Location: PHPKode > projects > eBlog > guestbook.php
<?php

/**************************************************************************
 *                                                                        *
 *                                                                        *
 *         Solution: eBlog                                                *
 *          Release: 1.7                                                  *
 *             File: guestbook.php                                        *
 *               By: Emuci inc.                                           *
 *          Website: http://www.emuci.com                                 *
 *        Copyright: (C) 2010 Emcui inc.                                  *
 *                                                                        *
 *                                                                        *
 **************************************************************************
 *                                                                        *
 *                                                                        *
 *   This script is NOT freeware and is subjected to Emuci terms of use   *
 *   located in the docs folder.                                          *
 *                                                                        *
 *                                                                        *
 *************************************************************************/



include_once 'includes/global.php';

$action = $_GET['action'];
$id = $_GET['id'];
$spoint = $_GET['spoint'];

if(empty($spoint))
{
	$spoint = 0;	
}

if(empty($action))
$action = "main";
		
$defaultTemplate = $template;
$copyrights = "&copy; " . date("Y") . " " . $lang_admin_globalRights1;

$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);

$tree_map = $lang_blog_guestbook;
	
// 1: Main View
if($action == "main"){
	
	$static_value = array ($lang_blog_readEntries, $lang_blog_addEntry);
	$static_name = array ("{lang_blog_readEntries}","{lang_blog_addEntry}");	
	$tabs = $new_template->load_template ("templates/$defaultTemplate/tabsGroup3.html");
	$tabs = $new_template->replace_static($static_name, $static_value, $tabs);
	
	
	$wh2 = $wh - 70;
	
	if($wh2 < 350)
	$wh2 = $wh;	
	
			
	
	$static_value = array ($tabs, $blog_dir, $wh2, $blog_windows_encoding);
	$static_name = array ("{tabs}", "{blog_dir}", "{wh}", "{blog_windows_encoding}");
	$file = $new_template->load_template ("templates/$defaultTemplate/guestbook.html");
	$template = $new_template->replace_static($static_name, $static_value, $file);
		
	echo $template;
}


// 2: Show Form
else if($action == "showForm"){


	$random = rand(18989, 99999);
	$countries_list = "<select name=\"location\">";
	$query  = "SELECT id, name FROM eblog_countries";
	$result = mysql_query($query);
	while($row = mysql_fetch_array($result, MYSQL_ASSOC))
	{
		$ThisRowID = $row['id'];
		$ThisRowName = $row['name'];
		
		if($ThisRowID == $location)
		{
		$countries_list = $countries_list . "<option value=\"$ThisRowID\" SELECTED>$ThisRowName</option>";
		}
		else
		{
		$countries_list = $countries_list . "<option value=\"$ThisRowID\">$ThisRowName</option>";
		}	
	}
	$countries_list = $countries_list . "</select>";
	
	
	$static_value = array ($blog_dir, $lang_blog_form_name, $lang_blog_form_country, $countries_list,$lang_blog_form_email,$lang_blog_form_title,$lang_blog_form_comment,$lang_blog_form_cc,$random,$lang_blog_submit, $blog_windows_encoding, $lang_erorr_code149, $lang_erorr_code150, $lang_erorr_code151, $lang_erorr_code154, $lang_erorr_code155, $lang_erorr_code156);
	$static_name = array ("{blog_dir}","{lang_blog_form_name}", "{lang_blog_form_country}","{countries_list}","{lang_blog_form_email}", "{lang_blog_form_title}", "{lang_blog_form_comment}" , "{lang_blog_form_cc}","{random}","{lang_blog_submit}", "{blog_windows_encoding}", "{lang_erorr_code149}", "{lang_erorr_code150}", "{lang_erorr_code151}", "{lang_erorr_code154}", "{lang_erorr_code155}","{lang_erorr_code156}");
	$file = $new_template->load_template ("templates/$defaultTemplate/addEntry.html");
	$template = $new_template->replace_static($static_name, $static_value, $file);
	
	echo $template;
}

// 3: Process
else if($action == "process"){

	$erorr = 0;
	$name = htmlspecialchars($_POST['name']);
	$comment = htmlspecialchars($_POST['comment']);
	$code = $_POST['code'];
	$code2 = $_POST['code2'];
	$location = $_POST['location'];
	$title = htmlspecialchars($_POST['title']);
	
	if(empty($name)){
	$erorr++;
	}
	
	if(empty($title)){
	$erorr++;
	}
	
	if(empty($comment)){
	$erorr++;
	}		
	
	if($code != $code2){
	$erorr++;
	}
	
	
	if($erorr < 1)
	{
		$newID = 0;
		$query  = "SELECT id FROM eblog_gb ORDER BY id ASC";
		$result = mysql_query($query);
		$rowDate = date("d-m-Y");
		while($row = mysql_fetch_array($result, MYSQL_ASSOC))
		{
			$newID = $row['id'];
		}
		$newID++;
		
		$statusID = $autoValidate;
		$replacment = $replaceWords;			
		
		if($statusID == 0)
		{$messageToShow = $lang_blog_commentUnderReview;}
		if($statusID == 1)
		{$messageToShow = $lang_blog_commentAdded;}	
		
		
		$LOFW = explode(",", $badWords);
		$ArrayLength = count($LOFW);
		$driver = 0;
		while($driver < $ArrayLength)
		{
			$thisFW = $LOFW[$driver];
			$comment = str_replace($thisFW, $replacment, $comment);
			$driver++;
		}	
		$driver = 0;
		while($driver < $ArrayLength)
		{
			$thisFW = $LOFW[$driver];
			$name = str_replace($thisFW, $replacment, $name);
			$driver++;
		}
		$driver = 0;
		while($driver < $ArrayLength)
		{
			$thisFW = $LOFW[$driver];
			$title = str_replace($thisFW, $replacment, $title);
			$driver++;
		}									
		
		
	    mysql_query("INSERT INTO eblog_gb  VALUES ('$newID', '$title', '$name', '$rowDate', '$location','$comment','$statusID')");
		
		if($enable2 == 1)
		{
		    $result2 = mysql_query("SELECT gb FROM eblog_alerts WHERE id = '1'");	
			$row2 = mysql_fetch_row($result2);
			$currentAlerts = $row2[0];	
			$currentAlerts = $currentAlerts + 1;			
			$sql="UPDATE eblog_alerts SET gb='$currentAlerts' WHERE id = '1'";
			$result=mysql_query($sql);	
			
			$query  = "SELECT id FROM eblog_new ORDER BY id ASC";
			$result = mysql_query($query);
			while($row = mysql_fetch_array($result, MYSQL_ASSOC))
			{
				$thisNewID = $row['id'];
			}
			$thisNewID++;
			 mysql_query("INSERT INTO eblog_new  VALUES ('$thisNewID', '$newID', '2')");
		}			
		
		echo "
		<script type='text/javascript'> 
		alert('$messageToShow');
		window.location='guestbook.php?action=showForm';
		</script>
		";		
	}

}

// 4: List all entries
else if($action == "list"){

	$query  = "SELECT * FROM eblog_gb ORDER BY id DESC";
	$result = mysql_query($query);
	$totalResults = 0;
	$counter = 0;
	$entries_list = "";
	while($row = mysql_fetch_array($result, MYSQL_ASSOC))
	{
		if($row['statusID'] == 1)
		$totalResults++;
		
		if(($counter < $GPP)&&($totalResults > $spoint)){
		
			if($row['statusID'] == 1){
				$counter++;
				
				$rowID = $row['id'];
				$rowTitle = $row['title'];
				$rowAuthor = $row['author'];
				$rowDate = $row['date'];
				$chunks = explode("-",$rowDate);
				$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
				$rowLocation = $row['location'];
				$rowComment = $row['comment'];
				$result3 = mysql_query("SELECT name FROM eblog_countries WHERE id = '$rowLocation'");	
				$row3 = mysql_fetch_row($result3);
				$rowCountry = $row3[0];
				
				
				$static_value = array ($rowDate, $lang_blog_date, $lang_blog_byAuthor, $rowAuthor, $lang_blog_from, $rowCountry, $rowComment);
				$static_name = array ("{rowDate}","{lang_blog_date}", "{lang_blog_byAuthor}", "{rowAuthor}", "{lang_blog_from}", "{rowCountry}", "{rowComment}");
				$file = $new_template->load_template ("templates/$defaultTemplate/entry.html");
				$entries_list = $entries_list . $new_template->replace_static($static_name, $static_value, $file);
						
			}
		
		}
	}
	
	
	if($counter < 1)
	{
		$entries_list = $entries_list . $lang_blog_noEntries;
	}
	
	$nav = "";
	if($counter < $totalResults)
	{
		$prevPoint = $spoint-$GPP;
		$nextPoint = $spoint+$GPP;
		$nextToShow = $nextPoint;
		if($prevPoint < 1){
		$prevPoint = 0;
		}
		if($nextPoint >= $totalResults)
		{
			$nextPoint = $spoint;	
			$nextToShow = $totalResults;
		}
		
		$prevToShow  = $spoint+1;
		$showingInfo = "$lang_blog_showing " . $prevToShow . " $lang_blog_to " . $nextToShow . " $lang_blog_outOf " . $totalResults;
		
		$prevLink = "guestbook.php?action=list&spoint=$prevPoint\" target=\"list\"";
		$nextLink = "guestbook.php?action=list&spoint=$nextPoint\" target=\"list\"";
		
		$static_value = array ($prevLink, $nextLink, $lang_blog_prev, $lang_blog_next, $showingInfo, $blog_dir);
		$static_name = array ("{prevLink}","{nextLink}", "{lang_blog_prev}", "{lang_blog_next}", "{showingInfo}", "{blog_dir}");	
		$nav = $new_template->load_template ("templates/$defaultTemplate/navigation.html");
		$nav = $new_template->replace_static($static_name, $static_value, $nav);			
	}		
	
	$static_value = array ($blog_dir, $blog_windows_encoding);			  
	$static_name  = array ("{blog_dir}", "{blog_windows_encoding}");
	$m = $new_template->load_template ("templates/$defaultTemplate/includes.html");
	$m = $new_template->replace_static($static_name, $static_value,  $m);		
	$entries_list = $m . $entries_list;	
		
	echo $entries_list . $nav;
}

// 5: Else, show error message
else
{
	echo "
	<script type='text/javascript'> 
	alert('$lang_erorr_PgaeNotFound');
	parent.location='index.php';
	</script>
	";
}
mysql_close($conn);	

?>
Return current item: eBlog