#!/usr/bin/perl #use File::Copy; ##Custom Scripting for Hospital verification and payment on account numbers only. BEGIN { $SIG{'__DIE__'} = sub { print <<__WARN__ and exit 1 } } Content-Type: text/html; charset=ISO-8859-1\n Fatal Error in @{[(caller(2))[1]||__FILE__]} at ${\ scalar localtime } while responding to request from ${\ $ENV{'REMOTE_ADDR'} || 'localhost +' } ${\ join("\n",$!,$@,@_) } __WARN__ use strict; require 5.003; use accutil; use Time::Local; use File::stat; use Time::localtime; # print "Content-type: text/html\n\n"; my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime; $year += 1900; $mon += 1; my $datetime = sprintf "%04d%02d%02d%02d%02d%02d", $year, $mon, $mday, $hour, $min, $sec; my $version = '09.2012'; my $package = "Pro"; my $file='data007/WEB.TXT'; #this is the name of the datafile uploaded my $date_string = ctime(stat($file)->mtime); my $cfgfile = accutil::cfgfile(); my $accautoprefix = "CUS1"; my $plsseltag = "--- Please Select ---"; my $basedir; my $singleuser; my $adminemail; my $mailer; my $debug = 0; my $LOCK_EX; my ($payname, $payemail); my $cmpladdr; my $reqemail; my ($mbrdir, $mbrurl); my $hostaddr; my $cgidir; my %VARS; my $original_file; my $new_file; my $starttime = time(); my $headeron = 0; my $accid; my $accnum_02; my $accnum_03; my $siddir; my ($cmd, @pairs, $pair); my %INPUT; my $cgiurl = $ENV{'SCRIPT_NAME'}; my $ip_address_file = $ENV{'REMOTE_ADDR'}; my $sid; my $sid2; my $buffer; my (@statusline, @cmdline, @bodylines); @pairs = split(/&/, $ENV{'QUERY_STRING'}); foreach $pair (@pairs) { my ($name, $value); ($name, $value) = split(/=/, $pair); $value =~ s/%0D%0A/ /g; $value =~ s/%0A%0D/ /g; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; if ($INPUT{$name}) { $INPUT{$name} = $INPUT{$name}.":".$value; } else { $INPUT{$name} = $value; } } read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); foreach $pair (@pairs) { my ($name, $value); ($name, $value) = split(/=/, $pair); $value =~ s/%0D%0A/ /g; $value =~ s/%0A%0D/ /g; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; if ($INPUT{$name}) { $INPUT{$name} = $INPUT{$name}.":".$value; } else { $INPUT{$name} = $value; } } $cmd = $INPUT{'cmd'}; $accid = $INPUT{'accid'}; $accnum_02 = $INPUT{'accnum_02'}; $accnum_03 = $INPUT{'accnum_03'}; findcgidir(); if (!loadcfg()) { errexit("Failed to read config file"); } if ($singleuser eq 'on') { loginform("Database shot down for maintenance, please try login later"); exit; } if ($cmd eq 'lostpasswd') { lostpasswd(); exit; } if ($cmd eq 'register') { formaccntopen(); exit; } if ($cmd eq 'formaccntopen') { formaccntopen(); exit; } if ($cmd eq 'formlostpasswd') { formlostpasswd(); exit; } if ($cmd eq 'accntopen') { accntopen(); exit; } $sid = $INPUT{'sid'}; $sid2 = $INPUT{'sid2'}; #$accnum_02 = $INPUT{'accnum_02'}; if ($cmd eq 'payform') { payform(); exit; } #if ($cmd eq 'delivery_form') { payform(); exit; } #if ($cmd eq 'service_call_request') { payform(); exit; } if ($cmd eq 'activate') { activate(); exit; } if ($cmd eq 'login') { login(); } if ($sid eq undef) { loginform(); exit; } if ($sid2 eq undef) { loginform(); exit; } if (!checksid()) { loginform(); exit; } if ($cmd eq 'gomain') { formmain(); exit; } if ($cmd eq 'gomain2') { formmain2(); exit; } if ($cmd eq 'accedit') { accedit(); exit; } if ($INPUT{'cmdmain.x'} ne undef) { formmain(); exit; } if ($INPUT{'cmdlogoff.x'} ne undef) { logoff(); exit; } if ($INPUT{'cmdview.x'} ne undef) { formviewaccnt(); exit; } if ($INPUT{'cmdedit.x'} ne undef) { formeditaccnt(); exit; } if ($INPUT{'cmdactivate.x'} ne undef) { formactivate(); exit; } &header; print "unknown command"; &footer; exit; #============================================================================ confirm sub confirm { my (@args, $key); my @exclude = ('cmd', 'template', 'cuspasswd', 'cuspasswd1'); foreach $key (keys(%INPUT)) { if (!grep(/^$key$/, @exclude)) { my $val = $INPUT{$key}; $val =~ s/([^a-zA-Z0-9_])/sprintf("%%%X", ord($1))/eg; push (@args, "$key=$val"); } } $key = join('&', @args); my $url = $INPUT{'confirmurl'}; if ($url =~ /\?/) { $url .= "&$key"; } else { $url .= "?$key"; } print <Loading confirmation page...


Loading Confirmation Page
EOT } #============================================================================ loadtmpl sub loadtmpl { my $msg = $_[0]; my $tmplf = $INPUT{'template'}; errexit("missing template name") if $tmplf eq undef; my @parts = split(/\//, $tmplf); $tmplf = pop(@parts); $tmplf = "$VARS{'basedir'}/tmpl/$tmplf"; errexit("template file $INPUT{'template'} does not exist") if ! -e $tmplf; errexit("failed to open template file $INPUT{'template'}") if !open(TMPL, $tmplf); flock(TMPL, $LOCK_EX) if $LOCK_EX; my @buff = ; close(TMPL); my %tags; $tags{'ACCID'} = $INPUT{'accid'}; #$tags{'accnum_02'} = $INPUT{'accnum_02'}; $tags{'PASSWD'} = $INPUT{'cuspasswd'}; $tags{'CUSTOM1'} = $INPUT{'custom1'}; $tags{'PASSWD1'} = $INPUT{'cuspasswd1'}; $tags{'NAME'} = $INPUT{'name'}; $tags{'LNAME'} = $INPUT{'lname'}; $tags{'STREET'} = $INPUT{'street'}; $tags{'CITY'} = $INPUT{'city'}; $tags{'STATE'} = $INPUT{'state'}; $tags{'ZIP'} = $INPUT{'zip'}; $tags{'COUNTRY'} = $INPUT{'country'}; $tags{'PHONE'} = $INPUT{'phone'}; $tags{'BIZPHONE'} = $INPUT{'bizphone'}; $tags{'FAX'} = $INPUT{'fax'}; $tags{'EMAIL'} = $INPUT{'email'}; $tags{'NOTES'} = $INPUT{'notes'}; $tags{'ERRORMESSAGE'} = $msg; for (my $i=0; $i < 14; $i++) { my $str; $tags{"CUSTOMARG$i"} = $INPUT{"customarg$i"}; $tags{"CUSTOM$i"} = $INPUT{"custom$i"}; if ($VARS{"custom$i"."type"} eq 'select') { $str = ""); cmlprint(""); #print "$accid
"; # this is what is now passing to the payform.html :) Vince #print "$INPUT{'accnum_02'}"; # this is what is now passing to the payform.html :) Vince if ($debug) { my $tm = time() - $starttime; my ($utm, $stm) = (times())[0, 1]; print "Run time = $tm, user = $utm, system = $stm
"; foreach my $key (sort keys (%INPUT)) { print "$key: $INPUT{$key}
\n"; } print "

VARS:
\n"; foreach my $key (sort keys (%VARS)) { print "$key: $VARS{$key}
\n"; } accutil::debug(); print ""; } my %r = accutil::getaccnt($accid); #my %r = accutil::getaccnt($accnum_02); if ($cmd eq "payform") { if (-e $payform) { open(TEMPL, "$payform"); my $template = ""; while() { $template .= $_; $template =~ s/\$accid/$accid/gm; $template =~ s/\$accnum_02/$accnum_02/gm; ## Makes id dissapear $template =~ s/\$accnum_03/$accnum_03/gm; ## Makes id dissapear } close(TEMPL); for my $ikey (keys(%r)) { my ($value) = $r{$ikey}; $template =~ s/\$$ikey/$value/gm; } print "$template\n"; #&footertwo; This is the footer just before verifying information for submitting } } if ($cmd eq "delivery_form") { if (-e $delivery_form) { open(TEMPL, "$delivery_form"); my $template = ""; while() { $template .= $_; $template =~ s/\$accid/$accid/gm; } close(TEMPL); for my $ikey (keys(%r)) { my ($value) = $r{$ikey}; $template =~ s/\$$ikey/$value/gm; } print "$template\n"; &footertwo; } } if ($cmd eq "service_call_request") { if (-e $service_call_request) { open(TEMPL, "$service_call_request"); my $template = ""; while() { $template .= $_; $template =~ s/\$accid/$accid/gm; } close(TEMPL); for my $ikey (keys(%r)) { my ($value) = $r{$ikey}; $template =~ s/\$$ikey/$value/gm; } print "$template\n"; #&footertwo; } }else { #print "
Error:
"; #print "
©$payname

"; print "
Custom script © Coreave Design & Hosting
"; print "
\n"; } } #============================================================================ formmain sub formmain { my $msg = $_[0]; if ($msg ne undef) { $msg = "$msg

"; } &header; my %r = accutil::getaccnt($accid); my %r_1 = accutil::getaccnt($accnum_02); my %r_2 = accutil::getaccnt($accnum_03); if (!%r_2) { errorpage(accutil::error()); &footer;} if (!%r_1) { errorpage(accutil::error()); &footer; #return; ##################################################CUSTOMER DISPLAY ACCOUNT######################################################### } stlprint("\n\n"); stlprint("\n\n"); stlprint("\n\n"); stlprint("

Account Number(s):
\n\n"); stlprint("\n"); stlprint("\n"); stlprint("\n"); stlprint("\n\n"); stlprint("
1.$accid
2.$accnum_02
3.$accnum_03

Verified OK

\n\n"); stlprint("
As of: $date_string
\n\n"); # stlprint("

Account Number(s):
1. $accid
2. $accnum_02
3. $accnum_03
Verified OK
As of: $date_string
\n\n"); ##cmlprint("\n"); cmlprint(""); cmlprint("
"); cmlprint("\n"); cmlprint("\n"); cmlprint("\n"); cmlprint("\n"); cmlprint("\n"); if (!accutil::verifiednew(%r)) { my $type = 'Verify Email Address'; $type = 'Activate an Account' if $VARS{'manual'} eq undef && !accutil::enabled(%r); cmlprint("\n"); } cmlprint("
\n\n"); bodyprint("\n"); bodyprint("

$msg"); if (accutil::enabled(%r)) { } elsif ($r{'banby'} ne undef) { bodyprint("Your account disabled"); if ($r{'banreason'} ne undef) { bodyprint("
Reason: $r{'banreason'}

\n"); } bodyprint("

Please contact $VARS{'payname'} for more info.

\n"); } else { bodyprint(""); if ($VARS{'reqemail'} ne undef && !accutil::verifiednew(%r)) { bodyprint("\n"); } elsif ($VARS{'manual'} ne undef) { bodyprint(""); } bodyprint("\n"); } &footer; } #########################################################man 2 #============================================================================ logoff sub logoff { if ($accid ne undef) { my $f = "$siddir/$accid"; if (-e $f) { unlink($f); } } loginform(); } #============================================================================ login sub retry_before_fail { my ( $maxtries , $coderef , @args ) = @_ ; while( $maxtries ) { # $coderef returns non zero upon success if( my $result = $coderef->( @args ) ) { return $result ; } $maxtries-- ; } # Failure now either return or die return ; } sub login { if ($accid eq undef) { loginform("Missing Account Number"); exit; } #if ($accnum_02 eq undef) { loginform("Missing Account Number Tw0"); exit; } if ($accnum_02 eq undef) { $accnum_02 = "none"; } if ($accnum_03 eq undef) { $accnum_03 = "none"; } my %r = accutil::getaccnt($accid); ##my %r = accutil::getaccnt($accnum_02);## No Effect if (!%r || ($r{'passwd'} ne $INPUT{':'})) { use warnings; my( $arg ); my( $count ); $count = 0; foreach $arg ( @ARGV ) { $count++; print( STDOUT "Argument $count is '$arg'.\n" ); } loginform("Sorry, we couldn't locate that account.
You have a Maximum of 4 trys
You have used One of them."); if (-e "$siddir/log/$ip_address_file") { print "Two trys left!\n"; if (-e "$siddir/log/$ip_address_file.02") { print "
This is your Last Try
YOU WILL BE LOCKED OUT OF OUR SYSTEM.
Contact our Customer Service at 928-757-0627 \n"; #&max_attempts; if (-e "$siddir/log/$ip_address_file.03") { print "
LOCKED OUT OF OUR SYSTEM.
Contact our Customer Service at (888) 898-9090\n"; &max_attempts; } # Creates file for third login attempt my $g = "$siddir/log/$ip_address_file.03"; if (!open(SIDF, ">$g")) { errexit("Unable create customer session"); } flock(SIDF, $LOCK_EX) if $LOCK_EX; print SIDF "\n$accid\n"; close(SIDF); #&max_attempts; } # Creates file for second login attempt my $g = "$siddir/log/$ip_address_file.02"; if (!open(SIDF, ">$g")) { errexit("Unable create customer session"); } flock(SIDF, $LOCK_EX) if $LOCK_EX; print SIDF "\n$accid\n"; close(SIDF); #&max_attempts; } #Creates file for first loign attempt my $g = "$siddir/log/$ip_address_file"; #if (-e $siddir/log/$ip_address_file)loginform("Blocked"); exit; } if (!open(SIDF, ">$g")) { errexit("Unable create customer session"); } flock(SIDF, $LOCK_EX) if $LOCK_EX; print SIDF "\n$accid\n"; close(SIDF); exit; } srand(time()); $sid = int(rand(1000000)); #Creates a coded sid for validation of account number valitations against what is successfully entered. my $f = "$siddir/$accid"; if (!open(SIDF, ">$f")) { errexit("Unable create customer session"); } flock(SIDF, $LOCK_EX) if $LOCK_EX; print SIDF "$sid\n"; close(SIDF); $sid2 = int(rand(100000)); #Creates a coded sid for validation of account number valitations against what is successfully entered. my $f2 = "$siddir/$accnum_02"; if (!open(SIDF, ">$f2")) { errexit("Unable create customer session"); } flock(SIDF, $LOCK_EX) if $LOCK_EX; print SIDF "$sid2\n"; close(SIDF); # my $g = "$siddir/log/$accid"; #Creates a file in data007.sid/log 0000000 account id (accid) with ip address of client. #if (!open(SIDF, ">$g")) { errexit("Unable create customer session"); } #flock(SIDF, $LOCK_EX) if $LOCK_EX; #print SIDF "$ip_address_log\n"; # close(SIDF); unlink("$siddir/log/$ip_address_file"); unlink("$siddir/log/$ip_address_file.02"); unlink("$siddir/log/$ip_address_file.03"); $cmd='gomain'; } #============================================================================ checksid sub checksid { my $f = "$siddir/$accid"; if (! -e $f) { return 0; } if (!open(SIDF, $f)) { return 0; } flock(SIDF, $LOCK_EX) if $LOCK_EX; my $s = ; close(SIDF); chop($s); if ($s eq $sid) { return 1; } return 0; my $f2 = "$siddir/$accnum_02"; ## SECOND SID2 if (! -e $f2) { return 0; } if (!open(SIDF, $f2)) { return 0; } flock(SIDF, $LOCK_EX) if $LOCK_EX; my $s2 = ; close(SIDF); chop($s2); if ($s2 eq $sid2) { return 1; } return 0; } #============================================================================ header sub header { if ($headeron) { return; } print<\n EOF $headeron=1; my $header_file = "$basedir/tmpl/header.html"; if (-e $header_file) { if (open(HDR, "<$header_file")) { my @lines = ; close(HDR); print "\n"; print @lines; return; print "\n"; } } } #============================================================================ footer sub footer { my $footer_file = "$basedir/tmpl/footer.txt"; #$accid = formaccntopen&template=payform.html&$accid; if ($debug) { print ""; my $tm = time() - $starttime; my ($utm, $stm) = (times())[0, 1]; print "Run time = $tm, user = $utm, system = $stm
"; foreach my $key (sort keys (%INPUT)) { print "$key: $INPUT{$key}
\n"; } print "

VARS:
\n"; foreach my $key (sort keys (%VARS)) { print "$key: $VARS{$key}
\n"; } accutil::debug(); print ""; } if (-e $footer_file) { open(TEMPL, "$footer_file"); my $template = ""; while() { $template .= $_; $template =~ s/\$accid/$accid/gm; ## These are what is allowed in the footer post to make it to the payform $template =~ s/\$accnum_02/$accnum_02/gm; ## These are what is allowed in the footer post to make it to the payform $template =~ s/\$accnum_03/$accnum_03/gm; ## These are what is allowed in the footer post to make it to the payform } close(TEMPL); print "$template\n"; return; } else { print "
"; print "
©$payname

"; #print "Support: $adminemail
"; print "Custom script © Coreave Design & Hosting"; print "
\n"; } } #============================================================================ #============================================================================ bodyprint #===================================================================================== sub bodyprint { my $line = $_[0]; $line =~ s/\"; } push @bodylines, $line; if ($line =~ /\n\n/) { while (@bodylines) { print shift @bodylines; } print ""; } } #============================================================================ cmlprint sub cmlprint { my $line = $_[0]; $line =~ s/\"; } push @cmdline, $line; if ($line =~ /\n\n/) { while (@cmdline) { print shift @cmdline; } print ""; } } #============================================================================ stlprint sub stlprint { my $line = $_[0]; $line =~ s/\"; } push @statusline, $line; if ($line =~ /\n\n/) { while (@statusline) { print shift @statusline; } print ""; } } #============================================================================ errexit sub errexit { print <


Fatal Error: $_[0]. Execution aborted...
EOT exit; } #============================================================================Max attempts reached sub max_attempts { print <

You have Exceeded the number of Account attempts $_[0]. This you have been locked.
EOT &sleepy_timer; exit; } #=======================================================File deletion timer sub sleepy_timer { sleep (30); # LENGTH OF SECONDS TO LOCK OUT IP ADDRESS FROM SEARCHING FOR ACCOUNTS.. unlink("$siddir/log/$ip_address_file"); unlink("$siddir/log/$ip_address_file.02"); unlink("$siddir/log/$ip_address_file.03"); #exit; } #============================================================================ findcgidir sub findcgidir { my $scriptfilename = $ENV{'SCRIPT_FILENAME'}; $scriptfilename = $ENV{'PATH_TRANSLATED'} if $ENV{'PATH_TRANSLATED'} ne undef; if ($scriptfilename eq undef) { if ($ENV{'PWD'} ne undef) { my @parts = split(/\//, $ENV{'SCRIPT_NAME'}); my $f = pop @parts; $scriptfilename = "$ENV{'PWD'}/$f"; } } my @cgipath = split(/\//, $scriptfilename); pop(@cgipath); $cgidir = join("\/", @cgipath); } #============================================================================ loadcgf sub loadcfg { my @buff; my $line; if (! open(CFG, $cfgfile)) { return 0; } @buff = ; close(CFG); chomp(@buff); foreach $line (@buff) { my $name; my $value; ($name, $value) = split(/=/, $line); if ($value ne undef) { $VARS{$name} = $value; } } $basedir = $VARS{'basedir'}; $siddir = $VARS{'siddir'}; $adminemail = $VARS{'adminemail'}; $mailer = $VARS{'mailer'}; #$accid = $VARS{'id'}; my $uselock = $VARS{'uselock'}; $payname = $VARS{'payname'}; $singleuser = $VARS{'singleuser'}; $payemail = $VARS{'payemail'}; #$accnum_02 = $VARS{'accnum_02'}; $cmpladdr = $VARS{'cmpladdr'}; $reqemail = $VARS{'reqemail'}; $mbrdir = $VARS{'mbrdir'}; $mbrurl = $VARS{'mbrurl'}; $hostaddr = $VARS{'hostaddr'}; $VARS{'bodycolor'} = '#ffffff' if $VARS{'bodycolor'} eq undef; $VARS{'cmdcolor'} = '#ffffff' if $VARS{'cmdcolor'} eq undef; $VARS{'stlcolor'} = '#ffffff' if $VARS{'stlcolor'} eq undef; &accutil::init(%VARS); if ($uselock) { $LOCK_EX = "2"; } return 1; } ########################################sub pay form########################### #============================================================================ loginform sub loginform { my $msg = $_[0]; if ($msg ne undef) { $msg = "$msg

"; } #&header; ###stlprint("
\n\n"); stlprint(" \n"); stlprint(" \n"); stlprint(" \n"); stlprint("
Account Number Verifications
\n\n"); stlprint("
In order to make an online payments we must verify Account number(s)
Leave Unused fields Blank. Please follow the instructions.
Testing Numbers: 9068347 - 30548796 - 0007000000006792
\n\n"); bodyprint("

$msg
"); my $idtitle = 'Enter Account Number '; $idtitle = 'Email Address' if $VARS{'emailid'} ne undef; bodyprint("
"); bodyprint("
Enter Account Number:
 "); bodyprint(""); bodyprint("
Account Number Two:
"); bodyprint("
 
"); bodyprint("
Account Number Three:
 "); bodyprint("
"); bodyprint("

"); if ($VARS{'nonewlink'} eq undef) { bodyprint("Register Now!
\n"); } ##bodyprint("Don't Know the Account Number - Please Contact Us 888-888-8888\n");--Bottom text at login bodyprint("\n\n"); #bodyprint("[Password Finder] \n\n"); #&footer; } #============================================================================ errorpage # errorpage($err) # does not print header & footer sub errorpage { my $e = $_[0]; cmlprint("
\n"); cmlprint(""); cmlprint(""); cmlprint(""); stlprint("
"); #stlprint("
Error
\n\n"); #cmlprint("\n\n"); bodyprint("


Error: $e
Go
and correct the Account Number

\n\n"); bodyprint("Go Back and correct the Account Number\n"); exit; }