phpcsvguestbook/index.php

421 lines
17 KiB
PHP
Raw Normal View History

2016-05-06 20:02:56 +00:00
<?php
/**
2017-09-26 16:19:12 +00:00
* Main program file of PHPCSV Guestbook
2016-05-06 20:02:56 +00:00
* See settings.php for configuration.
* Edit page.php for change appearance.
* See license.txt for licensing information.
*/
session_start();
include "settings.php";
2017-01-27 10:28:04 +00:00
function SendMail() {
global $Titles;
global $GBnotificationmailto;
global $GBnotificationmailfrom;
2017-09-29 08:54:49 +00:00
global $GBcityfield;
global $GBlinkfield;
global $GBsubjectfield;
global $GBcategoryfield;
$message=$_POST["name"];
if ($GBcityfield) $message=$message." ".$Titles["From"]." ".$_POST["from"];
2017-09-29 08:54:49 +00:00
$message=$message."(";
if ($GBlinkfield) $message=$message.$_POST["link"].", ";
$message=$message.$_POST["email"].") ".$Titles["Wrote"];
if ($GBsubjectfield) $message=$message." ".$_POST["subj"];
if ($GBcategoryfield) $message=$message." [".$_POST["category"]."]";
$message=$message.":\r\n\r\n".$_POST["text"]."\r\n\r\n_____\r\n".$Titles["MailAdmin"];
mail($GBnotificationmailto, $Titles["MailSubject"], $message,
2017-01-27 10:28:04 +00:00
"From: ".$GBnotificationmailfrom." \r\n"."Content-type: text/plain; charset=utf-8\r\n"
."X-Mailer: PHP/".phpversion());
}
2016-05-06 20:02:56 +00:00
function ReadEntries() {
global $GBdata;
global $DataStatus;
$fhandle=fopen($GBdata,"r") or $DataStatus="empty";
for($e=0; $entrydata=fgetcsv($fhandle, 16384, ","); $e++) {
$Entries["$e"]=$entrydata;
2017-09-29 08:54:49 +00:00
$Entries["$e"][10]=$e+1;
2016-05-06 20:02:56 +00:00
}
fclose($fhandle);
if (!isset($Entries[0])) $DataStatus="empty";
else return $Entries;
2016-05-06 20:02:56 +00:00
}
2017-09-27 21:31:08 +00:00
function SaveFile() {
2017-10-06 08:50:48 +00:00
$postuploaddir = substr(md5(uniqid()), 0, 13);
$preuploaddir = "upload/";
$filename = $_FILES["uploadedfile"]["name"];
$uploadfile = $preuploaddir.$postuploaddir."/".$filename;
mkdir($preuploaddir.$postuploaddir, 0755, true);
if (move_uploaded_file($_FILES["uploadedfile"]["tmp_name"], $uploadfile)) {
2017-09-27 21:31:08 +00:00
return $uploadfile;
} else {
return false;
}
}
function CheckFile() {
2017-10-06 08:50:48 +00:00
global $Titles;
global $GBfilesize;
global $GBupload;
if ($GBfilesize>$_FILES["uploadedfile"]["size"] && $_FILES["uploadedfile"]["size"]>0) {
if (in_array("images",$GBupload)) if (getimagesize($_FILES["uploadedfile"]["tmp_name"]))
return " <br><img src=\"".SaveFile()."\">";
if ($GBupload===true)
return " <br><a href=\"".SaveFile()."\">"."<strong>📎</strong> ".$Titles["AttachedFile"]."</a>";
if (in_array(mb_strtolower(pathinfo($_FILES["uploadedfile"]["name"], PATHINFO_EXTENSION)),$GBupload))
return " <br><a href=\"".SaveFile()."\">"."<strong>📎</strong> ".$Titles["AttachedFile"]."</a>";
2017-09-27 21:31:08 +00:00
} else return false;
2017-10-06 08:50:48 +00:00
return false;
2017-09-27 21:31:08 +00:00
}
2017-10-01 07:47:08 +00:00
function AddHttp($Link) {
2017-10-01 08:02:50 +00:00
if (!$Link=="") if (!preg_match("~^(?:f|ht)tps?://~i",$Link)) {
2017-10-01 07:47:08 +00:00
$Link = "http://".$Link;
}
return $Link;
}
2016-05-06 20:02:56 +00:00
function AddEntry() {
global $GBdata;
global $Titles;
global $PageStatus;
2017-09-27 21:31:08 +00:00
global $UploadedFile;
2017-09-29 08:54:49 +00:00
global $GBcityfield;
global $GBlinkfield;
global $GBsubjectfield;
global $GBcategoryfield;
2017-09-29 18:13:22 +00:00
global $GBstriptags;
if (!$GBstriptags) $NewEntry["name"]=$_POST["name"];
else $NewEntry["name"]=strip_tags($_POST["name"]);
2017-09-29 18:13:22 +00:00
if ($GBcityfield) {
if (!$GBstriptags) $NewEntry["from"]=$_POST["from"];
else $NewEntry["from"]=strip_tags($_POST["from"]);
} else $NewEntry["from"]="";
2017-09-29 18:13:22 +00:00
if ($GBlinkfield) {
2017-10-01 07:47:08 +00:00
if (!$GBstriptags) $NewEntry["link"]=AddHttp($_POST["link"]);
else $NewEntry["link"]=AddHttp(strip_tags($_POST["link"]));
} else $NewEntry["link"]="";
$NewEntry["email"]=$_POST["email"];
if (!$GBstriptags) $NewEntry["text"]=$_POST["text"];
else $NewEntry["text"]=strip_tags($_POST["text"]);
2017-10-06 08:50:48 +00:00
if ($UploadedFile) $NewEntry["text"]=$NewEntry["text"].$UploadedFile;
$NewEntry["datetime"]=time();
$NewEntry["response"]="";
2017-09-29 18:13:22 +00:00
if ($GBsubjectfield) {
if (!$GBstriptags) $NewEntry["subj"]=$_POST["subj"];
else $NewEntry["subj"]=strip_tags($_POST["subj"]);
} else $NewEntry["subj"]="";
if ($GBcategoryfield) $NewEntry["category"]=strip_tags($_POST["category"]);
else $NewEntry["category"]="";
2017-09-30 19:39:23 +00:00
if (isset($_SESSION["reply"])) {
$NewEntry["reply"]=$_SESSION["reply"][5];
unset($_SESSION["reply"]);
2017-10-01 07:47:08 +00:00
} else $NewEntry["reply"]="";
$NewEntry["number"]="";
$NewEntry["lock"]="";
$NewEntry["sticky"]="";
2016-05-06 20:02:56 +00:00
$fhandle=fopen($GBdata,"a");
fputcsv($fhandle,$NewEntry);
fclose($fhandle);
$PageStatus="added";
$_SESSION["captcha"]="";
2016-05-06 20:02:56 +00:00
}
function AddEntryView() {
global $Titles;
global $Values;
global $PageStatus;
global $GBcaptcha;
2017-09-27 07:31:42 +00:00
global $GBtextlenght;
2017-09-27 21:31:08 +00:00
global $GBupload;
2017-09-29 08:54:49 +00:00
global $GBcityfield;
global $GBlinkfield;
global $GBsubjectfield;
global $GBcategoryfield;
2017-10-06 08:50:48 +00:00
global $GBfilesize;
echo "<h2>",$Titles["Page"],"</h2><br>\n";
if ($PageStatus=="added") echo $Titles["Added"]."<br>\n";
2017-09-29 08:54:49 +00:00
$captchanumber11=rand(1, 4);
$captchanumber12=rand(0, 9);
$captchanumber21=rand(1, 4);
$captchanumber22=rand(0, 9);
$_SESSION["captcha"]=md5(base64_encode(($captchanumber11.$captchanumber12)+($captchanumber21.$captchanumber22)));
2017-09-29 08:54:49 +00:00
echo "<form action=index.php method=post enctype=\"multipart/form-data\">\n";
echo " ",$Titles["Name"],": <input type=text name=\"name\" value=\"",$Values["name"],"\" maxlength=255> (",$Titles["Required"],")<br>\n";
if ($GBcityfield) echo " ",$Titles["City"],": <input type=text name=\"from\" value=\"",$Values["from"],"\" maxlength=255><br>\n";
if ($GBlinkfield) echo " ",$Titles["Link"],": <input type=text name=\"link\" value=\"",$Values["link"],"\" maxlength=255><br>\n";
echo " ",$Titles["Email"],": <input type=text name=\"email\" value=\"",$Values["email"],"\" maxlength=255> ($Titles[NotPublic])<br>\n";
if ($GBsubjectfield) echo " ",$Titles["Subject"],": <input type=text name=\"subj\" value=\"",$Values["subj"],"\" maxlength=255><br>\n";
2017-09-29 08:54:49 +00:00
if ($GBcategoryfield) {
echo " ",$Titles["Category"],": <select name=\"category\">";
2017-09-29 08:54:49 +00:00
foreach($GBcategoryfield as $Category) {
echo " <option value=\"$Category\"";
if ($Values["category"]==$Category) echo " selected=\"selected\"";
echo ">$Category</option>";
2017-09-27 21:31:08 +00:00
}
2017-09-29 08:54:49 +00:00
echo "</select><br>\n";
2016-05-06 20:02:56 +00:00
}
echo " ",$Titles["Text"],":<br>\n <textarea name=\"text\" wrap=virtual cols=50 rows=5 maxlength=$GBtextlenght>",$Values["text"],"</textarea><br>\n";
2017-09-29 08:54:49 +00:00
if ($GBupload) {
echo " <label for=\"file\">".$Titles["FileUpload"]."</label>\n";
2017-10-06 08:50:48 +00:00
echo " <input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"".$GBfilesize."\" />\n";
2017-09-29 08:54:49 +00:00
echo " <input type=\"file\" name=\"uploadedfile\"><br>\n";
}
if ($GBcaptcha) echo " ",$Titles["Captcha"],": <font class=\"text\">$captchanumber11</font><font>$captchanumber11</font><font>$captchanumber12</font> ",$Titles["CaptchaPlus"]," <font>$captchanumber21</font><font>$captchanumber22</font><font class=\"text\">$captchanumber21</font> = <input type=text name=\"captcha\" size=2 maxlength=2> ?<br>\n";
echo " <input type=submit name=\"submit\" value=\"",$Titles["Submit"],"\">\n";
2017-09-29 08:54:49 +00:00
echo "</form>\n";
if ($PageStatus=="emptyname") echo $Titles["EmptyName"],"<br>\n";
if ($PageStatus=="emptytext") echo $Titles["EmptyText"],"<br>\n";
2017-10-06 08:50:48 +00:00
if ($PageStatus=="wrongfile") echo $Titles["WrongFile"],"<br>\n";
if ($PageStatus=="wrongcaptcha") echo $Titles["WrongCaptcha"],"<br>\n";
2016-05-06 20:02:56 +00:00
}
2017-09-26 16:19:12 +00:00
function Search($SearchQuery) {
$Entries=ReadEntries();
$SearchResultCount=0;
$SearchResult=false;
foreach($Entries as $e=>$Entry) {
2017-09-29 08:54:49 +00:00
for($p=0; $p<9; $p++) {
2017-09-26 16:19:12 +00:00
if (mb_stristr($Entry[$p],$SearchQuery)) {
$SearchResult[$SearchResultCount][0]=$e;
$SearchResult[$SearchResultCount][1]=$Entry;
$SearchResultCount++;
break;
}
}
}
return $SearchResult;
}
function AddSearchBar() {
global $Titles;
global $GBsearch;
2017-10-01 06:40:21 +00:00
global $GBcategoryfield;
2017-09-26 16:19:12 +00:00
if ($GBsearch) {
echo "<form action=index.php method=post>";
if ($GBcategoryfield) {
echo "<input type=text name=\"serachq\" value=\"\" maxlength=255 list=\"browsers\">";
echo "<datalist id=\"browsers\">";
foreach ($GBcategoryfield as $category) echo " <option value=\"",$category,"\">";
echo "</datalist>";
} else echo "<input type=text name=\"serachq\" value=\"\" maxlength=255>";
echo "<input type=submit name=\"search\" value=\"",$Titles["Search"],"\">";
2017-09-26 16:19:12 +00:00
echo "</form>";
}
}
2017-09-29 08:54:49 +00:00
function SinlgeEntry($Entry) {
global $Titles;
2017-09-30 19:39:23 +00:00
global $GBreplies;
2017-09-29 08:54:49 +00:00
global $GBreadmore;
global $GBcityfield;
global $GBlinkfield;
global $GBsubjectfield;
global $GBcategoryfield;
2017-09-30 19:39:23 +00:00
global $GBshownumbers;
global $GBreplies;
echo " ";
if ($GBreplies&&isset($Entry[9])&&$Entry[9]) echo "<div class=\"reply\">";
echo "<div class=\"entry\"><div class=\"messages_header\"><h4>";
2017-10-02 07:28:59 +00:00
if ($Entry[11]) echo "[",$Titles["Locked"],"] ";
if ($Entry[12]) echo "[",$Titles["Sticky"],"] ";
if ($GBreplies&&isset($Entry[9])&&$Entry[9]) echo "";
else echo "";
2017-09-30 19:39:23 +00:00
if ($GBshownumbers) echo $Entry[10],". ";
2017-09-29 08:54:49 +00:00
if ($Entry[2]) echo "<a href=\"",$Entry[2],"\">";
echo "<b>",$Entry[0],"</b>";
if ($Entry[2]) echo "</a>";
if ($Entry[1]) echo " ",$Titles["From"]," <b>",$Entry[1],"</b>";
2017-09-30 19:39:23 +00:00
echo ", ",date("j.m.Y, H:i",$Entry[5]),", ";
if ($GBreplies&&isset($Entry[9])&&$Entry[9]) {
echo $Titles["Replied"];
} else echo $Titles["Wrote"];
if (($GBsubjectfield)&&($Entry[7])) echo " ",$Titles["About"]," '",$Entry[7],"'";
2017-09-29 08:54:49 +00:00
if (($GBcategoryfield)&&($Entry[8])) echo " [",$Entry[8],"]";
echo ":</div></h4><br>\n";
if ($GBreadmore>0) {
$Message=strip_tags($Entry[4]);
if (strlen($Message)>$GBreadmore) {
$readmorenumber="readmore".$Entry[10];
if ($_POST[$readmorenumber]) echo " ",nl2br($Entry[4]),"<br>\n";
else {
$Message = substr($Message, 0, $GBreadmore);
$Message = substr($Message, 0, strrpos($Message, ' '))."... <form action=\"\" method=\"post\"><button type=\"submit\" name=\"readmore".$Entry[10]."\" value=\"read\" class=\"btn-link\">".$Titles["ReadMore"]."</button></form>";
2017-09-29 08:54:49 +00:00
echo " ",nl2br($Message),"<br>\n";
}
} else echo " ",nl2br($Entry[4]),"<br>\n";
} else echo " ",nl2br($Entry[4]),"<br>\n";
if ($Entry[6]) echo "<br><i><b>",$Titles["Response"],":</b><br>\n";
2017-09-29 08:54:49 +00:00
if ($Entry[6]) echo nl2br($Entry[6]),"</i><br>\n";
2017-10-02 07:28:59 +00:00
if ($GBreplies&&!($Entry[11])) {
2017-09-30 19:39:23 +00:00
echo "<form action=index.php method=post>";
echo "<p align=\"right\"><button type=submit name=\"reply\" value=\"",$Entry[10],"\">",$Titles["Reply"],"</button></p>";
echo "</form>";
}
echo "</div>";
if ($GBreplies&&isset($Entry[9])&&$Entry[9]) echo "</div>";
echo "<hr>\n";
2017-09-29 08:54:49 +00:00
}
2016-05-06 20:02:56 +00:00
function EntriesView() {
global $Titles;
global $DataStatus;
global $Entries;
2017-09-25 09:39:36 +00:00
global $GBpagination;
2017-09-27 07:31:42 +00:00
global $GBreadmore;
2017-09-29 08:54:49 +00:00
global $GBcityfield;
global $GBlinkfield;
global $GBsubjectfield;
global $GBcategoryfield;
2017-09-30 19:39:23 +00:00
global $GBreplies;
2017-10-02 07:28:59 +00:00
global $GBstickylocked;
2017-09-30 19:39:23 +00:00
if (isset($_SESSION["reply"])) {
echo $Titles["Replying"],"<br>\n";
}
2017-10-02 07:28:59 +00:00
if ($GBstickylocked) {
if (isset($Entries)) {
$EntriesStickySorted=$Entries;
$i = count($Entries);
while (--$i >= 0) {
if (isset($EntriesStickySorted[$i][12])&&($EntriesStickySorted[$i][12]=="on")) {
$item = $EntriesStickySorted[$i];
unset($EntriesStickySorted[$i]);
array_push($EntriesStickySorted, $item);
}
}
$Entries=array_values($EntriesStickySorted);
}
}
2017-09-30 19:39:23 +00:00
if ($GBreplies) {
2017-10-02 07:28:59 +00:00
if (isset($Entries)) {
$EntriesReplySorted=$Entries;
foreach($Entries as $Entry) {
if (isset($Entry[9])) {
unset($a); unset($b);
foreach($EntriesReplySorted as $n=>$EntrySort) if ($EntrySort[5]==$Entry[5]) $a=$n;
foreach($EntriesReplySorted as $n=>$EntrySort) if ($EntrySort[5]==$Entry[9]) {
if (isset($EntrySort[12])&&$EntrySort[12]=="on") $b=$n-1;
else $b=$n;
}
if (isset($b)) {
if (!(isset($Entry[12])&&$Entry[12]=="on")) {
$out=array_splice($EntriesReplySorted, $a, 1);
array_splice($EntriesReplySorted, $b, 0, $out);
}
}
2017-09-30 19:39:23 +00:00
}
}
2017-10-02 07:28:59 +00:00
$Entries=$EntriesReplySorted;
2017-09-30 19:39:23 +00:00
}
}
if ($DataStatus=="empty") echo $Titles["EmptyFile"];
else if(isset($_POST["search"])&&isset($_POST["serachq"])) {
$SearchResult=Search($_POST["serachq"]);
2017-09-26 16:19:12 +00:00
if ($SearchResult) {
$GBpagination=0;
unset($Entries);
foreach($SearchResult as $n=>$Entry) $Entries[$n]=$Entry[1];
} else echo $Titles["NoResult"].": '",$_POST["serachq"],"'.<br>\n";
2017-09-26 16:19:12 +00:00
}
if (($GBpagination>0)&&(count($Entries)>$GBpagination)) {
$Entries=array_reverse($Entries);
if (isset($_GET["page"])) switch ($_GET["page"]) {
case $Titles["First"]:
2017-09-25 09:39:36 +00:00
$CurrentPage=0;
break;
case $Titles["Last"]:
2017-09-29 18:15:02 +00:00
$CurrentPage=(int)((count($Entries)-1)/$GBpagination);
2017-09-25 09:39:36 +00:00
break;
case $Titles["Previous"]:
$CurrentPage=$_SESSION["currentpage"]-1;
2017-09-25 09:39:36 +00:00
break;
case $Titles["Next"]:
$CurrentPage=$_SESSION["currentpage"]+1;
2017-09-25 09:39:36 +00:00
break;
default:
$CurrentPage=$_GET["page"]-1;
2017-09-26 16:19:12 +00:00
}
2017-09-25 09:39:36 +00:00
else $CurrentPage=0;
for ($e = ($GBpagination*$CurrentPage); $e < ($GBpagination*($CurrentPage+1)); $e++) {
if ($e>=count($Entries)) break;
2017-09-29 08:54:49 +00:00
SinlgeEntry($Entries[$e]);
2017-09-25 09:39:36 +00:00
}
echo "<form action=index.php method=\"get\">\n";
2017-09-25 09:39:36 +00:00
if ($CurrentPage>0) {
echo " <input type=\"submit\" value=\"",$Titles["First"],"\" name=\"page\"/>\n";
echo " <input type=\"submit\" value=\"",$Titles["Previous"],"\" name=\"page\"/>\n";
2017-09-25 09:39:36 +00:00
}
for ($p = ($CurrentPage-2); $p <= ($CurrentPage+2); $p++) {
$page = $p+1;
if (($p>=0)&&($p<(count($Entries)/$GBpagination))) {
echo " <input type=\"submit\" value=\"$page\" name=\"page\"";
if ($p==$CurrentPage) echo " disabled";
echo "/>\n";
}
}
if ($CurrentPage<((count($Entries)/$GBpagination)-1)) {
echo " <input type=\"submit\" value=\"",$Titles["Next"],"\" name=\"page\"/>\n";
echo " <input type=\"submit\" value=\"",$Titles["Last"],"\" name=\"page\"/>\n";
2017-09-25 09:39:36 +00:00
}
echo "</form>\n";
$_SESSION["currentpage"]=$CurrentPage;
2017-09-25 09:39:36 +00:00
} else {
if (isset($Entries[0])) {
$Entries=array_reverse($Entries);
foreach($Entries as $e=>$Entry) SinlgeEntry($Entry);
}
2016-05-06 20:02:56 +00:00
}
}
2017-09-30 19:39:23 +00:00
if ($GBreplies) $GBshownumbers=false;
if(isset($_POST["submit"])) {
if (!$_POST["text"]) $PageStatus="emptytext";
if (!$_POST["name"]) $PageStatus="emptyname";
2017-09-27 21:31:08 +00:00
if ($GBupload) {
2017-10-06 08:50:48 +00:00
if ($_FILES["uploadedfile"]["name"]) {
2017-09-27 21:31:08 +00:00
$UploadedFile=CheckFile();
2017-10-06 08:50:48 +00:00
if ($UploadedFile==false) {
$PageStatus="wrongfile";
2017-09-27 21:31:08 +00:00
}
}
}
if (($_POST["name"])&&($_POST["text"]))
if (isset($_POST["captcha"])&&(md5(base64_encode($_POST["captcha"]))==$_SESSION["captcha"])) {
2017-10-06 08:50:48 +00:00
if (!isset($PageStatus)=="wrongfile") {
AddEntry();
if ($GBnotificationmailto) SendMail();
2017-09-27 21:31:08 +00:00
}
} else if (!$GBcaptcha) {
2017-10-06 08:50:48 +00:00
if (!isset($PageStatus)=="wrongfile") {
2017-09-27 21:31:08 +00:00
AddEntry();
if ($GBnotificationmailto) SendMail();
}
} else $PageStatus="wrongcaptcha";
2016-05-06 20:02:56 +00:00
if (($PageStatus)&&!($PageStatus=="added")) {
2017-09-30 19:39:23 +00:00
$_SESSION["value"]["name"]=$_POST["name"];
$_SESSION["value"]["from"]=$_POST["from"];
$_SESSION["value"]["link"]=$_POST["link"];
$_SESSION["value"]["subj"]=$_POST["subj"];
$_SESSION["value"]["category"]=$_POST["category"];
$_SESSION["value"]["email"]=$_POST["email"];
$_SESSION["value"]["text"]=$_POST["text"];
$Values=$_SESSION["value"];
} else if (isset($_SESSION["value"])) Unset($_SESSION["value"]);
2016-05-06 20:02:56 +00:00
}
$Entries=ReadEntries();
2017-09-30 19:39:23 +00:00
if(isset($_POST["reply"])) {
$_SESSION["reply"]=$Entries[$_POST["reply"]-1];
$GBsearch=false;
unset($Entries);
$GBreplies=false;
$Entries[0]=$_SESSION["reply"];
} else unset($_SESSION["reply"]);
2016-05-06 20:02:56 +00:00
include "page.php";
?>