"; $format = BAD; } #if ($action == add && $email == '') { # if action equal to add AND email is empty #$msg .= "$lang_missing_email
"; #$format = BAD; #} if ($action == add && $comment == '') { # if action equal to add AND comment is empty $msg .= "$lang_missing_comment
"; $format = BAD; } if (!$email || eregi ("@", $email, $regs)) { # if email is empty OR contains @ sign } else { $msg .= "$lang_bad_email
"; $format = BAD; } if (!$homepage || $homepage == "http://" || eregi ("\.", $homepage, $regs)) { # if homepage is empty OR homepage equal to http:// OR contains . sign } else { $msg .= "$lang_bad_homepage
"; $format = BAD; } if ($uin && eregi ("[A-Z]", $uin, $regs)) { # if uin AND contains [A-Za-z] $msg .= "$lang_bad_uin
"; $format = BAD; } if ($action == add && $randomnr!=$repeatnr) { $msg .= "$lang_bad_number
"; $format = BAD; } $pos_http=stristr($comment,"http"); if ($pos_http !== false) { $msg .= "$lang_bad_comment_http
"; $format = BAD; } $pos_http=stristr($comment,"href"); if ($pos_http !== false) { $msg .= "$lang_bad_comment_href
"; $format = BAD; } #================================== #Generate random number #================================== $randnr=rand(1000,9999); #======================================== # Kopf ausgeben #======================================== echo " $title $block1

"; #======================================== # Pürfen und Warnungen ausgeben #======================================== if ($msg) { echo " "; } #======================================== # Formular anzeigen #======================================== if ($format == BAD || $action != add) { # if format equal to BAD OR action not equal to add echo " "; if ($to_display_form_hp == '1') { echo " "; } if ($to_display_form_uin == '1') { echo " "; } if ($to_display_form_location == '1') { echo " "; } echo " "; } else { #======================================== # Prüfe bad words!! #======================================== #RAH $badwords_split=split(";",$badwords); $badwords_count = count($badwords_split); $badword_found = false; for ($a=1; $a <= $badwords_count; $a++) { $badword=$badwords_split[$a-1]; $pos_badword=stristr($homepage,$badword); if ($pos_badword !== false) { $badword_found = true; } $pos_badword=stristr($fullname,$badword); if ($pos_badword !== false) { $badword_found = true; } $pos_badword=stristr($email,$badword); if ($pos_badword !== false) { $badword_found = true; } $pos_badword=stristr($location,$badword); if ($pos_badword !== false) { $badword_found = true; } $pos_badword=stristr($comment,$badword); if ($pos_badword !== false) { $badword_found = true; } } #======================================== # Prüfe und korrigiere $homepage #======================================== if ($homepage == 'http://') {$homepage = '';} #======================================== # Prüfe und Korrigiere #======================================== $fullname = ereg_replace("<", "<", $fullname); # replace < $email = ereg_replace("<", "<", $email); # replace < $homepage = ereg_replace("<", "<", $homepage); # replace < $location = ereg_replace("<", "<", $location); # replace < $array_encoded = explode(" ",$comment); for ($i = 0; $i < count($array_encoded); $i++) { $array_encoded[$i] = wordwrap( $array_encoded[$i], $comment_swap, "\n", 1); $final_encoded .= "$array_encoded[$i] "; } if ($html_filter == '1') { $final_encoded = ereg_replace("<", "<", $final_encoded); # replace < $final_encoded = ereg_replace(">", ">", $final_encoded); # replace > } $final_encoded = wordwrap( $final_encoded, $comment_swap, "\n"); $final_encoded = ereg_replace("\n", "
", $final_encoded); # replace newline to
$dis_encoded = ereg_replace("\\\'", "'", $final_encoded); $dis_encoded = ereg_replace("\\\\\"", "\"", $dis_encoded); #======================================== # Datenbank öffnen und Einträge einfügen #======================================== if ($REMOTE_ADDR == '') { $remoteip = 'Unknown'; } else { $remoteip = $REMOTE_ADDR; } #Only if no bad words were found! if ($badword_found == false && $action == add) { $kopf=dbase_open($gb_kopf,$forreadwrite) or exit ((string)$lang_db_error); $ksich=dbase_open($gb_sich,$forreadwrite) or exit ((string)$lang_db_error); $posten=dbase_open($gb_post,$forreadwrite) or exit ((string)$lang_db_error); $id=1; $nr = dbase_numrecords($ksich); if($nr==0) { $id=1; } else { for ($a=1; $a <= $nr; $a++) { $rec = dbase_get_record_with_names($ksich, $a); if ($rec[gb_id]<$id) { #OK } else { $id=$rec[gb_id]+1; } } } $def = array( $id,$fullname,$email,$date,$homepage,$uin,$location,$remoteip,1); dbase_add_record ( $kopf, $def); dbase_add_record ( $ksich, $def); $gbid=$id; $id=1; $nr = dbase_numrecords($posten); if($nr==0) { $id=1; } else { for ($a=1; $a <= $nr; $a++) { $rec = dbase_get_record_with_names($posten, $a); if ($rec[ge_id]<$id) { #OK } else { $id=$rec[ge_id]+1; } } } $zeile=1; $erg_split=split("
",$dis_encoded); $zeilen = count($erg_split); for ($a=1; $a <= $zeilen; $a++) { $str=$erg_split[$a-1]; $def= array($id,$gbid,$zeile,$str); dbase_add_record ($posten,$def); $id=$id+1; $zeile=$zeile+1; } dbase_close ($kopf); dbase_close ($posten); if ($to_send_mail == 1) { $message = "ID:$gbid\r\nName:$fullname\r\nEMail:$email\r\nDatum:$date\r\nHompage:$homepage\r\nOrt:$location\r\nIP:$remoteip\r\n"; $x=ereg_replace("
", "\n", $dis_encoded); $message = "$message\r\n$x"; $headers= "From: UFC-Arbesbach "; mail($mail_to, $mail_subject, $message, $headers); } } else { if ($to_send_mail == 1) { $message = "Name:$fullname\r\nEMail:$email\r\nDatum:$date\r\nHompage:$homepage\r\nOrt:$location\r\nIP:$remoteip\r\n"; $x=ereg_replace("
", "\n", $dis_encoded); $message = "$message\r\n$x"; $headers= "From: UFC-Arbesbach "; $subject= "Gaestebuch: Badword Filter!!"; mail($mail_to, $subject, $message, $headers); } } #======================================== # Vorschau #======================================== echo "
"; } #======================================== # Fuss anzeigen #======================================== echo "
$lang_view_guestbook
$msg
$lang_fullname : *
$lang_email : #
$lang_homepage : #
$lang_uin : #
$lang_location :
$lang_comment : * !
$lang_repeat_number $randnr : *
* $lang_required ! $lang_filter # $lang_format
$lang_submitted
$fullname"; if ($location && $to_display_location == '1') { echo " $lang_from_loc $location\n"; } if ($email && $to_display_email == '1') { echo " \"$email\""; } if ($homepage && $to_display_hp == '1') { # if homepage, print it echo " \"$homepage\"\n"; } if ($uin && $to_display_uin == '1') { echo " "; echo "\"$uin\"\n"; } echo "
$dis_encoded

"; # print comment and date if ($to_display_date == '1') { echo " [$lang_date: $date]"; } if ($to_display_ip == '1') { echo " [$lang_ip: $remoteip]"; } echo "

$block3 $block4 "; #======================================== # Ende #======================================== ?>