(*)
English
||
( )
Japanese
wb.cgi
"Rakugaki" Tutorial
wb.cgi
"Rakugaki" is a web bulletin board system.
For example, access Rakugaki in Kissin Institute of Softwear Kumamoto.
Kissin Institute of Softwear KumamoAt first, Get following distribution package.
wb120.lzh
wb120.tgz
- Rakugaki v1.20 distribution packagewb119.lzh
- Rakugaki v1.19 distribution packagewb118.lzh
- Rakugaki v1.18 distribution packagewb117.lzh
- Rakugaki v1.17 distribution packagewb116.lzh
- Rakugaki v1.16 distribution packagewb115.lzh
- Rakugaki v1.15 distribution packagewb113.lzh
- Rakugaki v1.13 distribution packagewb112.lzh
- Rakugaki v1.12 distribution packagewb111.lzh
- Rakugaki v1.11 distribution packagewb110.lzh
- Rakugaki v1.10 distribution packagewb109.lzh
- Rakugaki v1.9 distribution packagewb108.lzh
- Rakugaki v1.8 distribution packagewb106.lzh
- Rakugaki v1.6 distribution packagewb105.lzh
- Rakugaki v1.5 distribution packagewb103.lzh
- Rakugaki v1.3 distribution packagewb008.lzh
- Rakugaki v0.08 distribution packageYou can look the current version file on following table.
File | Permission *1 | Comment |
---|---|---|
wb.cgi *2 |
rwxr-xr-x (755) |
Main CGI script file |
config.pl *3 |
rwxr-xr-x (755) |
Configuration file Write settings in this file to override settings in wb.cgi Sample file config.txt is contained in distribution archive.
Rename this file to config.pl ,
and edit Password for administrator and etc.
|
jcode.pl |
rwxr-xr-x (755) |
Japanese character encoding library by Kazumasa Utashiro |
htmlck.pl |
rwxr-xr-x (755) |
Simple HTML syntax checking library |
cgi-lib.pl |
rwxr-xr-x (755) |
multipart-form parse library for uploading file by Steven E. Brenner The cgi-lib.pl Home Page |
standard.html |
rw-r--r-- (644) |
Output HTML template file If you want to use alternate file, Define it $template .
|
ftype.pl |
rwxr-xr-x (755) |
File type analyze library for uploading file |
notable.html |
rw-r--r-- (644) |
Output HTML template file 2 None table style output template file. |
japanese.html |
rw-r--r-- (644) |
Output HTML template (sample 3) Only Japanese. |
english.html |
rw-r--r-- (644) |
Output HTML template (sample 4) Only English. |
minibbs.html |
rw-r--r-- (644) |
Output HTML template (sample 5) MiniBBS like layout. |
minibbs9.html |
rw-r--r-- (644) |
Output HTML template (sample 6) MiniBBS v9 like layout. |
imode.html imodew.html
|
rw-r--r-- (644) |
Output HTML template (sample 7) For Docomo iMODE. |
compact.html |
rw-r--r-- (644) |
Output HTML template (sample 8) Compact |
help.html |
rw-r--r-- (644) |
Help tamplate in Japanese |
helpe.html |
rw-r--r-- (644) |
Help template in English |
wbpw.html |
rw-r--r-- (644) |
Template for password input page (Need only Member mode *4) |
wb.gif |
rw-r--r-- (644) |
Put on your web server,
If you change wb.cgi in standard.html .
|
bg.gif |
rw-r--r-- (644) |
Background image used by standard standard.html
|
nshelp.gif |
rw-r--r-- (644) |
Screen snapshot image for help.
|
nghost |
rw-r--r-- (644) |
Posting DENY host ID or Domain name list Default @nghosts. |
ngword
spamsub
spamlist
spambody
|
rw-r--r-- (644) |
Posting DENY words list Default @ngfiles. |
wb.cgi
wb.cgi
is renamed to wb.txt
.
Because, *.cgi executed as CGI.
Please rename wb.txt
to wb.cgi
.
wb.cgi
config.txt
.
Rename to config.pl
after download.
wb.cgi
and configurewb.cgi
Edit wb.cgi
with text editor,
and change the first line /usr/local/bin/perl5
to perl path that you can use on the web server.
I write these scripts for perl version 4 and/or 5.
But, coredumped on perl version 4. Why?
If you cannot to understand,
Try /usr/local/bin/perl5
or
/usr/local/bin/perl
or
/usr/bin/perl5
or
/usr/bin/perl
.
wb.cgi
And change setting sentence of setting following variables.
Look (*)
mark in comment.
At v1.3 or later version,
following settings are described in config.pl
Recommend to edit config.pl
instead of wb.cgi
.
$rootpasswd
$userpasswd
$userpasswd = ''; # Public mode Everybody can access BBS
$userpasswd = 'foo'; # Member mode Only people who know it
$dbdir
db
)$secure
$author
%author%
in tamplate is substituted to it)
$email
%email%
in tamplate is substituted to it)
$top
%top%
in tamplate is substituted to it)
$tope
%tope%
in tamplate is substituted to it)
$tope = '';
$topi
%topi%
in tamplate is substituted to it)
$dbfilemax
$dbsizemax
db
-> db0001
,
db0001
-> db0002
,
...
, and new db
is created.
So,
$dbsizemax
* $dbfilemax
bytes
needed for store data.
$artsizemax
$maximgwidth
$maximgheight
@nghosts
nghost
@ngfiles
nghost
$template
standard.html
defined.@template
$cookietime
$denc
sjis
for Shift-JIS,
jis
for JIS,
euc
for EUC.
sjis
is selected by defaultsjis
is default.
Old version, jis
is default.
Look standard.html
or english.html
with web browser,
and you will know
that the display styles defined in this file.
If you want to change diplay styles,
You must change this file.
I recomment to use TEXT EDITOR for edit this.
(Because, some HTML editor will change many part of this file)
%%foo_begin%%
...
%%foo_end%%
is a control string for conditional output.
%foo%
is substituted to something strong.
If you cannot understand this, Don't change!
helpe.html
,
help.html
as you like
helpe.html
and
help.html
are template of HTML document
when [HELP] link pressed.
I advice how-to write on BBS in this document.
If you want to give more good informations for peoples,
edit it.
%foo%
is substituted.
wbpw.html
for password input page
wbpw.html
is a template for password input page
on Member mode.
If you set non-NULL string to $userpasswd
,
Edit it to design password input page.
Sample wbpw.html
display password!
Make a directory for BBS in for wep top page directory.
(public_html
is used on many web server)
Set permission rwxr-xr-x
(755).
On some web server, you can run CGI script on cgi-bin
only.
In this case, Use the directory.
Transfer files to the directory. Use ASCII mode.
Next, Set permission of the files to specified permmision in Files.
Make a directory for data files on the BBS directory.
The directory named db
(If you change $dbdir
, user it).
Set permission of it to rwxrwxrwx
(777).
For more security on web server which execute CGI file owner,
set permission to rwx------
(700).
For your informations,
following data files are made by CGI script.
(Case of $dbfilemax
is 20)
File | Permission | Comment |
---|---|---|
db | ??? | Current data |
db0001 | ??? | Old data (ex db ) |
db0002 | ??? | More old data (ex ex db ) |
: | : | : |
db0019 | ??? | Long ago data (ex^19 db ) |
index.html | ??? | (In Secure mode, if index.html is not exist) |
Try to writing to your BBS, No problems? If you have some problems, Write the questions on Rakugaki in Kissin Institute of Softwear Kumamoto. I will support you, if I am free.
Kissin Institute of Softwear Kumamoto
Supported article delete function later v0.08.
New!
Check the checkbox top of articles,
Type keyword of article or admin password on password field,
Press [Delete] button.
And the articles will be deleted.
If you use wb.cgi v0.08 or later, No need to read followings.
Edit data file direct to delete articles. Now, delete on web browser not supported.
Look ~/wb/db/db
, and
You can understand which line to delete in ~/wb/db/db
.
If you can't understand, Don't edit!
If you use the web server which permitted telnet login
and using Mule or Emacs
like as www.oersted.co.jp,
Edit ~/wb/db/db
with Mule or Emacs on it.
(Mule or Emacs warn if file is updated by other process)
If you cannot to login or use Emacs or Mule, use ftp to delete, read following sequence.
Create db.lck
on the directory data files put on.
(db.lck
length 0)
Use binary mode, No kanji conversion for transfer.
db
Get db
from data file directory on web server.
Use binary mode, no kanji conversion.
db
Edit db
file.
I recommend to use
Meadow,
Because, it support complate kanji code and end of line code.
db
Put new db
to web server.
Use binary mode, no kanji conversion.
Delete the lock file db.lck
on the data files directory.
While the lock file exist, writing is blocked.
You cannot to keep security on the web server which execute CGI in nobody or WWW user. Because, Other user make a CGI script which print files on the web server, He can look the files CGI script and or data files. (Oh! Really? >yav)
For secutiry, Set owner of CGI script and datas yourself, and no permission for others.
Set wb.cgi
permission
rwx------
(700).
Set config.pl
permission
rw-------
(600).
Set data file directory (specified with $dbdir
) permission
rwx------
(700).
On this web server, SUID bit of CGI file for execution in file owner authorize. For example, On Apache server, executable file compiled with C compiler can run under file owner authorize. (But, perl script SUID ignored Why?)
So, On the web server permit telnet login and C compiler like as www.oersted.co.jp Look followings.
Rename wb.cgi
to wb.pl
.
set permission
rwx------
(700).
Make following C source code wb.c
.
main() { return system("/home/yav/public_html/bbs/wb.pl"); }
Replace /home/yav/public_html/bbs to absolute path of your BBS directory. Relative pathname makes security hole.
Compile this,
And set created executable file permission
rwsr-xr-x
(4755).
% cc wb.c -o wb.cgi % chmod 4755 wb.cgi
Set data file directory (specified with $dbdir
) permission
rwx------
(700).
Configuretion cache is created version 1.13 or lator. The security hole is exist at this cache file.
config.pl.cache
is made from
configuration file config.pl
at first.
The umask is not set at this time.
Anyone can read the configuration cache.
config.pl.cache
to
rw-------
(600) with telnet or ftp.
spambody
is changed.
And we can use \#
string for # itself in list filesngword
, spambody
ngword
files $fileinfo
&
letter$artsizemaxK
, $maxdataK
Data size KILO, MEGAnghost
, ngfiles anti-spamREQUEST_URI
jcode'tr
for 2bytes Japanese character to ASCII conversion.config.pl.cache
after eval configurations.config.pl
and
style template files.imodew.html
for post from iMODE%topi%
for iMODE top pageimode.html
is changed%%styleselect_begin%%
described wrong position
in compact.html
.
[Previous] is selected, No articles printed BUG fix.https
and shttp
for auto URL link$gzip
path defined, gzip compressed outout$lastmodified
is true,
HTTP header Last-modified
is outputcgi-lib.pl
and
ftype.pl
for file transferring.
Table
, No-table
to
standard.html
, notable.html
of $style
compact.html
for output style%%nhead_begin%%
to
%%head_begin%%
in tamplete file#
foo of auto URL linktel
scheme of auto URL link$dbsizemax
BUG fix.htmlck.pl
%head_title%
etc.template.html
,
New tamplate files standard.html
and notable.html
'#'
in database files#
in template filesconfig.pl
after convert EUCconfig.pl
%%styleoptions%%
REMOTE_ADDR
REMOTE_HOST
HTTP_USER_AGENT
saved at writing"
character in Title,
the title string cutted BUG fixrequire
configuration file config.pl
if exist#
character in template filejcode
and htmlck
packages$^T
instead of time
$artn
User selectable number of articles$artsizemax
article writing text size limit