Scripts
Gastenboek met AJAX
Gastenboek met AJAX. Je kunt schrijven, door de pagina's bladeren en lezen zonder de pagina te vernieuwen. De Smilies zijn van een script hier (ik weet niet meer precies welke, sorry). Het loading image kun je hier maken: http://www.ajaxload.info/ (opslaan als loading.gif) Hier is de code te downloaden. Hier zijn de smilies apart te downloaden. Je kunt nu maar 1 keer in 5 minuten schrijven in het gastenboek. SQL injection er uit gehaald wat dingetjes veranderd in database Domme fout er uit gehaald nu doet hij het wel SORRY! Er zit nu een fade effect op (LET OP: dit fade script heb ik niet zelf gemaakt het komt van: hier
gastenboek-met-ajax
[b]SQL:[/b]
[code]
CREATE TABLE `gastenboek` (
`id` int(11) NOT NULL auto_increment,
`ip` varchar(100) NOT NULL,
`naam` varchar(100) NOT NULL,
`email` varchar(100) NOT NULL,
`bericht` text NOT NULL,
`datum` datetime NOT NULL,
`website` varchar(200) NOT NULL,
`time` int(20) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM;
[/code]
[b]index.php[/b]
[code]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>MesBook</title>
<style type="text/css">
<!--
#book {
position:absolute;
top:5px;
left:5px;
padding:2px;
border:solid #000000 1px;
width:550px;
}
#form {
position:absolute;
top:5px;
right:5px;
border:solid #000000 1px;
width:350px;
padding:2px;
}
body, td, th {
color: #000000;
font-family: Verdana;
font-size:14px;
}
body {
background-color: #FFFFFF;
}
#gastenboek {
border: #000000 solid 1px;
width:520px;
overflow:hidden;
text-align:left;
font-family:Verdana;
font-size:14px;
}
#afzender {
float:left;
border-bottom:#000000 solid 1px;
border-right:#000000 solid 1px;
width:80px;
}
#info {
border-bottom:#000000 solid 1px;
width:100%;
margin:0px;
}
a:link {
color: #0000FF;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #0000FF;
}
a:hover {
text-decoration: underline;
color: #0000FF;
}
a:active {
text-decoration: none;
color: #0000FF;
}
-->
</style>
<!--[if gte IE 5.5]>
<style type="text/css">
#info {
border-bottom:#000000 solid 1px;
width:436px;
margin:0px;
}
</style>
<![endif]-->
<script language="javascript">
loader=new Image();
loader.src="loader.gif";
function opacity(id, opacStart, opacEnd, millisec) {
//speed for each frame
var speed = Math.round(millisec / 100);
var timer = 0;
//determine the direction for the blending, if start and end are the same nothing happens
if(opacStart > opacEnd) {
for(i = opacStart; i >= opacEnd; i--) {
setTimeout("changeOpac(" + i + ",'" + id + "')",(timer * speed));
timer++;
}
} else if(opacStart < opacEnd) {
for(i = opacStart; i <= opacEnd; i++)
{
setTimeout("changeOpac(" + i + ",'" + id + "')",(timer * speed));
timer++;
}
}
}
//change the opacity for different browsers
function changeOpac(opacity, id) {
var object = document.getElementById(id).style;
object.opacity = (opacity / 100);
object.MozOpacity = (opacity / 100);
object.KhtmlOpacity = (opacity / 100);
object.filter = "alpha(opacity=" + opacity + ")";
}
function addSmilie(code)
{
document.writeform.bericht.value+=code;
document.writeform.bericht.focus();
}
var xmlHttp1
function writebook()
{
xmlHttp1=GetXmlHttpObject()
if (xmlHttp1==null)
{
alert ("Your browser does not support AJAX!");
return;
}
var naam = document.writeform.naam.value;
var bericht = document.writeform.bericht.value;
var email = document.writeform.email.value;
var website = document.writeform.website.value;
var url1="schrijf.php?schrijf=ja&naam="+naam+"&bericht="+bericht+"&email="+email+"&website="+website;
xmlHttp1.onreadystatechange=stateChanged1;
xmlHttp1.open("GET",url1,true);
xmlHttp1.send(null);
}
function stateChanged1()
{
if (xmlHttp1.readyState==4)
{
document.getElementById("schrijfform").innerHTML=xmlHttp1.responseText;
book(0, "nee");
}
if (xmlHttp1.readyState==3)
{
document.getElementById("schrijfform").innerHTML="<img src='loader.gif' />";
}
if (xmlHttp1.readyState==2)
{
document.getElementById("schrijfform").innerHTML="<img src='loader.gif' />";
}
if (xmlHttp1.readyState==1)
{
document.getElementById("schrijfform").innerHTML="<img src='loader.gif' />";
}
if (xmlHttp1.readyState==0)
{
document.getElementById("schrijfform").innerHTML="<img src='loader.gif' />";
}
}
var xmlHttp
function book(start, begin)
{
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null)
{
alert ("Your browser does not support AJAX!");
return;
}
var url="book.php?start="+start;
if(begin == "ja") {
opacity('book', 100, 0, 500);
}
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);
}
function stateChanged()
{
opacity('book', 0, 100, 500);
if (xmlHttp.readyState==4)
{
document.getElementById("book").innerHTML=xmlHttp.responseText;
}
if (xmlHttp.readyState==3)
{
document.getElementById("book").innerHTML="<img src='loader.gif' />";
}
if (xmlHttp.readyState==2)
{
document.getElementById("book").innerHTML="<img src='loader.gif' />";
}
if (xmlHttp.readyState==1)
{
document.getElementById("book").innerHTML="<img src='loader.gif' />";
}
if (xmlHttp.readyState==0)
{
document.getElementById("book").innerHTML="<img src='loader.gif' />";
}
}
function GetXmlHttpObject()
{
var xmlHttp=null;
try
{
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
}
catch (e)
{
// Internet Explorer
try
{
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e)
{
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
</script>
</head>
<body>
<div align="center">
<div id="book">
</div>
<div id="form">
<div id="schrijfform">Schrijf in het gastenboek:<br />
<form action="schrijf.php" method="post" name="writeform" id="writeform">
Naam:
<input name="naam" type="text" id="naam">
<br>
E-mail:
<input name="email" type="text" id="email">
<br />
Website:
<input name="website" type="text" id="website" value="http://" />
<br>
Bericht:<br>
<textarea name="bericht" cols="35" rows="5" id="bericht"></textarea>
<br>
<input name="schrijf" type="button" id="schrijf" value="Schrijf" onclick="writebook();" />
</form>
<div id='smilies'><a href="#" onclick="addSmilie(':D');"><img src="images/smilies/biggrin.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':[');"><img src="images/smilies/blink.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('8)');"><img src="images/smilies/cool.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':?');"><img src="images/smilies/dry.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(';/');"><img src="images/smilies/happy.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('8[');"><img src="images/smilies/huh.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':@');"><img src="images/smilies/mad.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':o');"><img src="images/smilies/ohmy.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('[:-]');"><img src="images/smilies/ph34r.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('*-)');"><img src="images/smilies/rolleyes.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':(');"><img src="images/smilies/sad.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('[-)');"><img src="images/smilies/sleep.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':)');"><img src="images/smilies/smile.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':P');"><img src="images/smilies/tongue.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('8-)');"><img src="images/smilies/unsure.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(':S');"><img src="images/smilies/wacko.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(';)');"><img src="images/smilies/wink.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie('(l)');"><img src="images/smilies/wub.gif" width="22" height="29" border="0" /></a></div>
</div>
</div>
</div>
<script language="javascript">
book(0, "ja");
</script>
</body>
</html>
[/code]
[b]schrijf.php[/b]
[code]
<?php
error_reporting(E_ALL);
include "config.php";
$melding = "iets";
if($_GET['schrijf']) {
if(!$_GET['naam']) {
$melding = 'Je moet wel een naam invullen.<br /><form action="schrijf.php" method="post" name="writeform" id="writeform">
Naam:
<input name="naam" type="text" id="naam" value="'.$_GET['naam'].'">
<br>
E-mail:
<input name="email" type="text" id="email" value="'.$_GET['email'].'">
<br />
Website:
<input name="website" type="text" id="website" value="'.$_GET['website'].'" />
<br>
Bericht:<br>
<textarea name="bericht" cols="35" rows="5" id="bericht">'.$_GET['bericht'].'</textarea>
<br>
<input name="schrijf" type="button" id="schrijf" value="Schrijf" onclick="writebook();" />
</form><div id=\'smilies\'><a href="#" onclick="addSmilie(\':D\');"><img src="images/smilies/biggrin.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':[\');"><img src="images/smilies/blink.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'8)\');"><img src="images/smilies/cool.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':?\');"><img src="images/smilies/dry.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\';/\');"><img src="images/smilies/happy.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'8[\');"><img src="images/smilies/huh.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':@\');"><img src="images/smilies/mad.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':o\');"><img src="images/smilies/ohmy.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'[:-]\');"><img src="images/smilies/ph34r.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'*-)\');"><img src="images/smilies/rolleyes.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':(\');"><img src="images/smilies/sad.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'[-)\');"><img src="images/smilies/sleep.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':)\');"><img src="images/smilies/smile.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':P\');"><img src="images/smilies/tongue.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'8-)\');"><img src="images/smilies/unsure.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':S\');"><img src="images/smilies/wacko.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\';)\');"><img src="images/smilies/wink.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'(l)\');"><img src="images/smilies/wub.gif" width="22" height="29" border="0" /></a></div>';
}else{
if(!$_GET['bericht']) {
$melding = 'Je moet wel een bericht invullen.<br /><form action="schrijf.php" method="post" name="writeform" id="writeform">
Naam:
<input name="naam" type="text" id="naam" value="'.$_GET['naam'].'">
<br>
E-mail:
<input name="email" type="text" id="email" value="'.$_GET['email'].'">
<br />
Website:
<input name="website" type="text" id="website" value="'.$_GET['website'].'" />
<br>
Bericht:<br>
<textarea name="bericht" cols="35" rows="5" id="bericht">'.$_GET['bericht'].'</textarea>
<br>
<input name="schrijf" type="button" id="schrijf" value="Schrijf" onclick="writebook();" />
</form><div id=\'smilies\'><a href="#" onclick="addSmilie(\':D\');"><img src="images/smilies/biggrin.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':[\');"><img src="images/smilies/blink.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'8)\');"><img src="images/smilies/cool.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':?\');"><img src="images/smilies/dry.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\';/\');"><img src="images/smilies/happy.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'8[\');"><img src="images/smilies/huh.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':@\');"><img src="images/smilies/mad.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':o\');"><img src="images/smilies/ohmy.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'[:-]\');"><img src="images/smilies/ph34r.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'*-)\');"><img src="images/smilies/rolleyes.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':(\');"><img src="images/smilies/sad.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'[-)\');"><img src="images/smilies/sleep.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':)\');"><img src="images/smilies/smile.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':P\');"><img src="images/smilies/tongue.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'8-)\');"><img src="images/smilies/unsure.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\':S\');"><img src="images/smilies/wacko.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\';)\');"><img src="images/smilies/wink.gif" width="20" height="20" border="0" /></a><a href="#" onclick="addSmilie(\'(l)\');"><img src="images/smilies/wub.gif" width="22" height="29" border="0" /></a></div>';
}else{
$query = mysql_query("SELECT * FROM gastenboek WHERE ip='".$_SERVER['REMOTE_ADDR']."' ORDER BY id DESC LIMIT 0 , 1") or die (mysql_error());
$check = mysql_num_rows($query);
if($check!="0") {
while ($obj = mysql_fetch_object($query)) {
$time = $obj->time;
if($time+300>time()){
$melding = "Je mag maar 1 keer in 5 minuten schrijven in het gastenboek.";
}else{
mysql_query("INSERT INTO gastenboek (ip, naam, email, bericht, datum, website, time)
VALUES ('".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_GET['naam'])."', '".mysql_real_escape_string($_GET['email'])."', '".mysql_real_escape_string($_GET['bericht'])."', NOW(), '".$_GET['website']."', ".time().")") or die(mysql_error());
$melding = "Je hebt in het gastenboek geschreven.";
}
}
}else{
mysql_query("INSERT INTO gastenboek (ip, naam, email, bericht, datum, website, time)
VALUES ('".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_GET['naam'])."', '".mysql_real_escape_string($_GET['email'])."', '".mysql_real_escape_string($_GET['bericht'])."', NOW(), '".$_GET['website']."', ".time().")") or die(mysql_error());
$melding = "Je hebt in het gastenboek geschreven.";
}
}
}
}else{
$melding = "Er is iets fout gegaan.";
}
echo $melding;
?>
[/code]
[b]book.php[/b]
[code]
<?php
include "config.php";
if(!$_GET['start']) {
$start = 0;
}else{
$start = $_GET['start'];
}
$query_aantal = mysql_query("SELECT * FROM gastenboek") or die (mysql_error());
$aantal = mysql_num_rows($query_aantal);
$query = mysql_query("SELECT * FROM gastenboek ORDER BY id DESC LIMIT ".$start." , 10") or die (mysql_error());
while ($obj = mysql_fetch_object($query)) {
$naam = stripslashes(htmlspecialchars($obj->naam));
$email = stripslashes(htmlspecialchars($obj->email));
$datum = htmlspecialchars($obj->datum);
$bericht = parseubb(stripslashes(nl2br(htmlspecialchars($obj->bericht))));
$website = htmlspecialchars($obj->website);
echo "<div id='gastenboek' align='right'>
<div id='afzender' align='left'>Afzender:</div>
<div id='info' align='left'> ";
if($email){
echo "<a href='mailto:".$email."'>".$naam."</a> - ".$datum."</div>";
}else{
echo $naam." - ".$datum."</div>";
}
if($website != "http://") {
if($website) {
echo "<div id='afzender' align='left'>Website:</div>
<div id='info' align='left'><a href='".$website."' target='_blank'>".$website."</a></div>";
}
}
echo $bericht."</div><br />";
}
if($aantal==0){
echo "Er zijn nog geen berichten.";
}else{
for($i=0; $i<=$aantal+10;) {
if($i!=0) {
$ii = $i-10;
if($i>$aantal) {
if($ii!=$aantal) {
echo "<a href='#' onclick='book(".$ii.", \"nee\")'>".$ii."-".$aantal."</a> ";
}
}else{
echo "<a href='#' onclick='book(".$ii.", \"nee\")'>".$ii."-".$i."</a> ";
}
}
$i=$i+10;
}
}
?>
[/code]
[b]config.php[/b]
[code]
<?php
//Instellingen van de MySQL en database
$dbhost = 'localhost'; //Naam van je server
$dbname = 'mesbook'; //Naam van je database
$dbuser = 'root'; //Naam van de gebruiker
$dbpassword = ''; //Wachtwoord gebruiker
//Verbinding maken met de database
$db = mysql_connect("$dbhost", "$dbuser", "$dbpassword")
or die ("Verbinding mislukt");
mysql_select_db("$dbname", $db);
function parseubb($bericht){
$bericht = str_replace(":)"," <img src=\"images/smilies/smile.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("8["," <img src=\"images/smilies/huh.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":o"," <img src=\"images/smilies/ohmy.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(";)"," <img src=\"images/smilies/wink.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":P"," <img src=\"images/smilies/tongue.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":p"," <img src=\"images/smilies/tongue.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":D"," <img src=\"images/smilies/biggrin.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("8)"," <img src=\"images/smilies/cool.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("*-)"," <img src=\"images/smilies/rolleyes.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":?"," <img src=\"images/smilies/dry.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":@"," <img src=\"images/smilies/mad.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":("," <img src=\"images/smilies/sad.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("8-)"," <img src=\"images/smilies/unsure.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":["," <img src=\"images/smilies/blink.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("[:-]"," <img src=\"images/smilies/ph34r.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(";/"," <img src=\"images/smilies/happy.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("[-)"," <img src=\"images/smilies/sleep.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace("(l)"," <img src=\"images/smilies/wub.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":s"," <img src=\"images/smilies/wacko.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace(":S"," <img src=\"images/smilies/wacko.gif\" alt=\"Smilie\" />",$bericht);
$bericht = str_replace ("kut","****",$bericht);
$bericht = str_replace ("fuck","****",$bericht);
$bericht = str_replace ("fucking","****",$bericht);
$bericht = str_replace ("facking","****",$bericht);
$bericht = str_replace ("focking","****",$bericht);
$bericht = str_replace ("fack","****",$bericht);
$bericht = str_replace ("fock","****",$bericht);
$bericht = str_replace ("hoer","****",$bericht);
$bericht = str_replace ("porno","****",$bericht);
$bericht = str_replace ("lul","****",$bericht);
$bericht = str_replace ("neuken","****",$bericht);
$bericht = str_replace ("verneuk","****",$bericht);
$bericht = str_replace ("slet","****",$bericht);
$bericht = str_replace ("teef","****",$bericht);
$bericht = str_replace ("kanker","****",$bericht);
$bericht = str_replace ("tering","****",$bericht);
return $bericht;
}
?>
[/code]
Reacties
0