Be sure writing is allowed in this directory."; $langPassChanged = "The password has been changed."; $langPassError = "The new passwords don't match !"; $langPassword = "Change Big Sam Password"; $langRetype = "Retype new Password :"; $langSubmit = "post"; $langSubmitModif = "Submit Modifications"; $langSystemError = "System Error"; $langSystemMessage = "System Message"; $langWrongPassword = "Wrong Admin Password"; /******************************************* * Configuration Step 2 : Carbon Copy Email * *******************************************/ // carbonCopy = 1 enables mail sending to mailRecipient. // mailRecipient receives a mail each times an entry is entered (if carbonCopy = 1) // mailSubject is the subject of the mail which is sent. $carbonCopy = 0; $mailRecipient = "gb@thegoonies.nu"; $mailSubject = "[BIG SAM] New Guestbook Entry"; /******************************** * Configuration Step 3 : Colors * ********************************/ // Choosing colors (Remove the unwanted color-model) /* // Standard (Greys, bright background) $colorWhite = "\"#FFFFFF\""; $colorBlack = "\"#000000\""; $colorHeads = "\"#666666\""; $colorBody1 = "\"#EEEEEE\""; $colorBody2 = "\"#DDDDDD\""; */ // The Following is the BIG SAM standard $colorWhite = "\"#FFFFFF\""; $colorBlack = "\"#000000\""; $colorHeads = "\"#42426F\""; $colorBody1 = "\"#FFF8DC\""; $colorBody2 = "\"#EFE8CC\""; // Data submission form colors $formHeadColor = $colorHeads; $formBodyColor = $colorBody1; $formTailColor = $colorBody2; $formHeadText = $colorWhite; $formBodyText = $colorBlack; // Guestbook entries colors $entryHeadColor = $colorHeads; $entryBodyColor1 = $colorBody2; $entryBodyColor2 = $colorBody1; $entryHeadText = $colorWhite; $entryBodyText1 = $colorBlack; $entryBodyText2 = $colorHeads; // Messages colors $adminHeadColor = $colorHeads; $adminHeadText = $colorWhite; $adminBodyColor1 = $colorBody2; $adminBodyText1 = $colorBlack; $adminBodyColor2 = $colorBody1; $adminBodyText2 = $colorHeads; /******************************** * Configuration Step 4 : Header * ********************************/ function displayHeader() { global $version; header ("Expires: Sat, 01 Jan 2000 00:00:00 GMT"); echo ("\n"); echo ("\n"); // You migh use and include instead of all this : // include ("head.inc"); echo ("\n"); echo ("the goonies dot nu - guestbook\n"); echo ("\n"); echo ("\n"); echo ("\n"); include ("../header.html"); } /******************************** * Configuration Step 5 : Footer * ********************************/ function displayFooter() { include ("../footer.html"); echo (""); } /****************************************************** * Configuration Step 6 : Number of messages displayed * ******************************************************/ // Number of fields to be displayed simultaneously. // To display everything, set $displayStep to 0. $displayStep = 0; /*********************************************** * Configuration Step 7 : Allow AutoLink System * ***********************************************/ $allowAutoLink=1; /************************ * End of Configuration * ************************/ // Register_Globals improvements (since version 1.2.0) // By Hubert Hanghofer (webmaster@BierIG.org) // $absoluteScriptPath is the name of the current script (this file) and which is going to // be modified by itself. This means that (theoretically) this file can be // placed anywhere on the system, with any fileName. $absoluteScriptPath = $PATH_TRANSLATED ; // $_SERVER["PATH_TRANSLATED"]; $relativeScriptPath = $PHP_SELF; // $_SERVER["PHP_SELF"]; $refererpage = $HTTP_REFERER; // $_SERVER["HTTP_REFERER"]; // when the php preprocessor is installed as an independant binary (as CGI). if ($PATH_INFO!="") { $relativeScriptPath = $PATH_INFO; } // to be used when $PHP_SELF contains virtual directory reference // (for multi-users servers, eg : free.fr, online.fr ...) if (($SERVER_NAME=="php.proxad.net")||(($SERVER_NAME=="php3.pro.proxad.net"))) { $relativeScriptPath = substr($relativeScriptPath, strpos(substr($relativeScriptPath, 1), "/")+1); } $theName=substr($absoluteScriptPath, 0, strrpos($absoluteScriptPath, ".")); $extension=substr($absoluteScriptPath, strrpos($absoluteScriptPath, ".")+1); // The dataFile contains all the guestbook entries, and $adminpassword . // $adminpassword is the password which will be asked for any administration // actions. This password could be changed only if in admin mode (old // $adminpassword matches $admin). // Defines the name of the database file where the entries are stored. // $dataFile = "${theName}.dat.${extension}"; $dataFile = "index.dat.php"; //****************************************************************************** // function displayForm : Display the form which enables the client to type a // message. function displayForm() { global $relativeScriptPath; $borderThickness = 3; global $formHeadColor; global $formBodyColor; global $formTailColor; global $formHeadText; global $formBodyText; global $langName; global $langEmail; global $langMessage; global $langSubmit; // Writing HTML Code echo ("
\n"); echo ("

\n"); echo ("$langName\n"); echo ("$langEmail

\n"); echo ("

\n"); echo ("

"); echo ("

\n"); echo ("
\n"); } //****************************************************************************** // function displayMessage displays the $errorMessage error message. function displayMessage($errorMessage,$msgType) { global $adminHeadColor; global $adminHeadText; global $adminBodyColor1; global $adminBodyText1; global $adminBodyColor2; global $adminBodyText2; global $langAdminError; global $langSystemError; global $langSystemMessage; global $langBsGuestbook; displayHeader(); echo ("$langBsGuestbook"); if ($msgType=="1") // Admin Message echo ("$langAdminError"); if ($msgType=="2") // System Error echo ("$langSystemError"); if ($msgType=="3") // System Message echo ("$langSystemMessage"); echo ("$errorMessage"); displayFooter(); exit; } //****************************************************************************** // function standardizeText filters ambiguous chains in $str function standardizeStoredText($str) { $str = str_replace("\\'", "'", $str); $str = str_replace("\\\"", "\"", $str); $str = htmlspecialchars($str); $str = str_replace("\n", "
", $str); $str = str_replace("$", "$", $str); return $str; } function standardizeDisplayedText($str) { return $str; } function standardizeAdminText($str) { return $str; } function seekHttp($rawText) { $pattern = array( "/http:\/\/((\w|\.|\?|\%|=|\/|-|~|#)*)/", "/mailto:((\w|\.|@|-)*)/"); $replacement = array( "http://\\1", "\\1"); $hyperLinkedText=preg_replace($pattern, $replacement, $rawText); return $hyperLinkedText; } //****************************************************************************** // function Xfopen : opens a file $fileName and locks it function Xfopen($fileName, $openMode, $sharing) { global $langOpenError; $fp=@fopen($fileName, $openMode); if (!$fp) { displayMessage($langOpenError,2); } if ($sharing==true) { $op=1; } else { $op=2; } if (!@flock($fp,$op)) { @flock($fp,3); displayMessage("flock timeout",2); } return $fp; } //****************************************************************************** // function Xfclose : unlocks the file $fp and closes it function Xfclose($fp) { @flock($fp,3); @fclose($fp); } //****************************************************************************** // function fullDisplay function fullDisplay() { global $displayStep,$displayBegin, $maxDisplay ; global $entryHeadColor,$entryHeadText, $entryBodyColor1,$entryBodyText1, $entryBodyColor2,$entryBodyText2 ; global $relativeScriptPath; global $index; global $archive_mail, $archive_name, $archive_text, $archive_date; global $allowAutoLink; // Checks if $displayBegin is not too large (Thanks to Ahmet Sabri ALPER ) if ($displayBegin>$maxDisplay) { $displayBegin=$maxDisplay-$displayStep+1; } displayHeader(); // Displays the entry form to enable the client to type a message. displayForm(); if ($index==0) { displayFooter(); return; } // Message arrays are displayed here : // Displaying all the entries. if ($displayStep==0) { $displayBegin=1; $displayStep=$index; } if ($displayBegin==1) { $startAt=$index % $displayStep; if ($startAt==0) $startAt=$displayStep; } else { $startAt=$displayBegin+$displayStep-1; } for ($msgNumber=$startAt ; $msgNumber>=$displayBegin ; $msgNumber--) { echo ("
\n"); echo ("

$archive_date[$msgNumber]
\n"); if ($archive_mail[$msgNumber]!="") { echo ("$msgNumber : ".standardizeDisplayedText($archive_name[$msgNumber])."
\n"); } else { echo ("$msgNumber : ".standardizeDisplayedText($archive_name[$msgNumber])."
\n"); } if ($allowAutoLink==1) echo (seekHttp(standardizeDisplayedText($archive_text[$msgNumber]))); else echo (standardizeDisplayedText($archive_text[$msgNumber])."

"); echo ("
"); } for($i=1;$i<=$index;$i=$nextEnd+1) { $nextBegin = $i; if ($i==1) { $nextEnd=$index % $displayStep; if ($nextEnd==0) $nextEnd=$displayStep; } else $nextEnd = $i+$displayStep-1; if ($displayBegin==$nextBegin && $nextEnd!=$nextBegin) echo ("[$nextBegin-$nextEnd]\n"); else if ($displayBegin==$nextBegin && $nextEnd==$nextBegin) echo ("[$nextBegin]\n"); else if ($nextEnd==$nextBegin) echo ("[$nextBegin]\n"); else echo ("[$nextBegin-$nextEnd]\n"); } displayFooter(); } //****************************************************************************** function readData($resetBegin) { global $adminpassword; global $index; global $dataFile; global $archive_mail, $archive_name, $archive_text, $archive_date; global $displayBegin, $displayStep, $maxDisplay; // Includes automatically filled data arrays : $index = 0; $fout=Xfopen($dataFile, "r", true); include($dataFile); Xfclose($fout); // From now, $index will indicate the number of data entries. // Beginning of the data to be displayed, default = 1 if (!isset($displayBegin)) $displayBegin=""; if ($displayBegin=="" || $resetBegin==1) { $displayBegin = $index-$displayStep+1; if ($displayBegin<=0) $displayBegin=1; } // Sets the maximum that $displayBegin can reach $maxDisplay = $index; } //****************************************************************************** // If the Datafile does not exist, creates it. if (!file_exists(${dataFile})) { $fout = Xfopen($dataFile, "w+", false); fputs($fout, ""); Xfclose ($fout); } // $admin could be set via Admin-Form by POST or via URL by GET $admin=$HTTP_POST_VARS["admin"]; if (!isset($admin)) $admin=$HTTP_GET_VARS["admin"]; else // assign POST-variables from Admin-Form { $newPassword1=$HTTP_POST_VARS["newPassword1"]; $newPassword2=$HTTP_POST_VARS["newPassword2"]; $command=$HTTP_POST_VARS["command"]; $index=$HTTP_POST_VARS["index"]; } if (!isset($admin)) { // assing variables from Guestbook-From $name=$HTTP_POST_VARS["name"]; $email=$HTTP_POST_VARS["email"]; $message=$HTTP_POST_VARS["message"]; if (!isset($name)) { $name=""; $message=""; } if ($name=="" || $message=="") { /**************************************************************************************** * Use Case no 1-A * * * * This case is encountered when a client simply wants to add a message to the * * guestbook. (Every variable is empty); * ************************************************************************************/ readData(0); fullDisplay(); exit; } else { /******************************************************************************** * Use Case no 1-B * * * * Case is encountered when a client has just filled in the appropriate fields * * (name, mail, message). * * $name = "Some Name" * * $email = "Some@Email" * * $message = "Some Message" * * Simply add message in the top of all previous messages. * ********************************************************************************/ $position = filesize($dataFile); $fout = Xfopen($dataFile, "r+", false); fseek($fout,$position-2); $insert_msgdate = date( "dS F Y - h:i:s A" ); $name=standardizeStoredText($name); $email=standardizeStoredText($email); $message=standardizeStoredText($message); fputs ($fout,"\$archive_name[++\$index] = \"$name\";\n"); fputs ($fout,"\$archive_mail[ \$index] = \"$email\";\n"); fputs ($fout,"\$archive_date[ \$index] = \"$insert_msgdate\";\n"); fputs ($fout,"\$archive_text[ \$index] = \"$message\";\n"); fputs ($fout,"\n?>"); Xfclose($fout); // Sending a mail to $mailRecipient if $carbonCopy=1, with the subject $mailSubject. if ($carbonCopy==1) { $message = str_replace("
", "\n", $message); $mailBody = "From: $name <$email>\n$insert_msgdate\n\n$message"; mail($mailRecipient,$mailSubject,$mailBody,"From: $email\nReply-to: $name <$email>"); } if (strpos($refererpage, "?")==false) $page=$refererpage; else $page=substr($refererpage, 0, strpos($refererpage, "?")); header("Location: $page?"); exit; } } else { readData(0); if ($admin==$adminpassword) { if ($command=="") { displayHeader(); /************************************************************************ * Use Case no 2-A * * * * Admin mode (The administrator can modify password, fields, or remove * * messages). * * $admin = $adminpassword * * Shows a password modification form. * * Shows all messages and enables to modify/delete them. * ************************************************************************/ echo("

BIG SAM

$langGbAdmin

\n"); echo("
\n"); // Display the form which enables the admin to change his password echo ("
\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("
\n"); echo (" $langPassword.
"); echo ("  $langnewPassword"); echo (" 
"); echo ("  $langRetype"); echo (" 
\n"); echo ("\n"); echo ("\n"); echo ("
\n"); echo ("
\n"); echo("

\n"); // Message arrays are displayed here in forms in order to modify them : echo ("
\n"); for ($i=1 ; $i<=$index ; $i++) { $msgNumber = $index - $i + 1; $str = str_replace("
", "\n", $archive_text[$msgNumber]); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n
\n"); echo (" "); echo ("$langEntry #$msgNumber. 
  
\n
\n"); } echo ("\n"); echo ("\n"); echo ("\n"); echo ("\n"); echo ("
\n"); displayFooter(); exit; } else if ($command=="passwd") { // Use Case no 2-B // Admin mode (The administrator is modifying his password.). // $admin = $adminpassword // $newPassword1 = "New Password 1" // $newPassword2 = "New Password 2" // Check if $newPassword1 matches $newPassword2 // Set the $adminpassword line to : // $adminpassword = "$newPassword1" in the dataFile if($newPassword1!=$newPassword2) { // The passwords doesn't match displayMessage("$langPassError",1); } else { // Rewrites the whole Datafile with the new password, and all the entries. $fout = Xfopen($dataFile, "w", false); fputs ($fout,""); Xfclose($fout); displayMessage("$langPassChanged",3); exit; } } else if ($command=="modify") { /******************************************************************************** * Use Case no 2-C * * * * Admin mode (The administrator is updating entries). * * $admin = $adminpassword * * $nameXXX = "Modified name (no XXX)" * * $emailXXX = "Modified email (no XXX)" * * $messageXXX = "Modified message (no XXX)" * * $keep = "on" or "" * * Check if $admin matches $adminpassword. * * Rewrites ALL the fields except when $keepXXX = "" * * Rewrites the whole Datafile with the new password, and all the entries. * ********************************************************************************/ $fout = Xfopen($dataFile, "w", false); fputs ($fout,""); Xfclose($fout); if (strpos($refererpage, "?")==false) $page=$refererpage; else $page=substr($refererpage, 0, strpos($refererpage, "?")); header("Location: $page?"); exit; } } else { /************************************************ * Use Case no 2-Z * * * * If $admin does NOT match $adminpassword. * * $admin != $adminpassword * * Error message : "Wrong Admin Password" * ************************************************/ displayMessage("$langWrongPassword",1); } } ?>