Location: PHPKode > projects > WH Community > wh_community/create_gb.php
<?php require('layout/header.php'); ?>

    <script type="text/javascript">
    	function insert(was) {
    	document.gb.post.value += was + " ";
    	document.gb.post.focus();
    	}
    </script>
    
    <script type="text/javascript">
    	function showSuccessMessage() {
    	showNotification({
    	type : "success",
    	message: "<?php echo $lang['success_gb_entry']; ?>"
    	});    
        }                                
    
    function showErrorMessage() {
    	showNotification({
    	type : "error",
    	message: "<?php echo $lang['couldnot_gb_entry']; ?>"
    	});    
        }                                
    </script>

<div id="content_wrapper">
    <div class="content"><?php

		if((isset($_GET['user_id'])) && (is_numeric($_GET['user_id']))) {
		
		$id = mysql_real_escape_string($_GET['user_id']);
		$id = intval($_GET['user_id']);
	
			}else{
			
			echo '<p align="center" class="false">' . $lang['invalid_id'] . '!</p>';
			exit();
			}
		
		echo '<h1>' . $lang['guestbook_entry'] . '</h1><br>';
		
		include('functions/flood.php');
		
		if($_SERVER['REQUEST_METHOD'] != 'POST') {
		
		echo '<a href="read_gb.php?user_id=' . $id . '" class="css_button">' . $lang['guestbook_read'] . '</a><br><br>';
		
		echo "<form action=\"\" method=\"post\" name=\"gb\">
    		  <p><input type=\"text\" name=\"name\" class=\"fields\" size=\"30\" maxlength=\"30\"> <strong>" . $lang['name'] . "*</strong></p>
    		  <p><input type=\"text\" name=\"email\" class=\"fields\" size=\"30\" maxlength=\"50\"> <strong>" . $lang['e_mail'] . "</strong></p>
    		  <p><input type=\"text\" name=\"url\" class=\"fields\" value=\"http://\" size=\"30\" maxlength=\"50\"> <strong>" . $lang['homepage'] . "</strong></p>
    		  <p><strong>" . $lang['message'] . "*</strong><br>
    		  <textarea name=\"post\" class=\"fields_text\" cols=\"35\" rows=\"8\"></textarea></p>
    		  <p><small>" . $lang['spam_protection_question'] . " *</small><br>
    		  <strong>" . $lang['sum_of'] . " " . $random1 . " + " . $code . " =</strong> <input size=\"5\" name=\"zip\" id=\"Spamschutz\" type=\"text\" class=\"fields\" /><input type=\"hidden\" name=\"zip2\" value=" . $rand_result . "></p>
    		  <p><input type=\"submit\" class=\"button\" value=\"" . $lang['do_entry'] . "\" name=\"" . $lang['do_entry'] . "\"></p>
    		  </form>";
		
			}else{
			
			if(sha1($_POST["zip"]) != $_POST["zip2"]) {
			
			echo '<p class="false">' . $lang['invalid_spam'] . '!</p>
			      <p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';
		
		}else{
		
		$errors = array();
		
		if(isset($_POST['name'])) {
		if(trim($_POST['name']) == "") {
		$errors[] = '<p>' . $lang['fill_in_name'] . '.</p>';
		}
		
			}else{
			$errors[] = '<p>' . $lang['fill_in_name'] . '.</p>';
			}
		
		if(isset($_POST['post'])) {
		if(trim($_POST['post']) == "") {
		$errors[] = '<p>' . $lang['enter_a_text'] . '.</p>';
		}
		
			}else{
			$errors[] = '<p>' . $lang['enter_a_text'] . '.</p>';
			}
		
		if(!empty($errors)) {
		
		echo '<p class="false"><u>' . $lang['not_filled_all'] . '</u></p>
		      <p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';
		echo '<ul>';
		
		foreach($errors as $key => $value) {
		echo '<li>' . $value . '</li>'; 
		}
		echo '</ul>';
		
			}else{
			
			include_once('functions/secure.php');
		    
    		$sql = "INSERT INTO
    					guestbook(gb_id2, name, email, url, post, date)
    				VALUES ('" . $id . "',
    					'" . mysql_real_escape_string($_POST["name"]) . "',
    					'" . mysql_real_escape_string($_POST["email"]) . "',
    					'" . mysql_real_escape_string($_POST["url"]) . "',
    					'" . mysql_real_escape_string($_POST["post"]) . "',
    					NOW()
    					)";
    		
    		$result = mysql_query($sql) OR die(mysql_error());
		
		if(!$result) {
		
		echo '<p class="false">' . $lang['couldnot_gb_entry'] . '</p>
		      [ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]';
		echo "<script type=\"text/javascript\">showErrorMessage();</script>";
		
			}else{
			
			$autoforward = 3;
			
			echo '<p class="right">' . $lang['success_gb_entry'] . '</p>
			      <p><meta http-equiv="refresh" content="' . $autoforward . '; URL=read_gb.php?user_id=' . $id . '">
			      <small>' . $lang['redirected_in'] . ' ' . $autoforward . ' ' . $lang['seconds'] . '...</small></p><br>
			      <p>' . $lang['if_not_redirected'] . ' - [ <a href="read_gb.php?user_id=' . $id . '">' . $lang['go_on'] . '</a> ]</p>';
			echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
		
        }}}}
		
		echo '<div class="spacer_div">&nbsp;</div>';

		?>
    </div>
</div>

<div id="infobox_wrapper">
    <div class="infobox">
        <?php include('layout/infobox.php'); ?>
    </div>
</div>

<?php require('layout/footer.php'); ?>
Return current item: WH Community