\n";
$str .= "
" . $this->title . "
\n";
$str .= " " . date("D M jS Y G:i", $this->time) . "
\n";
$str .= " " . str_replace("@", "(A)", $this->email) . "
\n";
$str .= " " . $this->text . "
\n";
$str .= "\n";
return $str;
}
public function write($fp)
{
fwrite($fp, " title, ENT_QUOTES, "UTF-8") . "\"\n");
fwrite($fp, " time=\"" . $this->time . "\"\n");
fwrite($fp, " email=\"" .
htmlspecialchars($this->email, ENT_QUOTES, "UTF-8") . "\"\n");
fwrite($fp, " remoteaddr=\"" .
htmlspecialchars($this->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n");
fwrite($fp, " text=\"" .
htmlspecialchars($this->text, ENT_QUOTES, "UTF-8") . "\">\n");
fwrite($fp, " \n");
}
public function GuestbookEntry($title, $email, $time, $remoteaddr, $text) {
$this->title = $title;
$this->email = $email;
$this->time = $time;
$this->remoteaddr = $remoteaddr;
$this->text = $text;
}
}
class Guestbook {
private $file;
private $guestbook = array();
// Admin config
public $admin_title = "Guestbook";
public $admin_submodules = array();
/*
public $admin_submodules = array("New Newsentry" => "new",
"Edit Newsentry" => "edit",
"Delete Newsentry" => "delete");
public function admin_add($action, $vars)
{
global $UID, $ICONS_DIR;
switch($action) {
case "add":
$n = new NewsEntry($vars["title"], DateTimeEdit::toTimestamp($vars, "time"),
$vars["category"], $vars["description"], $UID, $vars["icon"]);
echo "\"" .$n->title . "\" has now been added.";
$this->add($n);
$this->write();
break;
case "preview":
$n = new NewsEntry($vars["title"], DateTimeEdit::toTimestamp($vars, "time"),
$vars["category"], $vars["description"], $UID, $vars["icon"]);
echo "\n";
echo "
\n";
echo $n->show();
echo "
\n";
echo "
\n";
echo "Looking ok?
";
$form = new Form("add");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("yes"));
$form->render();
$form = new Form("retry");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("no"));
$form->render();
break;
case "retry":
$title = $vars["title"];
$time = DateTimeEdit::toTimestamp($vars, "time");
$category = $vars["category"];
$description = $vars["description"];
default:
$form = new Form("preview");
$form->addWidget(new LineEdit("Title", "title", $title));
$form->addWidget(new DateTimeEdit("Time", "time", $time));
$form->addWidget(new ComboBox("Category", "category", $category, array("Main" => "main", "Site" => "site")));
$form->addWidget(new TextEdit("Description", "description", $description));
$form->addWidget(new ImageComboBox("Icon", "icon", $icon, new Icons($ICONS_DIR."/")));
$form->addWidget(new Button("Post news"));
$form->render();
break;
}
}
public function admin_edit($action, $vars)
{
global $UID, $ICONS_DIR;
switch($action) {
case "add":
$this->news[$vars["newsid"]]->title = $vars["title"];
$this->news[$vars["newsid"]]->userid = $UID;
$this->news[$vars["newsid"]]->time = DateTimeEdit::toTimestamp($vars, "time");
$this->news[$vars["newsid"]]->category = $vars["category"];
$this->news[$vars["newsid"]]->description = $vars["description"];
$this->news[$vars["newsid"]]->icon = $vars["icon"];
$this->write();
echo "\"" . $this->news[$vars["newsid"]]->title . "\" has now been edited.";
break;
case "preview":
$n = new NewsEntry($vars["title"], DatetimeEdit::toTimestamp($vars, "time"), $vars["category"], $vars["description"], $UID, $vars["icon"]);
echo "\n";
echo "
\n";
echo $n->show();
echo "
\n";
echo "
\n";
echo "Looking ok?
";
$form = new Form("add");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("yes"));
$form->render();
$form = new Form("retry");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("no"));
$form->render();
break;
case "edit":
case "retry":
if(isset($vars["title"])) $title = $vars["title"];
else $title = $this->news[$vars["newsid"]]->title;
if(isset($vars["time_year"])) $time = DateTimeEdit::toTimestamp($vars, "time");
else $time = $this->news[$vars["newsid"]]->time;
if(isset($vars["category"])) $category = $vars["category"];
else $category = $this->news[$vars["newsid"]]->category;
if(isset($vars["description"])) $description = $vars["description"];
else $description = $this->news[$vars["newsid"]]->description;
if(isset($vars["icon"])) $icon = $vars["icon"];
else $icon = $this->news[$vars["newsid"]]->icon;
$form = new Form("preview");
$form->addWidget(new Hidden($vars));
$form->addWidget(new LineEdit("Title", "title", $title));
$form->addWidget(new DateTimeEdit("Time", "time", $time));
$form->addWidget(new ComboBox("Category", "category", $category,
array("Main" => "main", "Site" => "site")));
$form->addWidget(new TextEdit("Description", "description", $description));
$form->addWidget(new ImageComboBox("Icon", "icon", $icon, new Icons($ICONS_DIR."/")));
$form->addWidget(new Button("Post news"));
$form->render();
break;
case "select":
default:
$newslist = array();
foreach($this->news as $newsentry) {
$newslist[$newsentry->title] = $newsentry->time;
}
$form = new Form("edit");
$form->addWidget(new ComboBox("Edit this entry:", "newsid", "", $newslist));
$form->addWidget(new Button("Edit..."));
$form->render();
break;
}
}
public function admin_delete($action, $vars)
{
switch($action) {
case "delete":
echo "\"". $this->news[$vars["newsid"]]->title . "\" has now been deleted.";
unset($this->news[$vars["newsid"]]);
$this->write();
break;
case "confirm":
echo "Really delete: " . $this->news[$vars["newsid"]]->title . "?";
$form = new Form("delete");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("yes"));
$form->render();
$form = new Form("select");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("no"));
$form->render();
break;
case "select":
default:
$newslist = array();
foreach($this->news as $newsentry) {
$newslist[$newsentry->title] = $newsentry->time;
}
$form = new Form("confirm");
$form->addWidget(new ComboBox("Delete this entry:", "newsid", "", $newslist));
$form->addWidget(new Button("Delete..."));
$form->render();
break;
}
}
*/
public function admin($sub, $action, $vars)
{
/*
switch($sub) {
case "new":
$this->admin_add($action, $vars);
break;
case "edit":
$this->admin_edit($action, $vars);
break;
case "delete":
$this->admin_delete($action, $vars);
break;
}
*/
}
public function editor()
{
$str = " \n";
return $str;
}
function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)
{
global $_SERVER;
// First filter known bad IPs
$spammers = array("85.255.118.10",
"216.32.84.82",
"220.226.63.254");
$ip = $_SERVER['REMOTE_ADDR'];
foreach($spammers as $spamip) {
if($ip == $spamip) {
// echo "Go away evil spammer!!!!";
return false;//die(1);
}
}
// Bot catcher!
if($name || $email || $message) return false;//$spam .= "BOTCatch\n";
$name = strip_tags($name_hidden);
$email = strip_tags($email_hidden);
if($name == "" && $email == "") return false;//$spam .= "Empty name and mail\n";
if($name == "") $name = "Name unknown";
if($email == "") $email = "Email unknown";
$message = strip_tags($message_hidden);
// Banned words
if(stristr($message, "incest")) return false;//$spam .= "Contained word 'incest'\n";
if(stristr($message, "estate")) return false;//$spam .= "Contained word 'estate'\n";
if(stristr($message, "phentermine")) return false;//$spam .= "Contained word 'phentermine'\n";
if(stristr($message, "viagra")) return false;//$spam .= "Contained word 'viagra'\n";
if(stristr($message, "ringtones")) return false;//$spam .= "Contained word 'ringtones'\n";
//if(stristr($message, "vaginal")) return false;//$spam .= "Contained word 'vaginal'\n";
if(stristr($message, "messed up in the email of mine")) return false;//$spam .= "Contained words 'messed up in the email of mine'\n";
if(stristr($message, "ambien")) return false;//$spam .= "Contained word 'ambien'\n";
if(stristr($message, "dating")) return false;//$spam .= "Contained word 'dating'\n";
if(stristr($message, "levitra")) return false;//$spam .= "Contained word 'levitra'\n";
//if(stristr($message, "myspace")) return false;//$spam .= "Contained word 'myspace'\n";
if($message == "") return false;//$spam .= "Empty message\n";
$date = date("r");
//if(strstr($message, "http://")) return false;//$spam .= "Contains URL\n";
// Message is not SPAM
return true;
}
public function newpost()
{
global $name, $email, $message, $name_hidden, $email_hidden, $message_hidden;
// Check is the message is SPAM
if($this->filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
// It was not... now add it to the book.
$entry = new GuestbookEntry($name_hidden,
$email_hidden,
time(),
$_SERVER['REMOTE_ADDR'],
convert($message_hidden));
$this->add($entry);
$this->write();
$str = "ok";
} else {
$str = "SPAM";
}
return $str;
}
public function run($params)
{
global $show, $action;
$str = "";
if($action == "post") {
$str .= $this->newpost();
unset($action); // Make sure the post is not posted several times if module is included several times.
}
foreach($params as $param) {
switch($param) {
case "editor":
return $str . $this->editor();
break;
default:
if($show == "all") return $this->show(-1);
else return $this->show(7);
break;
}
}
}
public function add($entry) {
$key = $entry->time;
$this->guestbook[$key] = $entry;
}
public function write()
{
$fp = fopen($this->file, "w");
fwrite($fp, "\n");
fwrite($fp, "\n");
foreach($this->guestbook as $entry) {
$entry->write($fp);
}
fwrite($fp, "\n");
fclose($fp);
}
public function show($number)
{
$str = "";
// If number is -1 show all shows.
if($number == -1) $number = 100000;
foreach($this->guestbook as $entry) {
$str .= $entry->show();
$number--;
if(!$number) break;
}
return $str;
}
private function read()
{
$dom = new DomDocument;
$dom->preserveWhiteSpace = FALSE;
$dom->load($this->file);
$params = $dom->getElementsByTagName('entry');
foreach ($params as $param) {
$entry = new GuestbookEntry($param->getAttribute('name'),
$param->getAttribute('email'),
$param->getAttribute('time'),
$param->getAttribute('remoteaddr'),
$param->getAttribute('text'));
$this->add($entry);
}
// Key sort
krsort($this->guestbook);
}
public function Guestbook($file)
{
$this->file = $file;
if(file_exists($file)) $this->read();
}
}
function guestbook_init()
{
global $DATA_DIR;
return new Guestbook($DATA_DIR . "/guestbook.xml");
}
/*
*/
/*
//
// INIT CODE:
//
if($page == "guestbook" && $action == "post" &&
!filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
//!strstr($_SERVER['HTTP_REFERER'], "guestbook")) {
header("HTTP/1.0 404 Not Found");
?>
404 Not Found
Not Found
The requested URL /?page=guestbook was not found on this server.
Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80