Lunarpages Web Hosting Forum

Author Topic: Formmail!!?  (Read 15037 times)

Offline Guldstrand

  • Galactic Royalty
  • *****
  • Posts: 245
    • EgenSida
Formmail!!?
« on: November 19, 2003, 06:27:51 PM »
Hi!

My cgi-script doesn´t work anymore. I downloaded a good cgi-script from Matt's Script Archive and the script worked fine untill now.  Whats wrong!?
When i tried to send mail from the form, i came to a page with this error.

You don't have permission to access /cgi-bin/FormMail.pl on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


--------------------------------------------------------------------------------

Apache/1.3.27 Server at www.guldstrands.net Port 80
::: Guldstrand :::

That i don´t allready know, i really want to learn...

Offline ZenGyro

  • Spaceship Navigator
  • *****
  • Posts: 88
    • http://www.beyondthepixel.net
Formmail!!?
« Reply #1 on: November 19, 2003, 06:37:19 PM »
I could be wrong, but you might ahve to set permissions to the FormMail.pl to public 777 CHMOD

Danielle

  • Guest
Formmail!!?
« Reply #2 on: November 19, 2003, 06:38:49 PM »
Hi Guldstrand,

If the form you downloaded from MSA was called FormMail.pl, then it will not work b/c Lunarpages has disabled all scripts with that name due to attacks directed specifically at FormMail.pl, FormMail.cgi, anything called FormMail that is a perl/cgi script.  See this thread http://www.lunarforums.com/forum/viewtopic.php?t=8209&highlight=formmail+disabled concerning the topic.  You should simply need to rename the file something other than formmail to get it to work.  If it was not named formmail, please provide us more details to discern the difficulty occurring.

I hope this helps.

Offline Guldstrand

  • Galactic Royalty
  • *****
  • Posts: 245
    • EgenSida
HELP!!!
« Reply #3 on: November 20, 2003, 07:36:19 PM »
I erased my cgi-script on the server. My forms don´t work anymore.  :(

Kan someone help me to make a new cgi-script for forms. I´m a beginner in cgi, and i have lots of forms on my site that doesn´t work anymore. Where can i get a FormMail.pl or SendMail.pl, and how can i change the file so it works on my site???
::: Guldstrand :::

That i don´t allready know, i really want to learn...

leighsww

  • Guest
Formmail!!?
« Reply #4 on: November 21, 2003, 03:10:10 AM »
Oh, oh ... here we go again.

Okay, here's a script that I use and like for my forms.

1) Copy the below script to Notepad (word wrap off). Do not use Wordpad due to the formatting features.
2) Replace your domain name where it says yourdomain for the following sentence in the script (if you use a SSL or subdomains for your forms, you need to add those URL, as well):

@okaydomains=("http://www.yourdomain.com","http://yourdomain.com");

3) Save the script file as bnbform.txt
4) Upload to cgi-bin as ASCII and chmod to 755
5) Change the extension of the filename so that it is now bnbform.cgi
6) In your form, set the "action" to /cgi-bin/bnbform.cgi

Read the SPECIAL FORM VARIABLES area.  That area has ALL the instructions you need to create your hidden tags in your forms.

If you run into problems, post your message and I'll help you.

#******* start script ********


#!/usr/bin/perl


use Socket;
##################################################################
#  (C)1998-9 Bignosebird.com   bnbform v3.0
#  This software is FREEWARE! Do with it as you wish. It is yours  
#  to share and enjoy. Modify it, improve it, and have fun with it!
#  It is distributed strictly as a learning aid and bignosebird.com
#  disclaims all warranties- including but not limited to:          
#  fitness for a particular purpose, merchantability, loss of      
#  business, harm to your system, etc... ALWAYS BACK UP YOUR        
#  SYSTEM BEFORE INSTALLING ANY SCRIPT OR PROGRAM FROM ANY          
#  SOURCE!                                                          
#
#  Socket based e-mail for cross platform capability!
#
############## SPECIAL FORM VARIABLES ############################
#required:    comma delimited list of required entry fields
#data_order:  comma delimited list indicating what fields to actually
#             print and in what order.
#outputfile:  the name of the file to save the data in if using a file
#emailfile:   the name of the file to hold only the sender e-mail address
#ok_url:      URL to go to if successful
#not_ok_url:   URL to go to if unsuccessful
#submit_to:   email address of person to input receive data by mail
#cc_to:       email address of Cc Recipient
#submit_by:   email address of person completing form
#autorespond: if yes, then send confirmation to submitter
#automessage: text to print for autoconfirmation e-mail
#form_id:     name of form for e-mail subject
#countfile:   name of file for serial number counter
#okaydomains: prevents calling the script from other sites,
#             without restricting e-mail addresses.
#             replaces $SECURE_NAME from earlier versions.
#             use only lower case letters.
#SMTP_SERVER: the full host name of the server providing e-mail
#             gateway service
##################################################################


## MAIN ##########################################################

# uncomment the line below, and change bignosebird to your domain
# name if you wish to make is so the script can only be called
# from your site.

@okaydomains=("http://www.yourdomain.com","http://yourdomain.com");

#SMTP_SERVER: indicates the name of the host acting as the e-mail
#             gateway. "localhost" should work on most systems.

#$SMTP_SERVER="localhost";

#OR IF SMTP IS UNAVAILABLE TO YOU, USE SEND_MAIL-
# BUT NOT BOTH!

$SEND_MAIL="/usr/sbin/sendmail -t";

$lockfile="/tmp/bnbform.lck";

   &decode_vars;
   &valid_page;
   if ($fields{'countfile'} ne "")
      { &get_number; }
   &valid_data;
   &write_data;

   if ($fields{'autorespond'} eq "yes")
    { &answer_back; }

   if ($fields{'ok_url'} ne "")
    { print "Location: $fields{'ok_url'}\n\n"; exit;}
     else { &thank_you; }

##################################################################
sub write_data
{
   if ($fields{'submit_by'} ne "")
     {
       if (&valid_address == 0)  
        {
          &bad_email;
          exit;
        }
     }
   
   if ($fields{'submit_by'} ne "" && $fields{'emailfile'} ne "")
    {
      open (EMF,">>$fields{'emailfile'}");
      print EMF "$fields{'submit_by'}\n";
      close (EMF);
    }
   $the_date=localtime();
   if ($fields{'submit_to'} ne "")
    {
     #$msgtext="";
     #$msgtext .= "On $the_date,\n";
     #$msgtext .=  "The following information was submitted:\n";
     #$msgtext .=  "Host: $ENV{'REMOTE_ADDR'}\n";
    }
   if ($fields{'outputfile'} ne "")
    {
      &get_the_lock;
      open(OUT_FILE,">>$fields{'outputfile'}");
    }
   foreach $to_print (@sortlist)
    {
      if ($fields{'outputfile'} ne "")
       { print OUT_FILE "$fields{$to_print}\|"; }
      if ($fields{'submit_to'} ne "")
       { $msgtext .= "$to_print = $fields{$to_print}\n"; }
    }
   if ($fields{'outputfile'} ne "")
    {
     print OUT_FILE "$the_date\|\n";
     close(OUT_FILE);
     &drop_the_lock;
    }
   if ($fields{'submit_to'} ne "")
    {
      $mailresult=&sendmail($fields{submit_by}, $fields{submit_by}, $fields{submit_to}, $SMTP_SERVER, $fields{form_id}, $msgtext);
      if ($mailresult ne "1")
      {print "Content-type: text/html\n\n";
       print "MAIL NOT SENT. SMTP ERROR: $mailcodes{'$mailresult'}\n";
       exit
      }
    }
   if ($fields{'cc_to'} ne "")
    {
      $mailresult=&sendmail($fields{submit_by}, $fields{submit_by}, $fields{cc_to}, $SMTP_SERVER, $fields{form_id}, $msgtext);
    }
}

##################################################################
sub decode_vars
 {
  $i=0;
  read(STDIN,$temp,$ENV{'CONTENT_LENGTH'});
  @pairs=split(/&/,$temp);
  foreach $item(@pairs)
   {
    ($key,$content)=split(/=/,$item,2);
    $content=~tr/+/ /;
    $content=~s/%(..)/pack("c",hex($1))/ge;
    $content=~s/\t/ /g;
    $fields{$key}=$content;
    if ($key eq "data_order")
      {
       $content=~s/ //g;
       @sortlist=split(/,/,$content);
      }
    if ($key eq "required")
      {
       $content=~s/ //g;
       @mandatory=split(/,/,$content);
      }
   }
}

##################################################################
sub valid_data
  {
   if ($fields{'data_order'} eq "")    #make sure we have work to do!
    {
      print "Content-type: text/html\n\n";
      print <<__W1__;

      <H1>NO data_order list SPECIFIED!</H1>

__W1__
      exit;
    }

   foreach $to_check (@mandatory) #test all required fields, bail on 1st bad
    {                            
      if ($fields{$to_check} eq "")
        {
          if ($fields{'not_ok_url'} ne "")
            {
              print "Location: $fields{'not_ok_url'}\n\n";
              exit;
            }
             else
              {
                &try_again;
              }
         }
    }

  }

##################################################################
sub thank_you
  {
      print "Content-type: text/html\n\n";
      print <<__W2__;

      <H1>Thank you!</H1>
Your information has been sent and we will be in touch
      with you soon.

__W2__
      exit;
  }

##################################################################
sub try_again
  {
      print "Content-type: text/html\n\n";
      print <<__W3__;

      <H1>Missing Data!</H1>
      <B>Please press the back button and fill in
      all required fields!<P></B>

__W3__
      exit;
  }

##################################################################
sub answer_back
 {

   $subject = "Confirmation";
   $msgtext="";
  if ($fields{'automessage'} ne "")
   {
    open (AM,"< $fields{'automessage'}");
    while (<AM>)
     {
      chop $_;
      $msgtext .= "$_\n";
     }
    close(AM);
   }
    else
    {
      $msgtext =<<__W4__;

Thank you for your submission. I will be
getting in touch with you soon.

__W4__
    }
      $mailresult=&sendmail($fields{submit_to}, $fields{submit_to}, $fields{submit_by}, $SMTP_SERVER, $subject, $msgtext);
 }

##################################################################

sub get_number
 {
   $newnum=0;
   open(COUNTER,"<$fields{'countfile'}");
   while(<COUNTER>)
     {
      $newnum = $_ + 1;
     }
   close(COUNTER);
   open(COUNTER,">$fields{'countfile'}");
   print COUNTER "$newnum";
   close (COUNTER);
   $fields{'counter'}=$newnum
 }

##################################################################
sub valid_address
 {
  $testmail = $fields{'submit_by'};
  if ($testmail =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/ ||
  $testmail !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/)
   { return 0; }
   else { return 1; }
}

##################################################################
sub bad_email
{
print <<__STOP_OF_BADMAIL__;
Content-type: text/html

<FONT SIZE="+1">
<B>
SORRY! Your request could not be processed because of an
improperly formatted e-mail address. Please use your browser's
back button to return to the form entry page.
</B>
</FONT>
__STOP_OF_BADMAIL__
}

sub get_the_lock
{
  local ($endtime);                                  
  $endtime = 60;                                      
  $endtime = time + $endtime;                        
  while (-e $lockfile && time < $endtime)
   {
    # Do Nothing                                    
   }                                                  
   open(LOCK_FILE, ">$lockfile");                    
}

sub drop_the_lock
{
  close($lockfile);
  unlink($lockfile);
}


##################################################################
sub valid_page
 {
  if (@okaydomains == 0)
     {return;}
  $DOMAIN_OK=0;                                        
  $RF=$ENV{'HTTP_REFERER'};                            
  $RF=~tr/A-Z/a-z/;                                    
  foreach $ts (@okaydomains)                            
   {                                                    
     if ($RF =~ /$ts/)                                  
      { $DOMAIN_OK=1; }
   }
   if ( $DOMAIN_OK == 0)                                
     {print "Content-type: text/html\n\n Sorry....Cant run from here!";    
      exit;
     }
 }


###################################################################
#Sendmail.pm routine below by Milivoj Ivkovic
###################################################################
sub sendmail  {

# error codes below for those who bother to check result codes <gr>

# 1 success
# -1 $smtphost unknown
# -2 socket() failed
# -3 connect() failed
# -4 service not available
# -5 unspecified communication error
# -6 local user $to unknown on host $smtp
# -7 transmission of message failed
# -8 argument $to empty
#
#  Sample call:
#
# &sendmail($from, $reply, $to, $smtp, $subject, $message );
#
#  Note that there are several commands for cleaning up possible bad inputs - if you
#  are hard coding things from a library file, so of those are unnecesssary
#

    my ($fromaddr, $replyaddr, $to, $smtp, $subject, $message) = @_;

    $to =~ s/[ \t]+/, /g; # pack spaces and add comma
    $fromaddr =~ s/.*<([^\s]*?)>/$1/; # get from email address
    $replyaddr =~ s/.*<([^\s]*?)>/$1/; # get reply email address
    $replyaddr =~ s/^([^\s]+).*/$1/; # use first address
    $message =~ s/^\./\.\./gm; # handle . as first character
    $message =~ s/\r\n/\n/g; # handle line ending
    $message =~ s/\n/\r\n/g;
    $smtp =~ s/^\s+//g; # remove spaces around $smtp
    $smtp =~ s/\s+$//g;

    if (!$to)
    {
   return(-8);
    }

 if ($SMTP_SERVER ne "")
  {
    my($proto) = (getprotobyname('tcp'))[2];
    my($port) = (getservbyname('smtp', 'tcp'))[2];

    my($smtpaddr) = ($smtp =~
           /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/)
   ? pack('C4',$1,$2,$3,$4)
       : (gethostbyname($smtp))[4];

    if (!defined($smtpaddr))
    {
   return(-1);
    }

    if (!socket(MAIL, AF_INET, SOCK_STREAM, $proto))
    {
   return(-2);
    }

    if (!connect(MAIL, pack('Sna4x8', AF_INET, $port, $smtpaddr)))
    {
   return(-3);
    }

    my($oldfh) = select(MAIL);
    $| = 1;
    select($oldfh);

    $_ = <MAIL>;
    if (/^[45]/)
    {
   close(MAIL);
   return(-4);
    }

    print MAIL "helo $SMTP_SERVER\r\n";
    $_ = <MAIL>;
    if (/^[45]/)
    {
   close(MAIL);
   return(-5);
    }

    print MAIL "mail from: <$fromaddr>\r\n";
    $_ = <MAIL>;
    if (/^[45]/)
    {
   close(MAIL);
   return(-5);
    }

    foreach (split(/, /, $to))
    {
   print MAIL "rcpt to: <$_>\r\n";
   $_ = <MAIL>;
   if (/^[45]/)
   {
       close(MAIL);
       return(-6);
   }
    }

    print MAIL "data\r\n";
    $_ = <MAIL>;
    if (/^[45]/)
    {
   close MAIL;
   return(-5);
    }

   }

  if ($SEND_MAIL ne "")
   {
     open (MAIL,"| $SEND_MAIL");
   }

    print MAIL "To: $to\n";
    print MAIL "From: $fromaddr\n";
    print MAIL "Reply-to: $replyaddr\n" if $replyaddr;
    print MAIL "X-Mailer: Perl Powered Socket Mailer\n";
    print MAIL "Subject: $subject\n\n";
    print MAIL "$message";
    print MAIL "\n.\n";

 if ($SMTP_SERVER ne "")
  {
    $_ = <MAIL>;
    if (/^[45]/)
    {
   close(MAIL);
   return(-7);
    }

    print MAIL "quit\r\n";
    $_ = <MAIL>;
  }

    close(MAIL);
    return(1);
}



#******** end script ********

leighsww

  • Guest
Formmail!!?
« Reply #5 on: November 21, 2003, 03:16:25 AM »
P.S.  Post the URL for your forms, if you need me to check if you've entered the hidden tags correctly and corresponding to your form fields.

Offline Guldstrand

  • Galactic Royalty
  • *****
  • Posts: 245
    • EgenSida
Thanks leighsww!
« Reply #6 on: November 21, 2003, 03:18:57 AM »
I have just one other question for you.  :oops:

Where are i´m supposed to insert my email, so i know where i´m going to get the mailresults!?   :shock:
::: Guldstrand :::

That i don´t allready know, i really want to learn...

Offline Guldstrand

  • Galactic Royalty
  • *****
  • Posts: 245
    • EgenSida
Link
« Reply #7 on: November 21, 2003, 03:20:18 AM »
Quote from: leighsww
P.S.  Post the URL for your forms, if you need me to check if you've entered the hidden tags correctly and corresponding to your form fields.


http://webb.guldstrands.net/kontakt.html
::: Guldstrand :::

That i don´t allready know, i really want to learn...

leighsww

  • Guest
Formmail!!?
« Reply #8 on: November 21, 2003, 03:21:44 AM »
You'll insert that in your hidden tags on the form.  Don't change anything in the script except where I told you (your domain name).  

I'm about to go to bed, so do all that you can and tomorrow I'll respond to any questions you have.

Good night.

leighsww

  • Guest
Formmail!!?
« Reply #9 on: November 21, 2003, 03:38:19 AM »
Here one last thing before I go, so you can at least work on your form.  

These are some of the hidden tags that you will use.  You might want to use others, like "ok_url", etc. but these are the typical ones.  You basically enter your text field names exactly as you have it in your form.  The only one you MUST have (and you need to change it on your form) is the "submit_by" for the customer's e-mail addy (which replaces your "Epost" value).  I put in some of your values, but check to see if they are correct:

<INPUT TYPE="hidden" NAME="required" VALUE="Namn,submit_by">
<INPUT TYPE="hidden" NAME="form_id" VALUE="Support Form">
<INPUT TYPE="hidden" NAME="submit_to" VALUE="support@guldstrands.net">
<INPUT TYPE="hidden" NAME="data_order" VALUE="Namn,submit_by,Meddelande">

Offline Guldstrand

  • Galactic Royalty
  • *****
  • Posts: 245
    • EgenSida
ERROR!!!!?
« Reply #10 on: November 21, 2003, 03:40:19 AM »
When i tried the form after i have fixed the small changes, this happend:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, wwwadmin@guldstrands.net and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


--------------------------------------------------------------------------------

Apache/1.3.27 Server at webb.guldstrands.net Port 80
::: Guldstrand :::

That i don´t allready know, i really want to learn...

leighsww

  • Guest
Formmail!!?
« Reply #11 on: November 21, 2003, 03:42:17 AM »
That's probably because you still have stuff (hidden tags) from your Formmail.pl script.  You need to remove those.

leighsww

  • Guest
Formmail!!?
« Reply #12 on: November 21, 2003, 03:44:54 AM »
Okay, WAIT!  Make sure you are only removing that which pertains to the FormMail.pl script.  If you have other hidden tags that pertain to other things, DON'T remove those yet.

You might have not yet done what I instructed you in my previous post, so you need to do that before the script will work.

leighsww

  • Guest
Formmail!!?
« Reply #13 on: November 21, 2003, 03:49:42 AM »
This tag is still wrong ...

<input type="text" name="Epost" size="20">

Change "Epost" to "submit_by"

*edited - It has to correspond to the script variable.

Offline Guldstrand

  • Galactic Royalty
  • *****
  • Posts: 245
    • EgenSida
The formcode...
« Reply #14 on: November 21, 2003, 03:50:32 AM »
Quote from: leighsww
Okay, WAIT!  Make sure you are only removing that which pertains to the FormMail.pl script.  If you have other hidden tags that pertain to other things, DON'T remove those yet.

You might have not yet done what I instructed you in my previous post, so you need to do that before the script will work.


Code: [Select]
<FORM action=/cgi-bin/bnbform.cgi method=post>
  <p align="left">&</p>
  <div align="left">
    <table border="0" width="150%">
      <tr>
        <td width="33%">
          <p align="left"><font color="#72E34F">Namn:</font></td>
        <td width="10%">
          <p align="left"></td>
        <td width="67%">
          <p align="left"><b><font color="#FFFFFF">ADRESSER</font></b></td>
      </tr>
      <tr>
        <td width="33%">
          <p align="left"><font color="#72E34F"><input type="text" name="Namn" size="20"></font></td>
        <td width="10%">
          <p align="left">&&&&&&&&&&&&&&&&&&&&&&&&&&&</td>
        <td width="67%">
          <p align="left"><font color="#72E34F"><b><a href="mailto:support@guldstrands.net">support@guldstrands.net</a></b></font></td>
      </tr>
      <tr>
        <td width="33%">
          <p align="left"><font color="#72E34F">E-post:</font></td>
        <td width="10%">
          <p align="left"></td>
        <td width="67%">
          <p align="left"><font color="#72E34F"><b><a href="mailto:info@guldstrands.net">info@guldstrands.net</a></b></font></td>
      </tr>
      <tr>
        <td width="33%">
          <p align="left"><font color="#72E34F"><input type="text" name="Epost" size="20"></font></td>
        <td width="10%">
          <p align="left"></td>
        <td width="67%">
          <p align="left"><font color="#72E34F"><b><a href="mailto:webmaster@guldstrands.net">webmaster@guldstrands.net</a></b></font></td>
      </tr>
      <tr>
        <td width="33%">
          <p align="left"><font color="#72E34F">Meddelande:</font></td>
        <td width="10%">
          <p align="left"></td>
        <td width="67%">
          <p align="left"><font color="#72E34F"><b><a href="mailto:order@guldstrands.net">order@guldstrands.net</a></b></font></td>
      </tr>
      <tr>
        <td width="33%">
          <p align="left"><textarea rows="2" name="Meddelande" cols="20"></textarea></td>
        <td width="10%">
          <p align="left"></td>
        <td width="67%">
          <div align="center">
            <p align="left"><font color="#FFFFFF">Du kan även försöka nå Oss
            via icq.<br>
            </font><b><font color="#72E34F">ICQ nr: 325090516</font></b>
          </div>
          <p align="left">&</td>
      </tr>
    </table>
  </div>
  <p align="left"><input type="submit" value="Skicka" name="submit"><input type="reset" value="Återställ" name="reset"></p>
  <INPUT TYPE="hidden" NAME="required" VALUE="Namn,submit_by"><BR><INPUT
TYPE="hidden" NAME="form_id" VALUE="Support Form"> <BR><INPUT
TYPE="hidden" NAME="submit_to" VALUE="support@guldstrands.net"> <BR><INPUT
TYPE="hidden" NAME="data_order" VALUE="Namn,submit_by,Meddelande">
</form>
::: Guldstrand :::

That i don´t allready know, i really want to learn...