From cce5e7710295021b41d9aaecc503a60fb99256be Mon Sep 17 00:00:00 2001
From: deva <deva>
Date: Sat, 4 Oct 2008 10:38:03 +0000
Subject: Initial revision

---
 utils/guestbook.php | 169 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 169 insertions(+)
 create mode 100644 utils/guestbook.php

(limited to 'utils/guestbook.php')

diff --git a/utils/guestbook.php b/utils/guestbook.php
new file mode 100644
index 0000000..ca9cd81
--- /dev/null
+++ b/utils/guestbook.php
@@ -0,0 +1,169 @@
+<?php
+class GuestbookEntry {
+	public $remoteaddr;
+	public $title;
+	public $email;
+	public $time;
+	public $text;
+
+	public function GuestbookEntry($title, $email, $time, $remoteaddr, $text) {
+		$this->title = $title;
+		$this->email = $email;
+		$this->time = $time;
+		$this->remoteaddr = $remoteaddr;
+		$this->text = $text;
+	}
+
+	public function show()
+	{
+		echo "<div class=\"guestbook_entry\">\n";
+		echo "  <div class=\"guestbook_name\">" . $this->title . "</div>\n";
+		echo "  <div class=\"guestbook_time\">" . date("D M jS Y G:i", $this->time) . "</div>\n";
+		echo "  <div class=\"guestbook_email\">" . str_replace("@", "(A)", $this->email) . "</div>\n";
+		echo "  <div class=\"guestbook_text\">" . $this->text . "</div>\n";
+		echo "</div>\n";
+	}
+}
+
+class Guestbook {
+	private $file;
+	private $guestbook = array();
+
+	public function add($entry) {
+		$key = $entry->time;
+		$this->guestbook[$key] = $entry;
+	}
+
+	public function write()
+	{
+		$fp = fopen($this->file, "w");
+		fwrite($fp, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
+
+		fwrite($fp, "<guestbook>\n");
+		foreach($this->guestbook as $entry) {
+			fwrite($fp, "  <entry name=\"" .
+						 htmlspecialchars($entry->title, ENT_QUOTES, "UTF-8") . "\"\n");
+			fwrite($fp, "         time=\"" . $entry->time . "\"\n");
+ 			fwrite($fp, "         email=\"" .
+						 htmlspecialchars($entry->email, ENT_QUOTES, "UTF-8") . "\"\n");
+ 			fwrite($fp, "         remoteaddr=\"" .
+						 htmlspecialchars($entry->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n");
+ 			fwrite($fp, "         text=\"" .
+						 htmlspecialchars($entry->text, ENT_QUOTES, "UTF-8") . "\">\n");
+			fwrite($fp, "  </entry>\n");
+		}
+		fwrite($fp, "</guestbook>\n");
+
+		fclose($fp);
+	}
+
+	public function show($number)
+	{
+		// If number is -1 show all shows.
+		if($number == -1) $number = 100000;
+		
+		foreach($this->guestbook as $entry) {
+			$entry->show();
+			$number--;
+			if(!$number) return;
+		}
+	}
+
+	private function read()
+	{
+
+		$dom = new DomDocument;
+		$dom->preserveWhiteSpace = FALSE;
+		$dom->load($this->file);
+		$params = $dom->getElementsByTagName('entry');
+
+		foreach ($params as $param) {
+			$entry = new GuestbookEntry($param->getAttribute('name'),
+																	$param->getAttribute('email'),
+																	$param->getAttribute('time'),
+																	$param->getAttribute('remoteaddr'),
+																	$param->getAttribute('text'));
+
+			$this->add($entry);
+		}
+		
+		// Key sort
+		krsort($this->guestbook);
+	}
+
+	public function Guestbook($file)
+	{
+		$this->file = $file;
+		$this->read();
+	}
+}
+
+function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)
+{
+	global $_SERVER;
+
+	// First filter known bad IPs
+	$spammers = array("85.255.118.10",
+										"216.32.84.82",
+										"220.226.63.254");
+	$ip = $_SERVER['REMOTE_ADDR'];
+	foreach($spammers as $spamip) {
+		if($ip == $spamip) {
+			//		echo "Go away evil spammer!!!!";
+			return false;//die(1);
+		}
+	}
+
+	// Bot catcher!
+	if($name || $email || $message) return false;//$spam .= "BOTCatch\n";
+	
+	$name = strip_tags($name_hidden);
+	$email = strip_tags($email_hidden);
+	if($name == "" && $email == "") return false;//$spam .= "Empty name and mail\n";
+	if($name == "") $name = "Name unknown";
+	if($email == "") $email = "Email unknown";
+	
+	$message = strip_tags($message_hidden);
+	
+	// Banned words
+	if(stristr($message, "incest")) return false;//$spam .= "Contained word 'incest'\n";
+	if(stristr($message, "estate")) return false;//$spam .= "Contained word 'estate'\n";
+	if(stristr($message, "phentermine")) return false;//$spam .= "Contained word 'phentermine'\n";
+	if(stristr($message, "viagra")) return false;//$spam .= "Contained word 'viagra'\n";
+	if(stristr($message, "ringtones")) return false;//$spam .= "Contained word 'ringtones'\n";
+	//if(stristr($message, "vaginal")) return false;//$spam .= "Contained word 'vaginal'\n";
+	if(stristr($message, "messed up in the email of mine")) return false;//$spam .= "Contained words 'messed up in the email of mine'\n";
+	if(stristr($message, "ambien")) return false;//$spam .= "Contained word 'ambien'\n";
+	if(stristr($message, "dating")) return false;//$spam .= "Contained word 'dating'\n";
+	if(stristr($message, "levitra")) return false;//$spam .= "Contained word 'levitra'\n";
+	//if(stristr($message, "myspace")) return false;//$spam .= "Contained word 'myspace'\n";
+	
+	if($message == "") return false;//$spam .= "Empty message\n";
+	$date = date("r");
+	//if(strstr($message, "http://")) return false;//$spam .= "Contains URL\n";
+
+	// Message is not SPAM
+	return true;
+}
+
+//
+// INIT CODE:
+//
+if($page == "guestbook" && $action == "post" && 
+	 !filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
+//!strstr($_SERVER['HTTP_REFERER'], "guestbook")) {
+	header("HTTP/1.0 404 Not Found");
+?>
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
+<html><head>
+<title>404 Not Found</title>
+</head><body>
+<h1>Not Found</h1>
+<p>The requested URL /?page=guestbook was not found on this server.</p>
+<hr>
+<address>Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80</address>
+</body></html>
+<?php
+	exit(404);
+} 
+?>
\ No newline at end of file
-- 
cgit v1.2.3