summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--htdocs/index.php3
-rw-r--r--utils/guestbook.php171
-rw-r--r--utils/modules/guestbook.php48
3 files changed, 24 insertions, 198 deletions
diff --git a/htdocs/index.php b/htdocs/index.php
index 8373362..3871c4b 100644
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -11,7 +11,6 @@ include_once($MODULES_DIR . "/config.php");
$config = new Config($DATA_DIR . "/config.xml");
-include_once($UTIL_DIR . "/guestbook.php");
header("Content-Type: text/html; charset=UTF-8");
include_once($UTIL_DIR . "/login.php");
@@ -36,6 +35,7 @@ $pages = new Pages($DATA_DIR . "/pages.xml");
<link rel="stylesheet" type="text/css" href="handheld.css" media="handheld"/>
<link rel="stylesheet" type="text/css" href="admin.css" media="screen"/>
<script type="text/javascript">
+ // <!--
function externalLinks() {
if (!document.getElementsByTagName) return;
var anchors = document.getElementsByTagName("a");
@@ -47,6 +47,7 @@ $pages = new Pages($DATA_DIR . "/pages.xml");
}
}
window.onload = externalLinks;
+// -->
</script>
</head>
<body>
diff --git a/utils/guestbook.php b/utils/guestbook.php
deleted file mode 100644
index 21b0fda..0000000
--- a/utils/guestbook.php
+++ /dev/null
@@ -1,171 +0,0 @@
-<?php
- /*
-class GuestbookEntry {
- public $remoteaddr;
- public $title;
- public $email;
- public $time;
- public $text;
-
- public function GuestbookEntry($title, $email, $time, $remoteaddr, $text) {
- $this->title = $title;
- $this->email = $email;
- $this->time = $time;
- $this->remoteaddr = $remoteaddr;
- $this->text = $text;
- }
-
- public function show()
- {
- echo "<div class=\"guestbook_entry\">\n";
- echo " <div class=\"guestbook_name\">" . $this->title . "</div>\n";
- echo " <div class=\"guestbook_time\">" . date("D M jS Y G:i", $this->time) . "</div>\n";
- echo " <div class=\"guestbook_email\">" . str_replace("@", "(A)", $this->email) . "</div>\n";
- echo " <div class=\"guestbook_text\">" . $this->text . "</div>\n";
- echo "</div>\n";
- }
-}
-
-class Guestbook {
- private $file;
- private $guestbook = array();
-
- public function add($entry) {
- $key = $entry->time;
- $this->guestbook[$key] = $entry;
- }
-
- public function write()
- {
- $fp = fopen($this->file, "w");
- fwrite($fp, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
-
- fwrite($fp, "<guestbook>\n");
- foreach($this->guestbook as $entry) {
- fwrite($fp, " <entry name=\"" .
- htmlspecialchars($entry->title, ENT_QUOTES, "UTF-8") . "\"\n");
- fwrite($fp, " time=\"" . $entry->time . "\"\n");
- fwrite($fp, " email=\"" .
- htmlspecialchars($entry->email, ENT_QUOTES, "UTF-8") . "\"\n");
- fwrite($fp, " remoteaddr=\"" .
- htmlspecialchars($entry->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n");
- fwrite($fp, " text=\"" .
- htmlspecialchars($entry->text, ENT_QUOTES, "UTF-8") . "\">\n");
- fwrite($fp, " </entry>\n");
- }
- fwrite($fp, "</guestbook>\n");
-
- fclose($fp);
- }
-
- public function show($number)
- {
- // If number is -1 show all shows.
- if($number == -1) $number = 100000;
-
- foreach($this->guestbook as $entry) {
- $entry->show();
- $number--;
- if(!$number) return;
- }
- }
-
- private function read()
- {
-
- $dom = new DomDocument;
- $dom->preserveWhiteSpace = FALSE;
- $dom->load($this->file);
- $params = $dom->getElementsByTagName('entry');
-
- foreach ($params as $param) {
- $entry = new GuestbookEntry($param->getAttribute('name'),
- $param->getAttribute('email'),
- $param->getAttribute('time'),
- $param->getAttribute('remoteaddr'),
- $param->getAttribute('text'));
-
- $this->add($entry);
- }
-
- // Key sort
- krsort($this->guestbook);
- }
-
- public function Guestbook($file)
- {
- $this->file = $file;
- $this->read();
- }
-}
-
-function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)
-{
- global $_SERVER;
-
- // First filter known bad IPs
- $spammers = array("85.255.118.10",
- "216.32.84.82",
- "220.226.63.254");
- $ip = $_SERVER['REMOTE_ADDR'];
- foreach($spammers as $spamip) {
- if($ip == $spamip) {
- // echo "Go away evil spammer!!!!";
- return false;//die(1);
- }
- }
-
- // Bot catcher!
- if($name || $email || $message) return false;//$spam .= "BOTCatch\n";
-
- $name = strip_tags($name_hidden);
- $email = strip_tags($email_hidden);
- if($name == "" && $email == "") return false;//$spam .= "Empty name and mail\n";
- if($name == "") $name = "Name unknown";
- if($email == "") $email = "Email unknown";
-
- $message = strip_tags($message_hidden);
-
- // Banned words
- if(stristr($message, "incest")) return false;//$spam .= "Contained word 'incest'\n";
- if(stristr($message, "estate")) return false;//$spam .= "Contained word 'estate'\n";
- if(stristr($message, "phentermine")) return false;//$spam .= "Contained word 'phentermine'\n";
- if(stristr($message, "viagra")) return false;//$spam .= "Contained word 'viagra'\n";
- if(stristr($message, "ringtones")) return false;//$spam .= "Contained word 'ringtones'\n";
- //if(stristr($message, "vaginal")) return false;//$spam .= "Contained word 'vaginal'\n";
- if(stristr($message, "messed up in the email of mine")) return false;//$spam .= "Contained words 'messed up in the email of mine'\n";
- if(stristr($message, "ambien")) return false;//$spam .= "Contained word 'ambien'\n";
- if(stristr($message, "dating")) return false;//$spam .= "Contained word 'dating'\n";
- if(stristr($message, "levitra")) return false;//$spam .= "Contained word 'levitra'\n";
- //if(stristr($message, "myspace")) return false;//$spam .= "Contained word 'myspace'\n";
-
- if($message == "") return false;//$spam .= "Empty message\n";
- $date = date("r");
- //if(strstr($message, "http://")) return false;//$spam .= "Contains URL\n";
-
- // Message is not SPAM
- return true;
-}
-
-//
-// INIT CODE:
-//
-if($page == "guestbook" && $action == "post" &&
- !filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
-//!strstr($_SERVER['HTTP_REFERER'], "guestbook")) {
- header("HTTP/1.0 404 Not Found");
-?>
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
-<html><head>
-<title>404 Not Found</title>
-</head><body>
-<h1>Not Found</h1>
-<p>The requested URL /?page=guestbook was not found on this server.</p>
-<hr>
-<address>Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80</address>
-</body></html>
-<?php
- exit(404);
-}
-*/
-?> \ No newline at end of file
diff --git a/utils/modules/guestbook.php b/utils/modules/guestbook.php
index babd1ec..45fb4c5 100644
--- a/utils/modules/guestbook.php
+++ b/utils/modules/guestbook.php
@@ -259,44 +259,33 @@ class Guestbook {
global $_SERVER;
// First filter known bad IPs
- $spammers = array("85.255.118.10",
- "216.32.84.82",
- "220.226.63.254");
+ $spammers = array("85.255.118.10", "216.32.84.82", "220.226.63.254");
$ip = $_SERVER['REMOTE_ADDR'];
foreach($spammers as $spamip) {
if($ip == $spamip) {
- // echo "Go away evil spammer!!!!";
- return false;//die(1);
+ return false;
}
}
// Bot catcher!
- if($name || $email || $message) return false;//$spam .= "BOTCatch\n";
-
+ if($name || $email || $message) return false;
+
$name = strip_tags($name_hidden);
$email = strip_tags($email_hidden);
- if($name == "" && $email == "") return false;//$spam .= "Empty name and mail\n";
+ if($name == "" && $email == "") return false;
if($name == "") $name = "Name unknown";
if($email == "") $email = "Email unknown";
$message = strip_tags($message_hidden);
// Banned words
- if(stristr($message, "incest")) return false;//$spam .= "Contained word 'incest'\n";
- if(stristr($message, "estate")) return false;//$spam .= "Contained word 'estate'\n";
- if(stristr($message, "phentermine")) return false;//$spam .= "Contained word 'phentermine'\n";
- if(stristr($message, "viagra")) return false;//$spam .= "Contained word 'viagra'\n";
- if(stristr($message, "ringtones")) return false;//$spam .= "Contained word 'ringtones'\n";
- //if(stristr($message, "vaginal")) return false;//$spam .= "Contained word 'vaginal'\n";
- if(stristr($message, "messed up in the email of mine")) return false;//$spam .= "Contained words 'messed up in the email of mine'\n";
- if(stristr($message, "ambien")) return false;//$spam .= "Contained word 'ambien'\n";
- if(stristr($message, "dating")) return false;//$spam .= "Contained word 'dating'\n";
- if(stristr($message, "levitra")) return false;//$spam .= "Contained word 'levitra'\n";
- //if(stristr($message, "myspace")) return false;//$spam .= "Contained word 'myspace'\n";
+ $words = array("incest", "estate", "phentermine", "viagra", "ringtones",
+ "messed up in the email of mine", "ambien", "dating", "levitra");
+ foreach($words as $word) {
+ if(stristr($message, $word)) return false;
+ }
- if($message == "") return false;//$spam .= "Empty message\n";
- $date = date("r");
- //if(strstr($message, "http://")) return false;//$spam .= "Contains URL\n";
+ if($message == "") return false; // Empty message
// Message is not SPAM
return true;
@@ -316,7 +305,7 @@ class Guestbook {
convert($message_hidden));
$this->add($entry);
$this->write();
- $str = "ok";
+ $str = "";
} else {
$str = "SPAM";
}
@@ -334,18 +323,25 @@ class Guestbook {
unset($action); // Make sure the post is not posted several times if module is included several times.
}
+ $showeditor = false;
+ $showposts = 0;
foreach($params as $param) {
switch($param) {
case "editor":
- return $str . $this->editor();
+ $showeditor = true;
break;
default:
- if($show == "all") return $this->show(-1);
- else return $this->show(7);
+ if($show == "all") $showposts = -1;
+ else $showposts = 7;
break;
}
}
+
+ if($showeditor == true) $str .= $this->editor();
+ if($showposts != 0) $str .= $this->show($showposts);
+
+ return $str;
}
public function add($entry) {