shoutbox
index.php
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<?php session_start();
include('functions.php');
echo '<H1>Shoutbox</H1>';
if($_SERVER['REQUEST_METHOD'] == "POST")
{
postmsg($_POST['naam'], $_POST['bericht']);
}
else
{
formulier();
berichten();
}
?>
include('functions.php');
echo '<H1>Shoutbox</H1>';
if($_SERVER['REQUEST_METHOD'] == "POST")
{
postmsg($_POST['naam'], $_POST['bericht']);
}
else
{
formulier();
berichten();
}
?>
functions.php
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
// database configuratie
$dbname = ""; // database naam
$user = ""; // gebruikersnaam van mysql
$pass = ""; // wachtwoord van mysql
$host = ""; // host naar mysql
if (!mysql_select_db($dbname, mysql_connect($host, $user, $pass)))
{
echo 'De databaseconnectie is mislukt.';
exit();
}
function formulier()
{
echo '
<FORM METHOD="post" ACTION="'.$_SERVER['PHP_SELF'].'">
<INPUT TYPE="text" NAME="naam" MAXLENGTH="15" VALUE="Naam"><BR>
<INPUT TYPE="text" NAME="bericht" MAXLENGTH="75" VALUE="Bericht"><BR>
<INPUT TYPE="submit" VALUE="Plaatsen">
</FORM>
';
}
function berichten()
{
echo '<BR>';
$sql = "SELECT naam, bericht FROM shout ORDER BY id DESC LIMIT 0,10";
$res = mysql_query($sql);
while ($row = mysql_fetch_array($res))
{
echo '<B>'.$row['naam'].'</B>: '.$row['bericht'].'<BR>';
}
}
function postmsg($naam, $ber)
{
if(antiflood() == true)
{
echo 'Je kunt maar één bericht per minuut plaatsen!<BR><BR>';
berichten();
exit();
}
$naam = mysql_real_escape_string($naam);
$ber = mysql_real_escape_string($ber);
if(empty($naam) || empty($ber))
{
echo 'Alle velden moeten worden ingevuld.<BR><BR>';
formulier();
exit();
}
$sql = "INSERT INTO shout (naam, bericht) VALUES ('".strip_tags($naam)."', '".strip_tags($ber)."')";
$res = mysql_query($sql);
echo '<FONT SIZE="2">Je bericht is toegevoegd.</FONT>';
formulier();
echo '<BR>';
berichten();
}
Function antiflood(){
$maxaant = 1; // Maximale aantal bezoeken in 1 minuut
if(!isset($_SESSION['flood']))
{
$_SESSION['flood']['Time']=time();
$_SESSION['flood']['Views']=1;
return false;
}
else
{
if((time()-$_SESSION['flood']['Time']) >= 60)
{
unset($_SESSION['flood']);
$_SESSION['flood']['Time']=time();
$_SESSION['flood']['Views']=1;
return false;
}
else
{
$_SESSION['flood']['Views']++;
if($_SESSION['flood']['Views']>$maxaant)
{
return true;
}
}
if(isset($_SESSION['flood']['Views']))
{
$aantnog = $maxaant - $_SESSION['flood']['Views'];
return false;
}
}
}
?>
// database configuratie
$dbname = ""; // database naam
$user = ""; // gebruikersnaam van mysql
$pass = ""; // wachtwoord van mysql
$host = ""; // host naar mysql
if (!mysql_select_db($dbname, mysql_connect($host, $user, $pass)))
{
echo 'De databaseconnectie is mislukt.';
exit();
}
function formulier()
{
echo '
<FORM METHOD="post" ACTION="'.$_SERVER['PHP_SELF'].'">
<INPUT TYPE="text" NAME="naam" MAXLENGTH="15" VALUE="Naam"><BR>
<INPUT TYPE="text" NAME="bericht" MAXLENGTH="75" VALUE="Bericht"><BR>
<INPUT TYPE="submit" VALUE="Plaatsen">
</FORM>
';
}
function berichten()
{
echo '<BR>';
$sql = "SELECT naam, bericht FROM shout ORDER BY id DESC LIMIT 0,10";
$res = mysql_query($sql);
while ($row = mysql_fetch_array($res))
{
echo '<B>'.$row['naam'].'</B>: '.$row['bericht'].'<BR>';
}
}
function postmsg($naam, $ber)
{
if(antiflood() == true)
{
echo 'Je kunt maar één bericht per minuut plaatsen!<BR><BR>';
berichten();
exit();
}
$naam = mysql_real_escape_string($naam);
$ber = mysql_real_escape_string($ber);
if(empty($naam) || empty($ber))
{
echo 'Alle velden moeten worden ingevuld.<BR><BR>';
formulier();
exit();
}
$sql = "INSERT INTO shout (naam, bericht) VALUES ('".strip_tags($naam)."', '".strip_tags($ber)."')";
$res = mysql_query($sql);
echo '<FONT SIZE="2">Je bericht is toegevoegd.</FONT>';
formulier();
echo '<BR>';
berichten();
}
Function antiflood(){
$maxaant = 1; // Maximale aantal bezoeken in 1 minuut
if(!isset($_SESSION['flood']))
{
$_SESSION['flood']['Time']=time();
$_SESSION['flood']['Views']=1;
return false;
}
else
{
if((time()-$_SESSION['flood']['Time']) >= 60)
{
unset($_SESSION['flood']);
$_SESSION['flood']['Time']=time();
$_SESSION['flood']['Views']=1;
return false;
}
else
{
$_SESSION['flood']['Views']++;
if($_SESSION['flood']['Views']>$maxaant)
{
return true;
}
}
if(isset($_SESSION['flood']['Views']))
{
$aantnog = $maxaant - $_SESSION['flood']['Views'];
return false;
}
}
}
?>