PHPhulp.nl
35k+ leden Over PHPhulp Offerte opdracht Contact
Scripts

Gastenboek

Door Bas -21-03-2009 00:00 -9.837 views

gastenboek met admin, ubb en scheldwoorden filter

Download alle bestanden als ZIP
gastenboek
[code]
<?
ini_set('display_errors', 1);
error_reporting(E_ALL);
//connect
$db_user = "";
$db_pass = "";
$db_host = "localhost";
$db_db = "";
mysql_connect($db_host,$db_user,$db_pass);
mysql_select_db($db_db);
$pas = "admin";
$nam = "admin";
//scheldwoordenfilter
function filter($tekst) 
{ 
    $woorden = array ("kut", "lul", "kanker", "trut", "debiel", "mongool", "fuck", "bitch", "pussy", "eikel", "tering", "hoer", "klootzak", "tiefuslijer", "homo", "flikker"); 
    $aantal = count($woorden); 
    for ($var = 0; $var < $aantal; $var++ ) 
    { 
        $tekst = eregi_replace($woorden[$var], '*:)*', $tekst); 
    } 
    return $tekst; 

} 
//ubb
function ubb($tekst){
    $tekst = str_replace('[b]', '<b>', $tekst);
    $tekst = str_replace('[/b]', '</b>', $tekst);
    $tekst = str_replace('[i]', '<i>', $tekst);
    $tekst = str_replace('[/i]', '</i>', $tekst);
    $tekst = str_replace('[u]', '<u>', $tekst);
    $tekst = str_replace('[/u]', '</u>', $tekst);
    $tekst = str_replace('[s]', '<s>', $tekst);
    $tekst = str_replace('[/s]', '</s>', $tekst);
    $tekst = str_replace("[left]", "<div align=left>", $tekst);
    $tekst = str_replace("[/left]", "</div>", $tekst);
    $tekst = str_replace("[center]", "<div align=\"center\">", $tekst);
    $tekst = str_replace("[/center]", "</div>", $tekst);
    $tekst = str_replace("[right]", "<div align=\"right\">", $tekst);
    $tekst = str_replace("[/right]", "</div>", $tekst);
    $tekst = preg_replace("#\[color=(\#[0-9A-F]{6}|[a-z\-]+)\](.*?)\[/color\]#si", "<font color=\"\\1\">\\2</font>", $tekst);
    $tekst = preg_replace("/\[img\](.*?)\[\/img\]/si", "<img src=\"\\1\" border=\"0\">", $tekst);
    $tekst = preg_replace("/\[url\](.*?)\[\/url\]/si", "<a href=\"\\1\" target=_blank>\\1</a>",$tekst);
    $tekst = eregi_replace("\\[url=([^\\[]*)\\]([^\\[]*)\\[/url\\]","<a href=\"\\1\" target=_blank>\\2</a>",$tekst);
    return $tekst;
}
session_start();
//bericht toevoegen
if(isset($_GET['toe'])){
if(isset($_POST['submit'])){
if(!empty($_POST['naam']) && !empty($_POST['mail']) && !empty($_POST['text'])){
$naam = mysql_real_escape_string(htmlentities(stripslashes ($_POST['naam'])));
$mail = mysql_real_escape_string(htmlentities(stripslashes ($_POST['mail'])));
$text = mysql_real_escape_string(nl2br(htmlentities(stripslashes ($_POST['text']))));
$ip = $_SERVER['REMOTE_ADDR'];
$datum = date('Y-m-d H:i');
$sql5 = "SELECT * FROM gb WHERE ip = '".$ip."'  ORDER BY datum  DESC limit 0,1";
$query = mysql_query($sql5);
$dat = mysql_fetch_assoc($query);
    if(($dat['datum']) == $datum){
    echo "even wachten <a href='index.php'>index</a>";
    }else{
$sql = "INSERT INTO gb(naam,mail,bericht,ip,datum) VALUES ('".$naam."', '".$mail."', '".$text."', '".$ip."', '".$datum."')";
mysql_query($sql);
Header('Location: index.php');
}}else{
echo 'Je hebt niet alles ingevult <a href="'.$_SERVER['PHP_SELF'].'?toe=do">Terug</a>';
}}else{
?>
<center>
<form method="post" action="<?= $_SERVER['PHP_SELF'] ?>?toe=do">
<table width="400px">
    <tr>
        <td>Naam:</td>
        <td><input type="text" name="naam"></td>
    </tr>
    <tr>
        <td>E-mail:</td>
        <td><input type="text" name="mail"></td>
    </tr>
    <tr>
        <td colspan="2">Bericht:</td>
    </tr>
    <tr>
        <td colspan="2"><textarea rows="12" cols="45" name="text"></textarea></td>
    </tr>
    <tr>
        <td colspan="2"><input type="submit" name="submit" value="Plaats"></td>
    </tr>
</table>
</form>
</center>
<?
}
}
//inloggen
elseif(isset($_GET['log'])){
if(isset($_POST['submit'])){
if(mysql_real_escape_string($_POST['naam']) == $nam && mysql_real_escape_string($_POST['pass']) == $pas){
$_SESSION['logged'] = 1;
echo '<a href="index.php">Index</a>';
}else{
echo 'Het door jou ingevoerde wachtwoord of gebruikersnaam is verkeerd <a href="'.$_SERVER['PHP_SELF'].'?log=do">Terug</a>';
}}else{
?>
<center>
<form method="post" action="<?= $_SERVER['PHP_SELF'] ?>?log=do">
<table width="400px">
    <tr>
        <td>Gebruikersnaam:</td>
        <td><input type="text" name="naam"></td>
    </tr>
    <tr>
        <td>Wachtwoord:</td>
        <td><input type="password" name="pass"></td>
    </tr>
    <tr>
        <td><input type="submit" name="submit" value="Log in"><td>&nbsp;</td>
    </tr>
</table>
</form>
</center>
<?
}
}
//bericht verwijderen
elseif(isset($_GET['del'])){
if(is_numeric($_GET['del'])){
if(isset($_SESSION['logged'])){
if($_SESSION['logged'] == 1){
$ip = $_SERVER['REMOTE_ADDR'];
$sql= "UPDATE gb SET del = 'ja', delby = '".$ip."' WHERE id =".$_GET['del']." LIMIT 1 ;";
mysql_query($sql);
header('Location: index.php');
}else{header('Location: index.php?log=do');}
}else{header('Location: index.php?log=do');}
}else{header('Location: index.php');}}
//uitloggen
elseif(isset($_GET['ulog'])){
session_unset();
session_destroy(); 
header('Location: index.php');
}
//overzicht
else{
?>
<html>
<head>
<style type="text/css">
.msgtitle {
    background-color: #33CCFF;
    color: #000000;
    border-bottom: 1px solid #000000;
    border-top: 1px solid #000000;
    border-left: 1px solid #000000;
    width:200px;
}
.msgtitle2{
    background-color: #33CCFF;
    color: #000000;
    border-bottom: 1px solid #000000;
    border-top: 1px solid #000000;
    border-right: 1px solid #000000;
    width:200px;
}
.msgtitle3{
    background-color: #0000FF;
    color: #FFFFFF;
    border-bottom: 1px solid #000000;
    border-left: 1px solid #000000;
    border-right: 1px solid #000000;
    width:400px;
}
.msgtitle4{
    background-color: #33CCFF;
    color: #FFFFFF;
    border-bottom: 1px solid #000000;
    border-left: 1px solid #000000;
    border-right: 1px solid #000000;
    width:400px;
}
</style>
</head>
<body>
<center>
<table width="400px" cellpadding="0"  cellspacing="0">
 <tr>
  <td><a href="<?= $_SERVER['PHP_SELF'] ?>?toe=do">Bericht plaatsen</a></td>
<? 
if(isset($_SESSION['logged'])){
if($_SESSION['logged'] == 1){ echo '<td align="right"><a href="'.$_SERVER['PHP_SELF'].'?ulog=do">Uitloggen</a></td>';}
else{echo'<td align="right"><a href="'.$_SERVER['PHP_SELF'].'?log=do">Admin</a></td>';}}
else{echo'<td align="right"><a href="'.$_SERVER['PHP_SELF'].'?log=do">Admin</a></td>';}
echo' </tr>
</table>';
$sql = "SELECT * FROM gb WHERE del = 'nee' ORDER BY datum DESC"; 
$res = mysql_query($sql); 
if (mysql_num_rows($res) >= 1) 
{ 
 while ($row = mysql_fetch_array($res)) 
 { 
$txt = $row['bericht'];
$txt = filter($txt);
$txt = ubb($txt);
   echo'<table width="400px" cellpadding="0"  cellspacing="0">
 <tr width="400px">
  <td class="msgtitle" width="200px">naam: '.$row['naam'].'('.$row['ip'].')</td>
  <td class="msgtitle2" width="200px">datum: '.$row['datum'].'</td>
 </tr>
 <tr width="400px">
  <td class="msgtitle3" colspan="2" width="400px">bericht:<br/>'.$txt .'</td>
 </tr>';
if(isset($_SESSION['logged'])){
if($_SESSION['logged'] == 1){
echo'
  <tr width="400px">
  <td class="msgtitle4" colspan="2" width="400px"><a href="'.$_SERVER['PHP_SELF'].'?del='.$row['id'].'">del</a></td>
 </tr>';
}else{echo '';}
}else{echo '';}
echo'
</table>
<br/>';
}}else{
echo 'geen berichten';
}
echo'</center>
</body>
</html>';
}
?>[/code]

en de tabel
[code]
CREATE TABLE `gb` (
  `id` int(11) NOT NULL auto_increment,
  `del` varchar(255) NOT NULL default 'nee',
  `delby` varchar(255) NOT NULL default '',
  `naam` varchar(255) NOT NULL default '',
  `ip` varchar(255) NOT NULL default '',
  `bericht` longtext NOT NULL,
  `datum` varchar(255) NOT NULL default '0000-00-00 00:00',
  `mail` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;
[/code]

Reacties

0
Nog geen reacties.