free source for bbs

[Robin]

My latest bbs script written in perl is at www.infusedlight.net/bbs - please
feel free to email me if you need help installing it or if you'd like to
make a comment. Also, a working example is at
www.infusedlight.net/design/bbs/bbs.pl

 

[Gunnar Hjalmarsson]

My latest bbs script written in perl is at www.infusedlight.net/bbs
- please feel free to email me if you need help installing it or if
you'd like to make a comment. Also, a working example is at
www.infusedlight.net/design/bbs/bbs.pl

Thanks for letting us know.

I noticed at that example page that the posters' email addresses are
displayed in clear-text. That's good. It means that you automatically
gets many new email-friends by using your script.

Since I also know from various threads in this group that you are
well-known for writing robust, secure Perl programs, I'm indeed
tempted to start using the script.

 

[Uri Guttman]

GH> Since I also know from various threads in this group that you are
GH> well-known for writing robust, secure Perl programs, I'm indeed
GH> tempted to start using the script.

i like these two subs in lib.pl. try them out. do they print more than
one char?

sub out_ln
{
my ( $amt ) = @_;
if ( ! ( $amt ) )
{ $amt = 1; }
print ( "\n" ) x $amt;
}

sub out_tabs
{
my ( $amt ) = @_;
if ( ! ( $amt ) )
{ $amt = 1; }
print ( "\t" ) x $amt;
}

the rest of the code is so funny. it makes matt wright's look good!
redundant and bad cgi parsing. a complex mix of globals and my vars and
strict and warnings are never enables. strange formatting (look a the
subs above. ever seen white spacing like that?). no knowledge of any
perl beyond perl4 stuff it seems.

here is a fun sub. try to not laugh at it. i love the reading back of
the file just written. note the globals again.

sub getfoot
{
my ($footer) = @_;
if (-e "$footer")
{
open (FOOT, "$footer");
@footer = <FOOT>;
close (FOOT);
return (@footer);
}
else
{
open (FOOT, ">$footer");
print FOOT <<END;
</body>
</html>
END

close (FOOT);
open (FOOT, "$footer");
@footer = <FOOT>;
return (@footer);
}
}

i will have to make this code the subject of a talk one day, "how to not
write perl".

uri

 

[Uri Guttman]

oy!!! lookie here:

sub getfoot
{
my ($footer) = @_;
if (-e "$footer")
{
open (FOOT, "$footer");
@footer = <FOOT>;
close (FOOT);
return (@footer);
}
else
{
open (FOOT, ">$footer");
print FOOT <<END;
</body>
</html>
END

close (FOOT);
open (FOOT, "$footer");
@footer = <FOOT>;
return (@footer);
}
}

sub getfoot
{
my ($footer) = @_;
if (-e "$footer")
{
open (FOOT, "$footer");
@footer = <FOOT>;
close (FOOT);
return (@footer);
}
else
{
open (FOOT, ">$footer");
print FOOT <<END;
</body>
</html>
END

close (FOOT);
open (FOOT, "$footer");
@footer = <FOOT>;
return (@footer);
}
}

sub file_maxmode
{
my ($filename) = @_;
chmod (0777, $filename);
}

does anyone see something wrong there?

i wouldn't line my cat's litter box with this code. it isn't worthy
enough for her to piss on.

uri

 

[J. Gleixner]

My latest bbs script written in perl is at [No thanks]
- please feel free to email me if you need help installing it or if
you'd like to make a comment. Also, a working example is at

Thanks for letting us know.

I noticed at that example page that the posters' email addresses are
displayed in clear-text. That's good. It means that you automatically
gets many new email-friends by using your script.

Since I also know from various threads in this group that you are
well-known for writing robust, secure Perl programs, I'm indeed
tempted to start using the script.

Especially tempting after seeing:

" 4. I'm hoping to use CGI.pm for my next version, but I still don't
quite understand how to work the thing."

It's also good to see "BBS 2 - Version 1.0.6 (final)".. hopefully this
IS the final version and this person moves on to some other newsgroup
and stops posting pathetic pleas to use the site.



Another entry in the kill file!

 

[Tad McClellan]

My latest bbs script written in perl is at

[snip]


Perl 4 style (ie. 8 year old Perl style). Every variable is a
global variable. No file locking. Hand-rolled form parsing,
complete with security problems as usual.

Please do not post announcements for "hobbiest" code, programs
such as yours hurt more than they help.

Folks can get _good_ code for a bbs already, how is yours "better"?

http://sourceforge.net/projects/nms-cgi/

feel free to email me if you need help installing it or if you'd like to
make a comment.

If anyone posts here about your program, I'll be sure to give
them your address.

 

[Tad McClellan]

My latest bbs script written in perl

contains this:

my ($filename, $delimeter) = @_;

if you'd like to
make a comment.

I like the comment that Uri made once:

delimeter: noun, scale used to weigh and price cold cuts.
also the unit of length for salamis.

 

[Gunnar Hjalmarsson]

i like these two subs in lib.pl. try them out. do they print more
than one char?

sub out_ln
{
my ( $amt ) = @_;
if ( ! ( $amt ) )
{ $amt = 1; }
print ( "\n" ) x $amt;
}

sub out_tabs
{
my ( $amt ) = @_;
if ( ! ( $amt ) )
{ $amt = 1; }
print ( "\t" ) x $amt;
}

No. But since I'm sure that the author had warnings enabled while
developing the program, the resulting hint generated by Perl has most
certainly been carefully considered. No need to worry.

the rest of the code is so funny. it makes matt wright's look good!
redundant and bad cgi parsing. a complex mix of globals and my
vars and strict and warnings are never enables. strange formatting
(look a the subs above. ever seen white spacing like that?).

Yeah. The code does have a personal touch. Isn't that charming?

 

[Chris Mattern]

Robin wrote:

<snip>

You can't trick me, I know an April Fool's post when
I see one!
--
Christopher Mattern

"Which one you figure tracked us?"
"The ugly one, sir."
"...Could you be more specific?"

 

[Uri Guttman]

GH> No. But since I'm sure that the author had warnings enabled while
GH> developing the program, the resulting hint generated by Perl has most
GH> certainly been carefully considered. No need to worry.

and it generates 2 warnings for each sub as well! that takes effort and skill!

GH> Yeah. The code does have a personal touch. Isn't that charming?

the code and coder are most definitely touched.

uri

 

[Uri Guttman]

TM> contains this:

TM> my ($filename, $delimeter) = @_;

TM> I like the comment that Uri made once:

TM> delimeter: noun, scale used to weigh and price cold cuts.
TM> also the unit of length for salamis.

i had forgotten about that one. i need to publish a dictionary

uri

 

[Ala Qumsieh]

....

strange formatting (look a the subs above. ever seen
white spacing like that?).

Python?


--Ala

 

[Henry Law]

You can't trick me, I know an April Fool's post when
I see one!

Alas not:

Date: Thu, 1 Apr 2004 12:55:02 -0800

.... after mid-day, y'see. Or is that just a British restriction?

Henry Law <>< Manchester, England

 

[David K. Wall]

TM> I like the comment that Uri made once:

TM> delimeter: noun, scale used to weigh and price cold cuts.
TM> also the unit of length for salamis.

i had forgotten about that one. i need to publish a dictionary

The Daemon's Dictionary?

 

[Kirk Strauser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My latest bbs script written in perl is at www.infusedlight.net/bbs -
please feel free to email me if you need help installing it or if you'd
like to make a comment. Also, a working example is at
www.infusedlight.net/design/bbs/bbs.pl

I particularly like the exchanges on the board, such as:

username of this user: foo
date of post: 03/17/04
name: Foo
email: (e-mail address removed)

post: You may wish to validate your HTML before getting to back-slappin'
happy:
http://validator.w3.org/check?uri=h...iew&cat=Design&topic=Design%20talk&user=sysop

----------------------------------------

username of this user: sysop
date of post: 03/22/04
name: sysop
email: (e-mail address removed)

post: Hmmm....validate my html, it doesn't post html.

and:

username of this user: robin
date of post: 03/18/04
name: Robin
email: (e-mail address removed)

post: Don't listin to me! I don't know anything about programming!
Especially not Perl! In fact, I know so little that I left the source code
to this board freely available - the source code that shows how insecure
this site is - the source code that shows the location of the WORLD READABLE
password file!!! I KNOW NOTHING!!!

Robin. I speak seriously: drop this project like a hot potato. You are not
ready for what you're trying to do. Install something pre-made like phpBB
and move along. Really.
- --
Kirk Strauser
The Strauser Group
Open. Solutions. Simple.
http://www.strausergroup.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAbX5W5sRg+Y0CpvERAjUQAJ48uPiHll0ugdbEHt/whwMPakfXlACgjVnH
ZcYUIjBjXRrGamarlO1Dey8=
=LIgt
-----END PGP SIGNATURE-----

 

[Uri Guttman]

TM> delimeter: noun, scale used to weigh and price cold cuts.
TM> also the unit of length for salamis.
DKW> The Daemon's Dictionary?

there is already:


The Computer Contradictionary : 2nd Edition by Stan Kelly-Bootle

which is a hoot from the entries i have seen. the author is famous for
his column 'son of the devil's advocate' at
http://www.sarcheck.com/skb/. it used to run in the one of the unix mags
before it went under. it is an amazing tour de force of intellectual
computer writing and a challenge to anyone get all of the references and
stuff.

uri

 

[Robin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My latest bbs script written in perl is at www.infusedlight.net/bbs -
please feel free to email me if you need help installing it or if you'd
like to make a comment. Also, a working example is at
www.infusedlight.net/design/bbs/bbs.pl

I particularly like the exchanges on the board, such as:

username of this user: foo
date of post: 03/17/04
name: Foo
email: (e-mail address removed)

post: You may wish to validate your HTML before getting to back-slappin'
happy:

http://validator.w3.org/check?uri=http://www.infusedlight.net/design
%2Fbbs%2Fbbs.pl%3Faction%3Dview%26cat%3DDesign%26topic%3DDesign%2520talk%26u
ser%3Dsysop

----------------------------------------

username of this user: sysop
date of post: 03/22/04
name: sysop
email: (e-mail address removed)

post: Hmmm....validate my html, it doesn't post html.

and:

username of this user: robin
date of post: 03/18/04
name: Robin
email: (e-mail address removed)

post: Don't listin to me! I don't know anything about programming!
Especially not Perl! In fact, I know so little that I left the source
code
to this board freely available - the source code that shows how insecure
this site is - the source code that shows the location of the WORLD
READABLE
password file!!! I KNOW NOTHING!!!

Robin. I speak seriously: drop this project like a hot potato. You are not
ready for what you're trying to do. Install something pre-made like phpBB
and move along. Really.

I've actually fixed the security glitches now....it's really shitty to get
hacked, but it won't happen again.
-Robin

 

[Paul Lalli]

I've actually fixed the security glitches now....it's really shitty to get
hacked, but it won't happen again.
-Robin

"Hacked" implies that someone used a tool to crack or to guess your
password, or that they found a backdoor to not require a password. That
post implies that you not only left that password world readable, but gave
the location of the password within the source - which was also readily
available. Bit of a difference.

Paul Lalli

 

[Keith Keller]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've actually fixed the security glitches now....it's really shitty to get
hacked, but it won't happen again.

You took down the script?

- --keith

- --
(e-mail address removed)-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAbdyrhVcNCxZ5ID8RAjVDAJ9/oInSKmvzdSxX5xDRx+vxUbgdRwCfZzNa
V7LS32laroh5Jz9WJxM1bZA=
=KzH9
-----END PGP SIGNATURE-----

 

[Kirk Strauser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've actually fixed the security glitches now....it's really shitty to get
hacked, but it won't happen again.

I well bet $$$ that if your site ever gets any amount of traffic, then your
message board *will* be compromised again. It's incredibly negligent for
you to expose that to the Internet. And no, I'm not going to point out the
remaining security flaws, since the basic lack of design is not reparable.
- --
Kirk Strauser
The Strauser Group
Open. Solutions. Simple.
http://www.strausergroup.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAbdjC5sRg+Y0CpvERAut2AJ96S1MdGtUIUdujZibn0v9cwHYNhACfZvGz
7RVoGc0MyYH82XXZYsyvHc4=
=uF0A
-----END PGP SIGNATURE-----