#!/usr/bin/perl use strict; use vars qw{%Form}; my $Root = '/home/webmangr/public_html/survey'; &Main(); sub Main { my($x,$Line,$Check); # Parse parameters &Decode('+'); $Form{SURVEY} = lc($Form{SURVEY}); $Form{SURVEY} =~ s/[^a-z0-9]+//g; $Form{FIELDS} = int($Form{FIELDS}); if($Form{SURVEY} eq '') { &Error('Invalid or undefined survey.'); }; if(!$Form{FIELDS}) { &Error('Invalid or undefined field count.'); }; if($Form{DONE} eq '') { &Error('Undefined final page.'); }; if($Form{DUPLICATE} ne '') { $Check = 1; }; # Save results if($Check && $ENV{HTTP_COOKIE} =~ /\bSurvey_$Form{SURVEY}\=1\b/) { print "Location: $Form{DUPLICATE}\n\n"; } else { my($Second,$Minute,$Hour,$Day,$Month,$Year,$DOW) = localtime(time); $Line = sprintf('"%04d/%02d/%02d %02d:%02d:%02d","%s",',$Year+1900,$Month+1,$Day,$Hour,$Minute,$Second,$ENV{REMOTE_ADDR}); for($x=1; $x<=$Form{FIELDS}; $x++) { $Line .= '"'.$Form{"Q$x"}.'",'; }; $Line =~ s/,$/\n/; open(OUT,">>$Root/$Form{SURVEY}.csv") || &Error('Sorry, we are unable to save your survey data.'); print OUT $Line; close(OUT); `chmod 600 $Root/$Form{SURVEY}.csv`; if($Check) { print "Set-Cookie: Survey_$Form{SURVEY}=1; expires=Fri, 31-Dec-10 23:59:59 GMT\n"; }; print "Location: $Form{DONE}\n\n"; }; }; sub Error { my $Message = shift; print "Content-Type: text/html\n\n
$Message"; exit; }; sub Decode { my $Mode = shift; my($Pair,@Pairs,$Name,$Value,$Line); if($ENV{'REQUEST_METHOD'} eq 'GET') { $Line = $ENV{'QUERY_STRING'}; } elsif($ENV{'REQUEST_METHOD'} eq 'POST') { read(STDIN,$Line,$ENV{'CONTENT_LENGTH'}); } else { &Error('Unknown request method.'); }; @Pairs = split(/&/,$Line); foreach $Pair (@Pairs) { ($Name,$Value) = split(/=/,$Pair); $Name =~ tr/+/ /; $Name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; $Name =~ s/\.X$//; $Name =~ s/\.Y$//; $Name = uc($Name); $Value =~ tr/+/ /; $Value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; $Value =~ s/[\015\r]*//g; $Value =~ s/\<\!\-\-(.|\n)*\-\-\>//sg; $Value =~ s/(\n|\r|\t)+/ /gs; if($Form{$Name} ne '' && $Mode eq '+') { $Form{$Name} .= ",$Value"; } else { $Form{$Name} = $Value; }; }; };