($add_date-(60*$timelimit))") or died("Database Query Error"); $query=mysql_fetch_array($result); if ($query) { header("Location: $PHP_SELF"); exit; } if(!$checkcode || ($checkcode != $code)) { header("Location: $PHP_SELF?action=add"); exit; } $in = strip_array($in); $in['message'] = encode_msg($in['message']); // Add SQL compatibilty & Smilie Convert $in['http'] = str_replace("http://", "", $in['http']); // Remove http:// from URLs if ($in['name'] == "") { died("$guestbook_head$languagemetatag
$name_empty
"); } if ($in['icq'] != "" && ($in['icq'] < 1000 || $in['icq'] > 999999999)) { died("$guestbook_head$languagemetatag
$icq_wrong
"); } if (!eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$in['email']) && $in['email'] != "") { died("$guestbook_head$languagemetatag
$non_valid_email
"); } if (strlen($in['message']) < $limit["0"] || strlen($in['message']) > $limit["1"]) { died("$guestbook_head$languagemetatag
$message_incorrect $limit[0] $and $limit[1] $characters.
"); } if ($in['email'] == "") { $in['email'] = "none"; } if ($in['icq'] == "") { $in['icq'] = 0; } if ($in['http'] == "") { $in['http'] = "none"; } if ($in['location'] == "0") { $in['location'] = "none"; } $in['browser'] = $HTTP_USER_AGENT; mysql_db_query($database, "INSERT INTO guestbook (name, email, http, icq, message, timestamp, ip, location, browser) VALUES('$in[name]', '$in[email]','$in[http]','$in[icq]','$in[message]','$add_date', '$REMOTE_ADDR','$in[location]','$in[browser]')") or died("Database Query Error"); if ($gb_notify) { @mail("$gb_notify","$gb_notifysubj","$notify_text $in[name]\n\n".censor_msg($in[message]),"From: $gb_notify"); } if ($timelimit) { setcookie("phpbookcookie","$guestbook_head", time()+(60*$timelimit),"/"); } if ($admin) {$adminlink="?admin=$admin";} header("Location: $PHP_SELF$adminlink"); exit; } } else { // Show the entries ##################### # Header ################################################################################################# echo "\n"; echo " \n"; echo " $guestbook_head\n"; echo " \n"; echo " $languagemetatag\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "\n"; # The Main-Section ################################################################################################# echo" \n"; echo" \n"; echo" \n"; echo" \n"; echo" \n"; echo" \n"; echo" \n"; echo"
\n"; echo" \n"; echo" \n"; echo" \n"; echo" \n"; echo"
\n"; if ($action=="add") { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
$gb_link1head
\n"; echo "
\n"; echo "
\n"; echo "
\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; if ($location_text) { echo " \n"; } else { echo " \n"; } echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; $gencode=rand(1000,9999); echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
$gbadd_name
$gbadd_location
$gbadd_email
$gbadd_icq
$gbadd_url
$gbadd_msg

\n"; echo " \n"; echo " \n"; echo "
Code:
(Code: $gencode)

\n"; echo " \n"; echo "
\n"; } elseif ($action=="admin" && $admin==$adminpass) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
"; echo " $gb_link5 || "; echo " $gb_link2head
\n"; echo "
\n"; echo "
\n"; echo "
\n"; echo " $gb_link3
\n"; echo " $gb_link4\n"; echo "
\n"; } elseif ($action == "badwords" && $admin==$adminpass) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
"; echo " $gb_link5 || "; echo " $gb_link2 || "; echo " $gb_link3head
\n"; echo "
\n"; $count=0; $result = mysql_db_query($database, "select * from badwords") or die("Database Query Error"); echo "
\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo " "; echo " \n"; echo " \n"; echo "
\n"; while ($db = mysql_fetch_array($result)) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$db[badword]
"; echo "
\n"; echo "
Edit || \n"; echo " $menusepDelete
\n"; echo "
\n"; $count++; } echo "

$count $gb_link3stat

\n"; } elseif ($action == "edit_badword" || $action == "new_badword" && $admin==$adminpass) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
"; echo " $gb_link5 || "; echo " $gb_link2 || "; echo " $gb_link3head
\n"; echo "
\n"; echo "
\n"; echo "\n"; if ($action == "edit_badword") { echo "\n"; } else { echo "\n"; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "
$gb_link3text
\n"; echo "

\n"; echo "
\n"; } elseif ($action == "save_edit_badword" && $admin==$adminpass) { $result = mysql_db_query($database, "UPDATE badwords SET badword='$newvalue' WHERE badword='$value'") or die("Database Query Error"); echo "\n"; } elseif ($action == "save_new_badword" && $admin==$adminpass) { $result = mysql_db_query($database, "INSERT INTO badwords (badword) VALUES('$newvalue')") or die("Database Query Error"); echo "\n"; } elseif ($action == "delete_badword" && $admin==$adminpass) { $result = mysql_db_query($database, "DELETE FROM badwords WHERE badword='$value'") or die("Database Query Error"); echo "\n"; } elseif ($action == "banned_ips" && $admin==$adminpass) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
"; echo " $gb_link5 || "; echo " $gb_link2 || "; echo " $gb_link4head
\n"; echo "
\n"; $count=0; $result = mysql_db_query($database, "select * from banned_ips") or die("Database Query Error"); echo "
\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo " "; echo " \n"; echo " \n"; echo "
\n"; while ($db = mysql_fetch_array($result)) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$db[0]
"; echo "
\n"; echo "
Edit || \n"; echo " Delete
\n"; echo "
\n"; $count++; } echo "

$count $gb_link4stat

\n"; } elseif ($action == "edit_banned_ip" || $action == "new_banned_ip") { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
"; echo " $gb_link5 || "; echo " $gb_link2 || "; echo " $gb_link4head
\n"; echo "
\n"; echo "
\n"; echo "\n"; if ($action == "edit_banned_ip") { echo "\n"; } else { echo "\n"; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "
$gb_link4text
\n"; echo "

\n"; echo "
\n"; } elseif ($action == "save_edit_banned_ip" && $admin==$adminpass) { $result = mysql_db_query($database, "UPDATE banned_ips SET banned_ip='$newvalue' WHERE banned_ip='$value'") or die("Database Query Error"); echo "\n"; } elseif ($action == "save_new_banned_ip" && $admin==$adminpass) { $result = mysql_db_query($database, "INSERT INTO banned_ips (banned_ip) VALUES('$newvalue')") or die("Database Query Error"); echo "\n"; } elseif ($action == "delete_banned_ip" && $admin==$adminpass) { $result = mysql_db_query($database, "DELETE FROM banned_ips WHERE banned_ip='$value'") or die("Database Query Error"); echo "\n"; } else { if ($admin) {$adminlink="&admin=$admin";} echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo "
$guestbook_head
\n"; echo "
\n"; echo "
\n"; if ($admin==$adminpass) { echo " $gb_link2 || \n"; } if ($phpbookcookie==$guestbook_head && $admin!=$adminpass) { echo " $gb_link1\n"; } else { echo " $gb_link1\n"; } echo "
\n"; echo "
\n"; echo "
\n"; # Start with Output ################################################################################################# echo "\n"; echo "\n"; # Calculate Page-Numbers ################################################################################################# if (empty($perpage)) $perpage = 1; if (empty($pperpage)) $pperpage = 9; //!!! ONLY 5,7,9,11,13 !!!! if (empty($sort)) $sort = "desc"; if (empty($offset)) $offset = 0; if (empty($poffset)) $poffset = 0; $amount = mysql_db_query($database, "SELECT count(*) FROM guestbook"); $amount_array = mysql_fetch_array($amount); $pages = ceil($amount_array["0"] / $perpage); $actpage = ($offset+$perpage)/$perpage; $maxoffset = ($pages-1)*$perpage; $maxpoffset = $pages-$pperpage; $middlepage=($pperpage-1)/2; if ($maxpoffset<0) {$maxpoffset=0;} echo "\n"; echo "
\n"; echo "$gb_desc
\n"; echo "
\n"; if ($pages) { // print only when pages > 0 echo "$ad_pages\n"; if ($offset) { $noffset=$offset-$perpage; $npoffset = $noffset/$perpage-$middlepage; if ($npoffset<0) {$npoffset=0;} if ($npoffset>$maxpoffset) {$npoffset = $maxpoffset;} echo "[<<] "; echo "[<] "; } for($i = $poffset; $i< $poffset+$pperpage && $i < $pages; $i++) { $noffset = $i * $perpage; $npoffset = $noffset/$perpage-$middlepage; if ($npoffset<0) {$npoffset = 0;} if ($npoffset>$maxpoffset) {$npoffset = $maxpoffset;} $actual = $i + 1; if ($actual==$actpage) { echo "($actual) "; } else { echo "[$actual] "; } } if ($offset+$perpage<$amount_array["0"]) { $noffset=$offset+$perpage; $npoffset = $noffset/$perpage-$middlepage; if ($npoffset<0) {$npoffset=0;} if ($npoffset>$maxpoffset) {$npoffset = $maxpoffset;} echo "[>] "; echo "[>>] "; } } echo "
\n"; # Start the Page ################################################################################################# echo "\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; # Get actions for current page ################################################################################################# $result = mysql_db_query($database, "SELECT * FROM guestbook ORDER by id $sort LIMIT $offset, $perpage"); while ($db = mysql_fetch_array($result)) { if ($dateformat=="eu") { // European Date & Timeformat $when = strftime("%d.%m.%Y %H:%M", $db["timestamp"]); } else { // US Date & Timeformat $when = strftime("%m/%d/%Y %I:%M %p", $db["timestamp"]); } if ($db[email] != "none") { $email = "\"$send_email\""; } else { $email = ""; } if ($db[icq] != 0) { $icq = "\"$icq_message\""; } else { $icq = ""; } if ($db[http] != "none") { $http = "\"$view_homepage\""; } else { $http = ""; } if ($db[ip] != "none") { if ($admin==$adminpass) { $ip = "\"".$db[ip]."\""; } else { /* $ip = "\"$ip_logged\""; */ } } else { $ip = ""; } if ($db[location]!= "none") { $location = "$gb_location
$db[location]
"; } else { $location = "

"; } if ($db[browser] != "") { $browser = "\"$db[browser]\""; } else { $browser = ""; } echo " \n"; echo " \n"; echo " \n \n"; } # End of Page reached ################################################################################################# echo"
$gb_name$gb_comments
\n"; echo "
$db[name]

\n"; echo "
$location
\n"; echo "
$icq $http $email $ip $browser\n"; echo "
\n"; if ($admin==$adminpass) { echo "\"$moderator_del_action\""; echo "\"$moderator_del_comment\""; echo "\"$moderator_edit_comment\""; echo "
 
\n"; } echo " $gb_posted $when

".censor_msg($db[message],($admin==$adminpass))."
\n"; if($commentid == $db[id] && $action!="changed" && $admin==$adminpass) { echo "   \n"; echo "
\n"; echo " \n"; echo " \n"; echo "
\n
"; echo "   $smiley_help
\n"; echo "
\n"; } elseif(!empty($db[comment])) { echo "   
".$gb_modcomment.$db[comment]."
\n"; } echo "
\n"; echo"
\n"; } echo"
\n"; echo"
\n"; echo"
\n"; if ($show_sysinfo) { list($usec, $sec) = explode(" ",$proctime_start); $proctime_start = $usec+$sec; list($usec, $sec) = explode(" ",microtime()); $proctime_end = $usec+$sec; $proctime = $proctime_end-$proctime_start; $query = mysql_db_query($database, "SELECT id FROM guestbook"); $countall=mysql_num_rows($query); echo"
Processingtime: ".substr($proctime,0,7)." sec., Entries: $countall, PHP Ver. ".phpversion()."
\n"; } # PLEASE DO NOT REMOVE OR EDIT THIS COPYRIGHT-NOTICE !!! THANKS !!! ################################################ echo"
phpBook Ver. $book_version © 2001-".date("Y")." by SmartISoft
\n"; ##################################################################################################################### echo"
\n"; echo"\n"; echo"\n"; } # Disconnect DB ################################################################################################# mysql_close(); if ($support==$supportpwd && $supportpwd) {echo "

"; phpinfo();} ?>

Impressum