From cce5e7710295021b41d9aaecc503a60fb99256be Mon Sep 17 00:00:00 2001 From: deva Date: Sat, 4 Oct 2008 10:38:03 +0000 Subject: Initial revision --- utils/guestbook.php | 169 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 169 insertions(+) create mode 100644 utils/guestbook.php (limited to 'utils/guestbook.php') diff --git a/utils/guestbook.php b/utils/guestbook.php new file mode 100644 index 0000000..ca9cd81 --- /dev/null +++ b/utils/guestbook.php @@ -0,0 +1,169 @@ +title = $title; + $this->email = $email; + $this->time = $time; + $this->remoteaddr = $remoteaddr; + $this->text = $text; + } + + public function show() + { + echo "

\n"; + echo "

" . $this->title . "

\n"; + echo "

" . date("D M jS Y G:i", $this->time) . "

\n"; + echo "

" . str_replace("@", "(A)", $this->email) . "

\n"; + echo "

" . $this->text . "

\n"; + echo "

\n"; + } +} + +class Guestbook { + private $file; + private $guestbook = array(); + + public function add($entry) { + $key = $entry->time; + $this->guestbook[$key] = $entry; + } + + public function write() + { + $fp = fopen($this->file, "w"); + fwrite($fp, "\n"); + + fwrite($fp, "\n"); + foreach($this->guestbook as $entry) { + fwrite($fp, " title, ENT_QUOTES, "UTF-8") . "\"\n"); + fwrite($fp, " time=\"" . $entry->time . "\"\n"); + fwrite($fp, " email=\"" . + htmlspecialchars($entry->email, ENT_QUOTES, "UTF-8") . "\"\n"); + fwrite($fp, " remoteaddr=\"" . + htmlspecialchars($entry->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n"); + fwrite($fp, " text=\"" . + htmlspecialchars($entry->text, ENT_QUOTES, "UTF-8") . "\">\n"); + fwrite($fp, " \n"); + } + fwrite($fp, "\n"); + + fclose($fp); + } + + public function show($number) + { + // If number is -1 show all shows. + if($number == -1) $number = 100000; + + foreach($this->guestbook as $entry) { + $entry->show(); + $number--; + if(!$number) return; + } + } + + private function read() + { + + $dom = new DomDocument; + $dom->preserveWhiteSpace = FALSE; + $dom->load($this->file); + $params = $dom->getElementsByTagName('entry'); + + foreach ($params as $param) { + $entry = new GuestbookEntry($param->getAttribute('name'), + $param->getAttribute('email'), + $param->getAttribute('time'), + $param->getAttribute('remoteaddr'), + $param->getAttribute('text')); + + $this->add($entry); + } + + // Key sort + krsort($this->guestbook); + } + + public function Guestbook($file) + { + $this->file = $file; + $this->read(); + } +} + +function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden) +{ + global $_SERVER; + + // First filter known bad IPs + $spammers = array("85.255.118.10", + "216.32.84.82", + "220.226.63.254"); + $ip = $_SERVER['REMOTE_ADDR']; + foreach($spammers as $spamip) { + if($ip == $spamip) { + // echo "Go away evil spammer!!!!"; + return false;//die(1); + } + } + + // Bot catcher! + if($name || $email || $message) return false;//$spam .= "BOTCatch\n"; + + $name = strip_tags($name_hidden); + $email = strip_tags($email_hidden); + if($name == "" && $email == "") return false;//$spam .= "Empty name and mail\n"; + if($name == "") $name = "Name unknown"; + if($email == "") $email = "Email unknown"; + + $message = strip_tags($message_hidden); + + // Banned words + if(stristr($message, "incest")) return false;//$spam .= "Contained word 'incest'\n"; + if(stristr($message, "estate")) return false;//$spam .= "Contained word 'estate'\n"; + if(stristr($message, "phentermine")) return false;//$spam .= "Contained word 'phentermine'\n"; + if(stristr($message, "viagra")) return false;//$spam .= "Contained word 'viagra'\n"; + if(stristr($message, "ringtones")) return false;//$spam .= "Contained word 'ringtones'\n"; + //if(stristr($message, "vaginal")) return false;//$spam .= "Contained word 'vaginal'\n"; + if(stristr($message, "messed up in the email of mine")) return false;//$spam .= "Contained words 'messed up in the email of mine'\n"; + if(stristr($message, "ambien")) return false;//$spam .= "Contained word 'ambien'\n"; + if(stristr($message, "dating")) return false;//$spam .= "Contained word 'dating'\n"; + if(stristr($message, "levitra")) return false;//$spam .= "Contained word 'levitra'\n"; + //if(stristr($message, "myspace")) return false;//$spam .= "Contained word 'myspace'\n"; + + if($message == "") return false;//$spam .= "Empty message\n"; + $date = date("r"); + //if(strstr($message, "http://")) return false;//$spam .= "Contains URL\n"; + + // Message is not SPAM + return true; +} + +// +// INIT CODE: +// +if($page == "guestbook" && $action == "post" && + !filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) { +//!strstr($_SERVER['HTTP_REFERER'], "guestbook")) { + header("HTTP/1.0 404 Not Found"); +?> + + +404 Not Found + +

Not Found

The requested URL /?page=guestbook was not found on this server.

Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80

+ + \ No newline at end of file -- cgit v1.2.3