Location: PHPKode > projects > Admbook > write.php
<?php
	class Timer {
		var $startTime;
		var $endTime;
		function start() {
			$this->startTime = gettimeofday();
		}
		function stop() {
			$this->endTime = gettimeofday();
		}
		function elapsed() {
			return (($this->endTime["sec"] - $this->startTime["sec"]) * 1000000 + ($this->endTime["usec"] - $this->startTime["usec"])) / 1000000;
		}
	}
	$timer = new Timer();
	$timer->start();
	session_start();
	include("lib.php");
	include("settings-data.php");
	include("useragent.php");
	if (file_exists("content-data.php"))
		include("content-data.php");
	else
		createFile("content-data.php");
	$error = "";
	$style = "";
	if (!isset($name))
		$name = "";
	if (!isset($userLogin))
		$userLogin = "";
	if(!session_is_registered("userLogin"))
	{
		$userLogin = "";
	}
	if (!isset($url))
		$url = "";
	if (!isset($email))
		$email = "";
	if (!isset($message))
		$message = "";
	if (!isset($icq))
		$icq = "";
	session_register("error");
	session_register("style");
	session_register("name");
	session_register("url");
	session_register("email");
	session_register("message");
	session_register("icq");

	$name = translateHtml($name, false);
	$name = convertName($name);
	$url = translateHtml($url, false);
	$email = translateHtml($email, false);
	$icq = translateHtml($icq, false);
	$message = translateHtml($message);
	setUserCookie(stripslashes($name), "cookie[name]");
	setUserCookie(stripslashes($url), "cookie[url]");
	setUserCookie(stripslashes($email), "cookie[mail]");
	setUserCookie(stripslashes($icq), "cookie[icq]");
	if (!isset($content))
		$content = array();
	if ($name == "")
	{
		$error .= "Name is empty<br>";
		$style .= "\n.name {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	else if (strlen($name) > 30)
	{
		$error .= "Name is too long<br/>";
		$style .= "\n.name {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	if ($url != "" && $url != "http://")
	{
		$url_status = @check_url($url);
		if (!$url_status)
		{
			$error .= "Wrong or inaccessible url<br/>";
			$style .= "\n.url {\n\tcolor : ".$constant['error-color']."\n}\n";
		}
		else if ($url_status == "DNS")
		{
			$error .= "Inaccessible url<br/>";
			$style .= "\n.url {\n\tcolor : ".$constant['error-color']."\n}\n";
		}
	}
	if ($email != "" && !validEmail($email))
	{
		$error .= "Wrong e-mail<br/>";
		$style .= "\n.email {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	if ($message == "")
	{
		$error .= "Message is empty<br/>";
		$style .= "\n.message {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	else if (strlen($message) > ($constant['max-length-message']-1))
	{
		$error .= "Message is too long. Maximum length is ".$constant['max-length-message']." characters.<br/>";
		$style .= "\n.message {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	$checkPublishContent = checkPublishContent($message, $content);
	if (!$checkPublishContent) {
		$error .= "Dublicate message.<br/>";
		$style .= "\n.message {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	if ($icq != "")
	{
		if(!isInteger($icq))
		{
			$error .= "'Icq' must contain only number<br>";
			$style .= "\n.icq {\n\tcolor : ".$constant['error-color']."\n}\n";
		}
		if(strlen($icq) < 5)
		{
			$error .= "'Icq' is too short. Minimum length is 5 digit";
			$style .= "\n.icq {\n\tcolor : ".$constant['error-color']."\n}\n";
		}
		else if(strlen($icq) > 9)
		{
			$error .= "'Icq' is too long. Maximum length is 9 digit";
			$style .= "\n.icq {\n\tcolor : ".$constant['error-color']."\n}\n";
		}
	}
	if (!isset($HTTP_X_FORWARDED_FOR))
		$HTTP_X_FORWARDED_FOR = "";
	if	($HTTP_X_FORWARDED_FOR)
	{
		$ip = getenv("HTTP_X_FORWARDED_FOR");
		$proxy = getenv("REMOTE_ADDR");
		$host = gethostbyaddr($REMOTE_ADDR);
	} 
	else {
		$ip = getenv("REMOTE_ADDR");
		$host = gethostbyaddr($REMOTE_ADDR);
		$proxy = "";
	}
	$checkLastTime = checkLastPublish($ip, $login, $password, $content, $constant['repeat-send-time']);
	if (!$checkLastTime['status'])
	{
		$error .= "Your can send message again in ".convertTimeFormate($checkLastTime['time'])."<br>";
	}
	$checkIp = checkBannedIp($ip, $login, $password);
	$checkProxyIp = checkBannedIp($proxy, $login, $password);
	if (!$checkIp || !$checkProxyIp)
	{
		$error .= "This 'ip' or 'proxy' is banned<br>";
	}
	$check = checkPublishName($name,$userLogin);
	if(!$check['status'])
	{
		$error .= "This name is already registered. <a href=\"user-login.php?page=".$page."\" class=\"link\">Login</a>. <a href=\"lost.php?page=".$page."\" class=\"link\">Lost password?</a><br>";
		$style .= "\n.name {\n\tcolor : ".$constant['error-color']."\n}\n";
	}
	if ($error != "")
	{
		Header("Location: index.php?page=".$page."#post");exit;
	}
	$userAgent = $HTTP_USER_AGENT;
	$browser = getBrowser($arrBrowser,$userAgent);
	$system = getSystem($arrSystem,$userAgent);
	$server = $HTTP_HOST;
	if ($url == "http://")
		$url = "";
	$cnt = 0;
	$addContent = "<?php\n";
	$addContent .= "\t\$content[0]['ip'] = \"".$ip."\";\n";
	$addContent .= "\t\$content[0]['host'] = \"".$host."\";\n";
	$addContent .= "\t\$content[0]['proxy'] = \"".$proxy."\";\n";
	$addContent .= "\t\$content[0]['name'] = \"".$name."\";\n";
	$addContent .= "\t\$content[0]['url'] = \"".$url."\";\n";
	$addContent .= "\t\$content[0]['mail'] = \"".$email."\";\n";
	$addContent .= "\t\$content[0]['icq'] = \"".$icq."\";\n";
	if (!$magic_quotes_gpc) {
		$addContent .= "\t\$content[0]['message'] = \"".addslashes($message)."\";\n";
	} else {
		$addContent .= "\t\$content[0]['message'] = \"".addslashes($message)."\";\n";
	}
	$addContent .= "\t\$content[0]['time'] = \"".time()."\";\n";
	$addContent .= "\t\$content[0]['admin-name'] = \"\";\n";
	$addContent .= "\t\$content[0]['admin-message'] = \"\";\n";
	$addContent .= "\t\$content[0]['admin-time'] = \"\";\n";
	$contentCnt = sizeof($content);
	if ($contentCnt != 0)
		$addContent .= "\n";
	for($i = 0; $i < $contentCnt; $i++)	{
		$cnt++;
		while(list($key, $value) = each($content[$i])) {
			if (!$magic_quotes_runtime) {
				$addContent .= "\t\$content[".$cnt."]['".$key."'] = \"".addslashes($value)."\";\n";
			} else {
				$addContent .= "\t\$content[".$cnt."]['".$key."'] = \"".$value."\";\n";
			}
		}
		if ($i != $contentCnt-1) {
			$addContent .= "\n";
		}
	}
	$addContent .= "?>";
	reWriteDataInFile ($addContent);
	$mailBody = "Name: ".$name."\nMessage: \n".br2nl($message)."\nDate: [".getFullDate(time(),$constant['locale']).", ".getTime(time())."]\nUrl: ".$url."\ne-mail: ".$email."\nICQ: ".$icq."\nServer: http://".$server."\nBrowser: ".$browser['browser']." ".$browser['version']."\nSystem Os: ".$system."\nUser Agent: ".$userAgent."\nIP: ".$ip."\nHost: ".$host."\nProxy: ".$proxy;

/**
 *	Send email with message to admin
 */
	@mail($constant['admin-mail'], "guestbook", $mailBody, "Content-Type: text/plain; charset=windows-1251\nContent-Transfer-Encoding: 8bit");

	session_unregister("name");
	session_unregister("url");
	session_unregister("email");
	session_unregister("message");
	session_unregister("icq");
	$timer->stop();
	Header("Location: index.php?".$timer->elapsed());exit;
?>
PHP Helpdesk script - 100% PHP source code. Try it now!
Return current item: Admbook