<?php
/* -*- Mode: php; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
global $UTIL_DIR;
include_once($UTIL_DIR . "/forms.php");
include_once($UTIL_DIR . "/convert.php");
class GuestbookEntry {
public $remoteaddr;
public $title;
public $email;
public $time;
public $text;
public function show()
{
$str = "<div class=\"guestbook_entry\">\n";
$str .= " <div class=\"guestbook_name\">" . $this->title . "</div>\n";
$str .= " <div class=\"guestbook_time\">" . date("D M jS Y G:i", $this->time) . "</div>\n";
$str .= " <div class=\"guestbook_email\">" . str_replace("@", "(A)", $this->email) . "</div>\n";
$str .= " <div class=\"guestbook_text\">" . $this->text . "</div>\n";
$str .= "</div>\n";
return $str;
}
public function write($fp)
{
fwrite($fp, " <entry name=\"" .
htmlspecialchars($this->title, ENT_QUOTES, "UTF-8") . "\"\n");
fwrite($fp, " time=\"" . $this->time . "\"\n");
fwrite($fp, " email=\"" .
htmlspecialchars($this->email, ENT_QUOTES, "UTF-8") . "\"\n");
fwrite($fp, " remoteaddr=\"" .
htmlspecialchars($this->remoteaddr, ENT_QUOTES, "UTF-8") . "\"\n");
fwrite($fp, " text=\"" .
htmlspecialchars($this->text, ENT_QUOTES, "UTF-8") . "\">\n");
fwrite($fp, " </entry>\n");
}
public function GuestbookEntry($title, $email, $time, $remoteaddr, $text) {
$this->title = $title;
$this->email = $email;
$this->time = $time;
$this->remoteaddr = $remoteaddr;
$this->text = $text;
}
}
class Guestbook {
private $file;
private $guestbook = array();
// Admin config
public $admin_title = "Guestbook";
public $admin_submodules = array();
/*
public $admin_submodules = array("New Newsentry" => "new",
"Edit Newsentry" => "edit",
"Delete Newsentry" => "delete");
public function admin_add($action, $vars)
{
global $UID, $ICONS_DIR;
switch($action) {
case "add":
$n = new NewsEntry($vars["title"], DateTimeEdit::toTimestamp($vars, "time"),
$vars["category"], $vars["description"], $UID, $vars["icon"]);
echo "\"" .$n->title . "\" has now been added.";
$this->add($n);
$this->write();
break;
case "preview":
$n = new NewsEntry($vars["title"], DateTimeEdit::toTimestamp($vars, "time"),
$vars["category"], $vars["description"], $UID, $vars["icon"]);
echo "<div class=\"preview\">\n";
echo "<div class=\"content\">\n";
echo $n->show();
echo "</div>\n";
echo "</div>\n";
echo "<p>Looking ok?</p>";
$form = new Form("add");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("yes"));
$form->render();
$form = new Form("retry");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("no"));
$form->render();
break;
case "retry":
$title = $vars["title"];
$time = DateTimeEdit::toTimestamp($vars, "time");
$category = $vars["category"];
$description = $vars["description"];
default:
$form = new Form("preview");
$form->addWidget(new LineEdit("Title", "title", $title));
$form->addWidget(new DateTimeEdit("Time", "time", $time));
$form->addWidget(new ComboBox("Category", "category", $category, array("Main" => "main", "Site" => "site")));
$form->addWidget(new TextEdit("Description", "description", $description));
$form->addWidget(new ImageComboBox("Icon", "icon", $icon, new Icons($ICONS_DIR."/")));
$form->addWidget(new Button("Post news"));
$form->render();
break;
}
}
public function admin_edit($action, $vars)
{
global $UID, $ICONS_DIR;
switch($action) {
case "add":
$this->news[$vars["newsid"]]->title = $vars["title"];
$this->news[$vars["newsid"]]->userid = $UID;
$this->news[$vars["newsid"]]->time = DateTimeEdit::toTimestamp($vars, "time");
$this->news[$vars["newsid"]]->category = $vars["category"];
$this->news[$vars["newsid"]]->description = $vars["description"];
$this->news[$vars["newsid"]]->icon = $vars["icon"];
$this->write();
echo "\"" . $this->news[$vars["newsid"]]->title . "\" has now been edited.";
break;
case "preview":
$n = new NewsEntry($vars["title"], DatetimeEdit::toTimestamp($vars, "time"), $vars["category"], $vars["description"], $UID, $vars["icon"]);
echo "<div class=\"preview\">\n";
echo "<div class=\"content\">\n";
echo $n->show();
echo "</div>\n";
echo "</div>\n";
echo "<p>Looking ok?</p>";
$form = new Form("add");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("yes"));
$form->render();
$form = new Form("retry");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("no"));
$form->render();
break;
case "edit":
case "retry":
if(isset($vars["title"])) $title = $vars["title"];
else $title = $this->news[$vars["newsid"]]->title;
if(isset($vars["time_year"])) $time = DateTimeEdit::toTimestamp($vars, "time");
else $time = $this->news[$vars["newsid"]]->time;
if(isset($vars["category"])) $category = $vars["category"];
else $category = $this->news[$vars["newsid"]]->category;
if(isset($vars["description"])) $description = $vars["description"];
else $description = $this->news[$vars["newsid"]]->description;
if(isset($vars["icon"])) $icon = $vars["icon"];
else $icon = $this->news[$vars["newsid"]]->icon;
$form = new Form("preview");
$form->addWidget(new Hidden($vars));
$form->addWidget(new LineEdit("Title", "title", $title));
$form->addWidget(new DateTimeEdit("Time", "time", $time));
$form->addWidget(new ComboBox("Category", "category", $category,
array("Main" => "main", "Site" => "site")));
$form->addWidget(new TextEdit("Description", "description", $description));
$form->addWidget(new ImageComboBox("Icon", "icon", $icon, new Icons($ICONS_DIR."/")));
$form->addWidget(new Button("Post news"));
$form->render();
break;
case "select":
default:
$newslist = array();
foreach($this->news as $newsentry) {
$newslist[$newsentry->title] = $newsentry->time;
}
$form = new Form("edit");
$form->addWidget(new ComboBox("Edit this entry:", "newsid", "", $newslist));
$form->addWidget(new Button("Edit..."));
$form->render();
break;
}
}
public function admin_delete($action, $vars)
{
switch($action) {
case "delete":
echo "\"". $this->news[$vars["newsid"]]->title . "\" has now been deleted.";
unset($this->news[$vars["newsid"]]);
$this->write();
break;
case "confirm":
echo "Really delete: " . $this->news[$vars["newsid"]]->title . "?";
$form = new Form("delete");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("yes"));
$form->render();
$form = new Form("select");
$form->addWidget(new Hidden($vars));
$form->addWidget(new Button("no"));
$form->render();
break;
case "select":
default:
$newslist = array();
foreach($this->news as $newsentry) {
$newslist[$newsentry->title] = $newsentry->time;
}
$form = new Form("confirm");
$form->addWidget(new ComboBox("Delete this entry:", "newsid", "", $newslist));
$form->addWidget(new Button("Delete..."));
$form->render();
break;
}
}
*/
public function admin($sub, $action, $vars)
{
/*
switch($sub) {
case "new":
$this->admin_add($action, $vars);
break;
case "edit":
$this->admin_edit($action, $vars);
break;
case "delete":
$this->admin_delete($action, $vars);
break;
}
*/
}
public function editor()
{
$str = "<div class=\"guestbook_form\">\n";
$str .= "<form action=\"?page=guestbook&action=post\" method=\"post\"> \n";
$str .= "<p> \n";
$str .= "Name: <input style=\"display: none\" name=\"name\"/><input name=\"name_hidden\"/> \n";
$str .= "Email: <input style=\"display: none\" name=\"email\"/><input name=\"email_hidden\"/><br/> \n";
$str .= "Message:<br/> \n";
$str .= "<textarea style=\"display: none\" rows=\"2\" cols=\"74\" name=\"message\"></textarea> \n";
$str .= "<textarea rows=\"2\" cols=\"74\" name=\"message_hidden\"></textarea><br/> \n";
$str .= "<button type=\"submit\">Post</button><br/> \n";
$str .= "</p> \n";
$str .= "</form> \n";
$str .= "</div> \n";
return $str;
}
function filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)
{
global $_SERVER;
// First filter known bad IPs
$spammers = array("85.255.118.10", "216.32.84.82", "220.226.63.254");
$ip = $_SERVER['REMOTE_ADDR'];
foreach($spammers as $spamip) {
if($ip == $spamip) {
return false;
}
}
// Bot catcher!
if($name || $email || $message) return false;
$name = strip_tags($name_hidden);
$email = strip_tags($email_hidden);
if($name == "" && $email == "") return false;
if($name == "") $name = "Name unknown";
if($email == "") $email = "Email unknown";
$message = strip_tags($message_hidden);
// Banned words
$words = array("incest", "estate", "phentermine", "viagra", "ringtones",
"messed up in the email of mine", "ambien", "dating", "levitra");
foreach($words as $word) {
if(stristr($message, $word)) return false;
}
if($message == "") return false; // Empty message
// Message is not SPAM
return true;
}
public function newpost()
{
global $name, $email, $message, $name_hidden, $email_hidden, $message_hidden;
// Check is the message is SPAM
if($this->filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
// It was not... now add it to the book.
$entry = new GuestbookEntry($name_hidden,
$email_hidden,
time(),
$_SERVER['REMOTE_ADDR'],
convert($message_hidden));
$this->add($entry);
krsort($this->guestbook);
$this->write();
$str = "";
} else {
$str = "SPAM";
}
return $str;
}
public function run($params)
{
global $show, $action;
$str = "";
if($action == "post") {
$str .= $this->newpost();
unset($action); // Make sure the post is not posted several times if module is included several times.
}
$showeditor = false;
$showposts = 0;
foreach($params as $param => $value) {
switch($param) {
case "editor":
$showeditor = true;
break;
default:
if($show == "all") $showposts = -1;
else $showposts = 12;
break;
}
}
if($showeditor == true) $str .= $this->editor();
if($showposts != 0) $str .= $this->show($showposts);
return $str;
}
public function add($entry) {
$key = $entry->time;
$this->guestbook[$key] = $entry;
}
public function write()
{
$fp = fopen($this->file, "w");
fwrite($fp, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
fwrite($fp, "<guestbook>\n");
foreach($this->guestbook as $entry) {
$entry->write($fp);
}
fwrite($fp, "</guestbook>\n");
fclose($fp);
}
public function show($number)
{
$str = "";
// If number is -1 show all shows.
if($number == -1) $number = 100000;
foreach($this->guestbook as $entry) {
$str .= $entry->show();
$number--;
if(!$number) break;
}
return $str;
}
private function read()
{
$dom = new DomDocument;
$dom->preserveWhiteSpace = FALSE;
$dom->load($this->file);
$params = $dom->getElementsByTagName('entry');
foreach ($params as $param) {
$entry = new GuestbookEntry($param->getAttribute('name'),
$param->getAttribute('email'),
$param->getAttribute('time'),
$param->getAttribute('remoteaddr'),
$param->getAttribute('text'));
$this->add($entry);
}
// Key sort
krsort($this->guestbook);
}
public function Guestbook($file)
{
$this->file = $file;
if(file_exists($file)) $this->read();
}
}
function guestbook_init()
{
global $DATA_DIR;
return new Guestbook($DATA_DIR . "/guestbook.xml");
}
/*
*/
/*
//
// INIT CODE:
//
if($page == "guestbook" && $action == "post" &&
!filtermessage($name, $email, $message, $name_hidden, $email_hidden, $message_hidden)) {
//!strstr($_SERVER['HTTP_REFERER'], "guestbook")) {
header("HTTP/1.0 404 Not Found");
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /?page=guestbook was not found on this server.</p>
<hr>
<address>Apache/2.0.58 (Gentoo) mod_ssl/2.0.58 OpenSSL/0.9.7j PHP/5.1.6-pl6-gentoo Server at www.executionroom.com Port 80</address>
</body></html>
<?php
exit(404);
}
*/
?>