Location: PHPKode > projects > Guestbook! > guestbook/gb.php
<?php
#######################################################################
#
# Script: Guestbook! v.1.7
# Author: Khristoforov Yuri
# WWW   : http://www.activex.net.ru
# E-mail: hide@address.com
#
#######################################################################

error_reporting(E_ALL ^ E_NOTICE);

include_once( "./dbopen.php" );
include_once( "./common.php" );
require_once( "./xtpl/xtpl.php" );

$xtpl=new XTemplate ("./templates/gb.html");

$pageSize = 10; //êîë-âî çàïèñåé íà ñòðàíèöå

$status=((!isset($_GET["status"]))?"":$_GET["status"]);

if ($status == "ok") {
	if ($Moderate == 1) {
		$xtpl->assign("STATUS", "<br><font class=\"reply\"><b>Ñîîáùåíèå óñïåøíî îòïðàâëåíî. Ïîñëå ïðîâåðêè ìîäåðàòîðîì ñîîáùåíèå áóäåò îïóáëèêîâàíî íà ñàéòå.</b></font><br>");
	} else {
		$xtpl->assign("STATUS", "<br><font class=\"reply\"><b>Ñîîáùåíèå óñïåøíî äîáàâëåíî !</b></font><br>");
	}
} elseif ($status == "errorcode") {
	$xtpl->assign("STATUS", "<br><font class=\"reply\"><b>Óêàçàí íåâåðíûé êîä!</b></font><br>");
} else {
	$xtpl->assign("STATUS", "");
}

$page=((!isset($_GET["page"]))?"":$_GET["page"]);
$gb_search=((!isset($_GET["gb_search"]))?"":trim($_GET["gb_search"]));

if ($page == "") {
      $page = 1;
}

if (isset($_SERVER["DOCUMENT_URI"] )) {
	$script_name = $_SERVER["DOCUMENT_URI"];
} else {
	$script_name = $_SERVER["SCRIPT_NAME"];
}

if ( get_magic_quotes_gpc() == 1 ) {
	 $gb_search = stripslashes($gb_search);
}

if (strlen($gb_search) > 255) { $gb_search = substr($gb_search, 0, 255); }
$xtpl->assign("SEARCH_VALUE", htmlspecialchars($gb_search));
$gb_search = addslashes($gb_search);

$search_string = "";

if ($gb_search != "") {
        $f_search = str_replace("%", "$%", $gb_search);
	$search_string .= " AND (guestbook.content LIKE '%".$f_search."%' OR guestbook.reply LIKE '%".$f_search."%' OR guestbook.user_name LIKE '%".$f_search."%' OR guestbook.email LIKE '%".$f_search."%' OR guestbook.href LIKE '%".$f_search."%')";
}

$xtpl->assign("URL", $script_name);

if ($isSecurityImage) {
    $xtpl->assign("RND", getGUID());
    $xtpl->parse("gb.securitycode");
} else {
    $xtpl->parse("gb.securitycode");
    $xtpl->reset("gb.securitycode");
}

$sSQL_cnt = "SELECT count(*) As Total FROM guestbook WHERE publication = 1 ".$search_string;
$result_cnt = mysql_query($sSQL_cnt, $link);
$row = mysql_fetch_object($result_cnt);
$nrows = $row -> Total;

$navbar = pager($page, $pageSize, $nrows, $script_name, $gb_search != "" ? "gb_search=".urlencode(stripslashes($gb_search)) : "");

$offset = ($page - 1)*$pageSize;
$sSQL = "SELECT guestbook_id, num, DATE_FORMAT(issuedate,\"%d-%m-%Y %H:%i\") As fissuedate, content, user_name, email, href, reply FROM guestbook WHERE publication = 1 ".$search_string." ORDER BY issuedate DESC, guestbook_id DESC LIMIT $offset,$pageSize";

$result = mysql_query($sSQL, $link);
$nr =mysql_num_rows($result);

if ($nr == 0) {
	$xtpl->parse("gb.content");
	$xtpl->reset("gb.content"); 
}

while($row = mysql_fetch_array($result)) {

	$xtpl->assign("NUM", $row["num"]);

if ($row["email"] != "") {
	$xtpl->assign("USER_NAME", "<a href=\"mailto:".$row["email"]."\" class=\"uname\">".filter_words($row["user_name"])."</a>");
} else {
	$xtpl->assign("USER_NAME", "<font class=\"uname\">".filter_words($row["user_name"])."</font>");
}
if ($row["href"] != "http://") { 
	$xtpl->assign("HOMEPAGE", "<a href=\"".filter_words($row["href"])."\" class=\"next\" target=\"_blank\">".filter_words($row["href"])."</a>");
} else {
	$xtpl->assign("HOMEPAGE", "");
}
      $xtpl->assign("COMMENT", filter_words(wordwrap_msg(nl2br($row["content"]))));
      $xtpl->assign("ISSUEDATE", $row["fissuedate"]); 	

if ($row["reply"] != "") {
      $xtpl->assign("REPLY", "<br><br><b>Îòâåò:&nbsp;</b><font class=\"reply\">".nl2br($row["reply"])."</font>");
} else {
      $xtpl->assign("REPLY", "");	
}

      $xtpl->parse("gb.content");	
}

if ($navbar != "") {
	$xtpl->assign("NAVBAR", $navbar);
	$xtpl->parse("gb.pager");
} else {
	$xtpl->parse("gb.pager");
	$xtpl->reset("gb.pager");
}

$xtpl->assign("SCRIPT_NAME", $script_name);

$xtpl->parse("gb");
$xtpl->out("gb");
mysql_close($link);

?>
Return current item: Guestbook!