<?
// Ttitle of the web page
$title = "- - - Welcome to my guestbook - -";
//####Change "admin" with your own password. It's required when you delete an entry
$admin_password = "admin";
//Maximum entry per page when you view your guestbook
$max_entry_per_page = "10";
//Name of file used to store your entry
$data_file = "data.dat";
//Maximum entry stored in data file
$max_record_in_data_file = "500";
//Color & font setting
$background = "#FFFFFF";
$table_top = "#9999CC";
$table_content_1a = "#c6d7ec";
$table_content_2a = "#D9E4F2";
$table_bottom = "#D9E4F2";
$table_border = "#000000";
$link = "blue";
$visited_link = "blue";
$active_link = "red";
$font_face = "verdana";
$message_font_face = "arial";
$message_font_size = "2";
if (!empty($_GET)) {
if (isset($_GET["do"])) $do = $_GET["do"];
if (isset($_GET["id"])) $id = $_GET["id"];
if (isset($_GET["page"])) $page = $_GET["page"];
} else if (!empty($HTTP_GET_VARS)) {
if (isset($HTTP_GET_VARS["do"])) $do = $HTTP_GET_VARS["do"];
if (isset($HTTP_GET_VARS["id"])) $id = trim($HTTP_GET_VARS["id"]);
if (isset($HTTP_GET_VARS["page"])) $page = trim($HTTP_GET_VARS["page"]);
}
if (isset($_POST["do"])) $do = $_POST["do"];
else if (isset($HTTP_POST_VARS["do"])) $do = $HTTP_POST_VARS["do"];
if (!isset($PHP_SELF)) {
if (isset($_SERVER["PHP_SELF"])) $PHP_SELF = $_SERVER["PHP_SELF"];
else if (isset($HTTP_SERVER_VARS["PHP_SELF"])) $PHP_SELF = $HTTP_SERVER_VARS["PHP_SELF"];
}
if (!isset($do)) $do = "";
else if (preg_match("/\W/",$do)) $do = "";
if (!isset($page) or $page == 0) $page=1;
if (!file_exists($data_file)) {
echo "<B>Error !!</B> Can't find data file : $data_file.<BR>";
exit;
} else {
if ($max_record_in_data_file <> 0) {
$f = file($data_file);
rsort($f);
$j = count($f);
if ($j > $max_record_in_data_file) {
$rf = fopen($data_file,"w");
for ($i=0; $i<$max_record_in_data_file; $i++) {
fwrite($rf,$f[$i]);
}
fclose($rf);
}
}
}
switch ($do) {
case "":
$record = file($data_file);
rsort($record);
$jmlrec = count($record);
?>
<HTML>
<HEAD><TITLE><?echo "$title"?></TITLE></HEAD>
<!-- Start Style For Font Displaying in the Record Table -->
<STYLE type=text/css>.font1 {
COLOR: #000000; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; FONT-SIZE: 11px
}
.font2 {
COLOR: #000000; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; FONT-SIZE: 10px
}
.font3 {
COLOR: #000000; FONT-FAMILY: Arial, Helvetica, sans-serif; FONT-SIZE: 7.5pt; FONT-WEIGHT: bold
}
.select {
FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; FONT-SIZE: 9pt
}
.input {
FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; FONT-SIZE: 9pt
}
</STYLE>
<!-- End Style -->
<BODY bgcolor="<?echo "$background"?>" link="<?echo "$link"?>" vlink="<?echo "$visited_link"?>" alink="<?echo "active_link"?>" topmargin="0" marginheight="0">
<!-- start Top Navigation -->
<TABLE align=center border=0 cellPadding=2 cellSpacing=0 width="95%">
<TBODY>
<TR>
<TD width="56%"><IMG height=15 src="gbook.gif"
width=140></TD>
<TD align=right class=font2
width="44%"> <BR><IMG
height=12 src="sign.gif" width=9>
<A HREF="<?echo "$PHP_SELF?do=add_form&page=$page"?>"><B>Sign the Guestbook</B> </a>
</TD></TR>
<TR>
<TD class=font2 width="56%"><? echo date("l dS of F Y h:i:s A"); ?>
<BR><b>Welcome to
my Guest Book</b></TD>
<TD align=right vAlign=bottom width="44%"></TD></TR></TBODY></TABLE><br>
<!-- End Top Navigation -->
<TABLE align=center bgColor=#000000 border=0 cellPadding=5 cellSpacing=1 width="95%">
<TR bgColor=#9999cc>
<TD width="32%"><FONT color=#ffffff
FACE="<?echo $font_face?>" size=2><B>Name</B></FONT></TD>
<TD width="68%"><FONT color=#ffffff
FACE="<?echo $font_face?>"
size=2><B>Comments</B></FONT></TD><TD width="15%"><FONT color=#ffffff
FACE="<?echo $font_face?>"
size=2><B>Del</B></FONT></TD></TR>
<?
$jml_page = intval($jmlrec/$max_entry_per_page);
$sisa = $jmlrec%$max_entry_per_page;
if ($sisa > 0) $jml_page++;
$no = $page*$max_entry_per_page-$max_entry_per_page;
if ($jmlrec == 0) echo "<TR><TD colspan=3 bgcolor='$table_content_1a' align='center'><FONT color='#ffffff' SIZE='3' FACE='$font_face'><b>There is no entry yet.</b></FONT></TD></TR>";
$w = 0; //--Color
for ($i=0; $i<$max_entry_per_page; $i++) {
$no++;
$recno = $no-1;
if (isset($record[$recno])) {
$row = explode("|~~|",$record[$recno]);
if ($w==0) {
$warna = $table_content_1a;
//$warna = "#c6d7ec";
$w=1;
} else {
$warna = $table_content_2a;
//$warna = "#D9E4F2";
$w=0;
}
//---Displaying Records--
echo "<TR bgColor='$warna'><TD vAlign=top width='32%'>
<TABLE border=0 cellPadding=2 cellSpacing=0>
<TBODY><TR><TD class=font2 vAlign=top width='8%'><B>$no .</B></TD>
<TD width='92%'> ";
if (trim($row[7])<>"" and trim($row[7])<>"http://")
{
if (ereg("^http://", trim($row[7])))
echo " <A HREF='$row[7]'TARGET='_blank'><IMG SRC='homepage.gif' BORDER=0 ALT=\"$row[3]'s homepage\"></A>";
else
echo " <A HREF='http://$row[7]' TARGET='_blank'><IMG SRC='homepage.gif' BORDER=0 ALT=\"$row[3]'s homepage\"></A>";
}
echo "</TD></TR>";
echo "<TR><TD class=font1 colSpan=2><b>$row[3] <IMG border=0 height=17
src='user.gif' width=18></img></TD><TR>";
echo "<TR><TD class=font1 colSpan=2>$row[4]</TD></TR>";
echo "<TR><TD class=font2 colSpan=2>Location <b>: </b>$row[5]</TD></TR>";
echo "</TBODY></TABLE></TD>";
echo "<TD class=font1 vAlign=top width='68%'><DIV align=left class=font3><IMG height=9 src='post.gif' width=9>$row[2]";
// if ($row[4] == "")
// {
echo " <A href='mailto:$row[4]'><IMG alt='Send E-mail' border=0 height=15 src='email.gif' width=15></A></DIV><HR SIZE=1>
<DIV align=left>$row[6]</DIV></TD>";
// }
echo "<TD valign='bottom' align='center'width='15'>
<A HREF='$PHP_SELF?do=del&id=$row[1]&page=$page'>
<IMG SRC='del.gif' ALT='Delete entry # $no' border=0 align='center'></A>
</TD>";
echo "</td></tr>";
} //--end if
} //--end for
//--- Page Count Start
echo "<TR><TD colspan=3 bgcolor='$table_bottom' align='center' width='600'><FONT SIZE='1' FACE='$font_face'>";
if ($jml_page > 1) {
if ($page <> 1) echo "[<A HREF='$PHP_SELF?page=1'>Top</A>] "; else echo "[Top] ";
echo "Page # ";
if ($jml_page > 10) {
if ($page < 5) {
$start = 1;
$stop = 10;
} elseif ($jml_page - $page < 5) {
$start = $jml_page - 9;
$stop = $jml_page;
} else {
$start = $page-4;
$stop = $page+5;
}
if ($start <> 1) echo "... ";
for ($p=$start; $p<=$stop; $p++) {
if ($p == $page) echo "<FONT color='$active_link'><B>$p</B></FONT> ";
else echo "<A HREF='$PHP_SELF?page=$p'>$p</A> ";
}
if ($stop <> $jml_page) echo "... ";
echo "of $jml_page ";
} else {
for ($p=1; $p<=$jml_page; $p++) {
if ($p == $page) echo "<FONT color='$active_link'><B>$p</B></FONT> ";
else echo "<A HREF='$PHP_SELF?page=$p'>$p</A> ";
}
}
if ($page <> $jml_page) echo "[<A HREF='$PHP_SELF?page=$jml_page'>Bottom</A>]"; else echo "[bottom]";
} else echo "Page #1 of 1";
echo "</FONT></TD></TR>";
//---Page Count End
?>
</TABLE>
<P>
</CENTER>
</BODY>
</HTML>
<?
break;
case "add_form":
?>
<!-- Start Form --->
<html>
<head>
<title><?echo "$title"?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="<?echo "$background"?>">
<div align="center"> <br>
<form method="post" action="<?echo "$PHP_SELF"?>">
<input type="hidden" name="do" value="add">
<table width="460" border="0" cellspacing="0" cellpadding="0" bgcolor="<?echo "$table_border"?>">
<tr>
<td>
<div align="center">
<table width="100%" border="0" cellspacing="1" cellpadding="5">
<tr>
<TD bgColor=#9999cc colSpan=2><B><FONT color=#ffffff
face="Verdana, Arial, Helvetica, sans-serif" size=2>Sign the
Guestbook:</FONT></B></TD></tr>
<tr bgcolor="<?echo "$table_content_1a"?>">
<td width="28%">
<div align="left"><font face="<?echo $font_face?>" size="2"><IMG border=0 height=17 src='user.gif' width=18></img> *Name
: </font></div>
</td>
<td width="72%">
<input type="text" name="vname" size="30" maxlength="70">
</td>
</tr>
<tr bgcolor="<?echo "$table_content_1a"?>">
<td width="28%">
<div align="left"><font face="<?echo $font_face?>" size="2"><IMG border=0 height=17 src='email.gif' width=18></img> Email (Optional)
: </font></div>
</td>
<td width="72%">
<input type="text" name="vemail" size="30" maxlength="100">
</td>
</tr>
<tr bgcolor="<?echo "$table_content_1a"?>">
<td width="28%">
<div align="left"><font face="<?echo $font_face?>" size="2"><IMG border=0 height=17 src='home.gif' width=18></img> Website
: </font></div>
</td>
<td width="72%">
<input type="text" name="vurl" size="30" maxlength="150" VALUE="http://">
</td>
</tr>
<tr bgcolor="<?echo "$table_content_1a"?>">
<td width="28%">
<div align="left"><font face="<?echo $font_face?>" size="2"><IMG border=0 height=17 src='location.gif' width=18></img> *Location
: </font></div>
</td>
<td width="72%">
<input type="text" name="vcountry" size="30" maxlength="100">
</td>
</tr>
<tr bgcolor="<?echo "$table_content_1a"?>">
<td valign="top" width="28%">
<div align="left"><font face="<?echo $font_face?>" size="2"><IMG border=0 height=17 src='message.gif' width=18></img> *Comment
: </font></div>
</td>
<td width="72%">
<textarea name="vcomment" cols="40" rows="7" wrap="VIRTUAL"></textarea><BR><font size=1 FACE="<?echo $font_face?>">* Required field</font>
</td>
</tr>
<tr bgcolor="<?echo "$table_content_1a"?>">
<td colspan="2">
<div align="center"><font face="<?echo $font_face?>" size="3">
<font size="2">
<input type="submit" value="Submit">
<input type="reset" value="Reset">
<input type="button" value="Back" onclick="window.location='<?echo "$PHP_SELF?page=$page"?>'">
</font></font></div>
</td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</form>
</div>
</body>
</html>
<!-- End of entry form -->
<?
break;
case "add":
if (!empty($_POST)) {
if (isset($_POST["vname"])) {
$vname = $_POST["vname"];
if (strlen($vname) > 70) $vname = substr($vname,0,70);
}
if (isset($_POST["vemail"])) {
$vemail = $_POST["vemail"];
if (strlen($vemail) > 100) $vemail = substr($vemail,0,100);
}
if (isset($_POST["vurl"])) {
$vurl = $_POST["vurl"];
if (strlen($vurl) > 150) $vurl = substr($vurl,0,150);
}
if (isset($_POST["vcountry"])) {
$vcountry = $_POST["vcountry"];
if (strlen($vcountry) > 50) $vcountry = substr($vcountry,0,50);
}
if (isset($_POST["vcomment"])) $vcomment = $_POST["vcomment"];
} else if (!empty($HTTP_POST_VARS)) {
if (isset($HTTP_POST_VARS["vname"])) {
$vname = $HTTP_POST_VARS["vname"];
if (strlen($vname) > 70) $vname = substr($vname,0,70);
}
if (isset($HTTP_POST_VARS["vemail"])) {
$vemail = $HTTP_POST_VARS["vemail"];
if (strlen($vemail) > 100) $vemail = substr($vemail,0,100);
}
if (isset($HTTP_POST_VARS["vurl"])) {
$vurl = $HTTP_POST_VARS["vurl"];
if (strlen($vurl) > 150) $vurl = substr($vurl,0,150);
}
if (isset($HTTP_POST_VARS["vcountry"])) {
$vcountry = $HTTP_POST_VARS["vcountry"];
if (strlen($vcountry) > 50) $vcountry = substr($vcountry,0,50);
}
if (isset($HTTP_POST_VARS["vcomment"])) $vcomment = $HTTP_POST_VARS["vcomment"];
}
if (trim($vname)=="" or trim($vcountry)=="" or trim($vcomment)=="") {
echo "<HTML><BODY bgcolor='#ffffff'><H2>Error !</H2><FONT SIZE=2 FACE='$font_face'>You may left some fields. Please click <B><A HREF='javascript:history.back()'>here</A></B> and try again.</FONT></BODY></HTML>";
exit;
}
if (trim($vemail)!="" and !preg_match("/([\w\.\-]+)(\@[\w\.\-]+)(\.[a-z]{2,4})+/i", $vemail)) {
echo "<HTML><BODY bgcolor='#ffffff'><H2>Error !</H2><FONT SIZE=2 FACE='$font_face'>Invalid email address. Please click <B><A HREF='javascript:history.back()'>here</A></B> and try again.</FONT></BODY></HTML>";
exit;
}
if (trim($vurl) <> "") {
if (strtolower(trim($vurl)) <> "http://") {
if (!preg_match ("#^http://[_a-z0-9-]+\\.[_a-z0-9-]+#i", $vurl)) {
echo "<HTML><BODY bgcolor='#ffffff'><H2>Error !</H2><FONT SIZE=2 FACE='$font_face'>Website Invalid URL format. Please click <B><A HREF='javascript:history.back()'>here</A></B> and try again.</FONT></BODY></HTML>";
exit;
}
}
}
$test_comment = explode(" ",$vcomment);
$jmltest = count($test_comment);
for ($t=0; $t<$jmltest; $t++) {
if (strlen(trim($test_comment[$t])) > 35) {
echo "<HTML><BODY bgcolor='#ffffff'><H2>Error!</H2><FONT SIZE=2 FACE='verdana'>Please don't abuse my guestbook. Click <B><A HREF='javascript:history.back()'>here</A></B> and try again.</FONT></BODY></HTML>";
exit;
}
}
//--only 2000 characters allowed for comment
$maxchar = 2000;
if (strlen($vcomment) > $maxchar) $vcomment = substr($vcomment,0,$maxchar)."...";
$idx = date("YmdHis");
$tgl = date("F d, Y - h:i A");
$vname = str_replace("<","",$vname);
$vname = str_replace(">","",$vname);
$vname = str_replace("~","-",$vname);
$vname = str_replace("\"",""",$vname);
$vcomment = str_replace("<","<",$vcomment);
$vcomment = str_replace(">",">",$vcomment);
$vcomment = str_replace("~","-",$vcomment);
$vcomment = str_replace("\"",""",$vcomment);
$vurl = str_replace("<","",$vurl);
$vurl = str_replace(">","",$vurl);
$vcomment = str_replace("\r\n","<BR>",$vcomment);
$vcomment = str_replace("\r","",$vcomment);
$vcomment = str_replace("\n","",$vcomment);
if (preg_match("#<|>|\"\~#",$vcountry)) exit;
if (preg_match("/[^a-z ]/i",$vcountry)) $vcountry = "...";
$newdata = "|~~|$idx|~~|$tgl|~~|$vname|~~|$vemail|~~|$vcountry|~~|$vcomment|~~|$vurl|~~|\n";
$newdata = stripslashes($newdata);
$tambah = fopen($data_file,"a");
fwrite($tambah,$newdata);
fclose($tambah);
echo "<HTML><META HTTP-EQUIV='REFRESH' CONTENT='1; URL=$PHP_SELF'><BODY bgcolor='#FFFFFF'><CENTER><H2>Thank you, your entry has been added.</H2>Please wait...</CENTER></BODY></HTML>";
break;
case "del":
$record = file($data_file);
$jmlrec = count($record);
for ($i=0; $i<$jmlrec; $i++) {
$row = explode("|~~|",$record[$i]);
if ($id == $row[1]) {
echo "
<HTML><TITLE>Delete record</TITLE>
<BODY bgcolor='$background'>
<CENTER>
<FONT FACE='$font_face' SIZE='4'>Delete Confirmation</FONT>
<BR><BR>
<TABLE border=0 cellpadding=5 cellspacing=1 width=450>
<TR>
<TD bgcolor='$table_content_1a'>
<FONT SIZE=2 FACE='$font_face'>
<FONT SIZE='1'><B>$row[2]</FONT><BR>$row[3]</B> from $row[5]<BR><A HREF='mailto:$row[4]'>$row[4]</A><P>$row[6]
</FONT>
</TD>
</TR>
</TABLE>
";
break;
}
}
echo "<FORM ACTION='$PHP_SELF' METHOD='post'><FONT FACE='$font_face' SIZE=2><B>Admin password : </B></FONT><INPUT TYPE='password' NAME='pwd'><INPUT TYPE='hidden' NAME='do' VALUE='del2'><P><INPUT TYPE='submit' VALUE='Delete this record'> <INPUT TYPE='button' VALUE='Cancel' onclick=\"window.location='$PHP_SELF?page=$page'\"><INPUT TYPE='hidden' NAME='id' VALUE='$id'><INPUT TYPE='hidden' NAME='page' VALUE='$page'></FORM></CENTER></BODY></HTML>";
break;
case "del2":
if (isset($_POST["pwd"])) $pwd = $_POST["pwd"];
else if (isset($HTTP_POST_VARS["pwd"])) $pwd = $HTTP_POST_VARS["pwd"];
if (isset($_POST["id"])) $id = $_POST["id"];
else if (isset($HTTP_POST_VARS["id"])) $id = $HTTP_POST_VARS["id"];
if (isset($_POST["page"])) $page = $_POST["page"];
else if (isset($HTTP_POST_VARS["page"])) $page = $HTTP_POST_VARS["page"];
if ($pwd <> $admin_password) {
echo "<HTML><HEAD><META HTTP-EQUIV='REFRESH' CONTENT='1; URL=$PHP_SELF?page=$page'></HEAD><BODY bgcolor='#ffffff'><CENTER><H2>Invalid admin password !</H2>Please wait...</CENTER></BODY><HTML>";
exit;
}
$record = file($data_file);
$jmlrec = count($record);
for ($i=0; $i<$jmlrec; $i++) {
$row = explode("|~~|",$record[$i]);
if ($id==$row[1]) {
$record[$i] = "";
break;
}
}
$update_data = fopen($data_file,"w");
for ($j=0; $j<$jmlrec; $j++) {
if ($record[$j] <> "") fputs($update_data,$record[$j]);
}
fclose($update_data);
echo "<HTML><HEAD><META HTTP-EQUIV='REFRESH' CONTENT='1; URL=$PHP_SELF?page=$page'></HEAD><BODY bgcolor='#ffffff'><CENTER><H2>Record has been deleted !</H2>Please wait...</CENTER></BODY><HTML>";
break;
} //--end switch
?>