#!/usr/bin/perl -w use DBI; use warnings; use CGI::Carp qw(fatalsToBrowser); use CGI; use POSIX; use Switch; use CGI qw/:standard/; use CGI::Cookie; $brow = $ENV{'HTTP_USER_AGENT'}; $diskont = 0; $shablon = "/var/www/u0297054/data/www/gen.sportsdaily.ru/index.html"; my $myname = "/cgi-bin/index.pl"; my $dsn = "DBI:mysql:u0297054_gen:localhost"; my $db_user_name = "u0297054_default"; my $db_password = "_9WvWT6m"; my $dbh = DBI->connect($dsn, $db_user_name, $db_password); # $koi = $dbh->prepare("SET CHARACTER SET koi8r"); # $koi8 = $koi->execute; sub gen_uid { $gen_uid_str=time.int(rand(100000)); return $gen_uid_str; } sub zagla { my ($reta) = @_; $lenga = length($reta); $first = substr($reta, 0, 1); $second = substr($reta, 1, $lenga-1); $first =~ tr/[a-zа-я]/[A-ZА-Я]/; return $first.$second; } sub splitline { $spl_line=shift; $spl_line=~s/\n/
/g; $spl_line=~s/\r/
/g; $spl_line=~s/\n\r/
/g; # $spl_line=~s/\"\"/\'/g; # обеспечим совместимость с excel и lotus 1-2-3 $spl_line=~s/\"/"\;/g; # $spl_line=~s/\\\'/\'/g; # # $spl_line=~s/\\\"/\"/g; # @spl_ls=split(/\x09/,$spl_line); return @spl_ls; } #парсим параметры if ($ENV{'CONTENT_LENGTH'}) { read(STDIN, $param_str, $ENV{'CONTENT_LENGTH'}); } else { $param_str=$ENV{'QUERY_STRING'}; } @pairs=split(/&/,$param_str); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ s/\'/\&\#39\;/g; $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s/\n\r/
/g; $value =~ s/\n/
/g; $value =~ s/\r//g; $value =~ s/\x09//g; # $value =~ s/\'/\\\'/g; $value =~ s/\"/\\\"/g; # $AdmForm{$name}=$value; # $value=~s//\>\;/g; $Form{$name}=$value; } # чекаем запрашиваемое мыло #####################33 $Form{'login'} = lc($Form{'login'}); $select869 = "SELECT * FROM USERS where LOWER(EMAIL) = LOWER('$Form{'Email'}') or LOWER(LOGIN) = LOWER('$Form{'Login'}')"; $sth869 = $dbh->prepare("$select869"); $rv869 = $sth869->execute; @set869 = $sth869->fetchrow_array; ################################### @str = (["040b7cf4","a55014e1","85813e06","44502ea9","3776081c","a1f9765b","ec582383","65d8ade9","15dae597","77a2732c","ff968b46","56d42783"], ["fafda174","93d30432","5fefa0aa","8d1b6694","2b4c9cfa","cb612f3d","bfaa3576","d9fff4cd","b8e32c77","dec45bcb","2693af70","c8fd7a8b"], ["78183541","94c4feae","57304aba","dc2c437c","a5b564f6","38f409d1","8b3f7e0a","ae45d366","a5b564f6","38f409d1","8b3f7e0a","ae45d366"], ["080c993f","b3b58e26","c1d2265b","f9da0af3","16d8a58d","14a62420","c9a1cbc0","93035e31","658732ab","6d93c96e","6f3d269a","3e9d1615"], ["8cb9014a","936acf4a","5e33c252","fa396512","dd93a7eb","7d215fa5","f79498d0","a69a1db2","23f35020","df135821","bc9a1c51","e3900047"], ["d7f71f28","449665f9","eefc114e","5e7d3e7b","747c1bcc","eb6109a4","ef936bc7","0cfd17de","44d15d3e","9bc2f93b","2b3d566d","e51a2681"], ["28a74b8d","7de3373b","4bed858f","c10b6bf5","380c5022","5d67f81a","faf12a79","5543782a","f4661398","cb1a3abd","3ffe5860","0bf11322"], ["26b6c45e","76b70cfd","19974fcf","77c3592a","369351f0","daad52f9","57f7d120","38c84bd6","b92f8ab7","a47e21fb","03306934","2d6663b0"], ["3454585c","5d2ef620","8acdce40","5b0b62ce","9366159e","c10ed346","f9692f4d","51231979","9b3d3481","ae526dc4","bb6b970b","151fbc0c"], ["28ce9bc9","54876829","eeb56ff4","6da8e1ab","90d89ecc","fe93456d","58a2872a","9350f6a9","31c0c178","a9fc26ff","ecffd867","0d1d746d"] ); if ($Form{'action'} eq "send") { $eggog = ""; $encoded = $Form{'secureid'}; $decoded = ""; for( $i=0; $i<4; $i++ ) { $sequence = substr( $encoded, $i*8, 8 ); $found = "0"; for( $j=0; $j<10; $j = $j + 1 ) { for( $k=0; $k<12; $k = $k + 1) { if( $sequence eq $str[$j][$k] ) { $decoded=$decoded.$j; $j=10; $k=12; } } } } $tezt = $decoded; if ($rv869 ne "1") { $eggog = "Пользователь с указанными данными не зарегистрирован"; } if ($Form{'secure_code'} ne $tezt) { $eggog = "Неправильно введен код подтверждения"; } if ((length($Form{'Login'}) == 0) && (length($Form{'Email'}) == 0)) { $eggog = "Введите Ваш логин или e-mail"; } if (length($eggog) < 10) { $eggog = "Пароль доступа успешно отправлен на указанный Вами е-mail"; $email = substr($email, 0, -2); $subj = "Реквизиты доступа к CRM системе Спорт День за Днём"; $text = qq(

Вы запрашивали реквизиты доступа к CRM системе Спорт День за Днём (http://sdzd.cmsonline.ru/)

Логин: $Form{'Login'}

Пароль: $set869[2]

); open SML, "|/usr/sbin/sendmail -t"; print SML "To: $set869[6]\n"; print SML "Bcc: blonde_ds\@mail.ru\n"; print SML "From: sdzd\@cmsonline.ru\n"; print SML "Subject: $subj\n"; print SML "Content-type: text/html; charset=windows-1251\n\n"; print SML "\n\n$text\n"; close SML; $Form{'Login'} = ""; } else { $Form{'login'} =~ s/\\\'/\'/g; $Form{'login'} =~ s/\\\"/\"/g; } } # авторизация #################### my $AFID = -1; my $BSKT = -1; $basketq = 0; $summz = 0; %cookies = fetch CGI::Cookie; foreach (keys %cookies) { if ($cookies{$_}->name eq "AFID") { $AFID = $cookies{'AFID'}->value; $select66 = "SELECT * FROM USERS where UNID = '$AFID'"; $sth66 = $dbh->prepare("$select66"); $rv66 = $sth66->execute; @set66 = $sth66->fetchrow_array; if ($rv66 == 1) { print "Content-type: text/html\n"; print "Location: /admin/index.pl\n\n"; } } } # контент ################################## if ($Form{'err'} eq "1") { $eggog = "Пользователь с указанными логином и паролем не найден"; } ################################ open F, $shablon; @T=; close F; $shablon1 .= join('',@T); $shablon1=~s/\$eggog/$eggog/g; print "Content-type: text/html\n\n"; print "$shablon1";