Php > Complete Programs

Modification of Shane Caraveo's guestbook

Modification of Shane Caraveo's guestbook

<?php require("guestbook-data.php3"); ?> 
<HTML><HEAD> 
<BODY> 

<?php 
/* 
 
  PHP-mySQL GuestBook 
  

  DO NOT EMAIL ME ASKING HOW TO SET THIS UP! 
    I do not support this script in any way.  If you fix a bug, 
    or add a cool feature, let me know. 
         
    Use of this script means you recognize the fact that I am not 
  responsible if this script blows up your machine (or causes 
  any other problems). 

  feel free to use and abuse this script in whatever 
    form or fashion you feel fit. 

  PHP-ODBC Guestbook modifications 


    In somefile.php you need to have the following code: 

  $user="shane";  // admin username 
    $password="test"; // admin password 
    $bookname="mybook"; // the name of the table within the mysql db 
    $autodelete=0; //number of days before removal.  0 = disabled 
  $notify=0; //notify via email new postings 1=on 0=off 
  $email=""; //address to notify 
    require("guestbook-data.php3"); 

    For the modified version, you need in guestbook-data.php3: 
  <?php 

  $user="name"; // admin username 
  $password="test"; // admin password 
  $bookname="book"; // the name of the table within the ODBC db 
  $autodelete=0; //number of days before removal.  0 = disabled 
  $notify=0; //notify via email new postings 1=on 0=off 
  $notify_email="yourname@yourISP.com"; //address to notify 

  ?> 

  accessing your guestbook page with ?admin gets you the admin logon 
  which you use the above user and password to gain entry.  The admin 
  page is identical to the regular guestbook page except that it lets 
  you delete entries. 


  mysql table info: 

    create table <tablename>( 
    id int not null auto_increment, 
    posted int not null, 
    name char(50) not null, 
    email char(40), 
    company char(40), 
    message text, 
    index (posted), 
    index (id) 
    )\g 

  ODBC database info (in my case it was Access - brad): 
  Don't forget to create a System DSN called "guestbook"! 

  Field name-Datatype-Field size 
  
  id-Autonumber-Primary key 
  posted-number-long integer 
  name-text-100 
  email-text-40 
  company-text-100 
  location-text-100 
  message-memo 

  
*/ 


//initialize database info 

$server="127.0.0.1"; //database server address 
$dbname="guestbook"; //ODBC DSN database name 
$uid=""; // username for that database 
$pwd=""; // password for that database 

$maxmessagelength=1024; //set to 0 if you dont care how long it gets 

//no need to edit below this line 


//check to see if admin login requested 

if($argv[0]=="admin"){ //show login form 
?> 

<div align='center'> 
<form action="guestbook.php3" method="POST"> 
Login Name: <input type="Text" name="loginname">?? 
Password: <input type="Password" name="pword">?? 
<input type="Submit" value="Login"> 
</form> 
</div> 

<?php 


}else{ //do guestbook 


if (!$action) { // Don't show the link to sign the guestbook if they've already done it 
?> 
<a href="guestbook.php3#post">Sign the Guest Book</a><br> 
<?php 
} 


// Connect to the database 
$conn=odbc_connect($dbname,$uid,$pwd) or die( "Unable to connect to database" ); 


//if autodelete, delete old entries 

if($autodelete){ 
    $sql="delete from $bookname where posted<". 
        (time()-($autodelete * 86400)); 
    $result  =  odbc_exec($conn,$sql); 
} 

/* Are deleting an entry? */ 

if($d!=""){ 
    $sql="delete from $bookname where id=$d"; 
    if ($result  =  odbc_exec($conn,$sql)) { 
        odbc_free_result($result); 
    } else { 
        echo "Oops. Failed to delete.<br>\n"; 
    } 
} 


//check to see if admin logged in 

$isadmin=0; 
if($loginname==$user && $pword==$password)$isadmin=1; 


//Are posting a new entry? 

if($action=="Submit"){ 

/* Over-write some variables from the postvars to be sure 
   they were at least done via post method. */ 

    $name=$email=$company=$message=$loginname=$pword=""; 
    while(list($header,$value)=each($HTTP_POST_VARS)){ 
        eval("$".$header."=\"$value\";"); 
    } 

    if($maxmessagelength && strlen($message)>$maxmessagelength){ 
        echo("<p>Your message is too long, please click on your back ". 
            "button and shorten the message.  Thank You!</p>\n"); 
    }elseif(strpos($email,"@")==false || strpos($email,".")==false){ 
        echo "<p>You submitted an invalid email address. Please click your back ". 
                     "button and enter a valid email address (of the form \"your_username@your_ISP.com\").</p>\n"; 
    } else { 
        if($name && $email && $company && $message){ 
            $test = odbc_exec($conn,"select id from $bookname where (name='$name' and email='$email')"); 
            if (odbc_fetch_row($test)==true) { 
                echo "Identical record found; updating...<br>\n"; 
                $old_id = odbc_result($test,"id"); 
                $sql="update $bookname set posted=".time(). 
             
    ",name='$name',email='$email',company='$company',location='$location',message='$message' where id=$old_id"; 
            }else{ 
                $sql="insert into $bookname (posted,name,email,company,location,message) ". 
                "values (".time().",'".$name."', ". 
                "'".$email."', '".$company."', ". 
                "'".$location."', '".$message."')"; 
            } 
//echo "$sql<br>\n"; 

            $result  =  odbc_exec($conn,$sql); 
            if(!$result){ 
                echo("There was an error!"); 
            }else{ 
                echo('<center><b>Thank you for signing our guestbook!</b></center>'); 
                //notify via email 
                if($notify){ 
                    $emailmessage="Your guestbook has been signed:\n\n". 
                        "By: $name\nemail: $email\nCompany: $company\n". 
                        "Location: $location\nMessage:\n$message\n\n"; 
                    //mail($notify_email,"Guestbook Notification",$emailmessage); 
                } 
            } 
        }else{ 
?> 
<p>You didn't fill in all the form variables, please click 
on your browsers back button now, and complete the form. 
Thank You!</p> 
<?php 
        } 
    } 
} // End of "if action" statement 

//show guestbook entries 

$sql="select * from $bookname order by posted desc"; 
if(($result  =  odbc_exec($conn,$sql))){ 
    $bzm = 1; 
    while(odbc_fetch_row($result,$bzm)) { 
        echo('<hr><p>'); 
        if($isadmin){ // 
            echo "<b>IS ADMINISTRATOR</b><br>\n"; 
?> 

<form action="guestbook.php3" method="POST"> 
<input type="hidden" name="loginname" value="<?php echo($loginname);?>"> 
<input type="hidden" name="password" value="<?php echo($password);?>"> 
<input type="hidden" name="d" value="<?php echo odbc_result($result,"id"); ?>"> 
<input type="Submit" value="Delete"><br> 

<?php        } 

        echo "<table border='0'>\n"; 
        echo " <tr>\n  <td align='right'>\n  <b>Name:</b>\n  </td>\n"; 
                echo "  <td>\n   ".odbc_result($result,"name")."\n  </td>\n </tr>\n"; 
        echo " <tr>\n  <td align='right'>\n  <b>Email:</b>\n  </td>\n"; 
                echo "  <td>\n   ".odbc_result($result,"email")."\n  </td>\n </tr>\n"; 
        echo " <tr>\n  <td align='right'>\n  <b>Company:</b>\n  </td>\n"; 
                echo "  <td>\n   ".odbc_result($result,"company")."\n  </td>\n </tr>\n"; 
        echo " <tr>\n  <td align='right'>\n  <b>Location:</b>\n  </td>\n"; 
                echo "  <td>\n   ".odbc_result($result,"location")."\n  </td>\n </tr>\n"; 
        echo " <tr>\n  <td align='right'>\n  <b>Date:</b>\n  </td>\n"; 
                echo "  <td>\n   ".date("m-d-Y h:i a",odbc_result($result,"posted"))."\n  </td>\n </tr>\n"; 
        echo " <tr>\n  <td align='right'>\n  <b>Message:</b>\n  </td>\n"; 
                echo "  <td>\n   ".odbc_result($result,"message")."\n  </td>\n </tr>\n"; 
        echo "</table>\n"; 
        if($isadmin)echo('</form>'); 
        $bzm++; 
    } 
    odbc_free_result($result); 
}else{ 
    echo("There was an error!"); 
} 


//shutdown database connection 

odbc_close_all(); 

if ($action != "Submit") { 

?> 
<hr> 
<a name="post"><b>Please sign our Guest Book</b></a> 
<form action="guestbook.php3" method="POST"> 
<table border='0'> 
<tr valign='top'> 
  <td align='right'> 
   <br>Name: 
  </td> 
  <td> 
   <br><input type="Text" name="name" size="40" maxlength="100"> 
  </td> 
  <td rowspan='4'> 
   Message:<br> 
   <textarea name="message" cols="40" rows="10" wrap="PHYSICAL"></txtarea><br> 
  </td> 
</tr> 
<tr> 
  <td align='right'> 
   <br>Email: 
  </td> 
  <td> 
   <br><input type="Text" name="email" size="40" maxlength="40"> 
  </td> 
</tr> 
<tr> 
  <td align='right'> 
   <br>Company: 
  </td> 
  <td> 
   <br><input type="Text" name="company" size="40" maxlength="100"> 
  </td> 
</tr> 
<tr> 
  <td align='right'> 
   <br>Geographic<br>Location: 
  </td> 
  <td> 
   <br><input type="Text" name="location" size="40" maxlength="100"> 
  </td> 
</tr> 
<tr> 
  <td></td> 
  <td> 
   We ask location because we're curious.<br> 
   Please put down your city, county, state,<br>province, country and/or continent. Thanks! 
  </td> 
  <td align='center'> 
   <input type="Submit" name="action" value="Submit"> 
   <input type="reset"> 
  </td> 
</tr> 
</table> 
</form> 
<hr> 
<?php 
} 

} //end guestbook 

//phpinfo(); 
?> 

</BODY> 
</HTML>