diff --git a/README b/README
index 2d49564..50a8f25 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-PHPCSV Guestbook version 0.96
+PHPCSV Guestbook version 0.97
Simple php guestbook with csv file data storage.
@@ -15,7 +15,7 @@ Archive: https://github.com/zlaxy/phpcsvguestbook/archive/master.zip
2. Edit settings.php: change $GBadmin and $GBpassword (and other variables if necessary)
-3. Check privileges for access to files: data storage (default: gbdb.csv) must have write permissions. Other files need only read rights.
+3. Check privileges for access to files: data storage (default: gbdb.csv) must have write permissions. If you enabled upload feature, 'upload' directory must have rwx permissions. Other files need only read rights.
Using:
diff --git a/index.php b/index.php
index 54a1fbc..6d82d43 100644
--- a/index.php
+++ b/index.php
@@ -33,15 +33,36 @@ function ReadEntries() {
return $Entries;
}
+function SaveFile() {
+ $filename = substr(md5(uniqid()), 0, 13).'.'.pathinfo($_FILES['uploadedfile']['name'], PATHINFO_EXTENSION);
+ $uploaddir = 'upload/';
+ $uploadfile = $uploaddir.$filename;
+ if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $uploadfile)) {
+ return $uploadfile;
+ } else {
+ return false;
+ }
+}
+
+function CheckFile() {
+ global $GBimagesize;
+ if (getimagesize($_FILES['uploadedfile']['tmp_name'])) {
+ if ((filesize($_FILES['uploadedfile']['tmp_name']))<($GBimagesize)) return SaveFile();
+ else return false;
+ } else return false;
+}
+
function AddEntry() {
global $GBdata;
global $Titles;
global $PageStatus;
+ global $UploadedFile;
$NewEntry[name]=$_POST['name'];
$NewEntry[from]=$_POST['from'];
$NewEntry[link]=$_POST['link'];
$NewEntry[email]=$_POST['email'];
- $NewEntry[text]=$_POST['text'];
+ if ($UploadedFile) $NewEntry[text]=$_POST['text']."
";
+ else $NewEntry[text]=$_POST['text'];
$NewEntry[datetime]=time();
$NewEntry[response]="";
$fhandle=fopen($GBdata,"a");
@@ -57,6 +78,7 @@ function AddEntryView() {
global $PageStatus;
global $GBcaptcha;
global $GBtextlenght;
+ global $GBupload;
echo "
",$Titles[Page],"
\n";
if ($PageStatus=="added") echo "$Titles[Added]"; else {
$captchanumber11=rand(1, 4);
@@ -64,17 +86,22 @@ function AddEntryView() {
$captchanumber21=rand(1, 4);
$captchanumber22=rand(0, 9);
$_SESSION['captcha']=md5(base64_encode(($captchanumber11.$captchanumber12)+($captchanumber21.$captchanumber22)));
- echo "\n";
if ($PageStatus=="emptyname") echo "$Titles[EmptyName]
\n";
if ($PageStatus=="emptytext") echo "$Titles[EmptyText]
\n";
+ if ($PageStatus=="wrongimage") echo "$Titles[WrongImage]
\n";
if ($PageStatus=="wrongcaptcha") echo "$Titles[WrongCaptcha]
\n";
}
}
@@ -213,15 +240,27 @@ function EntriesView() {
}
if($_POST['submit']) {
- if(!$_POST['text']) $PageStatus="emptytext";
- if(!$_POST['name']) $PageStatus="emptyname";
- if(($_POST['name'])&&($_POST['text']))
+ if (!$_POST['text']) $PageStatus="emptytext";
+ if (!$_POST['name']) $PageStatus="emptyname";
+ if ($GBupload) {
+ if ($_FILES['uploadedfile']['tmp_name']) {
+ $UploadedFile=CheckFile();
+ if (!$UploadedFile) {
+ $PageStatus="wrongimage";
+ }
+ }
+ }
+ if (($_POST['name'])&&($_POST['text']))
if ($_POST["captcha"]&&(md5(base64_encode($_POST["captcha"]))==$_SESSION["captcha"])) {
- AddEntry();
- if ($GBnotificationmailto) SendMail();
- } else if (!$GBcaptcha) {
+ if (!$PageStatus=="wrongimage") {
AddEntry();
if ($GBnotificationmailto) SendMail();
+ }
+ } else if (!$GBcaptcha) {
+ if (!$PageStatus=="wrongimage") {
+ AddEntry();
+ if ($GBnotificationmailto) SendMail();
+ }
} else $PageStatus="wrongcaptcha";
if (($PageStatus)&&!($PageStatus=="added")) {
$SESSION["value"]["name"]=$_POST['name'];
diff --git a/settings.php b/settings.php
index 3da568a..8bdb7e2 100644
--- a/settings.php
+++ b/settings.php
@@ -14,6 +14,8 @@ $GBpagination=10; // pagination for entries, 0 - disabled
$GBreadmore=255; // number of symbols for 'Read More' feature, 0 - shows full entries
$GBsearch=true; // enable or disable search bar
$GBcaptcha=true; // enable or disable captcha
+$GBupload=true; // enable or disable upload image feature
+$GBimagesize=1048576; // maximum image size
$GBnotificationmailto=""; // leave empty if you don't want send notification
$GBnotificationmailfrom="";
$GBtextlenght=7168; // maximum size of entry text
@@ -63,4 +65,6 @@ $Titles[Next]=">>";
$Titles[Search]="Search";
$Titles[NoResult]="No search result";
$Titles[ReadMore]="Read more";
+$Titles[FileUpload]="Upload image:";
+$Titles[WrongImage]="Can't upload image.";
?>
diff --git a/settings_ru.php b/settings_ru.php
index ef4104b..8a45046 100644
--- a/settings_ru.php
+++ b/settings_ru.php
@@ -15,6 +15,8 @@ $GBpagination=10; // количество записей на странице,
$GBreadmore=0; // количество символов для функции 'Читать далее', 0 - показывать записи полностью
$GBsearch=true; // включение или отключение строки поиска
$GBcaptcha=true; // включение или отключение капчи
+$GBupload=true; // включение или отключние возможности загрузки картинок
+$GBimagesize=1048576; // максимальный размер изображения
$GBnotificationmailto=""; // оставьте поле пустым, если не хотите отправки уведомлений о новых записях
$GBnotificationmailfrom="";
$GBtextlenght=7168; // максимальное количество символов для текста записи
@@ -64,4 +66,6 @@ $Titles[Next]="Вперед";
$Titles[Search]="Поиск";
$Titles[NoResult]="Ничего не найдено";
$Titles[ReadMore]="Читать далее";
+$Titles[FileUpload]="Загрузить изображение:";
+$Titles[WrongImage]="Не могу загрузить изображение.";
?>