Context Navigation

guestbook.php @ 10435

Revision 10435, 11.1 KB checked in by Andrey Prikaznov, 3 years ago (diff)

Line
1	<?
2
3	/***************************************************************************
4	* Dolphin Smart Community Builder
5	* -----------------
6	* begin : Mon Mar 23 2006
7	* copyright : (C) 2006 BoonEx Group
8	* website : http://www.boonex.com/
9	* This file is part of Dolphin - Smart Community Builder
10	*
11	* Dolphin is free software. This work is licensed under a Creative Commons Attribution 3.0 License.
12	* http://creativecommons.org/licenses/by/3.0/
13	*
14	* Dolphin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
15	* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
16	* See the Creative Commons Attribution 3.0 License for more details.
17	* You should have received a copy of the Creative Commons Attribution 3.0 License along with Dolphin,
18	* see license.txt file; if not, write to marketing@boonex.com
19	***************************************************************************/
20
21	require_once( 'inc/header.inc.php' );
22	require_once( BX_DIRECTORY_PATH_INC . 'design.inc.php' );
23	require_once( BX_DIRECTORY_PATH_INC . 'profiles.inc.php' );
24	require_once( BX_DIRECTORY_PATH_INC . 'utils.inc.php' );
25
26	// Authentification no required here. Just check if somebody logged in.
27
28	if ( !( $logged['admin'] = member_auth( 1, false ) ) )
29	if ( !( $logged['member'] = member_auth( 0, false ) ) )
30	if ( !( $logged['aff'] = member_auth( 2, false )) )
31	$logged['moderator'] = member_auth( 3, false );
32
33
34	// --------------- page variables and login
35
36	$_page['name_index'] = 47;
37	$_page['css_name'] = 'guestbook.css';
38	$_page['extra_js'] = $oTemplConfig -> sTinyMceEditorJS;
39
40
41	$period = 1; // time period before user can add another record (in minutes)
42	$records_on_page = 16; // number of records at the page
43	$record_maxlength = 1600; // max length of record
44	$record_limit = 100; // maximum number of records in the guest book
45
46
47	$_page['header'] = _t("_guestbook");
48	/* $_page['header_text'] = ('g4' != $tmpl) ? _t("_guestbook") : "<img src=\"{$site['images']}guestbook.gif\">"; */
49	$_page['header_text'] =_t("_guestbook");
50	// --------------- page components
51
52	//$w_ex = 20;
53
54	$_ni = $_page['name_index'];
55
56	$_page_cont[$_ni]['page_main_code'] = ThisPageMainCode();
57
58	// --------------- [END] page components
59
60	PageCode();
61
62	// --------------- page components functions
63
64	/**
65	* page code function
66	*/
67	function ThisPageMainCode()
68	{
69	global $logged;
70
71	$ret = "";
72
73	$member['ID'] = (int)$_COOKIE['memberID'];
74	$owner = $_REQUEST['owner'] ? (int)$_REQUEST['owner'] : (int)$_COOKIE['memberID'];
75
76	// Check if membership allows this action
77	$check_res = checkAction( $member['ID'], ACTION_ID_VIEW_GUESTBOOK );
78	if ( $check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && $member['ID'] != $owner )
79	{
80	$ret .= "<br />
81	<table width=\"100%\" cellpadding=1 cellspacing=1 border=0>
82	<tr>
83	<td class=text align=center>
84	<br />". $check_res[CHECK_ACTION_MESSAGE] ."<br />
85	</td>
86	</tr>
87	</table>\n";
88	return $ret;
89	}
90
91	$check_res = checkAction( $owner, ACTION_ID_USE_GUESTBOOK );
92	if( $check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] )
93	{
94	$ret .= $member['ID'] == $owner ? $check_res[CHECK_ACTION_MESSAGE] : _t_err("_This guestbook disabled by it's owner");
95	return $ret;
96	}
97
98	if( $_GET['action'] == 'show_add' && $_GET['owner'] )
99	{
100	$ret .= ShowAddRecord();
101	return $ret;
102	}
103
104	if( $_POST['action'] == 'new' && $_POST['owner'] && strlen($_POST['newrecord']) )
105	$ret .= AddRecord();
106
107	if( $_GET['action'] == 'delete' && $_GET['owner'] && (int)$_GET['delete_id'] != 0 )
108	$ret .= DeleteRecord();
109
110	$ret .= PrintGuestbook();
111
112	return $ret;
113	}
114
115	function PrintGuestbook()
116	{
117	global $logged;
118	global $site;
119	global $records_on_page;
120	global $date_format;
121	global $oTemplConfig;
122
123	$ret = "";
124	$owner = $_REQUEST['owner'] ? (int)$_REQUEST['owner'] : (int)$_COOKIE['memberID'];
125	$id = ($_COOKIE['memberID'] ? $_COOKIE['memberID'] : 0);
126	$from = (int)$_REQUEST['from'];
127
128	if ( !$owner )
129	return $ret;
130
131	// Print owner's information
132	$ret .= "<br />
133	<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">
134	<tr>
135	<td colspan=\"2\">" .
136	ProfileDetails( $owner ) .
137	"</td>
138	</tr>
139	</table>\n";
140
141	// Print page controls
142	$records_num = db_arr("SELECT COUNT( * ) AS `rec_num` FROM `Guestbook` WHERE `Recipient` = '{$owner}'");
143	if ( $records_num['rec_num'] > $records_on_page )
144	{
145	$ret .= "<br />
146	<table border=\"0\" cellpadding=\"1\" cellspacing=\"1\" width=\"100%\">
147	<tr>
148	<td align=\"center\" class=\"text\">";
149
150	if( $from >= $records_on_page )
151	{
152	$nfrom = (0 < ($from - $records_on_page)) ? ($from - $records_on_page) : 0;
153	$ret .= "
154	<a href=\"guestbook.php?owner={$owner}&from={$nfrom}\"><< </a>";
155	}
156
157	$i = 0;
158	$pages = 1;
159	while ( $i < $records_num['rec_num'] )
160	{
161	if ($i == $from)
162	$ret .= "
163	{$pages} ";
164	else
165	$ret .= "
166	<a href=\"guestbook.php?owner={$owner}&from=". $i ."\">{$pages} </a>";
167	$i = $i + $records_on_page;
168	$pages++;
169	}
170
171	if ( $records_num['rec_num'] > ($from + $records_on_page) )
172	{
173	$nfrom = $from + $records_on_page;
174	$ret .= "
175	<a href=\"guestbook.php?owner={$owner}&from={$nfrom}\"> >></a>";
176	}
177
178	$ret .= "
179	</td>
180	</tr>
181	</table>\n";
182	}
183
184	// Print guestbook entries
185	$query = "
186	SELECT
187	`Guestbook`.`ID`,
188	DATE_FORMAT(`Date`, '$date_format' ) AS 'Date',
189	`IP`,
190	`Sender`,
191	`Profiles`.`NickName`,
192	`Recipient`,
193	`Text`,
194	`New`
195	FROM `Guestbook`
196	LEFT JOIN `Profiles` ON
197	`Profiles`.`ID` = `Sender`
198	WHERE
199	`Recipient`='{$owner}'
200	ORDER BY `Date` DESC
201	LIMIT {$from}, {$records_on_page}
202	";
203	$records_res = db_res( $query );
204	if ( $records_num['rec_num'] > 0 )
205	{
206	$ret .= "<br />
207	<table class=\"gb_msgs_table\">
208	<tr>
209	<th width=\"20%\">" . _t( "_From") . "</th>
210	<th width=\"80%\">" . _t( "_Text") . "</th>
211	</tr>";
212
213	$tr_class = 'odd';
214
215	while ( $records_arr = mysql_fetch_array($records_res) )
216	{
217	$record_text = $records_arr['Text'] ;
218	$ret .= "
219	<tr class=\"gb_msg_row_{$tr_class}\">
220	<td width=\"20%\" class=\"picPosition\">" .
221	get_member_thumbnail($records_arr['Sender'], 'none' ) .
222	'<b><a href="'.getProfileLink($owner).'">'.$records_arr['NickName'].'</a></b><br />'.
223	$records_arr['Date'] .
224	"</td>
225	<td width=\"80%\" valign=\"top\">";
226
227	if ( $owner == $id \|\| $logged['admin'] )
228	{
229	$ret .= "
230	<div class=\"gb_msg_actions\">
231	<a href=\"guestbook.php?owner={$owner}&action=delete&delete_id={$records_arr['ID']}\">".
232	_t("_Delete") .
233	"</a>
234	</div>";
235	}
236
237	$ret .= "
238	<div>{$record_text}</div>
239
240	</td>
241	</tr>";
242
243	$tr_class = ($tr_class == 'odd') ? 'even' : 'odd';
244	}
245	$ret .= "
246	</table>";
247	}
248
249	// Print add new entry link
250	$ret .= "
251	<div class=\"add_link\">
252	<a href=\"{$_SERVER['PHP_SELF']}?owner={$owner}&action=show_add\">" . _t( "_Add record") . "</a>
253	</div>";
254	return $ret;
255	}
256
257	// Print add new entry form
258	function ShowAddRecord()
259	{
260	member_auth( 0);
261	$owner = $_REQUEST['owner'] ? (int)$_REQUEST['owner'] : (int)$_COOKIE['memberID'];
262
263	$ret = "
264	<form name=\"guestbook_form\" method=\"POST\" action=\"guestbook.php?owner={$owner}\">
265	<input type=\"hidden\" name=\"owner\" value=\"{$owner}\">
266	<input type=\"hidden\" name=\"action\" value=\"new\">
267	<table width=\"100%\" cellpadding=\"1\" cellspacing=\"1\" border=\"0\">
268	<tr>
269	<td align=\"center\" class=\"text\"><b>" . _t( "_Add record") . "</b></td>
270	</tr>
271	<tr>
272	<td style=\"text-align:center;\" class=\"text\">
273	<textarea name=\"newrecord\" class=\"guestbookTextArea\" id=\"newrecord\" style=\"width:100%;\"></textarea></td>
274	</tr>
275	<tr>
276	<td align=\"center\"><input class=\"no\" name=\"add\" type=\"submit\" value=\"". _t("_Add record") ."\"></td>
277	</tr>
278	</table>
279	</form>\n";
280	return $ret;
281	}
282
283	function AddRecord()
284	{
285	member_auth( 0);
286
287	global $record_maxlength;
288	global $period;
289	global $record_limit;
290	global $logged;
291
292	$ret = "";
293
294	$record_text = addslashes(clear_xss( process_pass_data($_POST['newrecord'])));
295	$record_sender = strlen($_COOKIE['memberID']) ? (int)$_COOKIE['memberID'] : "";
296	$record_recipient = (int)$_REQUEST['owner'];
297	$ip = ( getenv('HTTP_CLIENT_IP') ? getenv('HTTP_CLIENT_IP') : getenv('REMOTE_ADDR') );
298	if ( !$record_recipient)
299	return $ret;
300
301	// Test if IP is defined
302	if ( !$ip \|\| !$record_sender )
303	{
304	$ret .= "<br />
305	<table width=\"100%\" cellpadding=\"1\" cellspacing=\"1\" border=\"0\">
306	<tr>
307	<td class=\"text\" align=\"center\">
308	<br />". _t_err("_sorry, i can not define you ip adress. IT'S TIME TO COME OUT !") ."<br />
309	</td>
310	</tr>
311	</table>\n";
312	return $ret;
313	}
314
315	// Test if last message is old enough
316	$last_count = db_arr( "SELECT COUNT( * ) AS `last_count` FROM `Guestbook` WHERE `IP` = '{$ip}' AND (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`Date`) < {$period}*60)" );
317	if ( $last_count['last_count'] != 0 )
318	{
319	$ret .= "<br />
320	<table width=\"100%\" cellpadding=\"1\" cellspacing=\"1\" border=\"0\">
321	<tr>
322	<td class=\"text\" align=\"center\">
323	<br />". _t_err("_You have to wait for PERIOD minutes before you can write another message!", $period) ."<br />
324	</td>
325	</tr>
326	</table>\n";
327	return $ret;
328	}
329
330	// Restrict with total records count
331	$total_count = db_arr( "SELECT COUNT(*) AS `total_count` FROM `Guestbook` WHERE `Recipient` = '{$record_recipient}'" );
332	if ( ($total_count['total_count'] - 1) > $record_limit )
333	{
334	$del_res = db_res( "SELECT `ID` FROM `Guestbook` WHERE `Recipient` = '{$record_recipient}' ORDER BY `Date` ASC LIMIT ". ($total_count['total_count'] - $record_limit + 1) );
335	while ( $del_arr = mysql_fetch_array($del_res) )
336	db_res( "DELETE FROM `Guestbook` WHERE `ID` = {$del_arr['ID']}" );
337	}
338
339	// Perform insertion
340	db_res( "INSERT INTO `Guestbook` SET `Date` = NOW(), `IP` = '{$ip}', `Sender` = '{$record_sender}', `Recipient` = '{$record_recipient}', `Text` = '{$record_text}', `New` = '1'" );
341
342	return $ret;
343	}
344
345	function DeleteRecord()
346	{
347	global $logged;
348
349	$ret = "";
350	$owner = (int)$_REQUEST['owner'];
351	$id = ($_COOKIE['memberID'] ? $_COOKIE['memberID'] : 0);
352	$delete_id = (int)$_GET['delete_id'];
353
354	if ( !$owner \|\| !($owner == $id \|\| $logged['admin']) )
355	return $ret;
356
357	db_res( "DELETE FROM `Guestbook` WHERE `ID` = '$delete_id'" );
358
359	return $ret;
360	}
361
362	function PrintInfo( $id = 0 )
363	{
364	if ( $id > 0 )
365	{
366	$info_arr = getProfileInfo( $id );
367	$info_sex = _t( "_{$info_arr['Sex']}" );
368	$info_age = age( $info_arr['DateOfBirth'] );
369	$ret = "<p align=\"left\">". _t("_Nickname") .": <strong>{$info_arr['NickName']}</strong><br />". _t("_Sex") .": <strong>{$info_sex}</strong><br />". _t("_DateOfBirth") .": <strong>{$info_age}</strong><br /></p>";
370	}
371	else
372	{
373	$ret = _t("_no_info");
374	}
375
376	return $ret;
377	}
378
379	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: tags/6.1/guestbook.php @ 10435

Download in other formats: