#!/usr/bin/perl
use strict;
use vars qw{%Form};
my $Root = '/home/webmangr/public_html/survey';
&Main();
sub Main {
my($x,$Line,$Check);
# Parse parameters
&Decode('+');
$Form{SURVEY} = lc($Form{SURVEY});
$Form{SURVEY} =~ s/[^a-z0-9]+//g;
$Form{FIELDS} = int($Form{FIELDS});
if($Form{SURVEY} eq '') { &Error('Invalid or undefined survey.'); };
if(!$Form{FIELDS}) { &Error('Invalid or undefined field count.'); };
if($Form{DONE} eq '') { &Error('Undefined final page.'); };
if($Form{DUPLICATE} ne '') { $Check = 1; };
# Save results
if($Check && $ENV{HTTP_COOKIE} =~ /\bSurvey_$Form{SURVEY}\=1\b/) {
print "Location: $Form{DUPLICATE}\n\n";
} else {
my($Second,$Minute,$Hour,$Day,$Month,$Year,$DOW) = localtime(time);
$Line = sprintf('"%04d/%02d/%02d %02d:%02d:%02d","%s",',$Year+1900,$Month+1,$Day,$Hour,$Minute,$Second,$ENV{REMOTE_ADDR});
for($x=1; $x<=$Form{FIELDS}; $x++) { $Line .= '"'.$Form{"Q$x"}.'",'; };
$Line =~ s/,$/\n/;
open(OUT,">>$Root/$Form{SURVEY}.csv") || &Error('Sorry, we are unable to save your survey data.');
print OUT $Line;
close(OUT);
`chmod 600 $Root/$Form{SURVEY}.csv`;
if($Check) { print "Set-Cookie: Survey_$Form{SURVEY}=1; expires=Fri, 31-Dec-10 23:59:59 GMT\n"; };
print "Location: $Form{DONE}\n\n";
};
};
sub Error {
my $Message = shift;
print "Content-Type: text/html\n\nError$Message
";
exit;
};
sub Decode {
my $Mode = shift;
my($Pair,@Pairs,$Name,$Value,$Line);
if($ENV{'REQUEST_METHOD'} eq 'GET') {
$Line = $ENV{'QUERY_STRING'};
} elsif($ENV{'REQUEST_METHOD'} eq 'POST') {
read(STDIN,$Line,$ENV{'CONTENT_LENGTH'});
} else {
&Error('Unknown request method.');
};
@Pairs = split(/&/,$Line);
foreach $Pair (@Pairs) {
($Name,$Value) = split(/=/,$Pair);
$Name =~ tr/+/ /;
$Name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
$Name =~ s/\.X$//;
$Name =~ s/\.Y$//;
$Name = uc($Name);
$Value =~ tr/+/ /;
$Value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
$Value =~ s/[\015\r]*//g;
$Value =~ s/\<\!\-\-(.|\n)*\-\-\>//sg;
$Value =~ s/(\n|\r|\t)+/ /gs;
if($Form{$Name} ne '' && $Mode eq '+') {
$Form{$Name} .= ",$Value";
} else {
$Form{$Name} = $Value;
};
};
};