Location: PHPKode > projects > KISGB (Keep It Simple Guest Book) > kisgb/updategb.php
<?
/*
   KISGB - a Guest Book script written in PHP.
   Copyright (C) 2001-2002 Gaylen Fraley
   hide@address.com

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   License file for more details.
*/
echo $HTTP_POST_VARS[action];
require("config.php");
$start = empty($HTTP_GET_VARS['start'])?$HTTP_POST_VARS['start']:$HTTP_GET_VARS['start'];
if ($start<=$rows_per_page) $start=$rows_per_page;
$vpass = empty($HTTP_GET_VARS['vpass'])?$HTTP_POST_VARS['vpass']:$HTTP_GET_VARS['vpass'];
if ($HTTP_GET_VARS[action]=='edit') $back_to = "$root_document?action=view&start=$start";
else $back_to = "admin.php?action=admin.php";
$cgi_id = $HTTP_POST_VARS['cgi_id'];
$cgi_pw = $HTTP_POST_VARS['cgi_pw'];
$auth_id = $admin_id;
$auth_pw = $admin_pw;
if ($HTTP_GET_VARS['tmp_theme']>'') $theme = $HTTP_GET_VARS['tmp_theme'];
if ($HTTP_GET_VARS['tmp_lang']>'') $language = $HTTP_GET_VARS['tmp_lang'];
require("$path_to_languages/$language");
require("$path_to_themes/$theme");
if ($use_filter_file) require("filters.inc.php");
$msgid = $HTTP_POST_VARS['msgid'];
$update = $HTTP_POST_VARS['update'];
$delete = $HTTP_POST_VARS['delete'];
$password = $HTTP_POST_VARS['password'];
//if ($vpass!=$auth_pw&&$vpass!=$password&&md5($vpass)!=$password) require("authenticate.php");
require("functions.php");
if ($admin_from_web==true) {
	$row = 0;
	$insert_msg = '';
	$fp = fopen("$path_to_gb",'r') or die("$unable_to_access_file_msg $path_to_gb");
	set_file_buffer($fp,$buffersize);
//	flock($fp,2);
	$num = 16;
	for ($i=0;$i<$num;$i++) {
		$j = $i+1;
		$head_array[$i] = ${"col$j"};
	}
	while ($data = fgetcsv($fp,$csv_buffer_size,",")) {
		$row++;
		if ($row<2) continue;
		$new_msg = "";
		if ($data[0]==$msgid) {
			if (!empty($update)) {
				if ($vpass!=$auth_pw&&$vpass!=$password&&md5($vpass)!=$password&&md5($vpass)!=$data[15]&&$vpass!=$data[15]) require("authenticate.php");
				reset ($HTTP_POST_VARS);
				entryErrorCheck($HTTP_POST_VARS);
				reset ($HTTP_POST_VARS);
				while (list ($key, $val) = each ($HTTP_POST_VARS)) {
					$found=false;
					for ($i=0;$i<count($head_array);$i++) {
						if ($key==$head_array[$i]) {
							if (strtolower($key)=="password"&&!empty($val)&&$encryptPassword&&strlen($val)<32) $val = md5($val);
							$rec[$i] = $val;
							$found=true;
						}
						if ($found) break;
					}
				}
				$msg = $label_name."$data[4] (ip = ".$HTTP_SERVER_VARS['REMOTE_ADDR'].") - $head_array[0]:$msgid ".$on." ".date($date_format)." $at ".date($time_format)."\n";

				for ($c=0;$c<$num;$c++) {
					if ($c==0) $comma="";
					else $comma=",";
					if ($c==13&&$row>1) {
						$rec[$c] = htmlspecialchars($rec[$c],ENT_QUOTES);
						$rec[$c] = str_replace("&amp;#","&#",$rec[$c]);
						$new_msg .= $comma."\"$rec[$c]\"";
					}
					elseif ($c<4) $new_msg .= $comma."$rec[$c]";
					else $new_msg .= $comma."\"$rec[$c]\"";
					if (chop($data[$c])!=chop($rec[$c])) {
							$msg .= "$head_array[$c]: [$data[$c]]\n\n$head_array[$c]: [$rec[$c]]\n\n\n";
					}
				}
				$new_msg .= "\n";
				if ($admin_email_advice_on_gb_edit && !empty($admin_email_address)) {
					$to = "$admin_email_address,$admin_email_address_addl";
					$subject = "$admin_email_subject_on_gb_edit";
					@mail($to, $subject, "$msg","From: $admin_email_address") ;
				}
			}
		}
		else {
			for ($c=0;$c<$num;$c++) {
				$val = $data[$c];
				if ($c==0) $comma="";
				else $comma=",";
				if ($c==13&&$row>1) $new_msg .= $comma."\"$val\"";
				elseif ($c<4&&$row>1) $new_msg .= $comma."$val";
				else $new_msg .= $comma."\"$val\"";
			}
			$new_msg .= "\n";
		}
		if (!empty($new_msg)) $newgb[] = $new_msg;
	}
//	flock($fp,3);
	fclose($fp);
	unset($delete);
	unset($update);
	$buffersize = round(filesize($path_to_gb)*1.5);
	$fp = fopen("$path_to_gb",'w') or die("$unable_to_access_file_msg $path_to_gb");
	set_file_buffer($fp,$buffersize);
	flock($fp,2);
	for ($i=0;$i<count($newgb);$i++) {
		if ($i==0) $prefx = "<? Header(\"HTTP/1.0 403 Forbidden\");exit; ?>\n";
		else $prefx = "";
		fwrite($fp,$prefx.$newgb[$i]);
	}
	flock($fp,3);
	fclose($fp);
}
?>
<?if ($admin_from_web==false) {?>
<html>
<head>
	<style type="text/css">
		<?@include("style-sheet-add.php");?>
	</style>
</head>
<table border="1" align="center"><tr><td id=tdadd>DEMO&nbsp;<?=$submit?><?=$label_successful?></td></tr></table>
<p><center><a href="<?=$back_to;?>&tmp_theme=<?=$theme?>&tmp_lang=<?=$language?>&cgi_id=<?=$cgi_id?>&cgi_pw=<?=$cgi_pw?>"><?=$label_back?></a></center></p>
</html>
<?exit;}?>
<script type="text/javascript">window.location="<?=$back_to;?>&tmp_theme=<?=$theme?>&tmp_lang=<?=$language?>&cgi_id=<?=$cgi_id?>&cgi_pw=<?=$cgi_pw?>";</script>
Return current item: KISGB (Keep It Simple Guest Book)