<?php
/*
KISGB - a Guest Book script written in PHP.
Copyright (C) 2001-2002 Gaylen Fraley
hide@address.com
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
License file for more details.
*/
require("config.php");
if ($use_javascript_check) {
if ($HTTP_POST_VARS['action']==''&&$HTTP_GET_VARS['action']==''&&$HTTP_GET_VARS['tmp_theme']=='') {
/* should only happen the first time in */
if ($tmp_lang>'') $temp_language = $tmp_lang;
else if ($temp_language>"");
else $temp_language=$language;
$language = $temp_language;
require("$path_to_languages/$language");
?>
<html>
<script type="text/javascript">
<!--
window.location="<? echo $root_document."?action=view";?>"
// -->
</script>
<noscript>
<head>
<TITLE>Error Report</TITLE>
</head>
<body>
<h2><center><?=$need_javascript_msg;?></center></h2>
</body>
</noscript>
</html>
<? exit;}
}
$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
$searchString = urlencode($HTTP_GET_VARS['searchstring']);
$name_only_search = false;
$searchString_name = urlencode('[[name]]');
if (strpos($searchString,$searchString_name)>0) {
$searchString = str_replace($searchString_name,'',$searchString);
$name_only_search = true;
}
require("functions.php");
require("classes.php");
/*************************************************************************
THIS IS A DEMONSTRATION OF THE LOGGING FUNCTION. YOU MIGHT WANT TO KNOW
HOW OFTEN YOUR PAGES ARE BEING BROWSED AND BY WHOM AND BY WHICH BROWSERS.
UNCOMMENT THE FOLLOWING LINES TO USE THE LOGGING FUNCTION.
*************************************************************************/
#$objLog = new logfile("logs/kisgb.log.php","~");
#$objLog->logvars[] = gethost($HTTP_SERVER_VARS['REMOTE_ADDR']);
#$objLog->logvars[] = $HTTP_USER_AGENT;
#$objLog->logvars[] = date($date_format);
#$objLog->logvars[] = date($time_format);
#$objLog->logvars[] = $PHP_SELF;
#$objLog->writelog();
#$objLog->destroy();
/*************************************************************************
END OF LOGGING SAMPLE CODE.
*************************************************************************/
###########################################################################
# Override the settings in config if meta controls are set. #
###########################################################################
if ($hide_all) {
$show_name = false;
$show_email = false;
$show_home = false;
$show_pic = false;
$show_icq = false;
$show_aim = false;
$show_yim = false;
$show_msn = false;
$show_nation = false;
$show_ip = false;
$show_private = false;
$show_password = false;
}
else if ($show_all) {
$show_name = true;
$show_email = true;
$show_home = true;
$show_pic = true;
$show_icq = true;
$show_aim = true;
$show_yim = true;
$show_msn = true;
$show_nation = true;
$show_ip = true;
$show_private = true;
$show_password = true;
}
if ($use_links_instead_of_images) {
$label_home_site_img = "";
$label_admin_menu_img = "";
$label_sign_gb_img = "";
$label_search_gb_img = "";
$label_viewall_gb_img = "";
}
if ($allow_html&&strpos(strtolower($allowed_html_tags_no_img),"<a>")) $allowed_html_tags_no_img = $allowed_html_tags_no_img."<span>";
if ($allow_carriage_returns) $allowed_html_tags_no_img = $allowed_html_tags_no_img."<br><br />";
if (isset($action)); else $action = $HTTP_GET_VARS['action'];
$tmp_theme = $HTTP_GET_VARS['tmp_theme'];
$tmp_lang = $HTTP_GET_VARS['tmp_lang'];
$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
$start = $HTTP_GET_VARS['start'];
if ($tmp_theme>'') $temp_theme = $tmp_theme;
else if ($temp_theme>"");
else $temp_theme=$theme;
$theme = $temp_theme;
if (!file_exists("$path_to_themes/$theme")) $theme = "default.thm.php";
require("$path_to_themes/$theme");
if ($tmp_lang>'') $temp_language = $tmp_lang;
else if ($temp_language>"");
else $temp_language=$language;
$language = $temp_language;
require("$path_to_languages/$language");
if ($secure_site) {
$auth_id = $secure_site_id;
$auth_pw = $secure_site_pw;
include_once("authenticate.php");
}
if ($use_filter_file) require("filters.inc.php");
//$rmt_ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
if ($admin_links_to_config_when_msg_edit_on&&($allow_msg_lvl_edit_by_admin||$allow_msg_lvl_edit_by_user)) $upd_adm = "upconfig.php";
else $upd_adm = "admin.php";
$useLogout = FALSE;
$loginLink = "";
if ($HTTP_GET_VARS['Login']>"") {
$Login = $HTTP_GET_VARS['Login'];
if (strlen($Login)!=64) break;
/** Need to read registry for match **/
$uName = substr($Login,0,32);
$uPass = substr($Login,32);
$useLogout = TRUE;
// $label_logout = "$label_login";
$label_logout = "";
$loginLink = "&Login=$Login";
}
if (!file_exists("$path_to_gb")) {
$write_header = 1;
$header = "<? Header(\"HTTP/1.0 403 Forbidden\");exit; ?>\n";
for ($i=1;$i<17;$i++) {
if ($i==1) $comma = "";
else $comma = ",";
$header .= $comma.'"'.${"col$i"}.'"';
}
$header .= "\n";
$fp = fopen("$path_to_gb","a") or die("$unable_to_access_file_msg $path_to_gb");
flock($fp,2);
if ($write_header) fwrite($fp,$header);
flock($fp,3);
fclose($fp);
}
$handle=opendir($path_to_themes);
if (!$handle) die("$unable_to_access_file_msg $path_to_themes file");
$theme_sb = "";
$selected_theme = explode('.',$theme);
$cnt = 0;
while (($file = readdir($handle))!==false) {
if ($file == '.'||$file == '..') continue;
$thm = explode('.',$file);
if (chop($thm[1]) != "thm") continue;
$themes[] = $thm[0];
}
sort($themes);
$num_options = count($themes);
if ($num_options>0) {
for ($cnt=0;$cnt<$num_options;$cnt++) {
if ($cnt==0) {
$theme_sb = "<select name=\"theme\" onchange=\"location.replace('$PHP_SELF?action=view&searchstring=$searchString&tmp_lang=$language&tmp_theme='+this.options[this.selectedIndex].value+'$loginLink');\">\n";
}
$selected = "";
if ($themes[$cnt] == $selected_theme[0]) $selected = "selected";
$theme_sb .= "<option value=\"$themes[$cnt].thm.php\" $selected>$themes[$cnt]</option>\n";
}
$theme_sb .= "</select>\n";
}
closedir($handle);
$handle=opendir($path_to_languages);
if (!$handle) die("$unable_to_access_file_msg $path_to_themes file");
$lang_sb = "";
$selected_lang = explode('.',$language);
$cnt = 0;
while (($file = readdir($handle))!==false) {
if ($file == '.'||$file == '..') continue;
$lang = explode('.',$file);
if (chop($lang[1]) != "lang") continue;
$langs[] = $lang[0];
}
sort($langs);
$num_options = count($langs);
if ($num_options>0) {
for ($cnt=0;$cnt<$num_options;$cnt++) {
if ($cnt==0) {
$lang_sb = "<select name=\"language\" onchange=\"location.replace('$PHP_SELF?action=view&searchstring=$searchString&tmp_theme=$theme&tmp_lang='+this.options[this.selectedIndex].value+'$loginLink');\">\n";
}
$selected = "";
if ($langs[$cnt] == $selected_lang[0]) $selected = "selected";
$lang_sb .= "<option value=\"$langs[$cnt].lang.php\" $selected>$langs[$cnt]</option>\n";
}
$lang_sb .= "</select>\n";
}
closedir($handle);
?>
<html>
<head>
<?metaTags();?>
<title><?=$guestbook_name;?></title>
<? js_getPointer(); ?>
<script type="text/javascript">
function register() {
window.open('./register.php?tmp_theme=<?=$theme?>&tmp_lang=<?=$language?><?=$loginLink?>','register','width=500,height=400,scrollbars,resizable,status');
}
var msa = 0;
var submit_pressed=0;
self.defaultStatus = "<?=$default_status_msg;?>";
function validate(btn) {
if (btn=='preview') {
if (document.kisgb_add.comments.value.length==0) {
alert('<?=$nothingToPreview?>');
return false;
}
document.kisgb_add.action = "./<?=$root_document?>?action=preview&tmp_theme=<?=$theme?>&tmp_lang=<?=$language.$loginLink?>";
document.kisgb_add.method = 'post';
document.kisgb_add.submit();
}
else {
var chk_private = false;
error = 0;
<?if ($allow_msg_lvl_edit_by_user) echo "var chk_private = true;";?>
<?
if ($show_private&&$show_password) echo "if ((chk_private||document.kisgb_add.private_msg.checked)&& document.kisgb_add.password.value == \"\") { if (!confirm(\"$password_field_missing_msg\")) {document.kisgb_add.password.focus(); return false;}}";
elseif ($show_password) echo "if (document.kisgb_add.password.value == \"\") { if (!confirm(\"$password_field_missing_msg\")) {document.kisgb_add.password.focus(); return false;}}";
?>
document.kisgb_add.action = "./addtogb.php?tmp_theme=<?=$theme?>&tmp_lang=<?=$language.$loginLink?>";
document.kisgb_add.method = 'post';
document.kisgb_add.target = '';
return true;
}
}
function ss(search_or_refresh) {
if (search_or_refresh==0) {
location.href="<?=$PHP_SELF?>?action=view&tmp_theme=<?=$theme?>&tmp_lang=<?=$language?>";
return;
}
var sString = prompt("Search for:","");
if (sString=="'") sString = sString;
/*** 7/19/2002 ***/ if (sString==''||sString == null) return;
else location.href="<?=$PHP_SELF?>?action=view&tmp_theme=<?=$theme?>&tmp_lang=<?=$language?>&searchstring="+sString;
}
function quote(comment,name,info) {
var myregexp = /~~/g;
comment = comment.replace(myregexp,"'");
document.kisgb_view.quotecomments.value = comment;
document.kisgb_view.quotename.value = name;
document.kisgb_view.quoteinfo.value = info;
document.kisgb_view.method='POST';
document.kisgb_view.action="<?=$PHP_SELF?>?action=add&&tmp_theme=<?=$theme?>&tmp_lang=<?=$language?>&searchstring="e=1";
document.kisgb_view.submit();
}
</script>
<? # begin action=add
if ($action=='add'||($action=='preview'&&$show_preview)) {
$ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
function ipLengthCheck($ipvar) {
if (!strpos($ipvar,".")) return;
while(strlen($ipvar)<15) {
$ipWork = explode(".",$ipvar);
for ($j=0;$j<count($ipWork);$j++) {
if (strlen($ipWork[$j])<3) $ipWork[$j] = "0".$ipWork[$j];
}
$ipvar = implode(".",$ipWork);
}
return $ipvar;
}
$ip = ipLengthCheck($ip);
for ($i=0;$i<count($badips);$i++) {
$badArray = FALSE;
if (strpos($badips[$i],'*')) {
$badArrayLower = str_replace("*","000",$badips[$i]);
$badArrayUpper = str_replace("*","999",$badips[$i]);
$badArrayLower = ipLengthCheck($badArrayLower);
$badArrayUpper = ipLengthCheck($badArrayUpper);
$badArray = ip>=$badArrayLower?TRUE:FALSE&&$ip<=$badArrayUpper?TRUE:FALSE;
}
if (ipLengthCheck($badips[$i])==$ip||$badArray) {
?>
<table align="center" border="2" width="50%" bgcolor="lightyellow">
<tr><td align="center"><font color="red"><b><?=$banned_ip_msg?>
<br />
<br />
<a href="<?=$PHP_SELF?>?action=view<?=$loginLink?>&searchstring=<?=$searchString?>"><?=$label_back?></a></b></font>
</td></tr>
</table>
<?
exit;
}
}
if (whoami() && $show_admin_menu) $admin_menu = "<a href=\"$upd_adm?action=admin&tmp_theme=$theme&tmp_lang=$language$loginLink\" onMouseOver='status=\"$label_admin_menu\";return true;' onClick=\"if (this.blur) this.blur();\">$label_admin_menu</a>";
else $admin_menu = "";
?>
<style type="text/css">
<?@include("style-sheet-add.php");?>
</style>
</head>
<body VLINK="<?echo $Alink_visited_color?>" LINK="<?echo $Alink_color?>" ALINK="<?echo $Alink_active_color?>">
<?if (!empty($admin_menu)) $view_gb_align = "left";else $view_gb_align = "right";?>
<form name="kisgb_add" onSubmit="return validate()">
<?if ($page_alignment_center) {
echo "<center>";
if ($use_header_sign) @include("header.php");
}
?>
<table height=<?="$Atable_height"?> width=<?="$Atable_width"?> cellpadding=<?="$Awindow_cellpadding"?> cellspacing=<?="$Awindow_cellspacing"?> border=<?="$Awindow_border"?> rules="none">
<tr><td id="tdadd" align="left" style="border-color:<?=$Awindow_title_border_color?>;background-color:<?=$Awindow_title_background_color?>;color:<?=$Awindow_title_text_color?>;"> <?=$Awindow_title?></td>
<td id="tdadd" align=<?="$view_gb_align"?> style="background-color:<?=$Awindow_title_background_color?>;color:<?=$Awindow_title_text_color?>;"><a href="<?echo $PHP_SELF."?tmp_theme=$theme&tmp_lang=$language&searchstring=$searchString$loginLink";?>" onMouseOver='status="<?=$label_view_gb?>";return true;' onClick="if (this.blur) this.blur();":><?=$label_view_gb?></a></td>
<? if (!empty($admin_menu)) { ?>
<td id="tdadd" align="right" style="border-color:<?=$Awindow_title_border_color?>;background-color:<?=$Awindow_title_background_color?>;color:<?=$Awindow_title_text_color?>;"><?=$admin_menu?></td> <? } ?> </tr>
</table>
<?if ($page_alignment_center) echo "</center>";?>
<?if ($page_alignment_center) echo "<center>";?>
<table width=<?="$Atable_width"?> height=<?="$Atable_height"?> rules="none" cellpadding=<?="$Awindow_cellpadding"?> cellspacing=<?="$Awindow_cellspacing"?> border=<?="$Awindow_border"?>>
<?
// $comments = '<blockquote style="border:thin dotted;"><b>'.ucfirst(trim($HTTP_POST_VARS['quoteinfo'])).' '.strip_tags($HTTP_POST_VARS['quotename']." said:")."</b>\n".trim(str_replace('<br />',"\n",$HTTP_POST_VARS['quotecomments'])).'</blockquote>';
if ($HTTP_GET_VARS['quote']&&$allowQuotingOfMessages) {
$comments = '[quote]'.ucfirst(trim($HTTP_POST_VARS['quoteinfo'])).' '.$HTTP_POST_VARS['quotename']." said:\n".trim($HTTP_POST_VARS['quotecomments']).'[/quote]';
$comments = str_replace('<br />',"\n",$comments);
}
$charleft = $max_comment_length;
$nationselected = empty($HTTP_POST_VARS['nationselected'])?$defaultNation:$HTTP_POST_VARS['nationselected'];
if ($action=='preview'&&$show_preview) {
entryErrorCheck($HTTP_POST_VARS);
echo "<tr><td colspan=2><table width=\"100%\" height=\"$Atable_height\" rules=\"none\" cellpadding=\"$Awindow_cellpadding\" cellspacing=\"$Awindow_cellspacing\" border=\"$Pwindow_border_width\"><tr><td id=\"tdadd\" colspan=2 align=\"left\"><center><b>$label_preview</b></center><br />";
$comments = stripslashes($HTTP_POST_VARS['comments']);
$charleft = $HTTP_POST_VARS['charleft'];
$defaultName = $HTTP_POST_VARS['name'];
$_email = $HTTP_POST_VARS['email'];
$name = $HTTP_POST_VARS['name'];
$def_home = $HTTP_POST_VARS['home'];
$def_pic = $HTTP_POST_VARS['pic'];
$_user_icq = $HTTP_POST_VARS['icq'];
$_user_aim = $HTTP_POST_VARS['aim'];
$_user_yim = $HTTP_POST_VARS['yim'];
$_user_msn = $HTTP_POST_VARS['msn'];
$nation = $HTTP_POST_VARS['nation'];
$nationselected = $HTTP_POST_VARS['nationselected'];
$private_msg_value = $HTTP_POST_VARS['private_msg']=='on'?'checked':'';
$allow_tags = "";
if ($allow_html) $allow_tags .= $allowed_html_tags_no_img;
if ($allow_smileys) $allow_tags .= "<img>";
$p_comments = strip_tags($comments,$allow_tags);
$p_comments = @wordwrap($p_comments,$Vtable_max_comment_width,"\n",1);
if (strlen($p_comments)>$max_comment_length) {
$p_comments = substr($p_comments,0,$max_comment_length-1);
$p_comments = "$label_comment - ".$p_comments;
}
$p_comments = BBCODE($p_comments);
$p_comments = str_replace("src=smilies","src=$path_to_images/smilies",$p_comments);
$p_comments = nl2br(makeLink($p_comments))."<br /><br /></td></tr></table></td></tr>";
$p_comments = str_replace('<img<br />','<img ',$p_comments);
echo $p_comments;
}
if (($require_name||($show_name||$show_all)&&!$hide_all)) {
echo "<tr><td id=\"tdadd\"> $label_name";
if ($require_name) echo " *";
echo "<td id=\"tdadd\"><input name=\"name\" value=\"$defaultName\" size=\"30\" maxlength=\"$max_name_length\" />";
}
else echo "<input type=\"hidden\" name=\"name\" value=\" \" />";
if (($require_email||($show_email||$show_all)&&!$hide_all)) {
echo "<tr><td id=\"tdadd\"> $label_email";
if ($require_email) echo " *";
echo "<td id=\"tdadd\"><input name=\"email\" value=\"$email\" size=\"30\" maxlength=\"$max_email_length\" />";
}
else echo "<input type=\"hidden\" name=\"email\" value=\" \" />";
if (($show_home||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> $label_home<td id=\"tdadd\"><input name=\"home\" size=\"30\" maxlength=\"75\" value=\"$def_home\" />";
}
else echo "<input type=\"hidden\" name=\"home\" value=\" \" />";
if (($show_pic||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> $label_pic<td id=\"tdadd\"><input name=\"pic\" size=\"30\" maxlength=\"75\" value=\"$def_pic\" />";
}
else echo "<input type=\"hidden\" name=\"pic\" value=\" \" />";
if (($show_icq||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> ".$label_icq."<td id=\"tdadd\"><input name=\"icq\" size=\"30\" maxlength=\"15\" value=\"$icq\" />";
}
else echo "<input type=\"hidden\" name=\"icq\" value=\" \" />";
if (($show_aim||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> ".$label_aim."<td id=\"tdadd\"><input name=\"aim\" size=\"30\" maxlength=\"30\" value=\"$aim\" />";
}
else echo "<input type=\"hidden\" name=\"aim\" value=\" \" />";
if (($show_yim||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> ".$label_yim."<td id=\"tdadd\"><input name=\"yim\" size=\"30\" maxlength=\"30\" value=\"$yim\" />";
}
else echo "<input type=\"hidden\" name=\"yim\" value=\" \" />";
if (($show_msn||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> ".$label_msn."<td id=\"tdadd\"><input name=\"msn\" size=\"30\" maxlength=\"30\" value=\"$msn\" />";
}
else echo "<input type=\"hidden\" name=\"msn\" value=\" \" />";
if (($require_nation||($show_nation||$show_all)&&!$hide_all)) {
echo "<tr><td id=\"tdadd\"> $label_nation";
if ($require_nation) echo " *";
echo "<td id=\"tdadd\"><input type=\"hidden\" name=\"nationselected\" value=\"$nationselected\" /><select name=\"nation\" onChange=\"document.kisgb_add.nationselected.value=document.kisgb_add.nation.options[document.kisgb_add.nation.selectedIndex].index;\">";
include("nation.php");
while (list($key, $value) = each($nationArray)) {
if ($key=='blank.gif') $selected = 'selected';
else $selected = '';
echo "<option value=$key $selected>$value</option>\n";
}
echo "</select>";
?>
<script>
document.kisgb_add.nation.options.selectedIndex = <?=$nationselected?>;
</script>
<?
echo "</td></tr>";
}
else echo "<input type=\"hidden\" name=\"nation\" value=\" \" />";
if (($show_ip||$show_all)&&!$hide_all) {
echo "<tr><td id=\"tdadd\"> $label_ip<td id=\"tdadd\">".gethost($HTTP_SERVER_VARS['REMOTE_ADDR']);
}
?>
<tr><td id="tdadd"> <?echo $label_comment ?><br /><input type="text" name="charleft" size="5" value="<?=$charleft;?>" readonly onFocus="document.kisgb_add.comments.focus();" /><br /><?=$label_remaining;?><td id="tdadd"><textarea name="comments" cols="<?=$comment_cols ?>" rows="<?=$comment_rows?>" wrap="soft" onkeyup="countchars()"><?=$comments?></textarea>
<script language="JavaScript">
function returnLen( obj )
{
if ( obj==undefined || obj==null || obj.length==0 ) return;
var oLen = 0;
for ( var i=0; i<obj.length; i++ )
{
if ( obj.charCodeAt(i)<256 )
{
oLen++;
} else {
oLen = oLen+2;
}
}
return oLen;
}
function countchars() {
var commentLen = <?=$max_comment_length;?> - returnLen(document.kisgb_add.comments.value);
if (commentLen < 0) {
document.kisgb_add.comments.value = document.kisgb_add.comments.value.substr(0,<?=$max_comment_length;?>);
}
i = <?=$max_comment_length;?> - returnLen(document.kisgb_add.comments.value);
while ( i < 0)
{
document.kisgb_add.comments.value = document.kisgb_add.comments.value.substring(0,document.kisgb_add.comments.value.length - 1);
i = <?=$max_comment_length;?> - returnLen(document.kisgb_add.comments.value);
}
if (isNaN(i)) i = <?=$max_comment_length;?>;
document.kisgb_add.charleft.value = i;
}
</script>
<?
if ($allow_html) echo "<tr><td id=\"tdadd\" colspan=\"2\" align=\"center\"><b>HTML: ".str_replace("<","<",$allowed_html_tags_no_img)."</b></td></tr>";
else echo "<tr><td id=\"tdadd\"> <td id=\"tdadd\"><b>$html_notallowed_msg</b></td></tr>";
if (($show_password&&$allow_msg_lvl_edit_by_user)||(($show_private||$show_all)&&!$hide_all)) {
echo "<tr><td id=\"tdadd\"> <td id=\"tdadd\">";
if (($show_private||$show_all)&&!$hide_all) {
echo "$label_privatemessage <input type=\"checkbox\" name=\"private_msg\" $private_msg_value />";if ($show_password) echo " $label_password (max 10) <input type=\"password\" name=\"password\" value=\"\" size=15 maxlength=10 />";
}
elseif ($show_password) echo "$label_password (max 10) <input type=\"password\" name=\"password\" value=\"\" size=\"15\" maxlength=\"10\" />";
else echo "<input type=\"hidden\" name=\"password\" value=\"\" />";
}
else {
echo "<input type=\"hidden\" name=\"private_msg\" value=\"\" />";
echo "<input type=\"hidden\" name=\"password\" value=\"\" />";
}
if (!$hide_all) echo "<tr><td id=\"tdadd\" colspan=\"2\" align=\"left\"> <b><i>$label_requiredfield<tr><td id=\"tdadd\" colspan=\"2\"> </td></tr>";
if ($allow_smileys) {
echo "<tr><td id=\"tdadd\" colspan=\"2\" align=\"center\"><input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"$label_smileys\" onClick=\"window.open('./showsmileys.php?tmp_theme=$theme&tmp_lang=$language&formname=kisgb_add','smileys','width=$smiley_window_width,height=$smiley_window_height,scrollbars,resizable');\" /></td></tr>";
}
if ($show_preview) echo "\n\n<tr><td id=\"tdadd\" colspan=\"2\"> </td></tr><tr><td id=\"tdadd\" colspan=\"2\" align=\"center\"><input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"$label_preview\" onClick=\"validate('preview')\" /></td></tr>\n\n";
?>
<tr><td id="tdadd" colspan="2"> </td></tr>
<tr><td id="tdadd" colspan="2" align="center"><input id="btn" onMouseOver="this.style.cursor=get_pointer();" type="submit" value="<?=$add_btn_text;?>" />
</td>
</tr>
</table>
<?
if (($show_name||$show_all)&&!$hide_all) {
echo "<script type=\"text/javascript\">\n";
echo "document.kisgb_add.$cursorPlacementInPost.focus();\n";
echo "</script>\n";
}
?>
<? } #end action=add
# begin action=view
else if ($action=='view'||$action=='') { ?>
<style type="text/css">
<?@include("style-sheet-view.php");?>
</style>
</head>
<?
if ($page_alignment_center) echo "<center>";
if ($use_header_view) @include("header.php");
?>
<body VLINK="<?echo $Vlink_visited_color?>" LINK="<?echo $Vlink_color?>" ALINK="<?echo $Vlink_active_color?>">
<form name="kisgb_view">
<?
$idselector = 0;
$row = 0;
$entries = 0;
$private_entries = 0;
$tmp_data = array();
$fp = fopen("$path_to_gb","r") or die("Unable to access $path_to_gb");
flock($fp,1);
$rn = 0;
// The code below ensures that a converted guestbook is being used
if (strpos(@fread($fp,40),"HTTP/1.0 403 Forbidden")) {}
else {
echo "<table bgcolor=\"lightblue\" border=\"2\" align=\"center\"><tr><td align=\"center\"><font color=\"blue\">I'm sorry, but the Guest Book is not available at this time.<br /><br />Please contact the <a href='mailto:$admin_email_address'>System Administrator</a> for help.</font></td></tr></table>";
exit();
}
// The code above ensures that a converted guestbook is being used
// This next code strips out any tags that were entered prior to 4.2.1 from being displayed
$allow_tags = "";
if ($allow_html) $allow_tags .= $allowed_html_tags_no_img;
if ($allow_smileys) $allow_tags .= "<img>";
$picTypes = explode(',',$picTypes);
$cntPicTypes = count($picTypes);
$picTypeOk = false;
while ($data = fgetcsv($fp,$csv_buffer_size,",")) {
$row++;
// $searchString = $HTTP_GET_VARS['searchstring'];
if ($row>2) {
if ($searchString>"") {
if (urldecode($searchString)=="'") $searchStringX = "'";
else $searchStringX = $searchString;
$searchStringX = urldecode($searchStringX);
if ($name_only_search) {
if (strtolower($data[4])!=strtolower("$searchStringX"))
continue;
}
else if (false===strpos(strtolower($data[0]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[1]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[2]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[3]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[4]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[5]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[6]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[7]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[8]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[9]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[10]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[11]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[12]),strtolower("$searchStringX"))
&&false===strpos(strtolower($data[13]),strtolower("$searchStringX")))
continue;
}
$num = count($data);
/*** 7/17/2002 **/ if (FALSE !== strpos(strtolower($data[6]),'javascript:')) $data[6]="";
/*** 7/17/2002 **/ if (FALSE !== strpos(strtolower($data[7]),'javascript:')) $data[7]="";
if ($num<15) {$data[14] = "";$data[15] = "";}
if ($data[14]=="on"&&$data[0]>"") {
$private_entries++;
$data[13] = "";
}
if ($data[0]>"") {
$cont = 0;
if ($data[0]>10000) {
$dateShift = dateShift($data[0]);
if ($moderateEntries&&!$dateShift[0]) $cont=1;
$data[2] = date($date_format,$data[0]-$dateShift[1]);
$data[3] = date($time_format,$data[0]-$dateShift[1]);
}
if ($cont) continue;
$rn++;
if (!$data[14]=="on") $entries++;
if ($allow_carriage_returns) {
$data[13] = wordwrap2($data[13], $Vtable_max_comment_width, "\n");
$data[13] = nl2br($data[13]);
// $data[13] = str_replace("<br />","<br>",$data[13]);
}
// $data[13] = @wordwrap($data[13],$Vtable_max_comment_width,"\n",1);
$data[13] = str_replace("&", "&", $data[13]);
$data[13] = stripslashes($data[13]);
// $data[13] = str_replace("<","<",$data[13]);
// $data[13] = str_replace(">",">",$data[13]);
$data[13] = $message_separator.$data[13];
$data[13] = str_replace("src=smilies","src=$path_to_images/smilies",$data[13]);
$picTypeOk = false;
for ($c=0;$c<$cntPicTypes;$c++) {
if (strpos(strtolower($data[7]),".".$picTypes[$c])) $picTypeOk = true;
}
if (!$picTypeOk) $data[7] = "";
for ($c=0;$c<$num;$c++) {
$data[$c] = str_replace("<","<",$data[$c]);
$data[$c] = str_replace(">",">",$data[$c]);
$tmp_data[$rn][$c] = strip_tags($data[$c],$allow_tags);
}
}
}
}
flock($fp,3);
fclose($fp);
$total_rows_in_gb = $rn;
$intro = 'echo "<table style=\"font-size:$Intro_font_size;color:$Intro_text_color;background-color:$Intro_background_color;color:$Intro_text_color;border-color:$Intro_border_color;\" width=\"$Intro_width\" height=\"$Intro_height\" border=\"$Intro_border\" rules=\"none\" cellpadding=\"0\" cellspacing=\"0\"><tr><td><b>$Intro_text</b></td></tr></table>";';
if ($use_intro) eval($intro);
$label_reverse_display = htmlspecialchars($label_reverse_display,ENT_QUOTES);
$lbl_admin_menu = $label_admin_menu_img>""?$label_admin_menu_img:$label_admin_menu;
$lbl_admin_menu = eregi_replace("<img","<img alt='$label_admin_menu' title='$label_admin_menu'",$lbl_admin_menu);
$lbl_home_site = $label_home_site_img>""?$label_home_site_img:$label_home_site;
$lbl_home_site = eregi_replace("<img","<img alt='$label_home_site' title='$label_home_site'",$lbl_home_site);
$lbl_sign_gb = $label_sign_gb_img>""?$label_sign_gb_img:$label_sign_gb;
$lbl_sign_gb = eregi_replace("<img","<img alt='$label_sign_gb' title='$label_sign_gb'",$lbl_sign_gb);
$lbl_search_gb = $label_search_gb_img>""?$label_search_gb_img:$label_search;
$lbl_search_gb = eregi_replace("<img","<img alt='$label_search' title='$label_search'",$lbl_search_gb);
$lbl_viewall_gb = $label_viewall_gb_img>""?$label_viewall_gb_img:$label_viewall;
$lbl_viewall_gb = eregi_replace("<img","<img alt='$label_viewall' title='$label_viewall'",$lbl_viewall_gb);
if (!$useLogout) {
$lbl_register = $label_register_img>""?$label_register_img:$label_login;
$lbl_register = eregi_replace("<img","<img alt='$label_login' title='$label_login'",$lbl_register);
}
else {
$lbl_register = $label_register_img>""?$label_register_img:$label_logout;
$lbl_register = eregi_replace("<img","<img alt='$label_logout' title='$label_logout'",$lbl_register);
}
if (whoami() && $show_admin_menu) $admin_menu = "<a href=\"$upd_adm?action=admin&tmp_theme=$theme&tmp_lang=$language$loginLink\" onMouseOver='status=\"$label_admin_menu\";return true;' onClick=\"if (this.blur) this.blur();\">$lbl_admin_menu</a> ";
else $admin_menu = "";
if ($theme_by_language) $theme_position = "$label_theme: $theme_sb</td><td> </td>";
else $theme_position = "</td><td align=\"right\">$label_theme: $theme_sb</td>";
if ($use_languages && $use_themes) $lang_theme = "<tr><td colspan=\"2\" align=\"left\">$label_language: $lang_sb".$theme_position."</tr>";
else if ($use_languages) $lang_theme = "<tr><td colspan=\"3\" align=\"left\">$label_language: $lang_sb</td></tr>";
else if ($use_themes) $lang_theme = "<tr><td colspan=\"3\" align=\"left\">$label_theme: $theme_sb</td></tr>";
else $lang_theme = "";
if ($show_home_menu) $label_home_site = "<a href=\"$site_url\" onMouseOver='status=\"$label_home_site\";return true;'>$lbl_home_site</a> ";
else $label_home_site = "";
if ($show_search) $label_search = "<a href=\"javascript:ss()\" onMouseOver='status=\"$label_search\";return true;'>$lbl_search_gb</a> <a href=\"javascript:ss(0)\" onMouseOver='status=\"$label_viewall\";return true;'>$lbl_viewall_gb</a> ";
else {
$label_search = "";
$label_viewall = "";
}
if ($allow_registering) $label_register = "<a href=\"javascript:register();\" onMouseOver='status=\"$label_login\";return true;'>$lbl_register</a> ";
else $label_register = "";
$label_register = ""; /* temporary override */
$legend_row1 = 'echo "<table style=\"border-color:$Vwindow_title_border_color;background-color:$Vwindow_title_background_color;color:$Vwindow_title_text_color;\" height=\"$Vtable_height\" width=\"$Vtable_width\" cellpadding=\"$Vwindow_cellpadding\" cellspacing=\"$Vwindow_cellspacing\" border=\"$Vwindow_border\" rules=\"none\">";';
$legend_row2 = 'echo $lang_theme;';
$legend_row3 = 'echo "<tr><td align=\"left\" style=\"background-color:$Vwindow_title_background_color;color:$Vwindow_title_text_color;\">$label_home_site<a href=\"$PHP_SELF?action=add&tmp_theme=$theme&tmp_lang=$language&searchstring=$searchString$loginLink\" onMouseOver=\'status=\"$label_sign_gb\";return true;\' onClick=\"if (this.blur) this.blur();\">$lbl_sign_gb</a> $admin_menu $label_search $label_register</td><td align=\"right\" colspan=\"2\">$entries $label_entries_public ";
if ($show_private_entries_total) echo " $private_entries $label_entries_private ";';
$legend_row4 = 'echo "</td></tr></table>";';
$display_code = 'if ($tmp_data[$rn][0]>0) {$icons = "";
$idselector++;
if ($idselector%2) {$id="td1";$hic = $Vwindow_hilite_color1; $hitc = $Vwindow_hilite_text_color1;} else {$id = "td2"; $hic = $Vwindow_hilite_color2; $hitc = $Vwindow_hilite_text_color2;}
if ($allow_msg_lvl_edit_by_user&&$show_password) $edit_update = "[$label_update]";
else if ($allow_msg_lvl_edit_by_admin) $edit_update = "[$label_admin]";
else $edit_update = false;
/************************************************/
$cnti = 0;
if (!$edit_update===false) {
$eu = "<a href=\"view_private.php?start=$rn&action=edit&tmp_theme=$theme&tmp_lang=$language$loginLink&msgid=".chop($tmp_data[$rn][0])."\" onMouseOver=\'status=\"$label_lock_icon_mouseover\";return true;\'><img src=\"images/$img_msg_update\" alt=\"$label_lock_icon_mouseover\" title=\"$label_lock_icon_mouseover\" border=\"0\" width=\"15\" height=\"15\" /></a> ";
$cnti++;
}
else $eu = "";
if (!$tmp_data[$rn][14]=="on") {
if ($use_pic) {
$pic_parms = "width=\"$pic_width\" height=\"$pic_height\"";
$use_picture = $tmp_data[$rn][7];
}
else {
$pic_parms = "";
$use_picture = "$path_to_images/$img_pic";
}
if ($icons_in_separate_column) {
if ($show_pic&&$tmp_data[$rn][7]>""&&!$hide_all) {$icons .= "<a target=_new href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=0 alt=\"".$tmp_data[$rn][7]."\" title=\"".$tmp_data[$rn][7]."\" $pic_parms src=\"$use_picture\" /></a> "; if ($icons_in_separate_column) {$icons .= "<br />";}}
}
$icons .= $eu;
$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}
if ($show_nation && $tmp_data[$rn][12]>"" && $tmp_data[$rn][12]!="blank.gif" && !$hide_all) {$icons .= "<a onMouseOver=\"status=\'".$tmp_data[$rn][12]."\';return true;\"><img border=\"0\" alt=\"".$tmp_data[$rn][12]."\" title=\"".$tmp_data[$rn][12]."\" src=\"$path_to_images/flags/".$tmp_data[$rn][12]."\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
if ($show_email && $tmp_data[$rn][5]>"" && !$hide_all) {$icons .= "<a href=\"mailto:".$tmp_data[$rn][5]."\" onMouseOver=\'status=\"$label_email_icon_mouseover\";return true;\' onClick=\"if (this.blur) this.blur();\"><img border=\"0\" alt=\"".$tmp_data[$rn][5]."\" title=\"".$tmp_data[$rn][5]."\" src=\"$path_to_images/$img_email\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
if ($show_home&&$tmp_data[$rn][6]>""&&!$hide_all) {$icons .= "<a target=\"_new\" href=\"http://".$tmp_data[$rn][6]."\" onMouseOver=\'status=\"$label_url_icon_mouseover\";return true;\' onClick=\"if (this.blur) this.blur();\"><img border=\"0\" alt=\"".$tmp_data[$rn][6]."\" title=\"".$tmp_data[$rn][6]."\" src=\"$path_to_images/$img_home\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
$tmp_data[$rn][7] = ereg_replace(" ","%20",$tmp_data[$rn][7]);
if ($show_icq&&$tmp_data[$rn][8]>""&&!$hide_all) {$icons .= "<a href=\"http://web.icq.com/".$tmp_data[$rn][8]."\" target=\"_icq\" onMouseOver=\"status=\'".$tmp_data[$rn][8]."\';return true;\"><img border=\"0\" alt=\"".$tmp_data[$rn][8]."\" title=\"".$tmp_data[$rn][8]."\" src=\"$path_to_images/$img_icq\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
if ($show_aim&&$tmp_data[$rn][9]>""&&!$hide_all) {$icons .= "<a onMouseOver=\"status=\'".$tmp_data[$rn][9]."\';return true;\"><img border=\"0\" alt=\"".$tmp_data[$rn][9]."\" title=\"".$tmp_data[$rn][9]."\" src=\"$path_to_images/$img_aim\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
if ($show_yim&&$tmp_data[$rn][10]>""&&!$hide_all) {$icons .= "<a onMouseOver=\"status=\'".$tmp_data[$rn][10]."\';return true;\"><img border=\"0\" alt=\"".$tmp_data[$rn][10]."\" title=\"".$tmp_data[$rn][10]."\" src=\"$path_to_images/$img_yim\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
if ($show_msn&&$tmp_data[$rn][11]>""&&!$hide_msn) {$icons .= "<a onMouseOver=\"status=\'".$tmp_data[$rn][11]."\';return true;\"><img border=\"0\" alt=\"".$tmp_data[$rn][11]."\" title=\"".$tmp_data[$rn][11]."\" src=\"$path_to_images/$img_msn\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
if ($show_ip&&$tmp_data[$rn][1]>""&&!$hide_all) {$icons .= "<a onMouseOver=\"status=\'".$tmp_data[$rn][1]."\';return true;\"><img border=\"0\" alt=\"".$tmp_data[$rn][1]."\" title=\"".$tmp_data[$rn][1]."\" src=\"$path_to_images/$img_ip\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
$label_comments_added_mod = "";
// if (!isset($tmp_data[$rn][2])) $show_date = false;
// if (!isset($tmp_data[$rn][3])) $show_time = false;
if (($show_time&&$tmp_data[$rn][3]>"") && ($show_date&&$tmp_data[$rn][2]>"")) $label_comments_added_mod = " $on ".$tmp_data[$rn][2]." $at ".$tmp_data[$rn][3];
else if ($show_date&&$tmp_data[$rn][2]>"") $label_comments_added_mod = " $on ".$tmp_data[$rn][2];
else if ($show_time&&$tmp_data[$rn][3]>"") $label_comments_added_mod = " $at ".$tmp_data[$rn][3];
if ($allowQuotingOfMessages&&!$hide_all) {$icons .= "<a href=\"javascript:quote(\'".str_replace(\''\',"~~",addslashes($tmp_data[$rn][13]))."\',\'".$tmp_data[$rn][4]."\',\'".$label_comments_added_mod."\')\" onMouseOver=\"status=\'".$label_sign_gb."\';return true;\"><img border=\"0\" alt=\"".$label_sign_gb."\" title=\"".$label_sign_gb."\" src=\"$path_to_images/$img_quote\" /></a> "; if ($icons_in_separate_column) {$cnti++; if ($cnti>3) {$icons .= "<br />"; $cnti = 1;}}}
echo "<tr>";
$colspan = "";
if (!($show_name || $show_email || $show_home || $show_pic || $show_icq || $show_aim || $show_yim || $show_msn || $show_nation || $show_ip)) $hide_all = true;
}
if ($tmp_data[$rn][14]=="on") $icons = "$eu<a href=\"view_private.php?start=$start&tmp_theme=$theme&tmp_lang=$language$loginLink&msgid=".$tmp_data[$rn][0]."\" onMouseover=\"status=\'View\';return true;\"><span style=\"color:$hitc;\">[$label_private]</span></a>";
if ($icons>"" && !$hide_all) $colspan = "";
else $colspan = " colspan=\"2\" ";
if ($icons_in_separate_column AND !$hide_all)
{
echo "<td id=\"$id\" align=\"left\" valign=\"top\" width=\"$Vtable_icon_cell_size\">";
if ($show_name&&$tmp_data[$rn][4]>" ")
echo
"<a href=\"$PHP_SELF?action=view&tmp_theme=$theme&tmp_lang=$language$loginLink&searchstring=".trim($tmp_data[$rn][4])."[[name]]"."\" onMouseOver=\"status=\'Find\';return true;\">".$tmp_data[$rn][4]."</a><br />";
if ($show_date&&$tmp_data[$rn][2]>"")
echo $tmp_data[$rn][2]." ";
if ($show_time&&$tmp_data[$rn][3]>"") echo $tmp_data[$rn][3];
echo $icon_separator.$icons;
echo "</td>";
}
echo "<td id=\"$id\" valign=\"top\" align=\"left\" $colspan>";
$label_comments_added_mod = "";
// if (!isset($tmp_data[$rn][2])) $show_date = false;
// if (!isset($tmp_data[$rn][3])) $show_time = false;
if (($show_time&&$tmp_data[$rn][3]>"") && ($show_date&&$tmp_data[$rn][2]>"")) $label_comments_added_mod = " $on ".$tmp_data[$rn][2]." $at ".$tmp_data[$rn][3];
else if ($show_date&&$tmp_data[$rn][2]>"") $label_comments_added_mod = " $on ".$tmp_data[$rn][2];
else if ($show_time&&$tmp_data[$rn][3]>"") $label_comments_added_mod = " $at ".$tmp_data[$rn][3];
if ($icons_in_separate_column AND !$hide_all) {}
else {
echo "<span style=\"background-color:$hic;color:$hitc;width:100%;\"><b><em> ";
if ($show_name&&$tmp_data[$rn][4]>" ") {
echo "<a href=\"$PHP_SELF?action=view&tmp_theme=$theme&tmp_lang=$language$loginLink&searchstring=".trim($tmp_data[$rn][4]);
echo "[[name]]"."\" onMouseOver=\"status=\'Find\';return true;\">".$tmp_data[$rn][4]."</a> ";
}
/*** 7/18/2002 ***/ echo "$label_comments_added".$label_comments_added_mod."</em></b></span>";
echo "<br />";
}
if (strpos(strtolower($allowed_html_tags_no_img),"<a>")&&$allow_html) $tmp_data[$rn][13] = makeLink($tmp_data[$rn][13]);
$start_tag = strpos(strtoupper($tmp_data[$rn][13]),"<IMG");
if (($start_tag===false)||(is_string($start_tag)&&!$start_tag)) {
// img tag not found
}
else {
$a_tag_hold = strtolower($tmp_data[$rn][13]);
$a_tag_errors = 0;
$js_errors = 0;
for ($x=0;$x<substr_count($a_tag_hold,"<img");$x++) {
$start_tag = strpos($a_tag_hold,"<img");
$end_tag = strpos($a_tag_hold,">",$start_tag);
$a_tag = substr($a_tag_hold,$start_tag,$end_tag-$start_tag+1);
$dquotes = substr_count($a_tag,""");
$squotes = substr_count($a_tag,"'");
if ($dquotes%2||$squotes%2) $a_tag_errors++;
// begin search and destroy for image tag javascript calls
$cant_use = explode(",",$words_not_allowed_in_anchor_tag);
for ($x=0;$x<count($cant_use);$x++) {
$tstString = strpos($a_tag,strtolower($cant_use[$x]));
if ($tstString) {
$tmp_data[$rn][13] = substr_replace($tmp_data[$rn][13],"<img>",$start_tag,$end_tag-$start_tag+1);
$js_errors++;
}
}
// end search and destroy for image tag javascript calls
$a_tag_hold = substr($a_tag_hold,$end_tag);
}
if (!$a_tag_errors) {
$tmp_data[$rn][13] = str_replace(""","\"",$tmp_data[$rn][13]);
$tmp_data[$rn][13] = str_replace("'","\'",$tmp_data[$rn][13]);
}
if ($js_errors&&a_tag_errors) $tmp_data[$rn][13] .= "<br /><b>$attempted_use_of_javascript_msg</b>";
elseif ($js_errors) $tmp_data[$rn][13] .= "<br /><b>$attempted_use_of_javascript_msg</b>";
}
$start_tag = strpos(strtoupper($tmp_data[$rn][13]),"<A");
if (($start_tag===false)||(is_string($start_tag)&&!$start_tag)) {
// anchor tag not found
if (!$icons_in_separate_column&&$tmp_data[$rn][7]>""&&$show_pic&&!$hide_all) {
$tmp_data[$rn][13] = "<a target=\"_new\" href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=\"0\" alt=\"".$tmp_data[$rn][7]."\" title=\"".$tmp_data[$rn][7]."\" $pic_parms src=\"$use_picture\"></a> ".$tmp_data[$rn][13];
}
}
else {
$a_tag_hold = strtolower($tmp_data[$rn][13]);
$a_tag_errors = 0;
$js_errors = 0;
for ($x=0;$x<substr_count($a_tag_hold,"<a");$x++) {
$start_tag = strpos($a_tag_hold,"<a");
$end_tag = strpos($a_tag_hold,">",$start_tag);
$a_tag = substr($a_tag_hold,$start_tag,$end_tag-$start_tag+1);
$dquotes = substr_count($a_tag,""");
$squotes = substr_count($a_tag,"'");
if ($dquotes%2||$squotes%2) $a_tag_errors++;
// begin search and destroy for anchor tag javascript calls
$cant_use = explode(",",$words_not_allowed_in_anchor_tag);
for ($x=0;$x<count($cant_use);$x++) {
$tstString = strpos($a_tag,strtolower($cant_use[$x]));
if ($tstString) {
$tmp_data[$rn][13] = substr_replace($tmp_data[$rn][13],"<a>",$start_tag,$end_tag-$start_tag+1);
$js_errors++;
}
}
// end search and destroy for anchor tag javascript calls
$a_tag_hold = substr($a_tag_hold,$end_tag);
}
if (!$a_tag_errors) {
$tmp_data[$rn][13] = str_replace(""","\"",$tmp_data[$rn][13]);
$tmp_data[$rn][13] = str_replace("'","\'",$tmp_data[$rn][13]);
if (!$icons_in_separate_column&&$tmp_data[$rn][7]>"") {
$tmp_data[$rn][13] = "<a target=_new href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=\"0\" alt=\"".$tmp_data[$rn][7]."\" title=\"".$tmp_data[$rn][7]."\" $pic_parms src=\"$use_picture\" /></a> ".$tmp_data[$rn][13];
}
}
else {
if (!$icons_in_separate_column&&$tmp_data[$rn][7]>"") {
$tmp_data[$rn][13] = "<a target=\"_new\" href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=0 alt=\"".$tmp_data[$rn][7]."\" title=\"".$tmp_data[$rn][7]."\" $pic_parms src=\"$use_picture\" /></a> ".$tmp_data[$rn][13];
}
$tmp_data[$rn][13] .= "<br /><b>$broken_link_msg</b>";
}
if ($js_errors&&a_tag_errors) $tmp_data[$rn][13] .= "<br /><b>$attempted_use_of_javascript_msg</b>";
elseif ($js_errors) $tmp_data[$rn][13] .= "<br /><b>$attempted_use_of_javascript_msg</b>";
}
// $allow_tags = "";
// if ($allow_html) $allow_tags .= $allowed_html_tags_no_img;
// if ($allow_smileys) $allow_tags .= "<img>";
// $tmp_data[$rn][13] = strip_tags($tmp_data[$rn][13],$allow_tags);
$tmp_data[$rn][13] = BBCODE($tmp_data[$rn][13]);
if (!$tmp_data[$rn][14]=="on") {
if ($icons_in_separate_column AND !$hide_all) {}
else echo "<br />";
echo $tmp_data[$rn][13];
// $quotecomments = $tmp_data[$rn][13];
// $quotename = $tmp_data[$rn][4];
}
if (!$icons_in_separate_column&&!$tmp_data[$rn][14]=="on") {echo "<br /><br />$icons";} else if (!$icons_in_separate_column) echo "$icons";
/*** 7-18-2002 ***/ if ($icons_in_separate_column AND $tmp_data[$rn][14]=="on") echo " ";
echo "</td></tr>";
}';
eval($legend_row1);
if ($use_themes_languages_header) eval($legend_row2);
eval($legend_row3);
eval($legend_row4);
echo "\n\n<table width=\"$Vtable_width\" height=\"$Vtable_height\" cellpadding=\"$Vwindow_cellpadding\" cellspacing=\"$Vwindow_cellspacing\" border=\"$Vwindow_border\">";
if ($total_rows_in_gb) {
$trn = $rn;
if (!isset($start)) $start=$rn;
$rn = $start;
$rows_per_page = ($rows_per_page>0)?$rows_per_page:99999;
$cnt = 0;
for ($c=$rn;$c>0;$c--) {
if ($cnt==0 OR $cnt%$rows_per_page!=0) {
eval($display_code);echo "\n\n";
$cnt++;
}
$rn--;
if ($cnt > 0 AND $cnt%$rows_per_page==0) {
$next = $rn;
break;
}
}
if ($next < 1) $prev = $cnt + $rows_per_page;
else $prev = $next + 2*($rows_per_page);
if ($prev > $trn) $prev = $trn;
if ($prev <= $rows_per_page) $prev = 0;
if ($next>0 OR $next>$rows_per_page) $show_next=true;
else $show_next=false;
if ($prev>0 && ($start!=$trn OR $show_next==false)) $show_prev=true;
else $show_prev=false;
if ($next<$rows_per_page) $nrpp = $next;
else $nrpp = $rows_per_page;
if ($prev<$rows_per_page) $prpp = $prev;
else $prpp = $rows_per_page;
echo "</table>\n\n";
$data = array();
$tmp_data = array();
if ($entries>0) {
eval($legend_row1);
if ($use_themes_languages_footer) eval($legend_row2);
eval($legend_row3);
}
$pages = ceil($trn/$rows_per_page);
$st = $trn;
if ($show_prev) $arrow_p = ""; else $arrow_p = "";
if ($show_next) $arrow_n = ""; else $arrow_n = "";
$page_legend = $arrow_p;
$carry = $HTTP_GET_VARS['carry'];
if (empty($carry)) $carry=1;
for ($p=$carry;$p<=$pages;$p++) {
if ($st==$start) $link=false; else $link=true;
if ($carry>1&&$p==$carry) {
$h_c = $carry;
$carry = $carry-1;
$st = $st - ($carry*$rows_per_page);
$st1 = $st+$rows_per_page;
$page_legend = "<a href=\"$PHP_SELF?action=view&start=$st1&carry=$carry&tmp_theme=$theme&tmp_lang=$language$loginLink&searchstring=$searchString\" onMouseOver='status=\"\";return true;'><<</a> | ";
$carry = $h_c;
}
if ($link) $page_legend .= "<a href=\"$PHP_SELF?action=view&start=$st&tmp_theme=$theme&tmp_lang=$language$loginLink&searchstring=$searchString\" onMouseOver='status=\"\";return true;'>$p</a> | ";
else $page_legend .= "<b>$p</b></a> | ";
$st = $st-$rows_per_page;
if ($p+1>$carry+19) {
$carry = $carry+1;
$page_legend .= "<a href=\"$PHP_SELF?action=view&start=$st&carry=$carry&tmp_theme=$theme&tmp_lang=$language$loginLink&searchstring=$searchString\" onMouseOver='status=\"\";return true;'>>></a> | ";
break 1;
}
}
if ($show_next||$show_prev);
else $page_legend = "";
$page_legend .= $arrow_n;
echo "<tr><td colspan=\"3\" valign=\"top\" align=\"$next_prev_position\">".$page_legend;
eval($legend_row4);
if ($use_intro) {
if ($page_alignment_center) echo "<center>";
eval($intro);
if ($page_alignment_center) echo "</center>";
}
} //ends total_rows_in_gb logic
echo "<input type=hidden name=quotecomments>";
echo "<input type=hidden name=quoteinfo>";
echo "<input type=hidden name=quotename>";
}
#end action=view
###############################################################
# PLEASE NOTE: AS STATED IN THE README FILE, THE FOOTER MUST #
# BE SHOWN OR YOU ARE IN VIOLATION OF THE USAGE AGREEMENT AND #
# LICENSE. #
###############################################################
echo "<p><table border=\"0\" width=\"$Intro_width\" height=\"$Intro_height\" rules=\"none\" cellpadding=\"0\" cellspacing=\"0\"><tr><td>";
if ($use_footer) require 'footer.php';
echo "</td></tr></table>";
if ($page_alignment_center) echo "</center>";
?>
</form>
</body>
</html>