\n"; $str .= "
" . $this->title . "
\n"; $str .= "
" . date("D M jS Y G:i", $this->time) . "
\n"; $str .= "
" . str_replace("@", "(A)", $this->email) . "
\n"; $str .= "
" . $this->text . "
\n"; $str .= "\n"; return $str; } public function write($fp) { fwrite($fp, " title, ENT_QUOTES, "UTF-8") . "\"\n"); fwrite($fp, " time=\"" . $this->time . "\"\n"); fwrite($fp, " email=\"" . htmlspecialchars($this->email, ENT_QUOTES, "UTF-8") . "\"\n"); fwrite($fp, " remoteaddr=\"" . htmlspecialchars($this->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n"); fwrite($fp, " text=\"" . htmlspecialchars($this->text, ENT_QUOTES, "UTF-8") . "\">\n"); fwrite($fp, " \n"); } public function GuestbookEntry($title, $email, $time, $remoteaddr, $text) { $this->title = $title; $this->email = $email; $this->time = $time; $this->remoteaddr = $remoteaddr; $this->text = $text; } } class Guestbook { private $file; private $guestbook = array(); // Admin config public $admin_title = "Guestbook"; public $admin_submodules = array(); /* public $admin_submodules = array("New Newsentry" => "new", "Edit Newsentry" => "edit", "Delete Newsentry" => "delete"); public function admin_add($action, $vars) { global $UID, $ICONS_DIR; switch($action) { case "add": $n = new NewsEntry($vars["title"], DateTimeEdit::toTimestamp($vars, "time"), $vars["category"], $vars["description"], $UID, $vars["icon"]); echo "\"" .$n->title . "\" has now been added."; $this->add($n); $this->write(); break; case "preview": $n = new NewsEntry($vars["title"], DateTimeEdit::toTimestamp($vars, "time"), $vars["category"], $vars["description"], $UID, $vars["icon"]); echo "
\n"; echo "
\n"; echo $n->show(); echo "
\n"; echo "
\n"; echo "

Looking ok?

"; $form = new Form("add"); $form->addWidget(new Hidden($vars)); $form->addWidget(new Button("yes")); $form->render(); $form = new Form("retry"); $form->addWidget(new Hidden($vars)); $form->addWidget(new Button("no")); $form->render(); break; case "retry": $title = $vars["title"]; $time = DateTimeEdit::toTimestamp($vars, "time"); $category = $vars["category"]; $description = $vars["description"]; default: $form = new Form("preview"); $form->addWidget(new LineEdit("Title", "title", $title)); $form->addWidget(new DateTimeEdit("Time", "time", $time)); $form->addWidget(new ComboBox("Category", "category", $category, array("Main" => "main", "Site" => "site"))); $form->addWidget(new TextEdit("Description", "description", $description)); $form->addWidget(new ImageComboBox("Icon", "icon", $icon, new Icons($ICONS_DIR."/"))); $form->addWidget(new Button("Post news")); $form->render(); break; } } public function admin_edit($action, $vars) { global $UID, $ICONS_DIR; switch($action) { case "add": $this->news[$vars["newsid"]]->title = $vars["title"]; $this->news[$vars["newsid"]]->userid = $UID; $this->news[$vars["newsid"]]->time = DateTimeEdit::toTimestamp($vars, "time"); $this->news[$vars["newsid"]]->category = $vars["category"]; $this->news[$vars["newsid"]]->description = $vars["description"]; $this->news[$vars["newsid"]]->icon = $vars["icon"]; $this->write(); echo "\"" . $this->news[$vars["newsid"]]->title . "\" has now been edited."; break; case "preview": $n = new NewsEntry($vars["title"], DatetimeEdit::toTimestamp($vars, "time"), $vars["category"], $vars["description"], $UID, $vars["icon"]); echo "
\n"; echo "
\n"; echo $n->show(); echo "
\n"; echo "
\n"; echo "

Looking ok?

"; $form = new Form("add"); $form->addWidget(new Hidden($vars)); $form->addWidget(new Button("yes")); $form->render(); $form = new Form("retry"); $form->addWidget(new Hidden($vars)); $form->addWidget(new Button("no")); $form->render(); break; case "edit": case "retry": if(isset($vars["title"])) $title = $vars["title"]; else $title = $this->news[$vars["newsid"]]->title; if(isset($vars["time_year"])) $time = DateTimeEdit::toTimestamp($vars, "time"); else $time = $this->news[$vars["newsid"]]->time; if(isset($vars["category"])) $category = $vars["category"]; else $category = $this->news[$vars["newsid"]]->category; if(isset($vars["description"])) $description = $vars["description"]; else $description = $this->news[$vars["newsid"]]->description; if(isset($vars["icon"])) $icon = $vars["icon"]; else $icon = $this->news[$vars["newsid"]]->icon; $form = new Form("preview"); $form->addWidget(new Hidden($vars)); $form->addWidget(new LineEdit("Title", "title", $title)); $form->addWidget(new DateTimeEdit("Time", "time", $time)); $form->addWidget(new ComboBox("Category", "category", $category, array("Main" => "main", "Site" => "site"))); $form->addWidget(new TextEdit("Description", "description", $description)); $form->addWidget(new ImageComboBox("Icon", "icon", $icon, new Icons($ICONS_DIR."/"))); $form->addWidget(new Button("Post news")); $form->render(); break; case "select": default: $newslist = array(); foreach($this->news as $newsentry) { $newslist[$newsentry->title] = $newsentry->time; } $form = new Form("edit"); $form->addWidget(new ComboBox("Edit this entry:", "newsid", "", $newslist)); $form->addWidget(new Button("Edit...")); $form->render(); break; } } public function admin_delete($action, $vars) { switch($action) { case "delete": echo "\"". $this->news[$vars["newsid"]]->title . "\" has now been deleted."; unset($this->news[$vars["newsid"]]); $this->write(); break; case "confirm": echo "Really delete: " . $this->news[$vars["newsid"]]->title . "?"; $form = new Form("delete"); $form->addWidget(new Hidden($vars)); $form->addWidget(new Button("yes")); $form->render(); $form = new Form("select"); $form->addWidget(new Hidden($vars)); $form->addWidget(new Button("no")); $form->render(); break; case "select": default: $newslist = array(); foreach($this->news as $newsentry) { $newslist[$newsentry->title] = $newsentry->time; } $form = new Form("confirm"); $form->addWidget(new ComboBox("Delete this entry:", "newsid", "", $newslist)); $form->addWidget(new Button("Delete...")); $form->render(); break; } } */ public function admin($sub, $action, $vars) { /* switch($sub) { case "new": $this->admin_add($action, $vars); break; case "edit": $this->admin_edit($action, $vars); break; case "delete": $this->admin_delete($action, $vars); break; } */ } public function editor() { $str = "
\n"; $str .= "
\n"; $str .= "

\n"; $str .= "Name: \n"; $str .= "Email:
\n"; $str .= "Message:
\n"; $str .= " \n"; $str .= "
\n"; $str .= "
\n"; $str .= "

\n"; $str .= "
\n"; $str .= "
\n"; return $str; } function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden) { global $_SERVER; // First filter known bad IPs $spammers = array("85.255.118.10", "216.32.84.82", "220.226.63.254"); $ip = $_SERVER['REMOTE_ADDR']; foreach($spammers as $spamip) { if($ip == $spamip) { return false; } } // Bot catcher! if($name || $email || $message) return false; $name = strip_tags($name_hidden); $email = strip_tags($email_hidden); if($name == "" && $email == "") return false; if($name == "") $name = "Name unknown"; if($email == "") $email = "Email unknown"; $message = strip_tags($message_hidden); // Banned words $words = array("incest", "estate", "phentermine", "viagra", "ringtones", "messed up in the email of mine", "ambien", "dating", "levitra"); foreach($words as $word) { if(stristr($message, $word)) return false; } if($message == "") return false; // Empty message // Message is not SPAM return true; } public function newpost() { global $name, $email, $message, $name_hidden, $email_hidden, $message_hidden; // Check is the message is SPAM if($this->filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) { // It was not... now add it to the book. $entry = new GuestbookEntry($name_hidden, $email_hidden, time(), $_SERVER['REMOTE_ADDR'], convert($message_hidden)); $this->add($entry); krsort($this->guestbook); $this->write(); $str = ""; } else { $str = "SPAM"; } return $str; } public function run($params) { global $show, $action; $str = ""; if($action == "post") { $str .= $this->newpost(); unset($action); // Make sure the post is not posted several times if module is included several times. } $showeditor = false; $showposts = 0; foreach($params as $param => $value) { switch($param) { case "editor": $showeditor = true; break; default: if($show == "all") $showposts = -1; else $showposts = 12; break; } } if($showeditor == true) $str .= $this->editor(); if($showposts != 0) $str .= $this->show($showposts); return $str; } public function add($entry) { $key = $entry->time; $this->guestbook[$key] = $entry; } public function write() { $fp = fopen($this->file, "w"); fwrite($fp, "\n"); fwrite($fp, "\n"); foreach($this->guestbook as $entry) { $entry->write($fp); } fwrite($fp, "\n"); fclose($fp); } public function show($number) { $str = ""; // If number is -1 show all shows. if($number == -1) $number = 100000; foreach($this->guestbook as $entry) { $str .= $entry->show(); $number--; if(!$number) break; } return $str; } private function read() { $dom = new DomDocument; $dom->preserveWhiteSpace = FALSE; $dom->load($this->file); $params = $dom->getElementsByTagName('entry'); foreach ($params as $param) { $entry = new GuestbookEntry($param->getAttribute('name'), $param->getAttribute('email'), $param->getAttribute('time'), $param->getAttribute('remoteaddr'), $param->getAttribute('text')); $this->add($entry); } // Key sort krsort($this->guestbook); } public function Guestbook($file) { $this->file = $file; if(file_exists($file)) $this->read(); } } function guestbook_init() { global $DATA_DIR; return new Guestbook($DATA_DIR . "/guestbook.xml"); } /* */ /* // // INIT CODE: // if($page == "guestbook" && $action == "post" && !filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) { //!strstr($_SERVER['HTTP_REFERER'], "guestbook")) { header("HTTP/1.0 404 Not Found"); ?> 404 Not Found

Not Found

The requested URL /?page=guestbook was not found on this server.

Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80