Phorm and Computer Misuse Act
Ian Batten
ukcrypto at chiark.greenend.org.uk
Fri, 21 Mar 2008 13:56:53 +0000
On 21 Mar 08, at 1342, Peter Tomlinson wrote:
> What's that file FilmDVDLoading.asp on the end of Tom's post as
> received here? Is it an ad inserted by Webwise?
Here follows the source, broken out from the uuencoded form. I've
black-listed the sender, because I can't think of a reasonable purpose
for doing this, I don't have time to read through a load of Java
Script, and I assume he's up to no good. Slightly ironic when we're
discussing computer misuse to have someone on this list start mailing
rather opaque javascript applications in the hope that people will
click on them. Run at your own risk.
ian
<%@ CodePage=65001 Language="JScript"%>
<%
Response.CodePage = 65001;
Response.CharSet = "utf-8";
Response.ContentType = "text/HTML";
Session.CodePage = 65001;
%>
<%
/*
NEOS page version 5.3
// Intergration
// Error handling
*/
%>
<% /****** INCLUDE DATABASE CONNECTION FUNCTIONS *******/ %>
<!--#include virtual="shared/Includes_DB/setPageTextVars.asp"-->
<% /****** INCLUDE PMS CONNECTION FUNCTIONS *******/ %>
<!--#include virtual="shared/Includes_PMS/pms_scripts.asp"-->
<% /****** INCLUDE OTHER SHARED SCRIPTS *******/ %>
<!--#include virtual="shared/Includes_PageParams/CacheHeaders.asp"-->
<!--#include virtual="shared/Includes_PageParams/SetClockFont.asp"-->
<!--#include virtual="shared/Includes_PageParams/
GetPageParamters.asp"-->
<!--#include virtual="shared/Includes_PageParams/SetFontDefauts.asp"-->
<%
/************************** SET PAGE PARAMETERS
*****************************/
var XtraTxt_FilmDVDLoadingFont = bigTxtFont;
// Specifies whether the numbered buttons may be required to "loop"
using the re
d and green coloured buttons
var looping=0;
var fileName = "";
var errorUrl = Application("httpRoot")+"/shared/Error.asp" +
"?ratio="+ ratio +"&languageID="+ languageID
+"&hotelID="+ hotel
ID +"&stretched="+stretchToWidescreen+"&pageType=Error&pageTypeID=57";
var urlAfterLoading = Application("httpRoot")+"/main/mainmenu.asp" +
"?ratio="+ ratio +"&languageID="+ languageID
+"&hotelID="+ hotel
ID +"&stretched="+stretchToWidescreen+"&pageType=MainMenu&pageTypeID=1";
/*var urlAfterLoading = Application("httpRoot")+"/shared/
Information.asp" +
"?ratio="+ ratio +"&languageID="+ languageID
+"&hotelID="+ hotel
ID +"&stretched="+stretchToWidescreen
+"&pageType=FilmRecallInfo&pageTypeID=71";
*/
if ( Request.QueryString("fileName").Count > 0 ) {
fileName = unescape(Request.QueryString("fileName"));
}
//Added on 24.08.2006
var InfoURL = "";
if ( fileName == "filmRecall")
{
var frc = filmRecallPermitted();
if (frc == "0")
{
InfoURL = Application("httpRoot")+"/movies/
FilmRecallInfo.asp?ra
tio=" + ratio + "&languageID=" + languageID + "&hotelID=" + hotelID+
"&stretched
=" + stretchToWidescreen + "&pageTypeID=71&pageType=FilmRecallInfo"
Response.Redirect(InfoURL);
}
}
/********************** QUERY DATABASE FOR PAGE TEXT
************************/
OpenDb(conn);
OpenStoredProc("getStandardPageText");
getStandardPageText("XtraTxt");
// Close the connection
CloseAll(conn,cmd,rs);
%> <!--#include virtual="shared/WriteDebug.asp"--> <%
/*************************** WRITE OUT HTML PAGE
******************************/
%>
<html>
<head>
<!--#include virtual="shared/Includes_PageParams/
CacheHTMLHeaders.asp"-->
<!--#include virtual="shared/Includes_PageParams/StyleSheets.asp"-->
<title><%=title%></title>
</head>
<script language="javascript">
// Include Neos Browser Javascript functions to play the media
t = 300;
function loadTextintoFlash() {
<!--#include virtual="shared/loadCommonVarsIntoFlash.asp"-->
setTimeout("playfilm()" , t);
}
function playfilm () {
NeosHelpers.setScreenSaver(0); //Disable the screen saver
<%
if ( fileName != "" ) {
if ( fileName == "filmRecall" ) {
Response.Write
( "try{ NeosVideo.Open(\"\"); } catch(e){
}\r\n" );
} else {
Response.Write ( "try { NeosVideo.Open('\\\\\\
\\"+Applic
ation("movieIPaddress1")+"\\\\movies$\\\\Mpegs\\\\"+fileName+"'); }
catch(e){}\r
\n");
}
} else {
Response.Write ( "try { NeosDVDWM.Open(); } catch(e)
{try{NeosMSWEBDVD.Op
en(); } catch(e) {NeosDVD.Open();}}\r\n" );
}
Response.Write ("NeosHelpers.setScreenSaver(1); //Enable the
screen save
r\r\n");
Response.Write ("window.location.href='"+urlAfterLoading+"';");
%>
}
function setback() {
NeosHelpers.setScreenSaver(1); //Enable the screen saver
window.history.back(-1);
}
function NeosDVDWM_OnError(errNo,errMsg) {
NeosDVD_OnError(errNo,errMsg);
}
function NeosMSWEBDVD_OnError(errNo,errMsg) {
NeosDVD_OnError(errNo,errMsg);
}
function NeosDVD_OnError(errNo,errMsg) {
NeosHelpers.setScreenSaver(1); //Enable the screen saver
switch (errNo) {
case NEOS_ERROR_NO_AUDIOCD_IN_DRIVE:
//alert
("NEOS_ERROR_NO_AUDIOCD_IN_DRIVE");
window.location.href = "<%=errorUrl
%>&number=-5&
description=NEOS_ERROR_NO_AUDIOCD_IN_DRIVE";
break;
case NEOS_ERROR_NO_DVD_IN_DRIVE:
//alert ("NEOS_ERROR_NO_DVD_IN_DRIVE");
window.location.href = "<%=errorUrl
%>&number=-6&
description=NEOS_ERROR_NO_DVD_IN_DRIVE";
break;
case NEOS_ERROR_INVALID_DVD_REGION:
//alert
("NEOS_ERROR_INVALID_DVD_REGION");
window.location.href = "<%=errorUrl
%>&number=-7&
description=NEOS_ERROR_INVALID_DVD_REGION";
break;
case NEOS_ERROR_PLAYING_DVD:
//alert ("NEOS_ERROR_PLAYING_DVD");
window.location.href = "<%=errorUrl
%>&number=-8&
description=NEOS_ERROR_PLAYING_DVD";
<%@ CodePage=65001 Language="JScript"%>
<%
Response.CodePage = 65001;
Response.CharSet = "utf-8";
Response.ContentType = "text/HTML";
Session.CodePage = 65001;
%>
<%
/*
NEOS page version 5.3
// Intergration
// Error handling
*/
%>
<% /****** INCLUDE DATABASE CONNECTION FUNCTIONS *******/ %>
<!--#include virtual="shared/Includes_DB/setPageTextVars.asp"-->
<% /****** INCLUDE PMS CONNECTION FUNCTIONS *******/ %>
<!--#include virtual="shared/Includes_PMS/pms_scripts.asp"-->
<% /****** INCLUDE OTHER SHARED SCRIPTS *******/ %>
<!--#include virtual="shared/Includes_PageParams/CacheHeaders.asp"-->
<!--#include virtual="shared/Includes_PageParams/SetClockFont.asp"-->
<!--#include virtual="shared/Includes_PageParams/
GetPageParamters.asp"-->
<!--#include virtual="shared/Includes_PageParams/SetFontDefauts.asp"-->
<%
/************************** SET PAGE PARAMETERS
*****************************/
var XtraTxt_FilmDVDLoadingFont = bigTxtFont;
// Specifies whether the numbered buttons may be required to "loop"
using the re
d and green coloured buttons
var looping=0;
var fileName = "";
var errorUrl = Application("httpRoot")+"/shared/Error.asp" +
"?ratio="+ ratio +"&languageID="+ languageID
+"&hotelID="+ hotel
ID +"&stretched="+stretchToWidescreen+"&pageType=Error&pageTypeID=57";
var urlAfterLoading = Application("httpRoot")+"/main/mainmenu.asp" +
"?ratio="+ ratio +"&languageID="+ languageID
+"&hotelID="+ hotel
ID +"&stretched="+stretchToWidescreen+"&pageType=MainMenu&pageTypeID=1";
/*var urlAfterLoading = Application("httpRoot")+"/shared/
Information.asp" +
"?ratio="+ ratio +"&languageID="+ languageID
+"&hotelID="+ hotel
ID +"&stretched="+stretchToWidescreen
+"&pageType=FilmRecallInfo&pageTypeID=71";
*/
if ( Request.QueryString("fileName").Count > 0 ) {
fileName = unescape(Request.QueryString("fileName"));
}
//Added on 24.08.2006
var InfoURL = "";
if ( fileName == "filmRecall")
{
var frc = filmRecallPermitted();
if (frc == "0")
{
InfoURL = Application("httpRoot")+"/movies/
FilmRecallInfo.asp?ra
tio=" + ratio + "&languageID=" + languageID + "&hotelID=" + hotelID+
"&stretched
=" + stretchToWidescreen + "&pageTypeID=71&pageType=FilmRecallInfo"
Response.Redirect(InfoURL);
}
}
/********************** QUERY DATABASE FOR PAGE TEXT
************************/
OpenDb(conn);
OpenStoredProc("getStandardPageText");
getStandardPageText("XtraTxt");
// Close the connection
CloseAll(conn,cmd,rs);
%> <!--#include virtual="shared/WriteDebug.asp"--> <%
/*************************** WRITE OUT HTML PAGE
******************************/
%>
<html>
<head>
<!--#include virtual="shared/Includes_PageParams/
CacheHTMLHeaders.asp"-->
<!--#include virtual="shared/Includes_PageParams/StyleSheets.asp"-->
<title><%=title%></title>
</head>
<script language="javascript">
// Include Neos Browser Javascript functions to play the media
t = 300;
function loadTextintoFlash() {
<!--#include virtual="shared/loadCommonVarsIntoFlash.asp"-->
setTimeout("playfilm()" , t);
}
function playfilm () {
NeosHelpers.setScreenSaver(0); //Disable the screen saver
<%
if ( fileName != "" ) {
if ( fileName == "filmRecall" ) {
Response.Write
( "try{ NeosVideo.Open(\"\"); } catch(e){
}\r\n" );
} else {
Response.Write ( "try { NeosVideo.Open('\\\\\\
\\"+Applic
ation("movieIPaddress1")+"\\\\movies$\\\\Mpegs\\\\"+fileName+"'); }
catch(e){}\r
\n");
}
} else {
Response.Write ( "try { NeosDVDWM.Open(); } catch(e)
{try{NeosMSWEBDVD.Op
en(); } catch(e) {NeosDVD.Open();}}\r\n" );
}
Response.Write ("NeosHelpers.setScreenSaver(1); //Enable the
screen save
r\r\n");
Response.Write ("window.location.href='"+urlAfterLoading+"';");
%>
}
function setback() {
NeosHelpers.setScreenSaver(1); //Enable the screen saver
window.history.back(-1);
}
function NeosDVDWM_OnError(errNo,errMsg) {
NeosDVD_OnError(errNo,errMsg);
}
function NeosMSWEBDVD_OnError(errNo,errMsg) {
NeosDVD_OnError(errNo,errMsg);
}
function NeosDVD_OnError(errNo,errMsg) {
NeosHelpers.setScreenSaver(1); //Enable the screen saver
switch (errNo) {
case NEOS_ERROR_NO_AUDIOCD_IN_DRIVE:
//alert
("NEOS_ERROR_NO_AUDIOCD_IN_DRIVE");
window.location.href = "<%=errorUrl
%>&number=-5&
description=NEOS_ERROR_NO_AUDIOCD_IN_DRIVE";
break;
case NEOS_ERROR_NO_DVD_IN_DRIVE:
//alert ("NEOS_ERROR_NO_DVD_IN_DRIVE");
window.location.href = "<%=errorUrl
%>&number=-6&
description=NEOS_ERROR_NO_DVD_IN_DRIVE";
break;
case NEOS_ERROR_INVALID_DVD_REGION:
//alert
("NEOS_ERROR_INVALID_DVD_REGION");
window.location.href = "<%=errorUrl
%>&number=-7&
description=NEOS_ERROR_INVALID_DVD_REGION";
break;
case NEOS_ERROR_PLAYING_DVD:
//alert ("NEOS_ERROR_PLAYING_DVD");
window.location.href = "<%=errorUrl
%>&number=-8&
description=NEOS_ERROR_PLAYING_DVD";
break;
case NEOS_ERROR_READING_DISC:
//alert ("NEOS_ERROR_READING_DISC");
window.location.href = "<%=errorUrl
%>&number=-9&
description=NEOS_ERROR_READING_DISC";
break;
}
}
</script>
<body scroll="no" leftmargin="0" rightmargin="0"
ONLOAD="loadTextintoFlash()" b
gcolor=black>
<div class="background"><IMG src="graphics/<%=graphicsPath%>/<
%=pageType
%>.jpg" border="0" width="100%" height="100%"></div>
<!--#include virtual="shared/DisplayCommonFlashMovies.asp"-->
</body>
</html>