Location: PHPKode > scripts > GigKalender > guestbook/guestbook_edit.php
<?php
/*
    CREATIVE COMMONS - Attribution-No Derivative Works 3.0 Germany:
    - You may not alter, transform, or build upon this work.
    - Dieses Werk darf nicht bearbeitet oder in anderer Weise verändert werden.
*/
  header("content-type: text/html; charset=utf-8");
  echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
          <html xmlns="http://www.w3.org/1999/xhtml">
            <head>
              <meta http-equiv="content-type"	content="text/html;charset=utf-8" />
              <link rel="stylesheet" type="text/css" media="screen, print" href="../styles/gigkalender.css" />
              <title></title>
            </head>
            <body>';
  // Pfad definieren
    $Path = str_replace('\\','/', __FILE__);
    $Path = str_replace('guestbook/guestbook_edit.php', '', $Path);
  // Funktionen inkludieren
    include_once ($Path."gigkalender.ini.php");
    include_once ($Path."functions/standard.php");
    include_once ("functions.php");
    include_once($Path."includes/frontend_language_selector.php");
  if (isset($_REQUEST['http-equiv'])) $http_equiv = $_REQUEST['http-equiv'];
      else $http_equiv = '';
  // Inhalt-Anfang    
    // Variablen definieren  
      if (isset($_POST['gb_name'])) {$gb_name = $_POST['gb_name'];} else {$gb_name = '';}
      if (isset($_POST['gb_ort'])) {$gb_ort = $_POST['gb_ort'];} else {$gb_ort = '';}
      if (isset($_POST['gb_email'])) {$gb_email = $_POST['gb_email'];} else {$gb_email = '';}
      if (isset($_POST['gb_url'])) {$URL = $_POST['gb_url'];} else {$URL = '';}
      if (isset($_POST['gb_icq'])) {$gb_icq = $_POST['gb_icq'];} else {$gb_icq = '';}
      if (isset($_POST['gb_text'])) {$gb_text = $_POST['gb_text'];} else {$gb_text = '';}
      if (isset($_POST['gb_kommentar'])) {$gb_kommentar = $_POST['gb_kommentar'];} else {$gb_kommentar = '';}
      if (isset($_POST['senden'])) {$senden = $_POST['senden'];} else {$senden = '';}  
      $gb_ip = $_SERVER['REMOTE_ADDR'];
      $Code = $_REQUEST['code'];
  echo '<div id="GigKalender"><div class="Guestbook">';
  if ( $_REQUEST['code']!="" )
  {
    if ( isGuestbookEntryPresent( $_REQUEST['code']) )
    {
      if
      (
            ($senden!="")
        && ($gb_name!="")
        && ($gb_text!="")
        &&
        (
          ( ($gb_email!="") && checkEmail ($gb_email) )
          OR
          ( ($gb_email=="") )
        )
        &&
        (
          ( ($URL!="") && checkURL ($URL) )
          OR
          ( ($URL=="http://") )
          OR
          ( ($URL=="") )
        )
        &&
          (
            ( ($gb_icq!="") && checkICQNumber ($gb_icq) )
            OR
            ( ($gb_icq=="") )
          )
        && (!messageIsSpam ($gb_text, $gb_ip, $URL, ''))
      )
    	{
        if ( $URL=="http://" ) { $URL=""; }
        $gb_kommentar = strip_tags($gb_kommentar);
        $sql = "UPDATE ".$prefix."guestbook SET
          Name = '".$gb_name."',
          Email = '".$gb_email."',
          URL = '".$URL."',
          ICQ = '".$gb_icq."',
          Nachricht = '".$gb_text."',
          Kommentar = '".$gb_kommentar."',
          Ort = '".$gb_ort."'
          WHERE Code = '".$Code."'
          LIMIT 1";
        $resultat = mysql_query($sql);
        if ($resultat) { echo $L_165.'<br />'; }
        else { echo $L_166.'<br />'; }
        // URL bestimmen
          if ( $SetupGuestbookURL=='' ) $URL = $http_equiv;
            else $URL = $SetupGuestbookURL;
          $URL = str_replace("&","&amp;",$URL);
        echo '<br /><br /><br /><a href="'.$URL.'">'.$L_155.'</a>';
    	}
      else
      {
        if ( $senden=="" ) // nicht gesendet
        {
          // Datensatz-Ausgabe festlegen
            $Code = $_REQUEST['code'];
      		  $sql = "SELECT * FROM ".$prefix."guestbook WHERE Code = '$Code'";
      	    $resultat = mysql_query($sql);
            while ( $row = mysql_fetch_array($resultat))
    		    {
      		    extract($row);
              $Name = $Name;
              $Ort = $Ort;
              $Email = $Email;
              $URL = $URL;
              $ICQ = $ICQ;
              $Nachricht = $Nachricht;
              $Kommentar = $Kommentar;
            }
            if ( $ICQ=='0' ) { $ICQ=''; }
        }
        else // gesendet
        {
          $Name = stripslashes($_POST['gb_name']);
          $Ort = stripslashes($_POST['gb_ort']);
          $Email = $_POST['gb_email'];
          $URL = $_POST['gb_url'];
          $ICQ = $_POST['gb_icq'];
          $Nachricht = stripslashes($_POST['gb_text']);
          $Kommentar = stripslashes($_POST['gb_kommentar']);
        }
        echo '<div id="GuestbookEntryForm">
                <form method="post" action="'.$_SERVER['PHP_SELF'].'?page=edit&amp;code='.$_REQUEST['code'].'">
      		        <table summary="Formular">';
        // Name
          if (isset($_POST['senden']) && ($_POST['gb_name']==""))
          { echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_121.'</td></tr>'; }
          $Name = htmlspecialchars($Name);
          echo '<tr>
          		    <td align="right" valign="top">'.$L_114.':</td>
          		    <td><input type="text" name="gb_name" value="'.$Name.'" /></td>
          		    <td valign="top">*</td>
        		    </tr>';
        // Ort
          $Ort = htmlspecialchars($Ort);
          echo '<tr>
          		    <td align="right" valign="top">'.$L_GuestbookLocation.':</td>
          		    <td><input type="text" name="gb_ort" value="'.$Ort.'" /></td>
          		    <td valign="top">&nbsp;</td>
        		    </tr>';
        // Email
          if (isset($_POST['senden']) && $_POST['gb_email']!="" && !checkEmail ($_POST['gb_email']))
          { echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_122.'</td></tr>'; }
          echo '<tr>
          		    <td align="right" valign="top">'.$L_115.':</td>
          		    <td><input type="text" name="gb_email" value="'.$Email.'" /></td>
          		    <td valign="top">&nbsp;</td>
        		    </tr>';
        // URL
          if ( $URL=="" ) { $URL = "http://"; }
          if ( !stristr($URL, "http://" ) ) { $URL = "http://".$URL; }
          if (isset($_POST['senden']) && $_POST['gb_url']!="" && !checkURL ($URL))
          { echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_123.'</td></tr>'; }
          echo '<tr>
          		    <td align="right" valign="top">'.$L_116.':</td>
          		    <td><input type="text" name="gb_url" value="'.$URL.'" /></td>
          		    <td valign="top">&nbsp;</td>
        		    </tr>';
        // ICQ
          // ICQ-Nummer überprüfen
            if ($senden!="" && $_POST['gb_icq']!="" && !checkICQNumber($gb_icq) )
            { echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_164.'</td><td></td></tr>'; }
          echo '<tr>
          		    <td align="right" valign="top">'.$L_118.':</td>
          		    <td><input type="text" name="gb_icq" value="'.$ICQ.'" /></td>
          		    <td valign="top">&nbsp;</td>
        		    </tr>';
        // Nachricht
          // Spamtest
            if ($senden!='' && ((messageIsSpam ($gb_text, $gb_ip, $URL, '')=='word')))
            { echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_124.'</td><td></td></tr>'; }
          if (isset($_POST['senden']) && ($_POST['gb_text']==""))
          { echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_125.'</td></tr>'; }
          $Nachricht = htmlspecialchars($Nachricht);
          echo '<tr>
          		    <td align="right" valign="top">'.$L_026.':</td>
          		    <td><textarea name="gb_text" rows="6" cols="">'.$Nachricht.'</textarea></td>
          		    <td valign="top">*</td>
        		    </tr>';
        // Kommentar
          $Kommentar = htmlspecialchars($Kommentar);
          echo '<tr>
          		    <td align="right" valign="top">'.$L_138.':</td>
          		    <td><textarea name="gb_kommentar" rows="6" cols="">'.$Kommentar.'</textarea></td>
          		    <td valign="top">&nbsp;</td>
        		    </tr>';
        // Button
        $SCRIPT_URI = str_replace("&","&amp;",$_SERVER['HTTP_REFERER']);
        echo '<tr>
          		  <td>&nbsp;</td>
          		  <td>
                  <input type="submit" value="'.$L_Button01.'" name="senden" class="button" />
                  <input type="hidden" name="http-equiv" value="'.$SCRIPT_URI.'" />
                </td>
          		  <td>&nbsp;</td>
        		  </tr>
      		  </table>
          </form>
        </div>';
      }

    }
    else echo '<span class="ERROR">'.$L_217.' (Code: '.$_REQUEST['code'].')</span><br />';
  }
  else { echo '<span class="ERROR">'.$L_133.'</span>'; }
  echo '</div></div>';
  echo '</body>
      </html>';
?>
Return current item: GigKalender