[b]index.php[/b]

<?php session_start();

include('functions.php');

echo '<H1>Shoutbox</H1>';

if($_SERVER['REQUEST_METHOD'] == "POST")
	{
		postmsg($_POST['naam'], $_POST['bericht']);
	}
else
	{
		formulier();
		berichten();
	}

?>


[b]functions.php[/b]

<?php

// database configuratie
$dbname = ""; // database naam
$user = ""; // gebruikersnaam van mysql
$pass = ""; // wachtwoord van mysql
$host = ""; // host naar mysql

if (!mysql_select_db($dbname, mysql_connect($host, $user, $pass)))
    {
        echo 'De databaseconnectie is mislukt.';
        exit();
    }

function formulier()
    {
echo '
<FORM METHOD="post" ACTION="'.$_SERVER['PHP_SELF'].'">
<INPUT TYPE="text" NAME="naam" MAXLENGTH="15" VALUE="Naam"><BR>
<INPUT TYPE="text" NAME="bericht" MAXLENGTH="75" VALUE="Bericht"><BR>
<INPUT TYPE="submit" VALUE="Plaatsen">
</FORM>
';
    }

function berichten()
    {
        echo '<BR>';
        $sql = "SELECT naam, bericht FROM shout ORDER BY id DESC LIMIT 0,10";
        $res = mysql_query($sql);
        while ($row = mysql_fetch_array($res))
          {
                echo '<B>'.$row['naam'].'</B>: '.$row['bericht'].'<BR>';
            }
    }

function postmsg($naam, $ber)
    {
        if(antiflood() == true)
          {
		echo 'Je kunt maar één bericht per minuut plaatsen!<BR><BR>';
                berichten();
		exit();
	   }
        $naam = mysql_real_escape_string($naam);
        $ber = mysql_real_escape_string($ber);

        if(empty($naam) || empty($ber))
            {
                echo 'Alle velden moeten worden ingevuld.<BR><BR>';
                formulier();
                exit();
            }

        $sql = "INSERT INTO shout (naam, bericht) VALUES ('".strip_tags($naam)."', '".strip_tags($ber)."')";
        $res = mysql_query($sql);

        echo '<FONT SIZE="2">Je bericht is toegevoegd.</FONT>';
        formulier();

        echo '<BR>';
        berichten();
    }

Function antiflood(){

   $maxaant = 1; // Maximale aantal bezoeken in 1 minuut

   if(!isset($_SESSION['flood']))
   {
      $_SESSION['flood']['Time']=time();
      $_SESSION['flood']['Views']=1;
      return false;
   }
   else
   {
     if((time()-$_SESSION['flood']['Time']) >= 60)
     {
         unset($_SESSION['flood']);

         $_SESSION['flood']['Time']=time();
         $_SESSION['flood']['Views']=1;
         return false;
     }
     else
     {
        $_SESSION['flood']['Views']++;

        if($_SESSION['flood']['Views']>$maxaant)
        {
					 return true;
        }
     }
     if(isset($_SESSION['flood']['Views']))
     {
         $aantnog = $maxaant - $_SESSION['flood']['Views'];
         return false;
     }
  }
}

?>