Be sure writing is allowed in this directory.";
$langPassChanged = "The password has been changed.";
$langPassError = "The new passwords don't match !";
$langPassword = "Change Big Sam Password";
$langRetype = "Retype new Password :";
$langSubmit = "Send the message";
$langSubmitModif = "Submit Modifications";
$langSystemError = "System Error";
$langSystemMessage = "System Message";
$langWrongPassword = "Wrong Admin Password";
/*******************************************
* Configuration Step 2 : Carbon Copy Email *
*******************************************/
// carbonCopy = 1 enables mail sending to mailRecipient.
// mailRecipient receives a mail each times an entry is entered (if carbonCopy = 1)
// mailSubject is the subject of the mail which is sent.
$carbonCopy = 1;
$mailRecipient = "howard@frank.harvard.edu";
$mailSubject = "[olympicwedding.com] New Guestbook Entry";
/*****************************
* Configuration Step 3 : CSS *
******************************/
// Choosing CSS Classes
// Here are detailed each and every classes used in Big Sam.
// You can replace these class names with your own CSS class name
// If you just want to change the colors, go and modify the displayHeader() CSS entry.
// Data submission form classes
$formHead = "formHead";
$formTail = "formTail";
$formBody = "formBody";
$inputText = "txt";
$inputSubmit = "submit";
$textArea = "std";
// Guestbook entries classes
$entryHead = "entryHead";
$entryBody1 = "entryBody1";
$entryBody2 = "entryBody2";
// Admin classes
$adminHead = "adminHead";
$adminBody1 = "adminBody1";
$adminBody2 = "adminBody2";
/********************************
* Configuration Step 4 : Header *
********************************/
function displayHeader()
{
global $version;
header ("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
?>
Andrew & Sarah's Wedding Guest Book
9 February 2006
Wedding Guest Book
", $str);
$str = str_replace("$", "$", $str);
return $str;
}
function standardizeDisplayedText($str)
{
return $str;
}
function standardizeAdminText($str)
{
return $str;
}
function seekHttp($rawText)
{
global $at_replace;
$pattern = array(
"/http:\/\/((\w|\.|\?|\%|=|\/|-|~|#)*)/",
"/mailto:((\w|\.|@|-)*)/");
$replacement = array(
"http://\\1",
"\\1");
$hyperLinkedText=preg_replace($pattern, $replacement, $rawText);
if (at_replace) $hyperLinkedText = str_replace("@", " at ", $hyperLinkedText);
return $hyperLinkedText;
}
//******************************************************************************
// function Xfopen : opens a file $fileName and locks it
function Xfopen($fileName, $openMode, $sharing)
{
global $langOpenError;
$fp=@fopen($fileName, $openMode);
if (!$fp)
{
displayMessage($langOpenError,2);
}
if ($sharing==true)
{
$op=1;
}
else
{
$op=2;
}
if (!@flock($fp,$op))
{
@flock($fp,3);
displayMessage("flock timeout",2);
}
return $fp;
}
//******************************************************************************
// function Xfclose : unlocks the file $fp and closes it
function Xfclose($fp)
{
@flock($fp,3);
@fclose($fp);
}
//******************************************************************************
// function fullDisplay
function fullDisplay()
{
global $displayStep,$displayBegin, $maxDisplay ;
global $entryHead, $entryBody1, $entryBody2;
global $relativeScriptPath;
global $index;
global $archive_mail, $archive_name, $archive_text, $archive_date;
global $allowAutoLink;
// Checks if $displayBegin is not too large (Thanks to Ahmet Sabri ALPER )
if ($displayBegin>$maxDisplay)
{
$displayBegin=$maxDisplay-$displayStep+1;
}
displayHeader();
// Displays the entry form to enable the client to type a message.
displayForm();
if ($index==0)
{
displayFooter();
return;
}
echo ("
\n");
// Message arrays are displayed here :
echo "
\n";
// Displaying all the entries.
if ($displayStep==0)
{
$displayBegin=1;
$displayStep=$index;
}
if ($displayBegin==1)
{
$startAt=$index % $displayStep;
if ($startAt==0) $startAt=$displayStep;
}
else
{
$startAt=$displayBegin+$displayStep-1;
}
for ($msgNumber=$startAt ; $msgNumber>=$displayBegin ; $msgNumber--)
{
?>
:
:
\n");
for($i=1;$i<=$index;$i=$nextEnd+1)
{
$nextBegin = $i;
if ($i==1)
{
$nextEnd=$index % $displayStep;
if ($nextEnd==0) $nextEnd=$displayStep;
}
else $nextEnd = $i+$displayStep-1;
if ($displayBegin==$nextBegin && $nextEnd!=$nextBegin) echo ("[$nextBegin-$nextEnd]\n");
else if ($displayBegin==$nextBegin && $nextEnd==$nextBegin) echo ("[$nextBegin]\n");
else if ($nextEnd==$nextBegin) echo ("[$nextBegin]\n");
else echo ("[$nextBegin-$nextEnd]\n");
}
echo "
\n";
displayFooter();
}
//******************************************************************************
function readData($resetBegin)
{
global $adminpassword;
global $index;
global $dataFile;
global $archive_mail, $archive_name, $archive_text, $archive_date;
global $displayBegin, $displayStep, $maxDisplay;
// Includes automatically filled data arrays :
$index = 0;
$fout=Xfopen($dataFile, "r", true);
include($dataFile);
Xfclose($fout);
// From now, $index will indicate the number of data entries.
// Beginning of the data to be displayed, default = 1
if (!isset($displayBegin)) $displayBegin="";
if ($displayBegin=="" || $resetBegin==1)
{
$displayBegin = $index-$displayStep+1;
if ($displayBegin<=0) $displayBegin=1;
}
// Sets the maximum that $displayBegin can reach
$maxDisplay = $index;
}
//******************************************************************************
// If the Datafile does not exist, creates it.
if (!file_exists(${dataFile}))
{
$fout = Xfopen($dataFile, "w+", false);
fputs($fout, "");
Xfclose ($fout);
}
// $admin could be set via Admin-Form by POST or via URL by GET
$admin=$HTTP_POST_VARS["admin"];
if (!isset($admin))
$admin=$HTTP_GET_VARS["admin"];
else // assign POST-variables from Admin-Form
{
$newPassword1=$HTTP_POST_VARS["newPassword1"];
$newPassword2=$HTTP_POST_VARS["newPassword2"];
$command=$HTTP_POST_VARS["command"];
$index=$HTTP_POST_VARS["index"];
}
if (!isset($admin))
{
// assing variables from Guestbook-From
$name=$HTTP_POST_VARS["name"];
$email=$HTTP_POST_VARS["email"];
$message=$HTTP_POST_VARS["message"];
if (!isset($name)) { $name=""; $message=""; }
if ($name=="" || $message=="")
{
/************************************************************************************
* Use Case no 1-A
*
* This case is encountered when a client simply wants to add a message to the
* guestbook. (Every variable is empty);
************************************************************************************/
readData(0);
fullDisplay();
exit;
}
else
{
/********************************************************************************
* Use Case no 1-B *
* *
* Case is encountered when a client has just filled in the appropriate fields *
* (name, mail, message). *
* $name = "Some Name" *
* $email = "Some@Email" (or not)
* $message = "Some Message" *
* Simply add message in the top of all previous messages. *
********************************************************************************/
// Eventually checks the referer (see configuration step 9)
if (($checkReferer)&&(substr($refererpage,0,strlen($scriptURL))!=$scriptURL)) {
displayMessage("Make sure that your browser is at http://www.olympicwedding.com/guestbook.php (not http://olympicwedding.com/guestbook.php)",2);
die;
}
$position = filesize($dataFile);
// the first one disallows all posts
if (strpos($message, "") === false &&
strpos($message, "poker") === false &&
strpos($message, "cigarette") === false &&
strpos($message, "tramadol") === false &&
strpos($message, "viagra") === false &&
strpos($message, "viagra1") === false &&
strpos($message, "cialis") === false &&
strpos($message, "cialis1") === false &&
strpos($message, "xanax") === false &&
strpos($message, "hentai") === false &&
strpos($message, "atavan") === false &&
strpos($message, "adipex") === false &&
strpos($message, "tramodol") === false &&
strpos($message, "casino") === false )
{
$fout = Xfopen($dataFile, "r+", false);
fseek($fout,$position-2);
$insert_msgdate = date( "dS F Y - h:i:s A" );
$name=standardizeStoredText($name);
$email=standardizeStoredText($email);
$message=standardizeStoredText($message);
// Truncates the message to the maximal defined length
if ($logicalLengthLimitation) { $message = substr($message,0,$messageMaxLength); }
fputs ($fout,"\$archive_name[++\$index] = \"$name\";\n");
fputs ($fout,"\$archive_mail[ \$index] = \"$email\";\n");
fputs ($fout,"\$archive_date[ \$index] = \"$insert_msgdate\";\n");
fputs ($fout,"\$archive_text[ \$index] = \"$message\";\n");
fputs ($fout,"\n?>");
}
else {
// No writing, a forbidden word was found....
}
Xfclose($fout);
// Sending a mail to $mailRecipient if $carbonCopy=1, with the subject $mailSubject.
if ($carbonCopy==1)
{
$message = str_replace(" ", "\n", $message);
$mailBody = "From: $name <$email>\n$insert_msgdate\n\n$message";
mail($mailRecipient,$mailSubject,$mailBody,"From: $email\nReply-to: $name <$email>");
}
if (strpos($refererpage, "?")==false) $page=$refererpage;
else $page=substr($refererpage, 0, strpos($refererpage, "?"));
header("Location: $page?");
exit;
}
}
else
{
readData(0);
if (md5($admin)==$adminpassword)
{
if ($command=="")
{
displayHeader();
/************************************************************************
* Use Case no 2-A *
* *
* Admin mode (The administrator can modify password, fields, or remove *
* messages). *
* $admin = $adminpassword *
* Shows a password modification form. *
* Shows all messages and enables to modify/delete them. *
************************************************************************/
?>
BIG SAM
");
Xfclose($fout);
displayMessage("$langPassChanged",3);
exit;
}
}
else if ($command=="modify")
{
/********************************************************************************
* Use Case no 2-C *
* *
* Admin mode (The administrator is updating entries). *
* $admin = $adminpassword *
* $nameXXX = "Modified name (no XXX)" *
* $emailXXX = "Modified email (no XXX)" *
* $messageXXX = "Modified message (no XXX)" *
* $keep = "on" or "" *
* Check if $admin matches $adminpassword. *
* Rewrites ALL the fields except when $keepXXX = "" *
* Rewrites the whole Datafile with the new password, and all the entries. *
********************************************************************************/
$fout = Xfopen($dataFile, "w", false);
fputs ($fout,"");
Xfclose($fout);
if (strpos($refererpage, "?")==false) $page=$refererpage;
else $page=substr($refererpage, 0, strpos($refererpage, "?"));
header("Location: $page?");
exit;
}
}
else
{
/************************************************
* Use Case no 2-Z *
* *
* If $admin does NOT match $adminpassword. *
* $admin != $adminpassword *
* Error message : "Wrong Admin Password" *
************************************************/
displayMessage("$langWrongPassword",1);
}
}
/* End of File */
?>