(Register Globals staan uit op de server van mijn hosting provider)
Het IP adres en de browser gegevens worden niet opgeslagen in de database en zou wel moeten, ik heb geen idee waar het probleem zit. Krijg ook geen foutmelding...
De rest van de gegevens worden wel in de database opgeslagen...
name (wel) (door de gebruiker ingevoerd)
email (wel) (door de gebruiker ingevoerd)
icq (wel) (door de gebruiker ingevoerd)
http (wel) (door de gebruiker ingevoerd)
message (wel) (door de gebruiker ingevoerd)
timestamp (wel) (via php automatisch)
ip (niet) (via php automatisch)
location (wel) (door de gebruiker ingevoerd)
browser (niet) (via php automatisch)
<?php
########################################
# Process
########################################
if ($action=="submit") { // Add an action
if (!$in && !$delid && !$delcommentid && !$commentid) {
header("Location: $PHP_SELF");
exit;
} elseif ($delid && $admin==$adminpass) {
mysql_db_query($database, "DELETE FROM guestbook WHERE id='$delid'") or died("mysql_error()");
header("Location: $PHP_SELF?offset=$offset&poffset=$poffset&admin=$admin");
exit;
} elseif ($delcommentid && $admin==$adminpass) {
mysql_db_query($database, "UPDATE guestbook SET comment='' where id='$delcommentid'") or died("mysql_error()");
header("Location: $PHP_SELF?offset=$offset&poffset=$poffset&admin=$admin");
exit;
} elseif ($commentid && $admin==$adminpass) {
if(isset($comment)){
$action=changed;
mysql_db_query($database, "UPDATE guestbook SET comment='".encode_msg($comment)."' where id='$commentid'") or died("mysql_error()");
} else {
$action="";
}
header("Location: $PHP_SELF?commentid=$commentid&action=$action&offset=$offset&poffset=$poffset&admin=$admin");
exit;
} else {
if (isbanned()) {
header("Location: $PHP_SELF");
exit;
}
$add_date=time();
$result=mysql_db_query($database, "SELECT * FROM guestbook WHERE ip='$REMOTE_ADDR' AND timestamp>($add_date-(60*$timelimit))") or died("mysql_error()");
$query=mysql_fetch_array($result);
if ($query) {
header("Location: $PHP_SELF");
exit;
}
$in = strip_array($in);
$in['message'] = encode_msg($in['message']); // Add SQL compatibilty & Smilie Convert
$in['http'] = str_replace("http://", "", $in['http']); // Remove http:// from URLs
if ($in['name'] == "") { died("<html><head><title>$guestbook_head</title>$languagemetatag</head><body><center>$name_empty</center></body></html>"); }
if ($in['icq'] != "" && ($in['icq'] < 1000 || $in['icq'] > 999999999)) { died("<html><head><title>$guestbook_head</title>$languagemetatag</head><body><center>$icq_wrong</center></body></html>"); }
if (!eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$in['email']) && $in['email'] != "") { died("<html><head><title>$guestbook_head</title>$languagemetatag</head><body><center>$non_valid_email</center></body></html>"); }
if (strlen($in['message']) < $limit["0"] || strlen($in['message']) > $limit["1"]) { died("<html><head><title>$guestbook_head</title>$languagemetatag</head><body><center>$message_incorrect $limit[0] $and $limit[1] $characters.</center></body></html>"); }
if ($in['email'] == "") { $in['email'] = "none"; }
if ($in['icq'] == "") { $in['icq'] = 0; }
if ($in['http'] == "") { $in['http'] = "none"; }
if ($in['location'] == "0") { $in['location'] = "none"; }
$in['browser'] = $HTTP_USER_AGENT;
mysql_db_query($database, "INSERT INTO guestbook (name, email, http, icq, message, timestamp, ip, location, browser)
VALUES('$in[name]', '$in[email]','$in[http]','$in[icq]','$in[message]','$add_date', '$REMOTE_ADDR','$in[location]','$in[browser]')")
or died("mysql_error()");
if ($gb_notify) {
@mail("$gb_notify","$gb_notifysubj","$notify_text $in[name]\n\n".censor_msg($in[message]),"From: $gb_notify");
}
if ($timelimit) {
setcookie("phpbookcookie","$guestbook_head", time()+(60*$timelimit),"/");
}
if ($admin) {$adminlink="?admin=$admin";}
header("Location: $PHP_SELF$adminlink");
exit;
}
} else { // Show the entries
?>
1.515 views
