Location: PHPKode > projects > Glorified GuestBook/Mini Forum > glorified-guestbookmini-forum/index.php
<? include "library.php";?>
<html>
<head>
<title><? echo $PHP_SELF; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="javascript">

function deletefile(redirectionURL){
	var res = confirm("Are you sure that you wish to delete this entry?");
	if(res){
		location.href=redirectionURL;
	}
}

</script>
<style type="text/css">
<!--
td {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-style: normal}
b {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-weight: bold}
a {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-style: normal; color: #000000; text-decoration: none}
a:hover {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-style: normal; color: #333333; text-decoration: underline}
input {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; line-height: normal; background-color: #CCCCCC; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px}
-->
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000">
<table width="950" border="0" cellspacing="1" cellpadding="2">
  <tr>
    <td width="400"><b><font size="5">Glorified GuestBooK</font></b><br />another one from dataman - please login or register to view or add to the guestbook</td>
    <td width="2">&nbsp;</td>
    <form method="post" name="searchform" action="<? echo $PHP_SELF; ?>">
    <input type="hidden" name="q" value="kw">
    <td align="right" valign="middle"><b>SEARCH</b>: <input type="text" name="keyword" size="20" maxlength="60"> <input type="submit" value="GO FETCH"><br>enter a keyword (must be > 3 characters)</td>
    </form>
  </tr>
  <tr>
    <td valign="top">
      <table width="100%" border="0" cellspacing="1" cellpadding="2" bgcolor="#000000">
		<?
			ftheader();
			if ($cku) ftlistcategories();
		?>
      </table>
    </td>
    <td>&nbsp;</td>
    <td valign="top">
      <table width="550" border="0" cellspacing="1" cellpadding="2" bgcolor="#000000">
		<?
			switch($q)
			{
			    case "nt":
			    	ftaddtopic($c);
				break;
			    case "nr":
			    	ftaddreply($c,$t);
			    break;
			    case "rt":
					$message = "Someone has reported a post - Log on to the site and click on the link below to take you to the topic. \n\n".$siteurl."index.php?c=$c&t=$t\n";
					$to = $adminemail;
					#echo "$message | $to";
					mail($to,"Post Report from DM Guestbook",$message);
			    break;
			    case "kw":
			    	echo "<tr bgcolor=\"#666666\"><td colspan=4 height=25>";
			    	echo "<b>SEARCH RESULT FOR:</b> $keyword";
			    	echo "</td></tr>";
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	if(strlen(trim($keyword)) > 0) {
						if(strlen($keyword) > "0") {
							$searchquery .="select distinct(topicID) from ksearch where ";
							$search = split(" ", $keyword);
							$cs = count($search);
							for($id0 = 0; $id0 < $cs; $id0++) {
								if($id0 > "0") { $searchquery .= " or";}
								$search[$id0] = " $search[$id0]";
								if(substr("$search[$id0]", 0, 2) == " -") {
									$search[$id0] = eregi_replace(" -", "", $search[$id0]);
									$searchquery .= " $dbfield not like '%$search[$id0]%'";
								} else {
									$search[$id0] = eregi_replace(" ", "", $search[$id0]);
									$searchquery .= "  title like '%$search[$id0]%'";
									$searchquery .= " or content like '%$search[$id0]%'";
					   			}
					  		}
					 	}
					 }
 					#echo $searchquery;
			    	if ($keyword && strlen($keyword) > 3) {
			    		$result = mysql_query($searchquery);
			    		$counter = 1;
			    		if (mysql_num_rows($result) < 1) { echo "Nothing found"; }
			    		while ($row = mysql_fetch_array($result)) {
			    			echo "$counter ". ftwhoistopic($row[topicID]). "<br />";
						$counter++;
			    		}
			    	} else {
			    		echo "The your keyword has to be longer than 3 characters";
			    	}
			    	echo "</td></tr>";
			    break;
			    default:
			}

			switch($m)
			{
			    case "mt":
						$doinsert = "
							insert into topic (userID,datecreated,title,content,categoryID)
							 values
							('$cku','$date','$title','$content','$c')
						";
						$catupdate = "update category set lastupdate = '$date' where categoryID = '$c'";
						if ($c && $title && $cku && $content) {
							mysql_query("$doinsert");
							$t = mysql_insert_id();
							mysql_query("$catupdate");
							echo "
							<tr bgcolor=\"#98a2b1\"><td colspan=4>
								New topic added.<br>
							</td></tr>
							";
							$message = "There is a new topic copy below: \n\n\"".$title."\n".stripslashes($content)."\"\n\n";
							$to = $adminemail;
							#echo "$message | $to";
							mail($to,"A new topic ",$message);
							ftwritekeyword($t,$title,$content,$c,"");
						} else {
							echo "
							<tr bgcolor=\"#98a2b1\"><td colspan=4>
								Oops! something went wrong - use your browser's back button to return to the previous page
							</td></tr>
							";
						}
				break;
			    case "mr":
						$doinsert = "
							insert into reply (userID,topicID,datecreated,content)
							 values
							('$cku','$t','$date','$content')
						";
						$catupdate = "update category set lastupdate = '$date' where categoryID = '$c'";
						if ($c && $content && $cku) {
							mysql_query("$doinsert");
							$r = mysql_insert_id();
							mysql_query("$catupdate");
							echo "
							<tr bgcolor=\"#98a2b1\"><td colspan=4>
								New reply added.<br>
							</td></tr>
							";
								$message = "There is a new reply copy below: \n\n\"".stripslashes($content)."\"\n\n";
								$to = $adminemail;
								#echo "$message | $to";
								mail($to,"A new reply",$message);
								ftwritekeyword($t,"",$content,"",$r);
						} else {
							echo "
							<tr bgcolor=\"#98a2b1\"><td colspan=4>
								Oops! something went wrong - use your browser's back button to return to the previous page
							</td></tr>
							";
						}
			    break;
			    case "rg":
			    	echo "
						<form name=\"addmember\" method=\"post\" action=\"$PHP_SELF\">
						<input type=\"hidden\" name=\"m\" value=\"am\">
						<tr bgcolor=\"#666666\"><td colspan=4 height=25>
							<b>NEW MEMBER</b>
						</td></tr>
						<tr bgcolor=\"#98a2b1\"><td colspan=4>&nbsp;<br />";
						echo "<b>NOTE</b><br />All fields required (*)<p />";
						echo "
							User Name*<br />
							<input type=\"text\" name=\"username\" size=\"45\" maxlength=\"50\"><br />
							Password*<br />
							<input type=\"text\" name=\"passwd\" size=\"45\" maxlength=\"50\"><br />
							Email Address*<br />
							<input type=\"text\" name=\"emailaddress\" size=\"45\" maxlength=\"50\"><br />
							&nbsp;<br />
							<input type=\"submit\" value=\" SAVE \"><br />&nbsp;
						</td></tr>
						</form>
					";
			    break;
			    case "am":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqlselect ="select userID from member where username = '$username' or emailaddress = '$emailaddress'";
			    	$ipaddress = getenv(REMOTE_ADDR);
			    	$sqlinsert = "insert into member (username,passwd,emailaddress,ipaddress) values ('$username','$passwd','$emailaddress','$ipaddress')";
			    	if ($username && $passwd && $emailaddress) {
						$check = mysql_query($sqlselect);
						$checkcount = mysql_num_rows($check);
						if ($checkcount <= 0) {
							mysql_query($sqlinsert);
							echo "Thank you for registering - you may now use the system - <a href=\"$PHP_SELF?m=lg\">login here</a>";
						} else {
							echo "the email address or username is already in use";
						}
			    	} else {
			    		echo "all fields mark * are required - try again";
			    	}
			    	echo "</td></tr>";
			    break;
			    case "lg":
			    	echo "
						<form name=\"login\" method=\"post\" action=\"$PHP_SELF\">
						<input type=\"hidden\" name=\"m\" value=\"lm\">
						<tr bgcolor=\"#666666\"><td colspan=4 height=25>
							<b>LOGIN STATION</b>
						</td></tr>
						<tr bgcolor=\"#98a2b1\"><td colspan=4>&nbsp;<br />";
						echo "<b>NOTE</b><br />All fields required (*)<p />";
						echo "
							User Name*<br />
							<input type=\"text\" name=\"username\" size=\"45\" maxlength=\"50\"><br />
							Password*<br />
							<input type=\"password\" name=\"passwd\" size=\"45\" maxlength=\"50\"><br />
							&nbsp;<br />
							<input type=\"submit\" value=\" LET ME IN :) \"><br />&nbsp;
						</td></tr>
						</form>
					";
			    break;
			    case "lm":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqlselect ="select userID,role from member where username = '$username' and passwd = '$passwd' and active = '1'";
			    	if ($username && $passwd) {
						$result = mysql_query($sqlselect);
						$checkcount = mysql_num_rows($result);
						if ($checkcount <= 0) {
							echo "Oops - Username and or password is wrong or your username has been deactivated (which one? umm, I aint telling - <a href=\"$PHP_SELF?m=lg\">try again click here</a>";
						} else {
							while ($row = mysql_fetch_array($result)) {
								setcookie ("cku", $row[userID],time()+7200);
								setcookie ("ckr", $row[role],time()+7200);
								echo "Login Successful - Welcome $row[username] - <a href=\"$PHP_SELF\">click here to continue</a>";
							}
						}
			    	} else {
			    		echo "all fields mark * are required - try again";
			    	}
			    	echo "</td></tr>";
			    break;
			    case "lo":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	setcookie ("cku", "", time() - 3600);
			    	setcookie ("ckr", "", time() - 3600);
			    	echo "Logout Successful <a href=\"$PHP_SELF\">click here to continue</a>";
			    	echo "</td></tr>";
			    break;
			    case "adr":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqldelete = "delete from reply where replyID = $r";
			    	$sqldeletekword = "delete from keyword where replyID = $r";
			    	mysql_query($sqldelete);
			    	mysql_query($sqldeletekword);
			    	echo "reply deleted";
			    	echo "</td></tr>";
			    break;
			    case "adt":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqldelete = "delete from reply where topicID = $t";
			    	$sqldeletekword = "delete from keyword where topicID = $t";
			    	$sqldeletetopic = "delete from topic where topicID = $t";
			    	mysql_query($sqldelete);
			    	mysql_query($sqldeletekword);
			    	mysql_query($sqldeletetopic);
			    	echo "topic deleted";
			    	echo "</td></tr>";
			    break;
			    case "adc":
			    	fteditcategory($c);
			    break;
			    case "ade":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqlupdate = "update category set title = '$title', description = '$description', sortorder = '$sortorder' where categoryID = '$c'";
			    	if ($title && $c) {
			    		mysql_query($sqlupdate);
			    		echo "Category updated";
			    	} else {
			    		echo "Oops - Error try again - note: the title required";
			    	}
			    	echo "</td></tr>";
			    break;
			    case "adn":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqlinsert = "insert into category (title,description,sortorder) values ('$title','$description','$sortorder');";
			    	if ($title) {
			    		mysql_query($sqlinsert);
			    		echo "Category added";
			    	} else {
			    		echo "Oops - Error try again - note: the title required";
			    	}
			    	echo "</td></tr>";
			    break;
			    case "xxx":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$result = mysql_query("select topicID from topic where categoryID = '$c'");
			    	while ($row = mysql_fetch_array($result)) {
			    		mysql_query("delete from reply where topicID = '$row[topicID]'");
			    		mysql_query("delete from keyword where topicID = '$row[topicID]'");
			    	}
			    	mysql_query("delete from topic where categoryID = '$c'");
			    	mysql_query("delete from category where categoryID = '$c'");
			    	echo "category deleted";
			    	echo "</td></tr>";
			    break;
			    case "adm":
			    	ftlistmembers();
			    break;
			    case "mmm":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	$sqlupdate = "update member set
			    		 username = '$username',
			    		passwd = '$passwd',
			    		emailaddress = '$emailaddress',
			    		active = '$active',
			    		role = '$role'
			    		 where userID = '$uid'
			    	";
			    	$sqlcheck = "select userID from member where (username = '$username' or emailaddress = '$emailaddress') and  userID <> '$uid'";
			    	if ($uid && $emailaddress && $passwd && $username) {
			    		$result = mysql_query($sqlcheck);
			    		if (mysql_num_rows($result) <= 0) {
			    			mysql_query($sqlupdate);
			    			#echo "$sqlupdate <p />";
			    			echo "User information updated<br />";
			    		} else {
			    			echo "The username or email address is already in use";
			    		}
			    	}
			    	echo "</td></tr>";
			    break;
			    case "nnn":
			    	echo "<tr bgcolor=\"#98a2b1\"><td colspan=4>";
			    	mysql_query("update member set active = '0' where userID = '$uid'");
			    	#mysql_query("delete from member where userID = '$uid'");
			    	echo "Best not to delete, just make him/he inactive - :)";
			    	echo "</td></tr>";
			    break;
			    default:
			}
			if ($cku && !$q) ftlisttopics($c);
		?>
      </table>
    </td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
</table>
<div align="center"><a href="http://www.phpdevshed.com/">another one from the dataman series &copy;2001 (http://www.phpdevshed.com/)</a></div>
</body>
</html>
<? mysql_close(); ?>
Return current item: Glorified GuestBook/Mini Forum