summaryrefslogtreecommitdiff
path: root/utils/guestbook.php
diff options
context:
space:
mode:
authordeva <deva>2008-10-04 10:38:03 +0000
committerdeva <deva>2008-10-04 10:38:03 +0000
commitcce5e7710295021b41d9aaecc503a60fb99256be (patch)
tree660235be91fb821e976c7ae62347eb368ce87524 /utils/guestbook.php
Initial revision
Diffstat (limited to 'utils/guestbook.php')
-rw-r--r--utils/guestbook.php169
1 files changed, 169 insertions, 0 deletions
diff --git a/utils/guestbook.php b/utils/guestbook.php
new file mode 100644
index 0000000..ca9cd81
--- /dev/null
+++ b/utils/guestbook.php
@@ -0,0 +1,169 @@
+<?php
+class GuestbookEntry {
+ public $remoteaddr;
+ public $title;
+ public $email;
+ public $time;
+ public $text;
+
+ public function GuestbookEntry($title, $email, $time, $remoteaddr, $text) {
+ $this->title = $title;
+ $this->email = $email;
+ $this->time = $time;
+ $this->remoteaddr = $remoteaddr;
+ $this->text = $text;
+ }
+
+ public function show()
+ {
+ echo "<div class=\"guestbook_entry\">\n";
+ echo " <div class=\"guestbook_name\">" . $this->title . "</div>\n";
+ echo " <div class=\"guestbook_time\">" . date("D M jS Y G:i", $this->time) . "</div>\n";
+ echo " <div class=\"guestbook_email\">" . str_replace("@", "(A)", $this->email) . "</div>\n";
+ echo " <div class=\"guestbook_text\">" . $this->text . "</div>\n";
+ echo "</div>\n";
+ }
+}
+
+class Guestbook {
+ private $file;
+ private $guestbook = array();
+
+ public function add($entry) {
+ $key = $entry->time;
+ $this->guestbook[$key] = $entry;
+ }
+
+ public function write()
+ {
+ $fp = fopen($this->file, "w");
+ fwrite($fp, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
+
+ fwrite($fp, "<guestbook>\n");
+ foreach($this->guestbook as $entry) {
+ fwrite($fp, " <entry name=\"" .
+ htmlspecialchars($entry->title, ENT_QUOTES, "UTF-8") . "\"\n");
+ fwrite($fp, " time=\"" . $entry->time . "\"\n");
+ fwrite($fp, " email=\"" .
+ htmlspecialchars($entry->email, ENT_QUOTES, "UTF-8") . "\"\n");
+ fwrite($fp, " remoteaddr=\"" .
+ htmlspecialchars($entry->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n");
+ fwrite($fp, " text=\"" .
+ htmlspecialchars($entry->text, ENT_QUOTES, "UTF-8") . "\">\n");
+ fwrite($fp, " </entry>\n");
+ }
+ fwrite($fp, "</guestbook>\n");
+
+ fclose($fp);
+ }
+
+ public function show($number)
+ {
+ // If number is -1 show all shows.
+ if($number == -1) $number = 100000;
+
+ foreach($this->guestbook as $entry) {
+ $entry->show();
+ $number--;
+ if(!$number) return;
+ }
+ }
+
+ private function read()
+ {
+
+ $dom = new DomDocument;
+ $dom->preserveWhiteSpace = FALSE;
+ $dom->load($this->file);
+ $params = $dom->getElementsByTagName('entry');
+
+ foreach ($params as $param) {
+ $entry = new GuestbookEntry($param->getAttribute('name'),
+ $param->getAttribute('email'),
+ $param->getAttribute('time'),
+ $param->getAttribute('remoteaddr'),
+ $param->getAttribute('text'));
+
+ $this->add($entry);
+ }
+
+ // Key sort
+ krsort($this->guestbook);
+ }
+
+ public function Guestbook($file)
+ {
+ $this->file = $file;
+ $this->read();
+ }
+}
+
+function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)
+{
+ global $_SERVER;
+
+ // First filter known bad IPs
+ $spammers = array("85.255.118.10",
+ "216.32.84.82",
+ "220.226.63.254");
+ $ip = $_SERVER['REMOTE_ADDR'];
+ foreach($spammers as $spamip) {
+ if($ip == $spamip) {
+ // echo "Go away evil spammer!!!!";
+ return false;//die(1);
+ }
+ }
+
+ // Bot catcher!
+ if($name || $email || $message) return false;//$spam .= "BOTCatch\n";
+
+ $name = strip_tags($name_hidden);
+ $email = strip_tags($email_hidden);
+ if($name == "" && $email == "") return false;//$spam .= "Empty name and mail\n";
+ if($name == "") $name = "Name unknown";
+ if($email == "") $email = "Email unknown";
+
+ $message = strip_tags($message_hidden);
+
+ // Banned words
+ if(stristr($message, "incest")) return false;//$spam .= "Contained word 'incest'\n";
+ if(stristr($message, "estate")) return false;//$spam .= "Contained word 'estate'\n";
+ if(stristr($message, "phentermine")) return false;//$spam .= "Contained word 'phentermine'\n";
+ if(stristr($message, "viagra")) return false;//$spam .= "Contained word 'viagra'\n";
+ if(stristr($message, "ringtones")) return false;//$spam .= "Contained word 'ringtones'\n";
+ //if(stristr($message, "vaginal")) return false;//$spam .= "Contained word 'vaginal'\n";
+ if(stristr($message, "messed up in the email of mine")) return false;//$spam .= "Contained words 'messed up in the email of mine'\n";
+ if(stristr($message, "ambien")) return false;//$spam .= "Contained word 'ambien'\n";
+ if(stristr($message, "dating")) return false;//$spam .= "Contained word 'dating'\n";
+ if(stristr($message, "levitra")) return false;//$spam .= "Contained word 'levitra'\n";
+ //if(stristr($message, "myspace")) return false;//$spam .= "Contained word 'myspace'\n";
+
+ if($message == "") return false;//$spam .= "Empty message\n";
+ $date = date("r");
+ //if(strstr($message, "http://")) return false;//$spam .= "Contains URL\n";
+
+ // Message is not SPAM
+ return true;
+}
+
+//
+// INIT CODE:
+//
+if($page == "guestbook" && $action == "post" &&
+ !filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
+//!strstr($_SERVER['HTTP_REFERER'], "guestbook")) {
+ header("HTTP/1.0 404 Not Found");
+?>
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
+<html><head>
+<title>404 Not Found</title>
+</head><body>
+<h1>Not Found</h1>
+<p>The requested URL /?page=guestbook was not found on this server.</p>
+<hr>
+<address>Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80</address>
+</body></html>
+<?php
+ exit(404);
+}
+?> \ No newline at end of file