################################################################################################# # # Project : phpBook # File name : $PHP_SELF # Last Modified By : Erich Fuchs # e-mail : erich.fuchs@netone.at # Purpose : Guestbook # ################################################################################################# # Include Configs & Variables ################################################################################################# require ("config.php"); if (strstr (getenv('HTTP_USER_AGENT'), 'MSIE')) { // Browser Detection $in_field_size="50"; $text_field_size="31"; } else { $in_field_size="30"; $text_field_size="24"; } if ($action=="submit") { // Add an action ######################### # Process ################################################################################################# if (!$in && !$delid && !$delcommentid && !$commentid) { header("Location: $PHP_SELF"); exit; } elseif ($delid && $admin==$adminpass) { mysql_connect($server, $db_user, $db_pass) or died("Database Connect Error"); mysql_db_query($database, "DELETE FROM libro_fede WHERE id='$delid'") or died("Database Query Error"); mysql_close(); header("Location: $PHP_SELF?offset=$offset&poffset=$poffset&admin=$admin"); exit; } elseif ($delcommentid && $admin==$adminpass) { mysql_connect($server, $db_user, $db_pass) or died("Database Connect Error"); mysql_db_query($database, "UPDATE libro_fede SET comment='' where id='$delcommentid'") or died("Database Query Error"); mysql_close(); header("Location: $PHP_SELF?offset=$offset&poffset=$poffset&admin=$admin"); exit; } elseif ($commentid && $admin==$adminpass) { if(isset($comment)){ $action=changed; mysql_connect($server, $db_user, $db_pass) or died("Database Connect Error"); mysql_db_query($database, "UPDATE libro_fede SET comment='".encode_msg($comment)."' where id='$commentid'") or died("Database Query Error"); mysql_close(); } else { $action=""; } header("Location: $PHP_SELF?commentid=$commentid&action=$action&offset=$offset&poffset=$poffset&admin=$admin"); exit; } else { mysql_connect($server, $db_user, $db_pass) or died("Database Connect Error"); if (isbanned()) { header("Location: $PHP_SELF"); exit; } $add_date = time(); $in = strip_array($in); $in['message'] = encode_msg($in['message']); // Add SQL compatibilty & Smilie Convert $in['http'] = str_replace("http://", "", $in['http']); // Remove http:// from URLs if ($in['name'] == "") { died("
\n";
echo"
| \n";
echo" |||||||||||||||||||||||||
\n";
# PLEASE DO NOT REMOVE OR EDIT THIS COPYRIGHT-NOTICE !!! THANKS !!! ################################################
echo" \n"; ; ##################################################################################################################### echo" | \n";
echo"