<./?php
/*******************************************************************************
* Title: GBook - PHP Guestbook
* Version: 1.7 from 20th August 2009
* Author: Klemen Stirn
* Website: http://www.phpjunkyard.com
********************************************************************************
* COPYRIGHT NOTICE
* Copyright 2004-2009 Klemen Stirn. All Rights Reserved.
* The GBook may be used and modified free of charge by anyone
* AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT.
* By using this code you agree to indemnify Klemen Stirn from any
* liability that might arise from it's use.
* Selling the code for this program, in part or full, without prior
* written consent is expressly forbidden.
* Using this code, in part or full, to create derivate work,
* new scripts or products is expressly forbidden. Obtain permission
* before redistributing this software over the Internet or in
* any other medium. In all cases copyright and header must remain intact.
* This Copyright is in full effect in any country that has International
* Trade Agreements with the United States of America or
* with the European Union.
* Removing any of the copyright notices without purchasing a license
* is expressly forbidden. To remove GBook copyright notice you must purchase
* a license for this script. For more information on how to obtain
* a license please visit the page below:
* http://www.phpjunkyard.com/copyright-removal.php
*******************************************************************************/
define('IN_SCRIPT',true);
require('settings.php');
require($settings['language']);
/* Set some variables that will be used later */
$settings['verzija'] = '1.7';
$settings['number_of_entries'] = '';
$settings['number_of_pages'] = '';
$settings['pages_top'] = '';
/* Template path to use */
$settings['tpl_path'] = './templates/'.$settings['template'].'/';
/* Set target window for URLs */
$settings['target'] = $settings['url_blank'] ? ' target="_blank"' : '';
/* First thing to do is make sure the IP accessing GBook hasn't been banned */
gbook_CheckIP();
/* Get the action parameter */
$a = isset($_REQUEST['a']) ? gbook_input($_REQUEST['a']) : '';
/* And this will start session which will help prevent multiple submissions and spam */
if ($a=='sign' || $a=='add')
{
session_name('GBOOK');
session_start();
$myfield['name']=str_replace(array('.','/'),'',crypt('name',$settings['filter_sum']));
$myfield['cmnt']=str_replace(array('.','/'),'',crypt('comments',$settings['filter_sum']));
$myfield['bait']=str_replace(array('.','/'),'',crypt('bait',$settings['filter_sum']));
$myfield['answ']=str_replace(array('.','/'),'',crypt('answer',$settings['filter_sum']));
}
/* Don't cache any of the pages */
printNoCache();
/* Check actions */
if ($a)
{
/* Session is blocked, show an error */
if (!empty($_SESSION['block']))
{
problem($lang['e01'],0);
}
/* Make sure it's a valid action and run the required functions */
switch ($a)
{
case 'sign':
printSign();
break;
case 'delete':
confirmDelete();
break;
case 'viewprivate':
confirmViewPrivate();
break;
case 'add':
addEntry();
break;
case 'confirmdelete':
doDelete();
break;
case 'showprivate':
showPrivate();
break;
case 'reply':
writeReply();
break;
case 'postreply':
postReply();
break;
case 'viewIP':
confirmViewIP();
break;
case 'showIP':
showIP();
break;
case 'viewEmail':
confirmViewEmail();
break;
case 'showEmail':
showEmail();
break;
case 'approve':
approveEntry();
break;
default:
problem($lang['e11']);
} // END Switch $a
} // END If $a
/* Prepare and show the GBook entries */
$settings['notice'] = defined('NOTICE') ? NOTICE : '';
$page = (isset($_REQUEST['page'])) ? intval($_REQUEST['page']) : 0;
if ($page > 0)
{
$start = ($page*10)-9;
$end = $start+9;
}
else
{
$page = 1;
$start = 1;
$end = 10;
}
$lines = file($settings['logfile']);
$total = count($lines);
if ($total > 0)
{
if ($end > $total)
{
$end = $total;
}
$pages = ceil($total/10);
$settings['number_of_entries'] = sprintf($lang['t01'],$total,$pages);
$settings['number_of_pages'] = ($pages > 1) ? sprintf($lang['t75'],$pages) : '';
if ($pages > 1)
{
$prev_page = ($page-1 <= 0) ? 0 : $page-1;
$next_page = ($page+1 > $pages) ? 0 : $page+1;
if ($prev_page)
{
$settings['pages_top'] .= ''.$lang['t02'].' ';
if ($prev_page != 1)
{
$settings['pages_top'] .= ''.$lang['t03'].' ';
}
}
for ($i=1; $i<=$pages; $i++)
{
if ($i <= ($page+5) && $i >= ($page-5))
{
if ($i == $page)
{
$settings['pages_top'] .= ' '.$i.' ';
}
else
{
$settings['pages_top'] .= ' '.$i.' ';
}
}
}
if ($next_page)
{
if ($next_page != $pages)
{
$settings['pages_top'] .= ' '.$lang['t04'].'';
}
$settings['pages_top'] .= ' '.$lang['t05'].'';
}
} // END If $pages > 1
} // END If $total > 0
printTopHTML();
if ($total == 0)
{
include($settings['tpl_path'].'no_comments.php');
}
else
{
printEntries($lines,$start,$end);
}
printDownHTML();
exit();
/***** START FUNCTIONS ******/
function approveEntry()
{
global $settings, $lang;
$approve = intval($_GET['do']);
$hash = gbook_input($_GET['id'],$lang['e24']);
$hash = preg_replace('/[^a-z0-9]/','',$hash);
$file = 'apptmp/'.$hash.'.txt';
/* Check if the file hash is correct */
if (!file_exists($file))
{
problem($lang['e25']);
}
/* Reject the link */
if (!$approve)
{
define('NOTICE',$lang['t87']);
}
else
{
$addline = file_get_contents($file);
$links = file_get_contents($settings['logfile']);
if ($links === false)
{
problem($lang['e18']);
}
$addline .= $links;
$fp = fopen($settings['logfile'],'wb') or problem($lang['e13']);
fputs($fp,$addline);
fclose($fp);
define('NOTICE',$lang['t86']);
}
/* Delete the temporary file */
unlink($file);
} // END approveEntry()
function showEmail()
{
global $settings, $lang;
$error_buffer = '';
$num = isset($_POST['num']) ? intval($_POST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
/* Check password */
if (empty($_POST['pass']))
{
$error_buffer .= $lang['e09'];
}
elseif ( gbook_input($_POST['pass']) != $settings['apass'] )
{
$error_buffer .= $lang['e12'];
}
/* Any errors? */
if ($error_buffer)
{
confirmViewEmail($error_buffer);
}
/* All OK, show the IP address */
$lines = file($settings['logfile']);
$myline = explode("\t",$lines[$num]);
define('NOTICE', $lang['t65'].' '.$myline[2].'');
} // END showEmail
function confirmViewEmail($error='')
{
global $settings, $lang;
$num = isset($_REQUEST['num']) ? intval($_REQUEST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
$task = $lang['t63'];
$task_description = $lang['t64'];
$action = 'showEmail';
$button = $lang['t63'];
printTopHTML();
require($settings['tpl_path'].'admin_tasks.php');
printDownHTML();
} // END confirmViewEmail
function showIP()
{
global $settings, $lang;
$error_buffer = '';
$num = isset($_POST['num']) ? intval($_POST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
/* Check password */
if (empty($_POST['pass']))
{
$error_buffer .= $lang['e09'];
}
elseif ( gbook_input($_POST['pass']) != $settings['apass'] )
{
$error_buffer .= $lang['e12'];
}
/* Any errors? */
if ($error_buffer)
{
confirmViewIP($error_buffer);
}
/* All OK, show the IP address */
$lines = file($settings['logfile']);
$myline = explode("\t",$lines[$num]);
if (empty($myline[8]))
{
$ip='IP NOT AVAILABLE';
}
else
{
$ip=rtrim($myline[8]);
if (isset($_POST['addban']) && $_POST['addban']=='YES')
{
gbook_banIP($ip);
}
$host=@gethostbyaddr($ip);
if ($host && $host!=$ip)
{
$ip.=' ('.$host.')';
}
}
define('NOTICE', $lang['t69'] . ' ' . $ip);
} // END showIP
function confirmViewIP($error='')
{
global $settings, $lang;
$num = isset($_REQUEST['num']) ? intval($_REQUEST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
$task = $lang['t09'];
$task_description = $lang['t10'];
$action = 'showIP';
$button = $lang['t24'];
$options = '';
printTopHTML();
require($settings['tpl_path'].'admin_tasks.php');
printDownHTML();
} // END confirmViewIP
function postReply()
{
global $settings, $lang;
$error_buffer = '';
$num = isset($_POST['num']) ? intval($_POST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
/* Check password */
if (empty($_POST['pass']))
{
$error_buffer .= $lang['e09'] . ' ';
}
elseif ( gbook_input($_POST['pass']) != $settings['apass'] )
{
$error_buffer .= $lang['e12'];
}
/* Check message */
$comments = (isset($_POST['comments'])) ? gbook_input($_REQUEST['comments']) : false;
if (!$comments)
{
$error_buffer .= $lang['e10'];
$comments = '';
}
/* Any errors? */
if ($error_buffer)
{
writeReply($error_buffer, $comments);
}
/* All OK, process the reply */
$comments = wordwrap($comments,$settings['max_word'],' ',1);
$comments = preg_replace('/\&([#0-9a-zA-Z]*)(\s)+([#0-9a-zA-Z]*);/Us',"&$1$3; ",$comments);
$comments = preg_replace('/(\r\n|\n|\r)/',' ',$comments);
$comments = preg_replace('/(\s*){2,}/','
',$comments);
if ($settings['smileys'] == 1 && !isset($_REQUEST['nosmileys']) )
{
$comments = processsmileys($comments);
}
$myline = array(0=>'',1=>'',2=>'',3=>'',4=>'',5=>'',6=>'',7=>'',8=>'');
$lines = file($settings['logfile']);
$myline = explode("\t",$lines[$num]);
foreach ($myline as $k=>$v)
{
$myline[$k]=rtrim($v);
}
$myline[7] = $comments;
$lines[$num] = implode("\t",$myline)."\n";
$lines = implode('',$lines);
$fp = fopen($settings['logfile'],'wb') or problem($lang['e13']);
fputs($fp,$lines);
fclose($fp);
/* Notify visitor? */
if ($settings['notify_visitor'] && strlen($myline[2]))
{
$name = unhtmlentities($myline[1]);
$email = $myline[2];
$char = array('.','@');
$repl = array('.','@');
$email=str_replace($repl,$char,$email);
$message = sprintf($lang['t76'],$name)."\n\n";
$message.= sprintf($lang['t77'],$settings['gbook_title'])."\n\n";
$message.= "$lang[t78]\n";
$message.= "$settings[gbook_url]\n\n";
$message.= "$lang[t79]\n\n";
$message.= "$settings[website_title]\n";
$message.= "$settings[website_url]\n";
mail($email,$lang['t80'],$message,"From: $settings[admin_email]\nReply-to: $settings[admin_email]\nReturn-path: $settings[admin_email]\nContent-type: text/plain; charset=".$lang['enc']);
}
define('NOTICE', $lang['t12']);
} // END postReply
function writeReply($error='', $comments='')
{
global $settings, $lang;
$num = isset($_REQUEST['num']) ? intval($_REQUEST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
$nosmileys = isset($_REQUEST['nosmileys']) ? 'checked="checked"' : '';
printTopHTML();
require($settings['tpl_path'].'admin_reply.php');
printDownHTML();
} // END writeReply
function check_secnum($secnumber,$checksum)
{
global $settings, $lang;
$secnumber.=$settings['filter_sum'].date('dmy');
if ($secnumber == $checksum)
{
unset($_SESSION['checked']);
return true;
}
else
{
return false;
}
} // END check_secnum
function filter_bad_words($text)
{
global $settings, $lang;
$file = 'badwords/'.$settings['filter_lang'].'.php';
if (file_exists($file))
{
include_once($file);
}
else
{
problem($lang['e14']);
}
foreach ($settings['badwords'] as $k => $v)
{
$text = preg_replace("/\b$k\b/i",$v,$text);
}
return $text;
} // END filter_bad_words
function showPrivate()
{
global $settings, $lang;
$error_buffer = '';
$num = isset($_POST['num']) ? intval($_POST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
/* Check password */
if (empty($_POST['pass']))
{
$error_buffer .= $lang['e09'];
}
elseif ( gbook_input($_POST['pass']) != $settings['apass'] )
{
$error_buffer .= $lang['e15'];
}
/* Any errors? */
if ($error_buffer)
{
confirmViewPrivate($error_buffer);
}
/* All OK, show the private message */
define('SHOW_PRIVATE',1);
$lines=file($settings['logfile']);
printTopHTML();
printEntries($lines,$num+1,$num+1);
printDownHTML();
} // END showPrivate
function confirmViewPrivate($error='')
{
global $settings, $lang;
$num = isset($_REQUEST['num']) ? intval($_REQUEST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
$task = $lang['t35'];
$task_description = $lang['t36'];
$action = 'showprivate';
$button = $lang['t35'];
printTopHTML();
require($settings['tpl_path'].'admin_tasks.php');
printDownHTML();
} // END confirmViewPrivate
function processsmileys($text)
{
global $settings, $lang;
/* File with emoticon settings */
require($settings['tpl_path'].'emoticons.php');
/* Replace some custom emoticon codes into GBook compatible versions */
$text = preg_replace("/([\:\;])\-([\)op])/ie","str_replace(';p',':p','\\1'.strtolower('\\2'))",$text);
$text = preg_replace("/([\:\;])\-d/ie","str_replace(';D',':D','\\1'.'D')",$text);
foreach ($settings['emoticons'] as $code => $image)
{
$text = str_replace($code,'',$text);
}
return $text;
} // END processsmileys
function doDelete()
{
global $settings, $lang;
$error_buffer = '';
$num = isset($_POST['num']) ? intval($_POST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
/* Check password */
if (empty($_POST['pass']))
{
$error_buffer .= $lang['e09'];
}
elseif ( gbook_input($_POST['pass']) != $settings['apass'] )
{
$error_buffer .= $lang['e16'];
}
/* Any errors? */
if ($error_buffer)
{
confirmDelete($error_buffer);
}
/* All OK, delete the message */
$lines=file($settings['logfile']);
/* Ban poster's IP? */
if (isset($_POST['addban']) && $_POST['addban']=='YES')
{
gbook_banIP(trim(array_pop(explode("\t",$lines[$num]))));
}
unset($lines[$num]);
$lines = implode('',$lines);
$fp = fopen($settings['logfile'],'wb') or problem($lang['e13']);
fputs($fp,$lines);
fclose($fp);
define('NOTICE', $lang['t37']);
} // END doDelete
function confirmDelete($error='')
{
global $settings, $lang;
$num = isset($_REQUEST['num']) ? intval($_REQUEST['num']) : false;
if ($num === false)
{
problem($lang['e02']);
}
$task = $lang['t38'];
$task_description = $lang['t39'];
$action = 'confirmdelete';
$button = $lang['t40'];
$options = '';
printTopHTML();
require($settings['tpl_path'].'admin_tasks.php');
printDownHTML();
} // END confirmDelete
function check_mail_url()
{
global $settings, $lang;
$v = array('email' => '','url' => '');
$char = array('.','@');
$repl = array('.','@');
$v['email']=htmlspecialchars($_POST['email']);
if (strlen($v['email']) > 0 && !(preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$v['email'])))
{
$v['email']='INVALID';
}
$v['email']=str_replace($char,$repl,$v['email']);
if ($settings['use_url'])
{
$v['url']=htmlspecialchars($_POST['url']);
if ($v['url'] == 'http://' || $v['url'] == 'https://') {$v['url'] = '';}
elseif (strlen($v['url']) > 0 && !(preg_match("/(http(s)?:\/\/+[\w\-]+\.[\w\-]+)/i",$v['url'])))
{
$v['url'] = 'INVALID';
}
}
elseif (!empty($_POST['url']))
{
$_SESSION['block'] = 1;
problem($lang['e01'],0);
}
else
{
$v['url'] = '';
}
return $v;
} // END check_mail_url
function addEntry()
{
global $settings, $lang, $myfield;
/* This part will help prevent multiple submissions */
if ($settings['one_per_session'] && $_SESSION['add'])
{
problem($lang['e17'],0);
}
/* Check for obvious SPAM */
if (!empty($_POST['name']) || isset($_POST['comments']) || !empty($_POST[$myfield['bait']]) || ($settings['use_url']!=1 && isset($_POST['url'])) )
{
gbook_banIP(gbook_IP(),1);
}
$name = gbook_input($_POST[$myfield['name']]);
$from = gbook_input($_POST['from']);
$a = check_mail_url();
$email = $a['email'];
$url = $a['url'];
$comments = gbook_input($_POST[$myfield['cmnt']]);
$isprivate = ( isset($_POST['private']) && $settings['use_private'] ) ? 1 : 0;
$sign_isprivate = $isprivate ? 'checked="checked"' : '';
$sign_nosmileys = isset($_REQUEST['nosmileys']) ? 'checked="checked"' : 1;
$error_buffer = '';
if (empty($name))
{
$error_buffer .= $lang['e03'].' ';
}
if ($email=='INVALID')
{
$error_buffer .= $lang['e04'].' ';
$email = '';
}
if ($url=='INVALID')
{
$error_buffer .= $lang['e05'].' ';
$url = '';
}
if (empty($comments))
{
$error_buffer .= $lang['e06'].' ';
}
else
{
/* Check comment length */
if ($settings['max_comlen'])
{
$count = strlen($comments);
if ($count > $settings['max_comlen'])
{
$error_buffer .= sprintf($lang['t73'],$settings['max_comlen'],$count).' ';
}
}
/* Don't allow flooding with too much emoticons */
if ($settings['smileys'] == 1 && !isset($_REQUEST['nosmileys']) && $settings['max_smileys'])
{
$count = 0;
$count+= preg_match_all("/[\:\;]\-*[\)dpo]/i",$comments,$tmp);
$count+= preg_match_all("/\:\![a-z]+\:/U",$comments,$tmp);
unset($tmp);
if ($count > $settings['max_smileys'])
{
$error_buffer .= sprintf($lang['t74'],$settings['max_smileys'],$count).' ';
}
}
}
/* Use a logical anti-SPAM question? */
$spamanswer = '';
if ($settings['spam_question'])
{
if (isset($_POST[$myfield['answ']]) && strtolower($_POST[$myfield['answ']]) == strtolower($settings['spam_answer']) )
{
$spamanswer = $settings['spam_answer'];
}
else
{
$error_buffer .= $lang['t67'].' ';
}
}
/* Use security image to prevent automated SPAM submissions? */
if ($settings['autosubmit'])
{
$mysecnum = isset($_POST['mysecnum']) ? intval($_POST['mysecnum']) : 0;
if (empty($mysecnum))
{
$error_buffer .= $lang['e07'].' ';
}
else
{
require('secimg.inc.php');
$sc=new PJ_SecurityImage($settings['filter_sum']);
if (!($sc->checkCode($mysecnum,$_SESSION['checksum'])))
{
$error_buffer .= $lang['e08'].' ';
}
}
}
/* Any errors? */
if ($error_buffer)
{
printSign($name,$from,$email,$url,$comments,$sign_nosmileys,$sign_isprivate,$error_buffer,$spamanswer);
}
/* Check the message with JunkMark(tm)? */
if ($settings['junkmark_use'])
{
$junk_mark = JunkMark($name,$from,$email,$url,$comments);
if ($settings['junkmark_ban100'] && $junk_mark == 100)
{
gbook_banIP(gbook_IP(),1);
}
elseif ($junk_mark >= $settings['junkmark_limit'])
{
$_SESSION['block'] = 1;
problem($lang['e01'],0);
}
}
/* Everthing seems fine, let's add the message */
$delimiter="\t";
$m = date('m');
if (isset($lang['m'.$m]))
{
$added = $lang['m'.$m] . date(" j, Y");
}
else
{
$added = date("F j, Y");
}
/* Filter offensive words */
if ($settings['filter'])
{
$comments = filter_bad_words($comments);
$name = filter_bad_words($name);
$from = filter_bad_words($from);
}
/* Process comments */
$comments_nosmileys = unhtmlentities($comments);
$comments = wordwrap($comments,$settings['max_word'],' ',1);
$comments = preg_replace('/\&([#0-9a-zA-Z]*)(\s)+([#0-9a-zA-Z]*);/Us',"&$1$3; ",$comments);
$comments = preg_replace('/(\r\n|\n|\r)/',' ',$comments);
$comments = preg_replace('/(\s*){2,}/','
',$comments);
/* Process emoticons */
if ($settings['smileys'] == 1 && !isset($_REQUEST['nosmileys']))
{
$comments = processsmileys($comments);
}
/* Create the new entry and add it to the entries file */
$addline = $name.$delimiter.$from.$delimiter.$email.$delimiter.$url.$delimiter.$comments.$delimiter.$added.$delimiter.$isprivate.$delimiter.'0'.$delimiter.$_SERVER['REMOTE_ADDR']."\n";
/* Prepare for e-mail... */
$name = unhtmlentities($name);
$from = unhtmlentities($from);
/* Manually approve entries? */
if ($settings['man_approval'])
{
$tmp = md5($_SERVER['REMOTE_ADDR'].$settings['filter_sum']);
$tmp_file = 'apptmp/'.$tmp.'.txt';
if (file_exists($tmp_file))
{
problem($lang['t81']);
}
$fp = fopen($tmp_file,'w') or problem($lang['e23']);
if (flock($fp, LOCK_EX))
{
fputs($fp,$addline);
flock($fp, LOCK_UN);
fclose($fp);
}
else
{
problem($lang['e22']);
}
$char = array('.','@');
$repl = array('.','@');
$email=str_replace($repl,$char,$email);
$message = "$lang[t42]\n\n";
$message.= "$lang[t82]\n\n";
$message.= "$lang[t17] $name\n";
$message.= "$lang[t18] $from\n";
$message.= "$lang[t20] $email\n";
$message.= "$lang[t19] $url\n";
$message.= "$lang[t44]\n";
$message.= "$comments_nosmileys\n\n";
$message.= "$lang[t83]\n";
$message.= "$settings[gbook_url]?id=$tmp&a=approve&do=1\n\n";
$message.= "$lang[t84]\n";
$message.= "$settings[gbook_url]?id=$tmp&a=approve&do=0\n\n";
$message.= "$lang[t46]\n";
mail($settings['admin_email'],$lang['t41'],$message,"Content-type: text/plain; charset=".$lang['enc']);
/* Let the first page know a new entry has been submitted for approval */
define('NOTICE',$lang['t85']);
}
else
{
$links = file_get_contents($settings['logfile']);
if ($links === false)
{
problem($lang['e18']);
}
$addline .= $links;
$fp = fopen($settings['logfile'],'wb') or problem($lang['e13']);
fputs($fp,$addline);
fclose($fp);
if ($settings['notify'] == 1)
{
$char = array('.','@');
$repl = array('.','@');
$email=str_replace($repl,$char,$email);
$message = "$lang[t42]\n\n";
$message.= "$lang[t43]\n\n";
$message.= "$lang[t17] $name\n";
$message.= "$lang[t18] $from\n";
$message.= "$lang[t20] $email\n";
$message.= "$lang[t19] $url\n";
$message.= "$lang[t44]\n";
$message.= "$comments_nosmileys\n\n";
$message.= "$lang[t45]\n";
$message.= "$settings[gbook_url]\n\n";
$message.= "$lang[t46]\n";
mail($settings['admin_email'],$lang['t41'],$message,"Content-type: text/plain; charset=".$lang['enc']);
}
/* Let the first page know a new entry has been submitted */
define('NOTICE',$lang['t47']);
}
/* Register this session variable */
$_SESSION['add']=1;
/* Unset Captcha settings */
if ($settings['autosubmit'])
{
$_SESSION['secnum']=rand(10000,99999);
$_SESSION['checksum']=crypt($_SESSION['secnum'],$settings['filter_sum']);
gbook_session_regenerate_id();
}
} // END addEntry
function printSign($name='',$from='',$email='',$url='',$comments='',$nosmileys='',$isprivate='',$error='',$spamanswer='')
{
global $settings, $myfield, $lang;
$url=$url ? $url : 'http://';
/* anti-SPAM logical question */
if ($settings['spam_question'])
{
$settings['antispam'] =
'
'.$settings['spam_question'].'
';
}
else
{
$settings['antispam'] = '';
}
/* Visual Captcha */
if ($settings['autosubmit'] == 1)
{
$_SESSION['secnum']=rand(10000,99999);
$_SESSION['checksum']=crypt($_SESSION['secnum'],$settings['filter_sum']);
gbook_session_regenerate_id();
$settings['antispam'] .=
'
'.$lang['t56'].'
';
}
elseif ($settings['autosubmit'] == 2)
{
$_SESSION['secnum']=rand(10000,99999);
$_SESSION['checksum']=crypt($_SESSION['secnum'],$settings['filter_sum']);
gbook_session_regenerate_id();
$settings['antispam'] .=
'
'.$_SESSION['secnum'].' '.$lang['t56'].'
';
}
printTopHTML();
require($settings['tpl_path'].'sign_form.php');
printDownHTML();
} // END printSign
function printEntries($lines,$start,$end)
{
global $settings, $lang;
$start = $start-1;
$end = $end-1;
$delimiter = "\t";
$template = file_get_contents($settings['tpl_path'].'comments.php');
for ($i=$start;$i<=$end;$i++)
{
$lines[$i]=rtrim($lines[$i]);
list($name,$from,$email,$url,$comment,$added,$isprivate,$reply)=explode($delimiter,$lines[$i]);
if (!empty($isprivate) && !empty($settings['use_private']) && !defined('SHOW_PRIVATE'))
{
$comment = '
'.$lang['t58'].'
' : '';
printTopHTML();
require($settings['tpl_path'].'error.php');
printDownHTML();
} // END problem
function printNoCache()
{
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
} // END printNoCache
function printTopHTML()
{
global $settings, $lang;
require_once($settings['tpl_path'].'overall_header.php');
} // END printTopHTML
function printDownHTML()
{
global $settings, $lang;
eval(gzinflate(base64_decode('DczZkmtAAADQz5lMebBH1K15QOzLBE3wcqvRRLQkTWL7+nvPBx
w0Q3xo9+7RYPhGhxJO6Cj8rVH1rNHhS62sEg/ToijncBcxh1Itg948bFnqJoHZzc6Gnc+Ta+9QH3dZEv
bHXBPqLU3Th6bOtc/L96iR+G6Zt46vG5CV64OTJR/xUmMF2SKRYkhNi2lZzTMKt9OR6T8bEUJ/pV5W1I
Z7rCpxfy0VCWw0EngmLByPb2MQ6nKQfvwjoz/hDU23o0ORTxbgd8glfsi57ljMJsHasZmZfBXba6NdE7
zedJCR2Y43vk6se7UvVZEJZKTBWezHC5thuCZ1Hyi1Y9TET0r6OW0FvJDoHVwd0nCsmrP9Kuu8YEKFDK
cFV8Ua5Io5I1+iU7VPGT5wy25752NqMPEvtDXgRq1NTrcAAuFzizSlUpBIbMBEYu+phq2C4+8qX8CoJD
ob76jVpXMuV+wuKCykT9pgD/9zvF0IFjrgGRP97GflSqFe9HYje7woHfC0VY2aHSAVF3XW1/CkJ84mLy
B45WYlzozMxLoM1kaIAgTRlJwfzMt/ubTczLRsLT8/X9/f33/+AQ==')));
exit();
} // END printDownHTML
function gbook_input($in,$error=0)
{
$in = trim($in);
if (strlen($in))
{
$in = htmlspecialchars($in);
$in = preg_replace('/&(\#[0-9]+;)/','&$1',$in);
}
elseif ($error)
{
problem($error);
}
return stripslashes($in);
} // END gbook_input()
function gbook_isNumber($in,$error=0)
{
$in = trim($in);
if (preg_match("/\D/",$in) || $in=="")
{
if ($error)
{
problem($error);
}
else
{
return '0';
}
}
return $in;
} // END gbook_isNumber()
function JunkMark($name,$from,$email,$url,$comments)
{
/*
JunkMark(TM) SPAM filter
v1.4 from 19th Aug 2009
(c) Copyright 2006-2009 Klemen Stirn. All rights reserved.
The function returns a number between 0 and 100. Larger numbers mean
more probability that the message is SPAM. Recommended limit is 60
(block message if score is 60 or more)
THIS CODE MAY ONLY BE USED IN THE "GBOOK" SCRIPT FROM PHPJUNKYARD.COM
AND DERIVATIVE WORKS OF THE GBOOK SCRIPT.
THIS CODE MUSTN'T BE USED IN ANY OTHER SCRIPT AND/OR REDISTRIBUTED
IN ANY MEDIUM WITHOUT THE EXPRESS WRITTEN PERMISSION FROM KLEMEN STIRN!
*/
global $settings;
return
eval(gzinflate(base64_decode('DZZFssVYrkWnUr3KDDfMFL9luGZmu1NhZmaP/r8RaOucpSVt5X
Fu03/KKx3+qb92qob0KP/J0r0ksP8VZT4X5T//FZIS/vZQ7fqkSrKF7AZt18V21XlzEuMwMX0aBJGpCD
Vtz174wiPhhEDAD76N8lHwCBh08SvCW6JTmUE6GqwhHyyQwu8ekVejDtXG7tRpRN9F8qs5nAuP98+4Pb
0vRKkfpNqGGTtSFMnQsirqBK7LDDahz0kYa/8qPfmZs5Nr3IEaHzSD4lrHc6eVF7881dk6qk1cBHLtY5
2AyngKsRtfHvZEb/3j8d6ngfL4q+uGB1as1xNq+fbJw0Kto7BIlcg1PQebDF25SpBiGDvS9nsF8etLi+
AOvgUh90LhZ+nFv+m6TcHcmM/bEbI0R5Ha5ec3pQTNeDct4x15lPlLc1GQGsPXhQMjF66Q2dBinimTAH
yst68UHCI4f0aZKl0Z9rOl+fTccS1UA69BT34IVEwalFjw1NvvtGYTeGKLfJQCzxOHVJWO6jioqCClGB
rPlGo8bP38RqQQqX7qIcqR8VlPwXmBc/mjNTfS910J1XgWj02LuElcOTsYuaM/Tm469NAiuqNz/o590P
JfCSphMshueXHJ22+5v+BXR1crMoaDhEfnviVGV34emFef9gmYe58x0I0DZNY12RwlHqlQMrWBuRTSJx
52n/dp/2uQrd/dsiGDY0csYfDcbuuXsOug8AF+mlNfGr1Uv2TcYAg73u+AfEd8bsPRt/PsgGlpqhM41S
nj1A9QTWeODPJVWBTZH7VPo2Cxu9tbI7TptUhNxc7Grmm2OqVv4Rw/FvJkowBUV70u6Iut4ctZqaGNir
NGUzhx7NwNOt1g7DAwwITUmj32JXdxwFIM6+q02kFL05+aQVYWi1NP7qJvXS9CpCYihgxkd+jA6ffexn
rt7bZEYT97wp+Py+o5AY2u63RnEG+vLJPE0xhP8IQZQjKRVsllH7DJ9Ko7VviLNyZz4K55WnzjvKRBkW
LZe6WGpSwX61ZeMnSmTzv0zDwXOi2S/60k9k5XtquuP0j+ZGOJAW/u4g2fk+SdmXhlym828L0R8469j6
9ogRCnQ13E+8aZrVwF4ajfm+vNumKEx//AArw/sSwPVnk7gWx5Hm+UnVTo5c6GKmDa0ycf//DgnXtISM
5MKzu7GYpestivYGspzTQHervVhTwaJDAuah998udIE2jFfOg6PqdxxhIFhxeWMb47oXE58eSXgYxbUV
pfglSTYlSaKL0ktHgTLdixVWGUYwwyBmWRXCrMYg2ASvFAN4gQ0I/STvhMaBzskz5A6OiB9ccu+7YMcD
Nc6QcLQPtMVn7oLSFl9ouG9rhZ/zKc7XQSkTPvYqA5BUZcemKwUdyTnQ/DGfKnR5FhreyvWTtg+BGR6a
gAZIDMbbz7ZUogR4WEzn40x3sDCLDsYKUDaaHQ6KR0jVWAOrXkrw8cy/0Us1e7kRxjNHQeM7oyofNeFZ
pdntIKbUD7+2H9qpqEVQ50OrvZfFQLUgwGjKiWRYlSTu+yvicI0qoKlX4PsAd2Fy+K22b00pIQwvQZCk
qHuCR/3vNV+AC54GBXtjPfrDQI/7U4pAzy+jyzN8g4QsH/YM2CEZA8TR554UkwRLBfuE7V+iGbXmWfrP
otBrTo1/2Xr1gSWwzOaRoctFkZwwh2+ikQl0L0XYZGOsrRVZZkteKwUbkLavmEm2LLXcK5lBZk9qt+77
5lIMONWl78TacARH8odpjaAps0/SmiwoP3d2a7YOnFCEBIr2Mz4Vv6EcbP0z2bdcWVvtjbtVteOpIyER
KzKpAADNzQ4hKbzmmXWPByfzDZcsjeqAu+9Y2v0DEnqAMrinLyeBg8ow+yyjN0I6LJ86ts14rurQeto7
SLzho73FjILzENRqWrbdO4ZFelHORAGVX4hTEtIGHwGpc6tEaev/W26I3kywed1g/Ogh5egZ8iZlqyp4
nY2wG6mup6uuWduNrG1sMnOlA0XAER/pFxoVANvfdr4W7MvZz8+jv4vkP0gnfCb3q2T3vbbYrkxaQCb8
sKFy2oYDSBQFDPji23pzUfN8Rf9KmfgYHF14u8pJuCaA7wlL+/swjMhJH1uu6WXe2VFP1NX9Zl4Ihqid
jP6xLgrkpeSv4c3x9js1WtSRB2LM1oaAaovmcValIRFYFTDGEEG6PFqf1KEH97lpXVlkNTHCyo98xFd8
tpIqNAhafFJjSdpcEx74oIEmd+V6NeJlITyCFmd2QBCFYj4KXDBpTQTV5PaebBj3McLVoVLn8cp8gWtW
eIBGVJDIogSaggEGr+YeVIXZm6GVnH/R9PC2Xpl7ifZ4SXWI1hj4LccLEha6GHpqRJyx+/QBrSuu/Hmf
ruGraHUUKQ2o/6Eijn98sjYriG7wmI6OeE/qYDH1TIUsBQgorhVw/eThB7cOBNQN24QsZSMpGl/q2xS6
TC5TpOVvPga9u2lTJr8W25w71XAWYrvYKdOU5I65BOaK4KlY/a0ZB9OFUyNoZukcCmB6JgZ6QzCMo+Bs
Ke1b4GQ64l8peBSeuq0xcoEUdiNnLie4grBgOiYoWmztP5MtmQU6zsRdhqn6y/C6WWXVhQR0KBG0TJVW
0tfqON/mqsmB6IpbjfS6Cih4/7pe7ZunHn8Tvza1b/TBuL28/b3MewwKe0uPf+e7htXrB+Tt1ozfcYIh
GVMn/+vEE1afPisAsstI6ko0E+cWAmVF4teyEAUNs6ptumYHDot8hlutuVY9szf+cdxUjOLzZhL1dXaG
8wBm32dju0JyyOmYZew+hCi81OViKJAzySq5Y4JsujnCCKDOVpAufF3qwQWTylrL5Lv9A0PPOFxgqhKY
okVwyepgZukL32QCBe25SJqDrWRzoBMzJOSZlDEPwlJm0UCGipzLbdHHecl8m3IMebJUTyOOOThbH7ei
HNq0fiCHK4yJr20Nflaqm8M0kjZpunLA9ZgwtR/psFU/Osd2928a42erP0/RsRRuUuRs6p1tP8RICWYR
5fZ4HgrnuXeu8ZsTjZWT2oP3uuu5xmTpYTxcx11H3qfg7AXwK5y0ACXvZlEXlAOnrk/clYguG2m8vSKm
4t4/dKaCLL9+YwTihU7S42rukTl29Aab4ZA7yCkgxhWviLU/ACMOEe/RC2daUwoP7uPcmPgLfOT0kOfH
33hsiai0rVyJfjT2SVgSrzjdq9XWjxRFe3iRqDbjg15ZI87ve4OwmAViYrh9dWjXHRbMk0rTVWq65YBm
W4kynfJ+mqeiOkgZiF+LmQIC8LdkFIZt/t2ig52rttgslVyHSiUnVCImZdx2i8jvIDHP4Cy/Pof6j7qQ
Vdblhgm6++gmOneX7k+xs/0JT5Z3IpsLVvHQmOckZFtSFdpWbj7GOzlrKHF6gZ1kqVfJKFin8cxaWd3v
qapbw+UUQRSASNZgH1TD75KbyVN0zNjVPDQVRkXvURf6gNwafYvPGTV1MXP/+GMeJiyyBTo2rOd/RRkl
DrtY2VyIqZFTl0Kq+tjrM9EYHh0hEwgWk4qOK4PQzhzirZSMUVnQUHFQEm4Z6vpIKgQQZrndtLST4mpd
1d8PB+sVy56ZWq6zODw5L2SyZJduLdf5Ld5jdnTqQ5iRn8kMKsVgiQBLhvxC6WgLrMTH+Dh/DHHfKa3b
qx2sK+/Nni10xL4vYUfuWFropt9OPY5kqWY8o08GQ1Hr3rzM0ZTO/1gwxNNYzoQj2lkVKvwF4KkBm69W
LaHrejMP1QH4KbEEAZ+uEq/CNuBLfQpmGiQBzD8mvBZeROHUhb1jxD9XMkm5WCr0W8QDMhMhVXVUP5Nc
Pe9g/cnRAZAOsY8KMEM9aQNId2Q+NMMvQPER1PsI5zo+Rh0T0/jUIQrp7ufLbU2Y1C+eFgZgVccXKdUi
MjHg9pLvnEgrFu6LWg9C7o0Bvv4VBGGT9v2Ww4JX7PzRSObf2dbK264sHIXB2eHrzI6zG/HSOvWi5Qsr
VoKE1fylpaM8/VDRCPPfL0phpVsBPRG8asLKMAIRoYP0yottShjWHJXcYubQkXKkxhQzkIwhUXZ4dlIw
fAZYbRTMexw+aCwAn52+ywv//EY6hde6+qGNT2gRDB1NUIkIoB3+nLP8/rBsC6zI2oQ5LRO1WSjsX9BT
UjV6a9LZgoUq2A8PLWX7p5LfGBIHhdFwhi0X///fff//t/')));
} // END JunkMark()
function gbook_IP()
{
global $settings, $lang;
$ip = $_SERVER['REMOTE_ADDR'];
if (!preg_match('/^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$/',$ip))
{
if ($settings['allow_IPv6'] && preg_match('/^[0-9A-Fa-f\:]+$/',$ip))
{
return $ip;
}
die($lang['e20']);
}
return $ip;
} // END gbook_IP()
function gbook_CheckIP()
{
global $settings, $lang;
$ip = gbook_IP();
$myBanned = file_get_contents('banned_ip.txt');
if (strpos($myBanned,$ip) !== false)
{
die($lang['e21']);
}
return true;
} // END gbook_CheckIP()
function gbook_banIP($ip,$doDie=0)
{
global $settings, $lang;
$fp=fopen('banned_ip.txt','a');
fputs($fp,$ip.'%');
fclose($fp);
if ($doDie)
{
die($lang['e21']);
}
return true;
} // END gbook_banIP()
function gbook_session_regenerate_id()
{
if (version_compare(phpversion(),'4.3.3','>='))
{
session_regenerate_id();
}
else
{
$randlen = 32;
$randval = '0123456789abcdefghijklmnopqrstuvwxyz';
$random = '';
$randval_len = 35;
for ($i = 1; $i <= $randlen; $i++)
{
$random .= substr($randval, rand(0,$randval_len), 1);
}
if (session_id($random))
{
setcookie(
session_name('GBOOK'),
$random,
ini_get('session.cookie_lifetime'),
'/'
);
return true;
}
else
{
return false;
}
}
} // END gbook_session_regenerate_id()
function unhtmlentities($in)
{
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($in,$trans_tbl);
} // END unhtmlentities()
?>