<?php
/**
* Wap Portal Server
*
* Copyright (C) 2002 - 2004 Emir Sakic
*
* Wap Portal Server
* Developer: Emir Sakic - [email protected]
* Homepage: http://www.sakic.net
* Date: 15/03/2004
* Version #: 1.2
**/
if (empty($action)) {
$action = "";
} else {
$action = strtolower($action);
}
// Init
if (empty($id)) {
$id = null;
}
switch($action) {
case "new":
display_edit_form($id);
break;
case "edit":
display_edit_form($id);
break;
case "save":
save($id, $title, $email, $comment);
break;
case "delete":
delete($id);
break;
default:
display_guestbook();
break;
}
function delete ($id) {
if (is_array($id)) {
foreach($id as $value) {
$query = "DELETE FROM wps_guestbook WHERE id = '$value'";
mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
}
} else {
$query = "DELETE FROM wps_guestbook WHERE id = '$id'";
mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
}
display_guestbook();
}
function save($id, $title, $email, $comment) {
// Replace quotes
if (!get_magic_quotes_gpc()) {
$title = str_replace("'","\'",$title);
$email = str_replace("'","\'",$email);
$comment = str_replace("'","\'",$comment);
}
// Replace new lines
//$comment = ereg_replace("(\r\n|\n|\r)", "<br />", $comment);
$comment = preg_replace("/(\015\012)|(\015)|(\012)/","<br />",$comment);
if ($id) {
$query = "UPDATE wps_guestbook SET name = '$title', email = '$email', comment='$comment' WHERE id = '$id'";
} else {
$date = date ("Y-m-d H:i:s");
$ip = $_SERVER['REMOTE_ADDR'];
$query = "INSERT INTO wps_guestbook VALUES ('', '$title', '$email', '$date', '$comment', '$ip')";
}
mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
display_guestbook();
}
function display_edit_form($id) {
global $common;
$query = "SELECT * FROM wps_timediff";
$result = mysql_query($query);
$row = mysql_fetch_row ($result);
$time_offset = $row[1] * 60 * 60;
if (isset($id)) {
if (is_array($id)) $id = $id[0];
$query = "SELECT * FROM wps_guestbook WHERE id = '$id'";
$result = mysql_query($query) or die("MySQL query: ".$query." failed with error: ".mysql_error());
$row = mysql_fetch_object($result);
}
echo "<table width=\"600\">\n";
echo "<tr>\n";
echo "<td><a href=\"index.php\" border=0>Home</a> >
<a href=\"index.php?option=guestbook\" border=0>Guestbook Management</a> >
Add / Edit</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td align=\"center\"><b>Sections</b></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td valign=\"top\">\n";
echo "<br>\n";
echo "<form name=\"form\" method=\"post\" action=\"index.php?option=guestbook\" onsubmit=\"return validate()\">\n";
echo "<b>Name:</b>\n";
echo "<br>\n";
echo "<input type=\"text\" name=\"title\" size=\"40\" value=\"";
if (isset($id)) echo $row->name;
echo "\">\n";
echo "<br>\n";
echo "<b>E-mail:</b>\n";
echo "<br>\n";
echo "<input type=\"text\" name=\"email\" size=\"40\" value=\"";
if (isset($id)) echo $row->email;
echo "\">\n";
echo "<br>\n";
if (isset($id)) {
$arrDateTime = explode(" ", $row->date);
$arrDate = explode("-", $arrDateTime[0]);
$arrTime = explode(":", $arrDateTime[1]);
echo date ("Y-m-d H:i:s", mktime ($arrTime[0],$arrTime[1],$arrTime[2],$arrDate[1],$arrDate[2],$arrDate[0]) + $time_offset);
echo "<br>\n";
echo "IP: ".$row->ip;
echo "<br>\n";
echo "Host: ";
echo @gethostbyaddr($row->ip) != $row->ip ? @gethostbyaddr($row->ip) : "Can not be resolved";
} else {
echo date ("Y-m-d H:i:s", time() + $time_offset);
echo "<br>\n";
echo "IP: ".$_SERVER['REMOTE_ADDR'];
echo "<br>\n";
echo "Host: ";
echo @gethostbyaddr($_SERVER['REMOTE_ADDR']) != $_SERVER['REMOTE_ADDR'] ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : "Can not be resolved";
}
echo "<br>\n";
echo "<b>Comment:</b>\n";
echo "<br>\n";
echo "<textarea name=\"comment\" rows=\"8\" cols=\"60\">";
if (isset($id)) {
$row->comment = str_replace("<br />","\r\n",$row->comment);
echo $row->comment;
}
echo "</textarea>\n";
echo "<br>\n";
echo "<br>\n";
echo "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
echo "<tr>\n";
echo "<td>\n";
if (isset($id))
echo "<input type=\"hidden\" name=\"id\" value=\"$id\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
echo "<input type=\"submit\" name=\"Submit\" value=\"Submit\">\n";
echo "<input type=\"button\" name=\"Cancel\" value=\"Cancel\" onclick=\"document.location.href='index.php?option=guestbook'\">\n";
echo "</td>\n";
echo "<td align=\"right\">\n";
$common->setup_default_emulator();
$common->display_emulator();
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
echo "</form>\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
}
function display_guestbook() {
global $limit, $limitstart, $common;
$query = "SELECT * FROM wps_timediff";
$result = mysql_query($query);
$row = mysql_fetch_row ($result);
$time_offset = $row[1] * 60 * 60;
// Total
$query = "SELECT id FROM wps_guestbook";
$result = mysql_query($query) or die("Query failed");
$total = mysql_num_rows ($result) or die ("Query failed");
// Select query
if (empty($limitstart)) $limitstart = 0;
if (empty($limit)) $limit = 10;
if ($limit > $total) {
$limitstart = 0;
}
$query = "SELECT * FROM wps_guestbook ORDER BY date DESC LIMIT $limitstart, $limit";
$result = mysql_query ($query);
echo "<table width=\"600\">\n";
echo "<tr>\n";
echo "<td><a href=\"index.php\" border=0>Home</a> > Guestbook Management</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td align=\"center\"><b>Entries</b></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td valign=\"top\">\n";
echo "<br>\n";
echo "<form name=\"form\" method=\"post\" action=\"index.php?option=guestbook\">\n";
echo "<table cellpadding=\"2\" cellspacing=\"0\" border=\"0\" width=\"100%\">\n";
echo "<tr>\n";
echo "<td><input type=\"checkbox\" name=\"toggle\" value=\"\" onclick=\"checkAll();\"></td>\n";
echo "<td width=\"20%\"><b>Name</b></td>\n";
echo "<td width=\"30%\"><b>Date</b></td>\n";
echo "<td width=\"50%\"><b>Comment</b></td>\n";
echo "</tr>\n";
echo "<tr><td colspan=\"4\"> </td></tr>\n";
for($i = 1; $row = mysql_fetch_object ($result); $i++) {
$arrDateTime = explode(" ", $row->date);
$arrDate = explode("-", $arrDateTime[0]);
$arrTime = explode(":", $arrDateTime[1]);
$date = date ("Y-m-d H:i:s", mktime ($arrTime[0],$arrTime[1],$arrTime[2],$arrDate[1],$arrDate[2],$arrDate[0]) + $time_offset);
echo "<tr>\n";
echo "<td><input name=\"id[]\" type=\"checkbox\" value=\"$row->id\"></td>\n";
if ($row->email!="") {
echo "<td><a href=\"mailto:$row->email\">$row->name</a></td>\n";
} else {
echo "<td>$row->name</td>\n";
}
echo "<td>$date</td>\n";
echo "<td><a href=\"index.php?option=guestbook&action=edit&id=$row->id\">".substr($row->comment, 0, 30)."-</a></td>\n";
echo "</tr>\n";
}
echo "<tr><td colspan=\"4\"> </td></tr>\n";
echo "<tr><td colspan=\"4\" align=\"center\">";
writePagesLinks($limitstart, $limit, $total, "guestbook");
echo "</td></tr>\n";
echo "<tr><td colspan=\"4\" align=\"center\">";
writePagesCounter($limitstart, $limit, $total);
echo "</td></tr>\n";
echo "<tr>\n";
echo "<td colspan=\"3\">
<input type=\"submit\" name=\"action\" value=\"New\">
<input type=\"submit\" name=\"action\" value=\"Edit\">
<input type=\"submit\" name=\"action\" value=\"Delete\" onclick=\"return confirm_delete();\">\n";
echo "</td>\n";
echo "<td align=\"right\">\n";
$common->setup_default_emulator();
$common->display_emulator();
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
echo "</form>\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
}
?>