View file admin/includes/guestbook.php

File size: 8.03Kb
<?php
	/**
	 *	Wap Portal Server
	 *
	 *	Copyright (C) 2002 - 2004 Emir Sakic
	 *
	 *	Wap Portal Server
	 *	Developer: Emir Sakic - [email protected]
	 *  Homepage: http://www.sakic.net
	 *	Date: 15/03/2004
	 * 	Version #: 1.2
	**/

if (empty($action)) {
	$action = "";
} else {
	$action = strtolower($action);
}

// Init
if (empty($id)) {
	$id = null;
}

switch($action) {
	case "new":
		display_edit_form($id);
		break;
	case "edit":
		display_edit_form($id);
		break;
	case "save":
		save($id, $title, $email, $comment);
		break;
	case "delete":
		delete($id);
		break;
	default:
		display_guestbook();
		break;
}

function delete ($id) {
	if (is_array($id)) {
		foreach($id as $value) {
			$query = "DELETE FROM wps_guestbook WHERE id = '$value'";
			mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
		}
	} else {
		$query = "DELETE FROM wps_guestbook WHERE id = '$id'";
		mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
	}
	display_guestbook();
}

function save($id, $title, $email, $comment) {
	// Replace quotes
	if (!get_magic_quotes_gpc()) {
		$title = str_replace("'","\'",$title);
		$email = str_replace("'","\'",$email);
		$comment = str_replace("'","\'",$comment);
	}
	// Replace new lines
	//$comment = ereg_replace("(\r\n|\n|\r)", "<br />", $comment);
	$comment  = preg_replace("/(\015\012)|(\015)|(\012)/","<br />",$comment);

	if ($id) {
		$query = "UPDATE wps_guestbook SET name = '$title', email = '$email', comment='$comment' WHERE id = '$id'";
	} else {
		$date = date ("Y-m-d H:i:s");
		$ip = $_SERVER['REMOTE_ADDR'];
		$query = "INSERT INTO wps_guestbook VALUES ('', '$title', '$email', '$date', '$comment', '$ip')";
	}
	mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
	display_guestbook();
}

function display_edit_form($id) {
	global $common;

	$query = "SELECT * FROM wps_timediff";
	$result = mysql_query($query);
	$row = mysql_fetch_row ($result);
	$time_offset = $row[1] * 60 * 60;

	if (isset($id)) {
		if (is_array($id)) $id = $id[0];
		$query = "SELECT * FROM wps_guestbook WHERE id = '$id'";
		$result = mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
		$row = mysql_fetch_object($result);
	}
	echo "<table width=\"600\">\n";
    echo "<tr>\n";
    echo "<td><a href=\"index.php\" border=0>Home</a> &gt;
    	<a href=\"index.php?option=guestbook\" border=0>Guestbook Management</a> &gt;
    	Add / Edit</td>\n";
    echo "</tr>\n";
    echo "<tr>\n";
    echo "<td align=\"center\"><b>Sections</b></td>\n";
    echo "</tr>\n";
    echo "<tr>\n";
    echo "<td valign=\"top\">\n";
    echo "<br>\n";
	echo "<form name=\"form\" method=\"post\" action=\"index.php?option=guestbook\" onsubmit=\"return validate()\">\n";
	echo "<b>Name:</b>\n";
	echo "<br>\n";
    echo "<input type=\"text\" name=\"title\" size=\"40\" value=\"";
    if (isset($id)) echo $row->name;
    echo "\">\n";
    echo "<br>\n";
	echo "<b>E-mail:</b>\n";
	echo "<br>\n";
    echo "<input type=\"text\" name=\"email\" size=\"40\" value=\"";
    if (isset($id)) echo $row->email;
    echo "\">\n";
    echo "<br>\n";
	if (isset($id)) {
		$arrDateTime = explode(" ", $row->date);
		$arrDate = explode("-", $arrDateTime[0]);
		$arrTime = explode(":", $arrDateTime[1]);
		echo date ("Y-m-d H:i:s", mktime ($arrTime[0],$arrTime[1],$arrTime[2],$arrDate[1],$arrDate[2],$arrDate[0]) + $time_offset);
		echo "<br>\n";
		echo "IP: ".$row->ip;
		echo "<br>\n";
		echo "Host: ";
		echo @gethostbyaddr($row->ip) != $row->ip ? @gethostbyaddr($row->ip) : "Can not be resolved";
	} else {
		echo date ("Y-m-d H:i:s", time() + $time_offset);
		echo "<br>\n";
		echo "IP: ".$_SERVER['REMOTE_ADDR'];
		echo "<br>\n";
		echo "Host: ";
		echo @gethostbyaddr($_SERVER['REMOTE_ADDR']) != $_SERVER['REMOTE_ADDR'] ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : "Can not be resolved";
	}
	echo "<br>\n";
	echo "<b>Comment:</b>\n";
	echo "<br>\n";
    echo "<textarea name=\"comment\" rows=\"8\" cols=\"60\">";
    if (isset($id)) {
    	$row->comment = str_replace("<br />","\r\n",$row->comment);
    	echo $row->comment;
    }
    echo "</textarea>\n";
    echo "<br>\n";
    echo "<br>\n";
    echo "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
    echo "<tr>\n";
    echo "<td>\n";
    if (isset($id))
    	echo "<input type=\"hidden\" name=\"id\" value=\"$id\">\n";
    echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
    echo "<input type=\"submit\" name=\"Submit\" value=\"Submit\">\n";
    echo "<input type=\"button\" name=\"Cancel\" value=\"Cancel\" onclick=\"document.location.href='index.php?option=guestbook'\">\n";
	echo "</td>\n";
	echo "<td align=\"right\">\n";
	$common->setup_default_emulator();
	$common->display_emulator();
	echo "</td>\n";
    echo "</tr>\n";
    echo "</table>\n";
    echo "</form>\n";
    echo "</td>\n";
    echo "</tr>\n";
	echo "</table>\n";
}

function display_guestbook() {
	global $limit, $limitstart, $common;

	$query = "SELECT * FROM wps_timediff";
	$result = mysql_query($query);
	$row = mysql_fetch_row ($result);
	$time_offset = $row[1] * 60 * 60;

	// Total
	$query = "SELECT id FROM wps_guestbook";
	$result = mysql_query($query) or die("Query failed");
	$total = mysql_num_rows ($result) or die ("Query failed");

	// Select query
	if (empty($limitstart)) $limitstart = 0;
	if (empty($limit)) $limit = 10;
	if ($limit > $total) {
		$limitstart = 0;
	}
	$query = "SELECT * FROM wps_guestbook ORDER BY date DESC LIMIT $limitstart, $limit";
	$result = mysql_query ($query);

	echo "<table width=\"600\">\n";
    echo "<tr>\n";
    echo "<td><a href=\"index.php\" border=0>Home</a> &gt; Guestbook Management</td>\n";
    echo "</tr>\n";
    echo "<tr>\n";
    echo "<td align=\"center\"><b>Entries</b></td>\n";
    echo "</tr>\n";
    echo "<tr>\n";
    echo "<td valign=\"top\">\n";
    echo "<br>\n";
	echo "<form name=\"form\" method=\"post\" action=\"index.php?option=guestbook\">\n";
	echo "<table cellpadding=\"2\" cellspacing=\"0\" border=\"0\" width=\"100%\">\n";
    echo "<tr>\n";
	echo "<td><input type=\"checkbox\" name=\"toggle\" value=\"\" onclick=\"checkAll();\"></td>\n";
	echo "<td width=\"20%\"><b>Name</b></td>\n";
	echo "<td width=\"30%\"><b>Date</b></td>\n";
	echo "<td width=\"50%\"><b>Comment</b></td>\n";
    echo "</tr>\n";
    echo "<tr><td colspan=\"4\">&nbsp;</td></tr>\n";
	for($i = 1; $row = mysql_fetch_object ($result); $i++) {
		$arrDateTime = explode(" ", $row->date);
		$arrDate = explode("-", $arrDateTime[0]);
		$arrTime = explode(":", $arrDateTime[1]);
		$date = date ("Y-m-d H:i:s", mktime ($arrTime[0],$arrTime[1],$arrTime[2],$arrDate[1],$arrDate[2],$arrDate[0]) + $time_offset);
	    echo "<tr>\n";
		echo "<td><input name=\"id[]\" type=\"checkbox\" value=\"$row->id\"></td>\n";
		if ($row->email!="") {
			echo "<td><a href=\"mailto:$row->email\">$row->name</a></td>\n";
		} else {
			echo "<td>$row->name</td>\n";
		}
		echo "<td>$date</td>\n";
		echo "<td><a href=\"index.php?option=guestbook&action=edit&id=$row->id\">".substr($row->comment, 0, 30)."-</a></td>\n";
		echo "</tr>\n";
	}
	echo "<tr><td colspan=\"4\">&nbsp;</td></tr>\n";
	echo "<tr><td colspan=\"4\" align=\"center\">";
	writePagesLinks($limitstart, $limit, $total, "guestbook");
	echo "</td></tr>\n";
	echo "<tr><td colspan=\"4\" align=\"center\">";
	writePagesCounter($limitstart, $limit, $total);
	echo "</td></tr>\n";
    echo "<tr>\n";
    echo "<td colspan=\"3\">
		<input type=\"submit\" name=\"action\" value=\"New\">
		<input type=\"submit\" name=\"action\" value=\"Edit\">
		<input type=\"submit\" name=\"action\" value=\"Delete\" onclick=\"return confirm_delete();\">\n";
	echo "</td>\n";
	echo "<td align=\"right\">\n";
	$common->setup_default_emulator();
	$common->display_emulator();
	echo "</td>\n";
	echo "</tr>\n";
	echo "</table>\n";
	echo "</form>\n";
    echo "</td>\n";
    echo "</tr>\n";
	echo "</table>\n";
}
?>