2Zekr0d1

· 7 years ago · Oct 20, 2018, 09:38 AM
1<?php
2
3// Version from 07/09/2012
4//
5// Synapse-CMS framework project - Guestbook part.
6//
7// Copyright Lukas Veselovsky, <lukves@gmail.com>
8// Released under MIT License.
9
10class Synapse_guestbook {
11
12	// BEGIN OF
13
14	var $synapse_dir;
15
16	var $host;
17	var $username;
18	var $password;
19	var $table;
20
21// NOTE: zobraz login dialog..
22//		<div class="toolbar">
23//		<button type="button" class="fbutton" accesskey="b" id="addbbcode0_0" style="width: 30px" onclick="bbstyle(0, 0); return false"><span style="font-weight: bold"> B </span></button>
24//		<button type="button" class="fbutton" accesskey="i" id="addbbcode2_0" style="width: 30px" onclick="bbstyle(2, 0); return false"><span style="font-style:italic"> i </span></button>
25//		<button type="button" class="fbutton" accesskey="u" id="addbbcode4_0" style="width: 30px" onclick="bbstyle(4, 0); return false"><span style="text-decoration: underline"> U </span></button>
26//		<button type="button" class="fbutton" accesskey="s" id="addbbcode8_0" style="width: 30px" onclick="bbstyle(8, 0); return false"><span style="text-decoration: line-through"> S </span></button>
27//		<button type="button" class="fbutton" style="width: 50px" onclick="inputimg_url(0); return false"><span> IMAGE </span></button>
28//		<button type="button" class="fbutton" style="width: 50px" onclick="input_url(0); return false"><span> URL </span></button>
29//		<button type="button" class="fbutton" id="addbbcode6_0" style="width: 60px" onclick="bbstyle(6, 0); return false"><span> BREAK </span></button>
30//		</div>
31public function display_guestform() {
32	return $entry_display = <<<ADMIN_FORM
33	<div style="text-align: center;" class="messagepanel">
34	<center>
35		<br>
36		<form  NAME="formular" action="/index.php?page=guestbook" method="post" onsubmit="bbstyle(-1,0)">
37		
38		<table>
39		<tr>
40		<td align="left">
41		<br />
42		<label for="msg_title">Title:</label>
43		<input name="msg_title" id="msg_title" type="text" maxlength="98%" />
44		<div class="clear"></div>
45	 
46		<br />
47		<label for="msg_title">Username:</label>
48		<input name="msg_username" id="msg_username" type="text" maxlength="150" />
49		<div class="clear"></div>
50	 
51		<br />
52		<label for="msg_title">EMail:</label>
53		<input name="msg_email" id="msg_email" type="text" maxlength="150" />
54		<div class="clear"></div>
55	 
56		<img src="{$this->synapse_dir}cool-php-captcha/captcha.php" id="captcha" /><br/>
57		<br/>
58		<a href="#" onclick=" document.getElementById('captcha').src='{$this->synapse_dir}cool-php-captcha/captcha.php?'+Math.random(); document.getElementById('captcha-form').focus();" id="change-image">Not readable? Change text.</a><br/><br/>
59		<input type="text" name="captcha" id="captcha-form" /></ br>
60	 
61		<br />
62		<label for="msg_bodytext">Body Text:</label>
63		<textarea class="msgarea" name="msg_bodytext" id="text0" style="width: 98%;"></textarea>
64		<input type="submit" name="guest_btn" value="Post Message" />
65		<div class="clear"></div>
66		</td>	
67		</tr>
68		</table>
69		</form>
70	</center>
71	</div>
72ADMIN_FORM;
73}
74
75// NOTE: zobraz uvodnu stranku..
76public function display_guestmessages() {
77
78    if ($_POST) {
79		if (!empty($_POST['guest_btn'])) {
80			if (!empty($_REQUEST['captcha'])) {
81							if (empty($_SESSION['captcha']) || trim(strtolower($_REQUEST['captcha'])) != $_SESSION['captcha']) {
82								$captcha_message = "Invalid captcha";
83								$style = "background-color: #FF606C";
84							} else {
85								$captcha_message = "Valid captcha";
86								$style = "background-color: #CCFF99";
87								// Guestbook Formular
88								// Captcha is OK, then Send a Message to Guestbook DB
89								$this->write_data();
90							}
91							$request_captcha = htmlspecialchars($_REQUEST['captcha']);
92								echo <<<HTML
93								        <div id="result" style="$style">
94											<h2>$captcha_message</h2>
95										</div>
96HTML;
97							unset($_SESSION['captcha']);
98			}
99		}
100    }
101
102
103    $this->switch_guestbook_table();
104    $q = "SELECT * FROM guestbook ORDER BY created DESC LIMIT 2048";
105    $r = mysql_query($q);
106	$id=1;
107	$numbers=10;
108	$entry_display = <<<ADMIN_FORM
109			<br>
110			<ul class="menu">
111ADMIN_FORM;
112    if ( $r !== false && mysql_num_rows($r) > 0 ) {
113	while ( $a = mysql_fetch_assoc($r) ) {
114        $title = stripslashes($a['title']);
115        // bodytext
116        $bodytext = stripslashes($a['bodytext']);
117		//$bodytext = $this->spracuj_form($bodytext);
118		// others
119		$user = stripslashes($a['username']);
120		$ema = stripslashes($a['email']);
121		$crea = stripslashes($a['created']);
122		// $crea = stripslashes($a['created']);
123		//echo ("$vypocet . ");
124		if ( ($id > ($_SESSION['pageid']*$numbers - $numbers)) && ($id <= ($_SESSION['pageid']*$numbers )) ) {
125			$datum = StrFTime("%d/%m/%Y %H:%M:%S", $crea);
126			$entry_display .= <<<ADMIN_FORM
127					<li class="menu" onmouseover="" onmouseout="" onclick="">
128ADMIN_FORM;
129			$entry_display .= "<a href=\"#\">";		
130
131			$entry_display .= <<<ADMIN_FORM
132						<h2>$title</h2>
133						<p>
134						<table border="0" width="100%">
135						<tr>
136						<td align=left>
137						<i><span style="color:black">Public written by {$user}, {$datum}</span></i>
138						</td>
139						<td align=right>
140						<form  NAME="formular" action="{$this->synapse_dir}message.php?created=$crea" method="post">
141						<button type="submit" style="border: 0; background: transparent">
142							<img src="{$this->synapse_dir}themes/images/interface/sharebut.png" width="24" height="24" alt="submit" />
143						</button>
144						</form>
145						</td>
146						</tr>
147						</table>
148						</p>
149					<p><div id="alt">$bodytext</div></p>
150					</a>
151					</li>
152					
153ADMIN_FORM;
154		}
155		$id++;
156	}
157	}
158	$entry_display .= <<<ADMIN_FORM
159			</ul>
160			<br>
161ADMIN_FORM;
162	$entry_display.= $this->display_guestform();
163	echo($entry_display);
164}
165	
166public function write_data() {
167    $this->switch_guestbook_table();
168	
169    //var_dump($_POST);
170	
171    if ( $_POST['msg_title'] )
172      $title = mysql_real_escape_string($_POST['msg_title']);
173    if ( $_POST['msg_username'] )
174      $username = mysql_real_escape_string($_POST['msg_username']);
175    if ( $_POST['msg_email'])
176      $email = mysql_real_escape_string($_POST['msg_email']);
177	if ( $_POST['msg_bodytext'])
178      $bodytext = mysql_real_escape_string($_POST['msg_bodytext']);
179	//if ($_SESSION['loginuser'])
180    //  $user = mysql_real_escape_string($_SESSION['loginuser']);
181	
182	echo ("{$title} : {$bodytext} : {$user}<br>");
183	 
184	if ( $title && $bodytext && $username && $email ) {
185		$created = time();
186		//echo ($created);
187		$sql = "INSERT INTO guestbook VALUES('$title','$bodytext','$username','$email','$created')";
188		return mysql_query($sql);
189	}
190}
191
192public function connect_db() {
193    mysql_connect($this->host,$this->username,$this->password) or die("Could not connect. " . mysql_error());
194}
195
196private function switch_guestbook_table() {
197    mysql_select_db($this->table) or die("Could not select database. " . mysql_error());
198	
199    return $this->build_guestbook_db();
200}
201
202private function build_guestbook_db() {
203    $sql = <<<MySQL_QUERY
204CREATE TABLE IF NOT EXISTS guestbook (
205title	    VARCHAR(150),
206bodytext	    	TEXT,
207username    VARCHAR(150),
208email	    VARCHAR(150),
209created		VARCHAR(100)
210)
211MySQL_QUERY;
212    return mysql_query($sql);
213}
214
215}
216
217	// END OF  
218
219?>