die ("$SCRIPT: Can't open mymail.list: $!\n"); while () { chop; ($nick, $addr) = split(/:/, $_); $ADDRESS{$nick} = $addr; } close (MAILNAMES); #### Figure out who the information should be sent to #### if ($ENV{'QUERY_STRING'} =~ /\@/) { #### User specified a full email address #### ($machine = $') =~ tr/A-Z/a-z/; undef $FLAG{'authorized'}; for ($[ .. $#AUTHDOMAINS) { $FLAG{'authorized'} = $AUTHDOMAINS[$_], last if ($ENV{'QUERY_STRING'} =~ /$AUTHDOMAINS[$_]$/); } &error_blank_field('an authorized email address') unless ($FLAG{'authorized'}); $recipient = $ENV{'QUERY_STRING'}; $extraaction = "?$recipient"; } elsif ($ENV{'QUERY_STRING'}) { #### User specified a nickname #### $nickname = $ENV{'QUERY_STRING'}; &error_blank_field('a valid recipient nickname') unless ($ADDRESS{$nickname}); $recipient = $ADDRESS{$nickname}; $extraaction = "?$nickname"; } elsif ($FORM{'nickname'}) { #### Input is coming from listbox, ready for forwarding #### $nickname = $FORM{'nickname'}; &error_blank_field('a valid recipient nickname') unless ($ADDRESS{$nickname}); $recipient = $ADDRESS{$FORM{'nickname'}}; } elsif ($ENV{'REQUEST_METHOD'} eq "POST") { #### I don't know who the information was for #### &error_blank_field('a valid recipient'); } #### Output a default email form if not POSTing already #### &print_form unless ($ENV{'REQUEST_METHOD'} eq "POST"); #### Check for require fields foreach $field (@requirefields) { &error_blank_field($field) unless ($FORM{$field}); } #### Fill in missing fields for forwarding FORM results #### ($FORM{'subject'}) || ($FORM{'subject'} = "FORM results"); ($FORM{'from-email'}) || ($FORM{'from-email'} = $recipient); ($FORM{'from-name'}) || ($FORM{'from-name'} = "WebMonitor mail"); open (MAIL, "| $SENDMAIL $recipient") || die ("$SCRIPT: Can't open $mailprog: $!\n"); print MAIL "Reply-to: $FORM{'from-email'} ($FORM{'from-name'})\n"; print MAIL "From: $FORM{'from-email'} ($FORM{'from-name'})\n"; print MAIL "To: $recipient\n"; print MAIL "Subject: $FORM{'subject'}\n"; print MAIL "X-Comments: =============================================================\n"; print MAIL "X-Comments: NOTE: This message was sent through the WebMonitor mail form\n"; print MAIL "X-Comments: =============================================================\n"; print MAIL "X-Comments: HOST: $ENV{'REMOTE_HOST'} ($ENV{'REMOTE_ADDR'})\n"; print MAIL "X-Comments: BROWSER: $ENV{'HTTP_USER_AGENT'}\n"; print MAIL "X-Comments: REFERER: $FORM{'previous-url'}\n" if ($FORM{'previous-url'}); print MAIL "X-Comments: =============================================================\n"; print MAIL "MIME-Version: 1.0\n"; print MAIL "Content-Type: multipart/mixed; boundary=\"PTRMRZ65S24L117R\" \n"; print MAIL "\n\nThis is a multi-part message in MIME format.\n"; print MAIL "--PTRMRZ65S24L117R\n"; print MAIL "Content-Type: text/plain; charset=us-ascii\n"; print MAIL "Content-Transfer-Encoding: 7bit\n\n"; print MAIL "\n"; &dump_values(FORM, MAIL); &dump_attachments(FORM, MAIL); print MAIL "--PTRMRZ65S24L117R--\n\n"; #end of attachment print MAIL "\n"; close (MAIL); #### Now, redirect if "next-url" is included if ($FORM{'next-url'}) { print "Location: $FORM{'next-url'}\n"; print "\n"; exit; } #### Prevent HTML output foreach $key (keys %FORM) { $FORM{$key} =~ s//\>/g; } #### Output confirmation message #### print qq|WebMonitor-Email Sent\n|; print qq|

$ENV{'SERVER_NAME'} Email Sent

\n|; print qq|The following message has been sent.\n|; print qq|You can now return to where you were.\n| if ($FORM{'previous-url'}); print qq|
\n|; print "
\n";
print "Reply-to: $FORM{'from-email'} ($FORM{'from-name'})\n";
print "From: $FORM{'from-email'} ($FORM{'from-name'})\n";
print "To: $recipient\n";
print "Subject: $FORM{'subject'}\n";
print "\n";
&dump_values(FORM, STDOUT);
print "\n";
print "
\n"; print "\n"; exit; ##################################################################### #### SUBROUTINES #################################################### sub error_blank_field { local($variable) = @_; print "\n" if ($FORM{'next-url'}); print "WebMonitor-Email Error\n"; print "

Error!

\n"; print "You did not fill in $variable.\n"; print "\n"; exit; } sub cgi_header { print "Content-type: text/html\n"; print "\n" unless ($FORM{'next-url'}); } sub cgi_receive { if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $incoming, $ENV{'CONTENT_LENGTH'}); } else { $incoming = $ENV{'QUERY_STRING'}; } } sub cgi_decode { @pairs = split(/&/, $incoming); foreach (@pairs) { ($name, $value) = split(/=/, $_); $name =~ tr/+/ /; $value =~ tr/+/ /; $name =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie; $value =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie; #### Strip out semicolons unless for special character # $value =~ s/;/$$/g; # $value =~ s/&(\S{1,6})$$/&\1;/g; # $value =~ s/$$/ /g; # $value =~ s/\|/ /g; # $value =~ s/^!/ /g; ## Allow exclamation points in sentences #### Split apart any directive prefixes #### NOTE: colons are reserved to delimit these prefixes @parts = split(/:/, $name); $name = $parts[$#parts]; if (grep(/^require$/, @parts)) { push (@requirefields, $name); } if (grep(/^ignore$/, @parts)) { push (@ignorefields, $name); } if (grep(/^dynamic$/, @parts)) { #### For simulating a checkbox #### It may be dynamic, but useless if nothing entered next if ($value eq ""); $name = $value; $value = "on"; } #### Skip generally blank fields next if ($value eq ""); #### Allow for multiple values of a single name $FORM{$name} .= ", " if ($FORM{$name}); $FORM{$name} .= $value; #### Add to ordered list if not on list already push (@fields, $name) unless (grep(/^$name$/, @fields)); } } sub dump_values { local($env, $handle) = @_; ($handle eq "STDOUT") && (print $handle "
\n");
    foreach $field (@fields) {
	next if (grep(/^$field$/, @ignorefields));
	if ($FORM{$field} =~ /[\cM\n]/) {
	    print $handle "($field)\n";
	    print $handle "-" x 75, "\n", $FORM{$field}, "\n", "-" x 75, "\n";
	}
	else {
	    print $handle "($field)  $FORM{$field}\n";
	}
    }
    ($handle eq "STDOUT") && (print $handle "
\n"); } sub dump_attachments { require 'base64.pl'; local($env, $handle) = @_; ($handle eq "STDOUT") && (print $handle "
\n");
    foreach $field (@fields) {
	next if (grep(/^$field$/, @ignorefields));
	if ($field =~ /(.*)__ATTACH-AS__(.*)/) {
	    print $handle "--PTRMRZ65S24L117R\n";
	    print $handle "Content-Type: $2; name=\"$1\"\n";
	    print $handle "Content-Transfer-Encoding: base64\n";
	    print $handle "Content-Disposition: inline; filename=\"$1\"\n\n";
            $base64_string = &base64'b64encode($FORM{$field});   #' <-- to avoid xemacs colors fault
            print $handle "$base64_string";
	}
    }
    ($handle eq "STDOUT") && (print $handle "
\n"); } sub print_form { print qq|WebMonitor-Email Form\n|; print qq|

$ENV{'SERVER_NAME'} Email Form

\n|; print qq|\n|; print qq|
\n|; print qq| to |; if ($nickname) { print qq|$recipient ($nickname)\n|; } elsif ($recipient) { print qq|$recipient\n|; } else { print qq|\n|; } print qq|
\n|; print qq|
|;
    print qq|    Your Name: \n|;
    print qq|Email Address: \n|;
    print qq|      Subject:     \n|;
    print qq|
\n|; print qq|\n|; print qq|\n|; print qq|
\n|; print qq|\n|; exit; }