I'm looking for a script that will allow a web page viewer to forward that page's URL to a friend by email.
Ideally, the user should be able to enter fields on the web page, such as the name of the sender, the name of the receiver, the email address of the receiver, a personal note from the sender ... and then those fields be reflected in the email.
<html>
<head>
<title>Email This Page To A Friend</title>
<link rel="StyleSheet" type="text/css" href="url to css file">
</head>
<body bgcolor="#E1E1E1">
<form action="cgi-bin/email.cgi" method="POST">
<table><tr><td>
<b>Tell a friend about this page!</b></td>
</tr></table>
<table>
<tr><td>Friend's First Name: </td><td><input type="text" name="fname"></td></tr>
<tr><td>Your Friend's Email: </td><td><input type="text" name="femail"></td></tr>
<tr><td> </td><td> </td></tr>
<tr><td>Your First Name: </td><td><input type="text" name="sname"></td></tr>
<tr><td>Your Email: </td><td><input type="text" name="semail"></td></tr>
<tr><td> </td><td><input type="submit" value="Submit"></td></tr>
</table>
</form>
</body>
</html>
and here is the cgi.
Code:
#!/usr/bin/perl
print "Content-type:text/html\n\n";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}
if ($FORM{'fname'} eq "") {
&dienice("Please enter your friend's name.");
exit;
}
if ($FORM{'femail'} eq "") {
&dienice("Please enter friend's email address.");
exit;
}
if ($FORM{'sname'} eq "") {
&dienice("Please fill in your email address name.");
exit;
}
if ($FORM{'semail'} eq "") {
&dienice("Please enter your email address.");
exit;
}
print <<EndHead;
<html>
<head>
<title>Message Sent</title>
<link rel="StyleSheet" type="text/css" href="url to css">
</head>
<body bgcolor="#E1E1E1">
EndHead
$mailprog = '/usr/sbin/sendmail';
$recipient = "$FORM{'femail'}";
$from = "$FORM{'semail'}";
open (MAIL, "|$mailprog -t") or &dienice("Can't access $mailprog!\n");
print MAIL "To: $recipient\n";
print MAIL "From: $from\n";
print MAIL "Reply-to: $FORM{'semail'}\n";
print MAIL "Subject: Hey. Check this site out.\n\n";
print MAIL <<EndMAIL;
Hey $FORM{'fname'},
put your default message here. Don't forget to put the url of the page!
$FORM{'sname'}
EndMAIL
close(MAIL);
# now print something to the HTML page, usually thanking the person
# for filling out the form, and giving them a link back to your homepage
print <<EndHTML;
<font size="4"><b>Message Sent</b></font>
<p><a href="../email.html" target="_self">Click here</a> to send this page to another friend.
<br><br>[<a href="http://" onClick="javascript:window.close();">Close this window</a>]</p>
</body>
</html>
EndHTML
exit;
sub dienice {
my($msg) = @_;
print qq(
<html>
<head>
<title>Email this page to a friend</title>
<link rel="StyleSheet" type="text/css" href="url to css file">
</head>
<body bgcolor="#E1E1E1">
<font size="4">Error</font><p>\n);
print qq($msg <a href="http://" onClick="history.go(-1);" target="_self">Go back</a> and try again.\n);
print qq(</body></html>);
exit;
}
I named the html file email.html and placed the email.cgi script in my cgi-bin directory.
untainting is always a great idea... here we go... add this to the cgi file for not just untaint, but format the fields..
Code:
# Untaint/Format email strings
if ($FORM{'femail'} !~ /[\w\-]+\@[\w\-]+\.[\w\-]+/) {
&dienice("You did not enter a valid email address.");
}
if ($FORM{'semail'} !~ /[\w\-]+\@[\w\-]+\.[\w\-]+/) {
&dienice("You did not enter a valid email address.");
}
# Untaint text strings
if ($FORM{'fname'} !~ /[a-z0-9][A-Z0-9]/) {
&dienice("Quit trying to hack my system... PHREAK!");
}
if ($FORM{'sname'} !~ /[a-z0-9][A-Z0-9]/) {
&dienice("Quit trying to hack my system... PHREAK!");
}
You can also add maxlenth="numerical value" to limit how many characters can be entered into the text fields on the html page.
Linear Mode
