Location: PHPKode > projects > Easy to use shoutbox > shouter.php
<?php
/*
 * C O D E   I S   P O E T R Y !
 * $script: shouter.php
 * $version: 1.0
 * $date: 2005-11-01
 * $author: Ashtaroth
 * $mail: hide@address.com
 * $copyright: 2005, Ashtaroth
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 */

$include_script = 0;				// Will the script be included into an existing script? 0=no 1=yes (just append "include ('shouter.php');")
$count_shouts = 5;					// How many shouts will be shown
$default_message = '';				// The default message shown in the textinput
$layout_class = 'shout_layout';		// If you want to use your own stylesheet, what specific table-class will be used (see README for more details on this)
$dbname = 'db_shout';				// Database to shout at (consider statement you made while creating the database)
$dbuser = 'shoutmaster';			// user with read/write permissions to the shouttable (surely you want to change this!!!)
$dbpasswd = 'shoutitoutloud655321';	// $dbuser's password
$dbhost = 'localhost';				// You probably don't want to change this
$length_shout = 255;					// Character-counter per shout. Can be up to 
$blacklist = 'shit,penis';		// List of words to block (e.g. fuck will be shown as "****")

// You shouldn't change anything down here, if you're not sure what this stuff means!
$formreq_error = 'You forgot to fill out the neccessary formular-fields. Go home and die.';
$dberror['connect'] = 'No connection established. Aaaaargh!';
$dberror['select_db'] = '<strong>Critial</strong>: Could not connect Database! Please run create.sql.';
$dberror['insertuser'] = '<strong>Failed</strong> to save your name.';
$dberror['insertshout'] = '<strong>Failed</strong> to save your shout.';

$db_selectquery = '	SELECT m.timestamp, s.name, s.email, m.message FROM tbl_message m
					INNER JOIN tbl_shouter s ON m.shouter_id = s.shouter_id
					ORDER BY m.timestamp DESC
					LIMIT 0,' . $count_shouts;

// Connect the database and query data
$db_conn = mysql_connect($dbhost, $dbuser, $dbpasswd)
	or die("<div style=\"background-color: #F00; color: #FFF; font-weight: bold;\">" . $dberror['connect'] . mysql_error() . "</div>");

mysql_select_db($dbname)
	or die("<div style=\"background-color: #F00; color: #FFF; font-weight: bold;\">" . $dberror['select_db'] . mysql_error() . "</div>");

// Post a new entry into the database
if ($_POST['submit'] != '') {
	if (strlen($_POST['user']) > 0 && strlen($_POST['message']) > 0) {
		if (strlen($_POST['message']) <= $length_shout) {
			mysql_query('INSERT INTO tbl_shouter (name,email,ip) VALUES (
							"' . $_POST['user'] . '","' . $_POST['email'] . '","' . $_SERVER['REMOTE_ADDR'] . '")', $db_conn)
				or die ("<span style=\"background-color: #F00; color: #FFF; font-weight: bold;\">" . $dberror['insertuser'] . mysql_error() . "</span>");

			$last_shouterid = mysql_fetch_row(mysql_query('SELECT MAX(shouter_id) AS sid FROM tbl_shouter', $db_conn));
			mysql_query('INSERT INTO tbl_message (shouter_id, message) VALUES (' .
						$last_shouterid[0] . ',"' . $_POST['message'] . '")', $db_conn)
				or die ("<span style=\"background-color: #F00; color: #FFF; font-weight: bold;\">" . $dberror['insertshout'] . mysql_error() . "</span>");
		}
		else {
			echo "<span style=\"background-color: #F00; color: #FFF; font-weight: bold;\">You have typed too much. Would you mind to SHUT UP ALREADY?</span>";
		}
	}
	else {
		echo "<span style=\"background-color: #F00; color: #FFF; font-weight: bold;\">" . $formreq_error . "</span>";
	}
}

$result = mysql_query($db_selectquery, $db_conn);

// Show XHTML-construct if script isn't embedded
if (!$include_script) {	show_htmlconstruct($layout_class); }

// Here comes the data
echo "\n\t\t\t<table class=\"" . $layout_class . "\">";
	while($row = mysql_fetch_row($result)) {
		echo "\n\t\t\t\t<tr><td class=\"head\">" . strftime('%b %d - %H:%M', strtotime($row[0])) . "</td><td class=\"head\"><a href=\"mailto:" . mailconvert($row[2]) . "\">" . $row[1] . "</a></td></tr>";
		echo "<tr><td colspan=\"2\">" . blackenstring($row[3], $blacklist) . "</td></tr>";
	}
echo "\n\t\t\t</table>";

// Show form to feed the database
show_shoutform($default_message);

if (!$include_script)
{ echo "\n\t\t\t<a href=\"http://validator.w3.org/check?uri=referer\">XHTML</a>\n\t\t</body>\n\t</html>"; }

mysql_close($db_conn);

// FUNCTIONS
function blackenstring($rawstring, $blacklist)
{
	// Let's replace some nasty HTML-chars
	$rawstring = str_ireplace('<', '&lt;', $rawstring);
	$rawstring = str_ireplace('>', '&gt;', $rawstring);
	$rawstring = str_ireplace('&', '&amp;', $rawstring);
	$rawstring = str_ireplace('"', '&quot;', $rawstring);
	$rawstring = str_ireplace('\'', '&quot;', $rawstring);
	$rawstring = str_ireplace("\n", '<br />', $rawstring);

	// Now let's censor the bad bad words ;-)
	$black_list = explode(',' , $blacklist);
	while (list($key, $val) = each ($black_list)) {
		$rawstring = str_ireplace($val, str_repeat('&bull;', strlen($val)), $rawstring);
	}

	return $rawstring;
}

function mailconvert($mailaddress)
{
	// Let's do some replacements like on php.net
	$mailaddress = str_ireplace('@', ' &lt;[at]&gt; ', $mailaddress);
	$mailaddress = str_ireplace('.', ' &lt;[dot]&gt; ', $mailaddress);
	return $mailaddress;
}

function show_shoutform($default_message)
{
if(isset($_POST['message'])) {
	$default_message = $_POST['message'];
}
echo "\n\t\t\t<br /><br />
\n\t\t\t<form name=\"shout\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n\t\t\t\t<table>
\n\t\t\t\t\t<tr><td>Name*</td><td><input name=\"user\" type=\"text\" size=\"15\" value=\"" . $_POST['user'] . "\" /></td></tr>
\n\t\t\t\t\t<tr><td>E-Mail</td><td><input name=\"email\" type=\"text\" size=\"15\" value=\"" . $_POST['email'] . "\" /></td></tr>
\n\t\t\t\t\t<tr><td colspan=\"2\"><textarea name=\"message\" rows=\"1\" cols=\"16\">" . $default_message . "</textarea></td></tr>
\n\t\t\t\t\t<tr><td colspan=\"2\"><input name=\"submit\" type=\"submit\" value=\"shout!\" /></td></tr>
\n\t\t\t\t</table>
\n\t\t\t</form>";
}

function show_htmlconstruct($layout_class) {
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
\t<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">
\t\t<head>
\t\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />
\t\t\t<style type=\"text/css\">
\t\t\t\tbody {
\t\t\t\t\tfont-family: Arial, Helvetica, sans-serif;
\t\t\t\t\tfont-size: 12px;
\t\t\t\t}
\t\t\t\ttable." . $layout_class . "{
\t\t\t\t\tborder-spacing: 0px;
\t\t\t\t\twidth: 200px;
\t\t\t\t\tpadding: 0px;
\t\t\t\t\tmargin-left: 10px;
\t\t\t\t\tmargin-right: 10px;
\t\t\t\t\tfont-family: Arial, Helvetica, sans-serif;
\t\t\t\t\tfont-size: 12px;
\t\t\t\t}
\t\t\t\ttable." . $layout_class . " td.head {
\t\t\t\t\tbackground-color: #000099;
\t\t\t\t\tcolor: #FFF;
\t\t\t\t\tfont-weight: bold;
\t\t\t\t}
\t\t\t\ttable." . $layout_class . " td.head a {
\t\t\t\t\tcolor: #FF0;
\t\t\t\t\ttext-align: center;
\t\t\t\t}
\t\t\t\ttable." . $layout_class . " td {
\t\t\t\t\tbackground-color: #EEE;
\t\t\t\t}
\t\t\t</style>
\t\t\t<title>Shoutbox</title>
\t\t</head>
\t\t<body>";
}

?>
Return current item: Easy to use shoutbox