CBaZ Posted September 3, 2007 Share Posted September 3, 2007 this is the original i was having issues with where i am stuck. The form works but it blocks good postings not just bad postings. anyone have any ideas to make the if strings work right checking for a bad word. <? session_start(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <?php include("banip/ban.php"); ?> <html><head> <SCRIPT LANGUAGE="JAVASCRIPT" TYPE="TEXT/JAVASCRIPT"> // *********************************************** // AUTHOR: WWW.CGISCRIPT.NET, LLC // URL: http://www.cgiscript.net // Use the script, just leave this message intact. // Download your FREE CGI/Perl Scripts today! // ( http://www.cgiscript.net/scripts.htm ) // *********************************************** var StayAlive = 60; // Number of seconds to keep window open function KillMe(){ setTimeout("self.close()",StayAlive * 1000); } </SCRIPT> <title>Feedback Form!</title> <script language = "Javascript"> function taLimit() { var taObj=event.srcElement; if (taObj.value.length==taObj.maxLength*1) return false; } function taCount(visCnt) { var taObj=event.srcElement; if (taObj.value.length>taObj.maxLength*1) taObj.value=taObj.value.substring(0,taObj.maxLength*1); if (visCnt) visCnt.innerText=taObj.maxLength-taObj.value.length; } </script> <script language="Javascript1.2"> // (C) 2000 www.CodeLifter.com // http://www.codelifter.com // Free for all users, but leave in this header // Set the message for the alert box am = "© COPYRIGHT 2007 MaloriaN Entertainment, ALL RIGHTS RESERVED."; // do not edit below this line // =========================== bV = parseInt(navigator.appVersion) bNS = navigator.appName=="Netscape" bIE = navigator.appName=="Microsoft Internet Explorer" function nrc(e) { if (bNS && e.which > 1){ alert(am) return false } else if (bIE && (event.button >1)) { alert(am) return false; } } document.onmousedown = nrc; if (document.layers) window.captureEvents(Event.MOUSEDOWN); if (bNS && bV<5) window.onmousedown = nrc; </script> <META HTTP-EQUIV="expires" CONTENT="0"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body onload="KillMe();self.focus()" onunload="top.opener.window.location.href='MaloriaN2.php'" background="background/tan-paisley3.jpg"> <center><form name="counter"><input type="text" size="1" name="d2" border="0"></form></center> <script> <!-- // var milisec=0 var seconds=62 document.counter.d2.value='62' function display(){ if (milisec<=0){ milisec=9 seconds-=1 } if (seconds<=-1){ milisec=0 seconds+=1 } else milisec-=1 document.counter.d2.value=seconds+"."+milisec setTimeout("display()",100) } display() --> </script> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td style="padding: 0px" valign="middle"><h1 style="margin-top: 0; margin-bottom: 0"></h1></td> </tr> <tr> <td valign="top" style="padding: 5em" class="maincontent" height="480"> <?php if (isset($_POST['quote'])) { // This strips the whitespace from either end of each attribute, removes all html and slashes. // (Slashes that were put in by php automaticly) $quote = trim(strip_tags(stripslashes($_POST['quote']))); $name = trim(strip_tags(stripslashes($_POST['name']))); $pass = trim(strip_tags(stripslashes($_POST['pass']))); $spammer_ip = $_SERVER['REMOTE_ADDR']; list($a, $b, $c, $d) = split('.', $spammer_ip); if( gethostbyname("$d.$c.$b.$a.list.dsbl.org") != "$d.$c.$b.$a.list.dsbl.org") { header( "Location: http://dsbl.org/listing?".$spammer_ip); return false; } // If the quote is longer than 300 characters it is striped and a '...' added to the end. // (A client side check is also performed in the form using the 'maxlength="300"' attribute in the form. if (strlen($quote) >= 300) { $quote = substr($quote, 0, 300); $quote = $quote."..."; } // Same thing for the name but with length of 100 characters. if (strlen($name) >= 100) { $name = substr($name, 0, 100); $name = $name."..."; } if (strlen($name) <= 0) { $name = "Anonymous"; } if (strlen($pass) <= 1) { echo "<BR><BR><p><center>Your Submission Encountered The Following Problem:</center></p>"; echo "<li><center><strong>$name </strong>Left<strong> Security</strong> Field Blank.</center></li>"; echo "<p><center>Please <a href='javascript:history.back()'>Go Back</a> And Make Proper Correction.</center></p>"; exit; } if (strlen($quote) <= 0) { echo "<BR><BR><p><center>Your Submission Encountered The Following Problem:</center></p>"; echo "<li><center><strong>$name, </strong>Left<strong> Quote</strong> Field Blank.</center></li>"; echo "<p><center>Please <a href='javascript:history.back()'>Go Back</a> And Make Proper Corrections.</center></p>"; exit; } $blockwords=array('photos of singles','meet single people', 'casino', 'find other singles', 'get a DATE', 'Someone Wants to MEET You', 'find other singles', 'Lonely?', 'Dating Tips', 'viagra', 'Viagr@', 'Vi@gra', 'Valium', 'Vinarol', 'Vali~um', 'viagra', 'via-gra', 'viagara', 'v1agara', 'v1agra', 'VIAGRA', 'V.I.A.G.R.A', 'Virility', 'Anti-depressants', 'antidepressant', 'Botox', 'Levitra', 'Lev1tra', 'Lev1tr@', 'Phentermine', 'phentermine', 'phendimetrazine', 'paxil', 'prescriiption', 'propecia', 'prozac', 'Prescription', 'Prescriptions', 'Phermone', 'Pheremone', 'Pheromone', 'pharmacy', 'G=e-n-e-r-i-c', 'Online Pharmacy', 'Medical breakthrough', 'Xanax', 'xanax', 'xenical', 'Better Health', 'DIET', 'D1ET', 'diet', 'Dental Coverage', 'Instant Dental', 'flush fat', 'fat burner', 'fat burning', 'fat-burning', 's.a.f.e', 's a f e', 'surgical', 'lose 10lbs', 'lose 20lbs', 'lose 30lbs', 'lose 40lbs', 'Lose weight', 'Lose the weight', 'lose fat', 'Miracleburn', 'weightloss', 'weight loss', 'we1ght l0ss', 'we1ght', 'w.e.i.g.h.t', 'weight watchers', 'penis', 'PENIS', 'P E N I S', 'p-e-n-i-s', 'pen1s', 'enlarge', 'enlarging your cock', 'enlarge your cock', 'erection', 'manhood', 'supersize', 'add inches', 'add 2 inches', 'add 3 inches', 'add 4 inches', 'add 5 inches', 'add solid inches', '1/2 Price', 'ADV:', '[ADV]', '(ADV)', '{ADV}', 'Absolutely legal', 'Affordable', 'Aprroved', 'Auto Loan', 'Auto Loans', 'Bargain', 'Bingo', 'casino', 'consolidate', 'complimentary', 'credit check', 'credit repair', 'Credit', 'congratulations', 'clear your credit', 'Debt Consolidation', 'debt', 'Debt', 'D-E-B-T', 'Dollar', 'earn cash', 'earn money', 'Easily get a home loan', 'Eliminate Debt', 'extra income', 'fire your boss', 'f-r-e-e', 'F-R-E-E', 'F_R E_E', 'F_R_E_E', 'F.R.E.E', 'F*R*E*E', 'FREEApplication', 'FREEBestseller', 'FREEBlockbuster', 'FREE adult', 'FREE credit', 'Free shipping', 'FREE money', 'free money!', 'Financial freedom', 'free vacation', 'free membership', 'freegift', 'Gift', 'Givaway', 'Giveaway', 'Get a FREE', 'Government auctions', 'GOVT', 'Guaranteed Approval Free', 'how much you can save', 'Home Loans', 'Homeowner', 'Homeowners', 'HGH', 'h g h', 'Increase your salary', 'Investor Insights', 'It Really works!', 'LIFETIME MEMBERSHIP TO THE', 'loan payments', 'Loan Quote', 'LOAN', 'L0AN', 'LOWEST RATES', 'L0WEST RATES', 'LowRateSource', 'make money', 'make cash', 'MAKE MONEY FAST', 'MILLIONAIRE', 'No gimmicks', 'No obligation', 'NOW FREE TRIAL', 'no risk', 'Offer', 'offer', 'Partnership Required!', 'Pay Less', 'Payday', 'payroll', 'perfectly legal', 'Prize', 'risk free', 'Real Estate', 'Reduce Rates', 'REAL MONEY', 'Refinance', 'ReFi', 'savers', 'Salary', 'Save Money', 'SLASH YOUR EXPENSES', 'Student Loan', 'Student Loans', 'This really works', 'unclaimed', 'unsecured credit card', 'unlimited', 'unique gift', 'Virtual Deals', 'visa approval', 'win money', 'win cash', 'WHOLESALE', 'Won', 'Your free daily', '18 YR', 'ADLT:', 'anal', 'adult site', 'adult video', 'barely legal', 'cumshot', 'exploited teens', 'illegal', 'fisting', 'free xxx', 'GRANNY', 'GUARANTEE', 'HARDCORE', 'TEEN', 'TEENS', 'PRETEEN', 'PRETEENS', 'nude celeb', 'Want free porn in your mail?', 'whore', 'XXX Picture For You!', '1NK', 'Brand Ink', 'inkjet cartridges', 'ink cartridges', 'printer cartridges', 'printer ink', 'toner cartridges', 'Toner cartridge', 'inkjets', 'ink sale', 'inkjet', 'ink order', 'ink supplies', 'laser toner', 'printer supplies', 'printpa', 'printpal', 'InkjetCartridges', 'LaserToners', 'Wholesaleink', '$', 'GreatMailRewards', 'GreatAmericanDeals', 'michael.hughes11', 'Michael.hughes', '......', '!!!', '>>>>>>', '**NEW', 'bulk mail', 'bulkmail', 'Copy DVDs', 'COPY ANY DVD', 'Congratulations!You+', 'Descrambler', 'DVD', 'Direct Marketing Tools', 'Fed Up With Annoying', 'Get Promoted', 'HARRY POTTER', 'harry potter', 'I thought you might be interested in this!', 'joke-of-the-day', 'livecam', 'Partnership Required!!!', 'patch from Microsoft', 'Microsoft Security Update', 'Microsoft Update', 'Microsoft news', 'Napster', 'Norton Systemworks', 'Newgrounds', 'PPV', 'RealOne', 'screensaver', 'Security Update by', 'Smallest Digital Camera', 'TheDailySamples', 'Toon Doctor', 'This stuff works', 'Tune up your PC', 'Ultimate Breakthrough', 'update from Microsoft', 'Upgrade Your Career', 'Dating Tips', 'http://',); $ip = $_SERVER['REMOTE_ADDR']; foreach($blockwords as $blockword) { { if(strstr($text, $blockword)) { $do_stuff = true; } }echo "<BR><BR><p><center></center></p>"; echo "<li>Your Submission Encountered The Following Problem:<center><strong>$name, </strong>Left<strong> $blockword <br>..Spam Detected..</strong><br><font color=red>$ip</font> Banned From Malent.Net</center></li>"; echo "<p><center></center></p>"; $date = date("d.m.Y H:i:s"); $bp = fopen("banip/banip.txt", "a"); $domain = gethostbyaddr($_SERVER['REMOTE_ADDR']); $ip = $_SERVER['REMOTE_ADDR']; $browser = getenv("HTTP_USER_AGENT"); fwrite($bp, "\n$ip, $date, $browser, $domain"); fclose($bp); exit; } if(strstr($_POST['quote'], $blockword) !== false) // So long as the quote is not null, it is stored in the quotes.txt file // NOTE: Permissions need to be set on this file as 777 so that it can be added to automaticaly if ($quote != "") { $date = date("d.m.Y / H:i:s"); $fp = fopen("quotes.txt", "a"); $domain = GetHostByName($REMOTE_ADDR); // If the name is not null, write directly to the quotes.txt, if not, set $name = 'Anon' fwrite($fp, "\n$quote <BR> - $name <BR> <font size='1'> $date</font>"); // close the 'quotes.txt' file fclose($fp); // Mail the quote to me (or if this code is on your site, to you) mail("service@malent.net", "New quote added", "A new quote has been added to 'quotes.txt'\nThe quote was added by: $name\nThe quote added was: $quote\nDate / Time Submitted: $date\nIP: $ip", "From: webmaster@malent.net\r\n"); print "<center><h1>Malent.Net - Feedback Form!<h1></center> <p><strong>New quote added:</strong> $quote</p><p><strong>Added by:</strong> $name</p><p><strong>Timestamp:</strong> <font size='1'> $date </p> <p><B>Your IP</B>: $ip</p></font>"; } print '<strong><p><a href="quote_add.php">Back</a> / <a href="<a href="quote_add. php" onClick="window.close()">Close</a><BR><BR>Your Feedback Comment Is Now Live.<BR>We Thank You For Your Submission.</p>'; } else { // close the php statement so it is possible to enter normal html, // just dont forget to end the if statement at the end ?> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td class="poptop" height="0"><img src="main/spacer.gif" width="1" height="1"></td> <tr> <td class="hrz_line"><img src="main/spacer.gif" width="1" height="1"></td> </tr> </tr> <tr> <td style="background: #ffffff; padding: 0px" valign="middle"><h1 style="margin-top: 0; margin-bottom: 0"><center>Malent.Net - Feedback Form!</center></h1></td> </tr> <tr> <td class="hrz_line"><img src="main/spacer.gif" width="0" height="0"></td> </tr> <tr> <td valign="top" style="padding: 1em" class="maincontent" height="480"> <table width="100%" border="0" cellpadding="1" cellspacing="1" class="tablehead"> <p>To Submit A Quote, Enter It Along With Your Name.<br> No Name = <strong>'Anonymous'</strong>.</p> <p><strong>Note:</strong> The Quote Will Be Limited To 300 Characters,<br> No HTML, SPAM Allowed.<br>This Window Will Self Destruct In 60 Seconds.</p><br> <form action="quote_add.php?add" method="post" id="quoteform"> <div><label for="nameInput" class="rowA"><strong>Name:</strong></label><input type="text" class="textfield" name="name" size="20" id="nameInput" maxlength="100" /></div> <div><label for="quoteInput" class="rowA"><strong>Quote:</strong></label><textarea onkeypress="return taLimit()" onkeyup="return taCount(myCounter)" class="textfield" name="quote" rows=4 wrap=physical cols=40 maxLength="300"></textarea><font size='1'><left> Number Of Characters Left: <B><SPAN id="myCounter">300</SPAN></left></B></font> </div> <?include('class.passgen.php'); $passGen = new passGen(5); $validate = 0; if(isset($_POST['submit'])){ $hash = $_POST['hash']; $pass = $_POST['pass']; if($passGen->verify($pass, $hash)){ $validate = 1; echo 'Validation OK'; } else { echo 'Validation not OK'; } echo '<br>'; } if($validate == 0){ $hash = $passGen->password(0, 1); echo '<br>'; echo $passGen->images('font', 'gif', 'f_', '16', '20'); echo '<br><br>'; echo'<p><label for="securitycode">Anti-Spam Security: (Required)</label><span style="color:#FF0000;">*</span><br>'; echo '<small>Type The Combination Shown In The Picture.</small><br>'; echo '<input type="hidden" value="'. $hash .'" name="hash">'; echo '<input type="text" value="'. $pass .'" name="pass" size="9" maxlength="9">'; echo '<br><br>'; } ?> <BR><BR><div><input id="submit" type="submit" onclick="check(quoteform,form.elements.length); return true;" onmouseout="this.style.background='#F6EED0';this.style.color='navy';" onmouseover="this.style.background='navy';this.style.color='#F6EED0';" align="absmiddle" tabindex="1" class="submit" value="Submit" /></div><BR><BR> <?php } // end else block ?> </form> </table> </body> Quote Link to comment Share on other sites More sharing options...
TheFilmGod Posted September 3, 2007 Share Posted September 3, 2007 <? session_start(); ?> All your other code uses "<?php" for the php start tag. Why are you using <? instead? YOu know you need a special configuration to make this work. Be safe and use "<?php" Quote Link to comment Share on other sites More sharing options...
CBaZ Posted September 3, 2007 Author Share Posted September 3, 2007 yea sorry about that Quote Link to comment Share on other sites More sharing options...
CBaZ Posted September 3, 2007 Author Share Posted September 3, 2007 what I have noticed when i try to add a new quote it goes for the first bad word photos of singles. whether its a good or bad word. Quote Link to comment Share on other sites More sharing options...
TheFilmGod Posted September 3, 2007 Share Posted September 3, 2007 foreach($blockwords as $blockword) { { if(strstr($text, $blockword)) { $do_stuff = true; } shouldn't it be: foreach($blockwords as $blockword) { if .... not foreach($blockwords as $blockword) { { (relize the double "{" ) And shouldn't you do something like "preg_match" to find if a bad word is found? Quote Link to comment Share on other sites More sharing options...
Azu Posted September 3, 2007 Share Posted September 3, 2007 Strstr works to I think. He should probally be using strIstr instead though, to avoid false negatives. Quote Link to comment Share on other sites More sharing options...
hostfreak Posted September 3, 2007 Share Posted September 3, 2007 I'll be glad to take a look at it, if you put it in a code box: //code here Edit: A quick edit, I have a word filter I made awhile back: <?php $word_filter = array( 'shithead', 'bastard', 'cunt', 'motherfucker', 'dickhead', ); $post = 'my motherfucker dog keeps barking'; function has_bad_words($post) { global $word_filter; $split = preg_split("#\s+#", $post, -1, PREG_SPLIT_NO_EMPTY); if (is_array($split)) { foreach ($split as $post_word) { if (in_array($post_word, $word_filter)) { return true; } } } return false; } if (has_bad_words($post)) { echo "Your post contains bad words, OMG NO."; } else { echo "Your post is clean, good boy"; } ?> Maybe that will help you Quote Link to comment Share on other sites More sharing options...
TheFilmGod Posted September 3, 2007 Share Posted September 3, 2007 Strstr works to I think. He should probally be using strIstr instead though, to avoid false negatives. Yes, that is correct. But preg_match is faster and designed for fast pattern matching. While strstr() is like a baby. Preg_match would also be much easier to put into work. Quote Link to comment Share on other sites More sharing options...
Azu Posted September 3, 2007 Share Posted September 3, 2007 I thought strstr/stristr was faster when all you are doing is seeing if a string exists in another string? Doesn't the regex stuff have additional overhead? o_O Quote Link to comment Share on other sites More sharing options...
Barand Posted September 3, 2007 Share Posted September 3, 2007 @Azu, Correct. And I believe strpos is faster then strstr. Only use the regex stuff when necessary. Quote Link to comment Share on other sites More sharing options...
skateme Posted September 3, 2007 Share Posted September 3, 2007 you can also use substr_replace $string="cuss", "word", "bad", "#$%%^"; //is this valid? $replacement="CENSORED"; substr_replace($string,$replacement,0); Quote Link to comment Share on other sites More sharing options...
CBaZ Posted September 4, 2007 Author Share Posted September 4, 2007 ok i've altered code but now i get this error Parse error: syntax error, unexpected $end on line 596 <?php session_start(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <?php include("banip/ban.php"); ?> <html><head> <SCRIPT LANGUAGE="JAVASCRIPT" TYPE="TEXT/JAVASCRIPT"> // *********************************************** // AUTHOR: WWW.CGISCRIPT.NET, LLC // URL: http://www.cgiscript.net // Use the script, just leave this message intact. // Download your FREE CGI/Perl Scripts today! // ( http://www.cgiscript.net/scripts.htm ) // *********************************************** var StayAlive = 60; // Number of seconds to keep window open function KillMe(){ setTimeout("self.close()",StayAlive * 1000); } </SCRIPT> <title>Feedback Form!</title> <script language = "Javascript"> function taLimit() { var taObj=event.srcElement; if (taObj.value.length==taObj.maxLength*1) return false; } function taCount(visCnt) { var taObj=event.srcElement; if (taObj.value.length>taObj.maxLength*1) taObj.value=taObj.value.substring(0,taObj.maxLength*1); if (visCnt) visCnt.innerText=taObj.maxLength-taObj.value.length; } </script> <script language="Javascript1.2"> // © 2000 www.CodeLifter.com // http://www.codelifter.com // Free for all users, but leave in this header // Set the message for the alert box am = "© COPYRIGHT 2007 MaloriaN Entertainment, ALL RIGHTS RESERVED."; // do not edit below this line // =========================== bV = parseInt(navigator.appVersion) bNS = navigator.appName=="Netscape" bIE = navigator.appName=="Microsoft Internet Explorer" function nrc(e) { if (bNS && e.which > 1){ alert(am) return false } else if (bIE && (event.button >1)) { alert(am) return false; } } document.onmousedown = nrc; if (document.layers) window.captureEvents(Event.MOUSEDOWN); if (bNS && bV<5) window.onmousedown = nrc; </script> <META HTTP-EQUIV="expires" CONTENT="0"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body onload="KillMe();self.focus()" onunload="top.opener.window.location.href='MaloriaN2.php'" background="background/tan-paisley3.jpg"> <center><form name="counter"><input type="text" size="1" name="d2" border="0"></form></center> <script> <!-- // var milisec=0 var seconds=62 document.counter.d2.value='62' function display(){ if (milisec<=0){ milisec=9 seconds-=1 } if (seconds<=-1){ milisec=0 seconds+=1 } else milisec-=1 document.counter.d2.value=seconds+"."+milisec setTimeout("display()",100) } display() --> </script> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td style="padding: 0px" valign="middle"><h1 style="margin-top: 0; margin-bottom: 0"></h1></td> </tr> <tr> <td valign="top" style="padding: 5em" class="maincontent" height="480"> <?php if (isset($_POST['quote'])) { // This strips the whitespace from either end of each attribute, removes all html and slashes. // (Slashes that were put in by php automaticly) $quote = trim(strip_tags(stripslashes($_POST['quote']))); $name = trim(strip_tags(stripslashes($_POST['name']))); $pass = trim(strip_tags(stripslashes($_POST['pass']))); $spammer_ip = $_SERVER['REMOTE_ADDR']; list($a, $b, $c, $d) = split('.', $spammer_ip); if( gethostbyname("$d.$c.$b.$a.list.dsbl.org") != "$d.$c.$b.$a.list.dsbl.org") { header( "Location: http://dsbl.org/listing?".$spammer_ip); return false; } // If the quote is longer than 300 characters it is striped and a '...' added to the end. // (A client side check is also performed in the form using the 'maxlength="300"' attribute in the form. if (strlen($quote) >= 300) { $quote = substr($quote, 0, 300); $quote = $quote."..."; } // Same thing for the name but with length of 100 characters. if (strlen($name) >= 100) { $name = substr($name, 0, 100); $name = $name."..."; } if (strlen($name) <= 0) { $name = "Anonymous"; } if (strlen($pass) <= 1) { echo "<BR><BR><p><center>Your Submission Encountered The Following Problem:</center></p>"; echo "<li><center><strong>$name </strong>Left<strong> Security</strong> Field Blank.</center></li>"; echo "<p><center>Please <a href='javascript:history.back()'>Go Back</a> And Make Proper Correction.</center></p>"; exit; } if (strlen($quote) <= 0) { echo "<BR><BR><p><center>Your Submission Encountered The Following Problem:</center></p>"; echo "<li><center><strong>$name, </strong>Left<strong> Quote</strong> Field Blank.</center></li>"; echo "<p><center>Please <a href='javascript:history.back()'>Go Back</a> And Make Proper Corrections.</center></p>"; exit; } $blockwords=array('photos of singles','meet single people', 'casino', 'find other singles', 'get a DATE', 'Someone Wants to MEET You', 'find other singles', 'Lonely?', 'Dating Tips', 'viagra', 'Viagr@', 'Vi@gra', 'Valium', 'Vinarol', 'Vali~um', 'viagra', 'via-gra', 'viagara', 'v1agara', 'v1agra', 'VIAGRA', 'V.I.A.G.R.A', 'Virility', 'Anti-depressants', 'antidepressant', 'Botox', 'Levitra', 'Lev1tra', 'Lev1tr@', 'Phentermine', 'phentermine', 'phendimetrazine', 'paxil', 'prescriiption', 'propecia', 'prozac', 'Prescription', 'Prescriptions', 'Phermone', 'Pheremone', 'Pheromone', 'pharmacy', 'G=e-n-e-r-i-c', 'Online Pharmacy', 'Medical breakthrough', 'Xanax', 'xanax', 'xenical', 'Better Health', 'DIET', 'D1ET', 'diet', 'Dental Coverage', 'Instant Dental', 'flush fat', 'fat burner', 'fat burning', 'fat-burning', 's.a.f.e', 's a f e', 'surgical', 'lose 10lbs', 'lose 20lbs', 'lose 30lbs', 'lose 40lbs', 'Lose weight', 'Lose the weight', 'lose fat', 'Miracleburn', 'weightloss', 'weight loss', 'we1ght l0ss', 'we1ght', 'w.e.i.g.h.t', 'weight watchers', 'penis', 'PENIS', 'P E N I S', 'p-e-n-i-s', 'pen1s', 'enlarge', 'enlarging your cock', 'enlarge your cock', 'erection', 'manhood', 'supersize', 'add inches', 'add 2 inches', 'add 3 inches', 'add 4 inches', 'add 5 inches', 'add solid inches', '1/2 Price', 'ADV:', '[ADV]', '(ADV)', '{ADV}', 'Absolutely legal', 'Affordable', 'Aprroved', 'Auto Loan', 'Auto Loans', 'Bargain', 'Bingo', 'casino', 'consolidate', 'complimentary', 'credit check', 'credit repair', 'Credit', 'congratulations', 'clear your credit', 'Debt Consolidation', 'debt', 'Debt', 'D-E-B-T', 'Dollar', 'earn cash', 'earn money', 'Easily get a home loan', 'Eliminate Debt', 'extra income', 'fire your boss', 'f-r-e-e', 'F-R-E-E', 'F_R E_E', 'F_R_E_E', 'F.R.E.E', 'F*R*E*E', 'FREEApplication', 'FREEBestseller', 'FREEBlockbuster', 'FREE adult', 'FREE credit', 'Free shipping', 'FREE money', 'free money!', 'Financial freedom', 'free vacation', 'free membership', 'freegift', 'Gift', 'Givaway', 'Giveaway', 'Get a FREE', 'Government auctions', 'GOVT', 'Guaranteed Approval Free', 'how much you can save', 'Home Loans', 'Homeowner', 'Homeowners', 'HGH', 'h g h', 'Increase your salary', 'Investor Insights', 'It Really works!', 'LIFETIME MEMBERSHIP TO THE', 'loan payments', 'Loan Quote', 'LOAN', 'L0AN', 'LOWEST RATES', 'L0WEST RATES', 'LowRateSource', 'make money', 'make cash', 'MAKE MONEY FAST', 'MILLIONAIRE', 'No gimmicks', 'No obligation', 'NOW FREE TRIAL', 'no risk', 'Offer', 'offer', 'Partnership Required!', 'Pay Less', 'Payday', 'payroll', 'perfectly legal', 'Prize', 'risk free', 'Real Estate', 'Reduce Rates', 'REAL MONEY', 'Refinance', 'ReFi', 'savers', 'Salary', 'Save Money', 'SLASH YOUR EXPENSES', 'Student Loan', 'Student Loans', 'This really works', 'unclaimed', 'unsecured credit card', 'unlimited', 'unique gift', 'Virtual Deals', 'visa approval', 'win money', 'win cash', 'WHOLESALE', 'Won', 'Your free daily', '18 YR', 'ADLT:', 'anal', 'adult site', 'adult video', 'barely legal', 'cumshot', 'exploited teens', 'illegal', 'fisting', 'free xxx', 'GRANNY', 'GUARANTEE', 'HARDCORE', 'TEEN', 'TEENS', 'PRETEEN', 'PRETEENS', 'nude celeb', 'Want free porn in your mail?', 'whore', 'XXX Picture For You!', '1NK', 'Brand Ink', 'inkjet cartridges', 'ink cartridges', 'printer cartridges', 'printer ink', 'toner cartridges', 'Toner cartridge', 'inkjets', 'ink sale', 'inkjet', 'ink order', 'ink supplies', 'laser toner', 'printer supplies', 'printpa', 'printpal', 'InkjetCartridges', 'LaserToners', 'Wholesaleink', '$', 'GreatMailRewards', 'GreatAmericanDeals', 'michael.hughes11', 'Michael.hughes', '......', '!!!', '>>>>>>', '**NEW', 'bulk mail', 'bulkmail', 'Copy DVDs', 'COPY ANY DVD', 'Congratulations!You+', 'Descrambler', 'DVD', 'Direct Marketing Tools', 'Fed Up With Annoying', 'Get Promoted', 'HARRY POTTER', 'harry potter', 'I thought you might be interested in this!', 'joke-of-the-day', 'livecam', 'Partnership Required!!!', 'patch from Microsoft', 'Microsoft Security Update', 'Microsoft Update', 'Microsoft news', 'Napster', 'Norton Systemworks', 'Newgrounds', 'PPV', 'RealOne', 'screensaver', 'Security Update by', 'Smallest Digital Camera', 'TheDailySamples', 'Toon Doctor', 'This stuff works', 'Tune up your PC', 'Ultimate Breakthrough', 'update from Microsoft', 'Upgrade Your Career', 'Dating Tips', 'http://',); $quote = 'my motherfucker dog keeps barking'; function has_bad_words($quote) { global $blockwords; $split = preg_split("#\s+#", $post, -1, PREG_SPLIT_NO_EMPTY); if (is_array($split)) { foreach ($split as $quote_word) { if (in_array($quote_word, $blockwords)) { return true; } } } return false; } if (has_bad_words($quote)) { echo "<BR><BR><p><center></center></p>"; echo "<li>Your Submission Encountered The Following Problem:<center><strong>$name, </strong>Left<strong> $quote_word <br>..Spam Detected..</strong><br><font color=red>$ip</font> Banned From Malent.Net</center></li>"; echo "<p><center></center></p>"; $date = date("d.m.Y H:i:s"); $bp = fopen("banip/banip.txt", "a"); $domain = gethostbyaddr($_SERVER['REMOTE_ADDR']); $ip = $_SERVER['REMOTE_ADDR']; $browser = getenv("HTTP_USER_AGENT"); fwrite($bp, "\n$ip, $date, $browser, $domain"); fclose($bp); exit; } else { echo "Your post is clean, good boy"; ?> if(strstr($_POST['quote'], $blockword) !== false) // So long as the quote is not null, it is stored in the quotes.txt file // NOTE: Permissions need to be set on this file as 777 so that it can be added to automaticaly if ($quote != "") { $date = date("d.m.Y / H:i:s"); $fp = fopen("quotes.txt", "a"); $domain = GetHostByName($REMOTE_ADDR); // If the name is not null, write directly to the quotes.txt, if not, set $name = 'Anon' fwrite($fp, "\n$quote <BR> - $name <BR> <font size='1'> $date</font>"); // close the 'quotes.txt' file fclose($fp); // Mail the quote to me (or if this code is on your site, to you) mail("service@malent.net", "New quote added", "A new quote has been added to 'quotes.txt'\nThe quote was added by: $name\nThe quote added was: $quote\nDate / Time Submitted: $date\nIP: $ip", "From: webmaster@malent.net\r\n"); print "<center><h1>Malent.Net - Feedback Form!<h1></center> <p><strong>New quote added:</strong> $quote</p><p><strong>Added by:</strong> $name</p><p><strong>Timestamp:</strong> <font size='1'> $date </p> <p><B>Your IP</B>: $ip</p></font>"; } print '<strong><p><a href="quote_add.php">Back</a> / <a href="<a href="quote_add. php" onClick="window.close()">Close</a><BR><BR>Your Feedback Comment Is Now Live.<BR>We Thank You For Your Submission.</p>'; } else { // close the php statement so it is possible to enter normal html, // just dont forget to end the if statement at the end ?> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td class="poptop" height="0"><img src="main/spacer.gif" width="1" height="1"></td> <tr> <td class="hrz_line"><img src="main/spacer.gif" width="1" height="1"></td> </tr> </tr> <tr> <td style="background: #ffffff; padding: 0px" valign="middle"><h1 style="margin-top: 0; margin-bottom: 0"><center>Malent.Net - Feedback Form!</center></h1></td> </tr> <tr> <td class="hrz_line"><img src="main/spacer.gif" width="0" height="0"></td> </tr> <tr> <td valign="top" style="padding: 1em" class="maincontent" height="480"> <table width="100%" border="0" cellpadding="1" cellspacing="1" class="tablehead"> <p>To Submit A Quote, Enter It Along With Your Name.<br> No Name = <strong>'Anonymous'</strong>.</p> <p><strong>Note:</strong> The Quote Will Be Limited To 300 Characters,<br> No HTML, SPAM Allowed.<br>This Window Will Self Destruct In 60 Seconds.</p><br> <form action="quote_add.php?add" method="post" id="quoteform"> <div><label for="nameInput" class="rowA"><strong>Name:</strong></label><input type="text" class="textfield" name="name" size="20" id="nameInput" maxlength="100" /></div> <div><label for="quoteInput" class="rowA"><strong>Quote:</strong></label><textarea onkeypress="return taLimit()" onkeyup="return taCount(myCounter)" class="textfield" name="quote" rows=4 wrap=physical cols=40 maxLength="300"></textarea><font size='1'><left> Number Of Characters Left: <B><SPAN id="myCounter">300</SPAN></left></B></font> </div> <?include('class.passgen.php'); $passGen = new passGen(5); $validate = 0; if(isset($_POST['submit'])){ $hash = $_POST['hash']; $pass = $_POST['pass']; if($passGen->verify($pass, $hash)){ $validate = 1; echo 'Validation OK'; } else { echo 'Validation not OK'; } echo '<br>'; } if($validate == 0){ $hash = $passGen->password(0, 1); echo '<br>'; echo $passGen->images('font', 'gif', 'f_', '16', '20'); echo '<br><br>'; echo'<p><label for="securitycode">Anti-Spam Security: (Required)</label><span style="color:#FF0000;">*</span><br>'; echo '<small>Type The Combination Shown In The Picture.</small><br>'; echo '<input type="hidden" value="'. $hash .'" name="hash">'; echo '<input type="text" value="'. $pass .'" name="pass" size="9" maxlength="9">'; echo '<br><br>'; } ?> <BR><BR><div><input id="submit" type="submit" onclick="check(quoteform,form.elements.length); return true;" onmouseout="this.style.background='#F6EED0';this.style.color='navy';" onmouseover="this.style.background='navy';this.style.color='#F6EED0';" align="absmiddle" tabindex="1" class="submit" value="Submit" /></div><BR><BR> <?php } // end else block ?> </form> </table> </body> Quote Link to comment Share on other sites More sharing options...
Azu Posted September 4, 2007 Share Posted September 4, 2007 @Azu, Correct. And I believe strpos is faster then strstr. Only use the regex stuff when necessary. Doesn't strpos/stripos only work for checking if a single character exists? Quote Link to comment Share on other sites More sharing options...
CBaZ Posted September 4, 2007 Author Share Posted September 4, 2007 updated code one part of the code does not show up in form //code <?include('class.passgen.php'); $passGen = new passGen(5); $validate = 0; if(isset($_POST['submit'])){ $hash = $_POST['hash']; $pass = $_POST['pass']; if($passGen->verify($pass, $hash)){ $validate = 1; echo 'Validation OK'; } else { echo 'Validation not OK'; } echo '<br>'; } if($validate == 0){ $hash = $passGen->password(0, 1); echo '<br>'; echo $passGen->images('font', 'gif', 'f_', '16', '20'); echo '<br><br>'; echo'<p><label for="securitycode">Anti-Spam Security: (Required)</label><span style="color:#FF0000;">*</span><br>'; echo '<small>Type The Combination Shown In The Picture.</small><br>'; echo '<input type="hidden" value="'. $hash .'" name="hash">'; echo '<input type="text" value="'. $pass .'" name="pass" size="9" maxlength="9">'; echo '<br><br>'; } ?> //code <?php session_start(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <?php include("banip/ban.php"); ?> <html><head> <SCRIPT LANGUAGE="JAVASCRIPT" TYPE="TEXT/JAVASCRIPT"> // *********************************************** // AUTHOR: WWW.CGISCRIPT.NET, LLC // URL: http://www.cgiscript.net // Use the script, just leave this message intact. // Download your FREE CGI/Perl Scripts today! // ( http://www.cgiscript.net/scripts.htm ) // *********************************************** var StayAlive = 60; // Number of seconds to keep window open function KillMe(){ setTimeout("self.close()",StayAlive * 1000); } </SCRIPT> <title>Feedback Form!</title> <script language = "Javascript"> function taLimit() { var taObj=event.srcElement; if (taObj.value.length==taObj.maxLength*1) return false; } function taCount(visCnt) { var taObj=event.srcElement; if (taObj.value.length>taObj.maxLength*1) taObj.value=taObj.value.substring(0,taObj.maxLength*1); if (visCnt) visCnt.innerText=taObj.maxLength-taObj.value.length; } </script> <script language="Javascript1.2"> // © 2000 www.CodeLifter.com // http://www.codelifter.com // Free for all users, but leave in this header // Set the message for the alert box am = "© COPYRIGHT 2007 MaloriaN Entertainment, ALL RIGHTS RESERVED."; // do not edit below this line // =========================== bV = parseInt(navigator.appVersion) bNS = navigator.appName=="Netscape" bIE = navigator.appName=="Microsoft Internet Explorer" function nrc(e) { if (bNS && e.which > 1){ alert(am) return false } else if (bIE && (event.button >1)) { alert(am) return false; } } document.onmousedown = nrc; if (document.layers) window.captureEvents(Event.MOUSEDOWN); if (bNS && bV<5) window.onmousedown = nrc; </script> <META HTTP-EQUIV="expires" CONTENT="0"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body onload="KillMe();self.focus()" onunload="top.opener.window.location.href='MaloriaN2.php'" background="background/tan-paisley3.jpg"> <center><form name="counter"><input type="text" size="1" name="d2" border="0"></form></center> <script> <!-- // var milisec=0 var seconds=62 document.counter.d2.value='62' function display(){ if (milisec<=0){ milisec=9 seconds-=1 } if (seconds<=-1){ milisec=0 seconds+=1 } else milisec-=1 document.counter.d2.value=seconds+"."+milisec setTimeout("display()",100) } display() --> </script> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td style="padding: 0px" valign="middle"><h1 style="margin-top: 0; margin-bottom: 0"></h1></td> </tr> <tr> <td valign="top" style="padding: 5em" class="maincontent" height="480"> <?php if (isset($_POST['quote'])) { // This strips the whitespace from either end of each attribute, removes all html and slashes. // (Slashes that were put in by php automaticly) $quote = trim(strip_tags(stripslashes($_POST['quote']))); $name = trim(strip_tags(stripslashes($_POST['name']))); $pass = trim(strip_tags(stripslashes($_POST['pass']))); $spammer_ip = $_SERVER['REMOTE_ADDR']; list($a, $b, $c, $d) = split('.', $spammer_ip); if( gethostbyname("$d.$c.$b.$a.list.dsbl.org") != "$d.$c.$b.$a.list.dsbl.org") { header( "Location: http://dsbl.org/listing?".$spammer_ip); return false; } // If the quote is longer than 300 characters it is striped and a '...' added to the end. // (A client side check is also performed in the form using the 'maxlength="300"' attribute in the form. if (strlen($quote) >= 300) { $quote = substr($quote, 0, 300); $quote = $quote."..."; } // Same thing for the name but with length of 100 characters. if (strlen($name) >= 100) { $name = substr($name, 0, 100); $name = $name."..."; } if (strlen($name) <= 0) { $name = "Anonymous"; } if (strlen($pass) <= 1) { echo "<BR><BR><p><center>Your Submission Encountered The Following Problem:</center></p>"; echo "<li><center><strong>$name </strong>Left<strong> Security</strong> Field Blank.</center></li>"; echo "<p><center>Please <a href='javascript:history.back()'>Go Back</a> And Make Proper Correction.</center></p>"; exit; } if (strlen($quote) <= 0) { echo "<BR><BR><p><center>Your Submission Encountered The Following Problem:</center></p>"; echo "<li><center><strong>$name, </strong>Left<strong> Quote</strong> Field Blank.</center></li>"; echo "<p><center>Please <a href='javascript:history.back()'>Go Back</a> And Make Proper Corrections.</center></p>"; exit; } $blockwords=array('photos of singles','meet single people', 'casino', 'find other singles', 'get a DATE', 'Someone Wants to MEET You', 'find other singles', 'Lonely?', 'Dating Tips', 'viagra', 'Viagr@', 'Vi@gra', 'Valium', 'Vinarol', 'Vali~um', 'viagra', 'via-gra', 'viagara', 'v1agara', 'v1agra', 'VIAGRA', 'V.I.A.G.R.A', 'Virility', 'Anti-depressants', 'antidepressant', 'Botox', 'Levitra', 'Lev1tra', 'Lev1tr@', 'Phentermine', 'phentermine', 'phendimetrazine', 'paxil', 'prescriiption', 'propecia', 'prozac', 'Prescription', 'Prescriptions', 'Phermone', 'Pheremone', 'Pheromone', 'pharmacy', 'G=e-n-e-r-i-c', 'Online Pharmacy', 'Medical breakthrough', 'Xanax', 'xanax', 'xenical', 'Better Health', 'DIET', 'D1ET', 'diet', 'Dental Coverage', 'Instant Dental', 'flush fat', 'fat burner', 'fat burning', 'fat-burning', 's.a.f.e', 's a f e', 'surgical', 'lose 10lbs', 'lose 20lbs', 'lose 30lbs', 'lose 40lbs', 'Lose weight', 'Lose the weight', 'lose fat', 'Miracleburn', 'weightloss', 'weight loss', 'we1ght l0ss', 'we1ght', 'w.e.i.g.h.t', 'weight watchers', 'penis', 'PENIS', 'P E N I S', 'p-e-n-i-s', 'pen1s', 'enlarge', 'enlarging your cock', 'enlarge your cock', 'erection', 'manhood', 'supersize', 'add inches', 'add 2 inches', 'add 3 inches', 'add 4 inches', 'add 5 inches', 'add solid inches', '1/2 Price', 'ADV:', '[ADV]', '(ADV)', '{ADV}', 'Absolutely legal', 'Affordable', 'Aprroved', 'Auto Loan', 'Auto Loans', 'Bargain', 'Bingo', 'casino', 'consolidate', 'complimentary', 'credit check', 'credit repair', 'Credit', 'congratulations', 'clear your credit', 'Debt Consolidation', 'debt', 'Debt', 'D-E-B-T', 'Dollar', 'earn cash', 'earn money', 'Easily get a home loan', 'Eliminate Debt', 'extra income', 'fire your boss', 'f-r-e-e', 'F-R-E-E', 'F_R E_E', 'F_R_E_E', 'F.R.E.E', 'F*R*E*E', 'FREEApplication', 'FREEBestseller', 'FREEBlockbuster', 'FREE adult', 'FREE credit', 'Free shipping', 'FREE money', 'free money!', 'Financial freedom', 'free vacation', 'free membership', 'freegift', 'Gift', 'Givaway', 'Giveaway', 'Get a FREE', 'Government auctions', 'GOVT', 'Guaranteed Approval Free', 'how much you can save', 'Home Loans', 'Homeowner', 'Homeowners', 'HGH', 'h g h', 'Increase your salary', 'Investor Insights', 'It Really works!', 'LIFETIME MEMBERSHIP TO THE', 'loan payments', 'Loan Quote', 'LOAN', 'L0AN', 'LOWEST RATES', 'L0WEST RATES', 'LowRateSource', 'make money', 'make cash', 'MAKE MONEY FAST', 'MILLIONAIRE', 'No gimmicks', 'No obligation', 'NOW FREE TRIAL', 'no risk', 'Offer', 'offer', 'Partnership Required!', 'Pay Less', 'Payday', 'payroll', 'perfectly legal', 'Prize', 'risk free', 'Real Estate', 'Reduce Rates', 'REAL MONEY', 'Refinance', 'ReFi', 'savers', 'Salary', 'Save Money', 'SLASH YOUR EXPENSES', 'Student Loan', 'Student Loans', 'This really works', 'unclaimed', 'unsecured credit card', 'unlimited', 'unique gift', 'Virtual Deals', 'visa approval', 'win money', 'win cash', 'WHOLESALE', 'Won', 'Your free daily', '18 YR', 'ADLT:', 'anal', 'adult site', 'adult video', 'barely legal', 'cumshot', 'exploited teens', 'illegal', 'fisting', 'free xxx', 'GRANNY', 'GUARANTEE', 'HARDCORE', 'TEEN', 'TEENS', 'PRETEEN', 'PRETEENS', 'nude celeb', 'Want free porn in your mail?', 'whore', 'XXX Picture For You!', '1NK', 'Brand Ink', 'inkjet cartridges', 'ink cartridges', 'printer cartridges', 'printer ink', 'toner cartridges', 'Toner cartridge', 'inkjets', 'ink sale', 'inkjet', 'ink order', 'ink supplies', 'laser toner', 'printer supplies', 'printpa', 'printpal', 'InkjetCartridges', 'LaserToners', 'Wholesaleink', '$', 'GreatMailRewards', 'GreatAmericanDeals', 'michael.hughes11', 'Michael.hughes', '......', '!!!', '>>>>>>', '**NEW', 'bulk mail', 'bulkmail', 'Copy DVDs', 'COPY ANY DVD', 'Congratulations!You+', 'Descrambler', 'DVD', 'Direct Marketing Tools', 'Fed Up With Annoying', 'Get Promoted', 'HARRY POTTER', 'harry potter', 'I thought you might be interested in this!', 'joke-of-the-day', 'livecam', 'Partnership Required!!!', 'patch from Microsoft', 'Microsoft Security Update', 'Microsoft Update', 'Microsoft news', 'Napster', 'Norton Systemworks', 'Newgrounds', 'PPV', 'RealOne', 'screensaver', 'Security Update by', 'Smallest Digital Camera', 'TheDailySamples', 'Toon Doctor', 'This stuff works', 'Tune up your PC', 'Ultimate Breakthrough', 'update from Microsoft', 'Upgrade Your Career', 'Dating Tips', 'http://',); $quote = 'my motherfucker dog keeps barking'; function has_bad_words($quote) { global $blockwords; $split = preg_split("#\s+#", $post, -1, PREG_SPLIT_NO_EMPTY); if (is_array($split)) { foreach ($split as $quote_word) { if (in_array($quote_word, $blockwords)) { return true; } } } return false; } if (has_bad_words($quote)) { echo "<BR><BR><p><center></center></p>"; echo "<li>Your Submission Encountered The Following Problem:<center><strong>$name, </strong>Left<strong> $quote_word <br>..Spam Detected..</strong><br><font color=red>$ip</font> Banned From Malent.Net</center></li>"; echo "<p><center></center></p>"; $date = date("d.m.Y H:i:s"); $bp = fopen("banip/banip.txt", "a"); $domain = gethostbyaddr($_SERVER['REMOTE_ADDR']); $ip = $_SERVER['REMOTE_ADDR']; $browser = getenv("HTTP_USER_AGENT"); fwrite($bp, "\n$ip, $date, $browser, $domain"); fclose($bp); exit; } else { // So long as the quote is not null, it is stored in the quotes.txt file // NOTE: Permissions need to be set on this file as 777 so that it can be added if ($quote != "") { $date = date("d.m.Y / H:i:s"); $fp = fopen("quotes.txt", "a"); $domain = GetHostByName($REMOTE_ADDR); // If the name is not null, write directly to the quotes.txt, if not, set $name = 'Anon' fwrite($fp, "\n$quote <BR> - $name <BR> <font size='1'> $date</font>"); // close the 'quotes.txt' file fclose($fp); // Mail the quote to me (or if this code is on your site, to you) mail("service@malent.net", "New quote added", "A new quote has been added to 'quotes.txt'\nThe quote was added by: $name\nThe quote added was: $quote\nDate / Time Submitted: $date\nIP: $ip", "From: webmaster@malent.net\r\n"); print "<center><h1>Malent.Net - Feedback Form!<h1></center> <p><strong>New quote added:</strong> $quote</p><p><strong>Added by:</strong> $name</p><p><strong>Timestamp:</strong> <font size='1'> $date </p> <p><B>Your IP</B>: $ip</p></font>"; print '<strong><p><a href="quote_add.php">Back</a> / <a href="quote_add.php" onClick="window.close()">Close</a><BR><BR>Your Feedback Comment Is Now Live.<BR>We Thank You For Your Submission.</p>'; // close the php statement so it is possible to enter normal html, // just dont forget to end the if statement at the end ?> <?php }} // end else block ?> <?php include(\"class.passgen.php\");\n"; echo " $passGen = new passGen(5);\n"; echo " \n"; echo " $validate = 0;\n"; echo " \n"; echo " if(isset($_POST['submit'])){\n"; echo " $hash = $_POST['hash'];\n"; echo " $pass = $_POST['pass'];\n"; echo " \n"; echo " if($passGen->verify($pass, $hash)){\n"; echo " $validate = 1;\n"; echo " echo 'Validation OK';\n"; echo " }\n"; echo " else {\n"; echo " echo \"Validation not OK\";\n"; echo " }\n"; echo " echo \"<br>\";\n"; echo " }\n"; echo " \n"; echo " if($validate == 0){\n"; echo " $hash = $passGen->password(0, 1);\n"; echo " \n"; echo " echo \"<br>\";\n"; echo " echo $passGen->images('font', 'gif', 'f_', '16', '20');\n"; echo " echo \"<br><br>\";\n"; echo " echo \"<p><label for='securitycode'>Anti-Spam Security: (Required)</label><span style='color:#FF0000;'>*</span><br>\";\n"; echo "echo \"<small>Type The Combination Shown In The Picture.</small><br>\";\n"; echo " echo \"<input type='hidden' value=\"'. $hash .'\" name=\"hash\">\";\n"; echo " echo \"<input type=\"text\" value=\"'. $pass .'\" name=\"pass\" size=\"9\" maxlength=\"9\">\";\n"; echo " echo \"<br><br>\";\n"; echo " \n"; echo " }\n"; echo " }\n"; echo "?>\n"; ?> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td class="poptop" height="0"><img src="main/spacer.gif" width="1" height="1"></td> <tr> <td class="hrz_line"><img src="main/spacer.gif" width="1" height="1"></td> </tr> </tr> <tr> <td style="background: #ffffff; padding: 0px" valign="middle"><h1 style="margin-top: 0; margin-bottom: 0"><center>Malent.Net - Feedback Form!</center></h1></td> </tr> <tr> <td class="hrz_line"><img src="main/spacer.gif" width="0" height="0"></td> </tr> <tr> <td valign="top" style="padding: 1em" class="maincontent" height="480"> <table width="100%" border="0" cellpadding="1" cellspacing="1" class="tablehead"> <p>To Submit A Quote, Enter It Along With Your Name.<br> No Name = <strong>'Anonymous'</strong>.</p> <p><strong>Note:</strong> The Quote Will Be Limited To 300 Characters,<br> No HTML, SPAM Allowed.<br>This Window Will Self Destruct In 60 Seconds.</p><br> <form action="quote_add.php?add" method="post" id="quoteform"> <div><label for="nameInput" class="rowA"><strong>Name:</strong></label><input type="text" class="textfield" name="name" size="20" id="nameInput" maxlength="100" /></div> <div><label for="quoteInput" class="rowA"><strong>Quote:</strong></label><textarea onkeypress="return taLimit()" onkeyup="return taCount(myCounter)" class="textfield" name="quote" rows=4 wrap=physical cols=40 maxLength="300"></textarea><font size='1'><left> Number Of Characters Left: <B><SPAN id="myCounter">300</SPAN></left></B></font> </div> <BR><BR><div><input id="submit" type="submit" onclick="check(quoteform,form.elements.length); return true;" onmouseout="this.style.background='#F6EED0';this.style.color='navy';" onmouseover="this.style.background='navy';this.style.color='#F6EED0';" align="absmiddle" tabindex="1" class="submit" value="Submit" /></div><BR><BR> </form> </table> </body> Quote Link to comment Share on other sites More sharing options...
TheFilmGod Posted September 4, 2007 Share Posted September 4, 2007 <? session_start(); ?> All your other code uses "<?php" for the php start tag. Why are you using <? instead? YOu know you need a special configuration to make this work. Be safe and use "<?php" yea sorry about that I gave you are recommendation and you agreed with me. YOU EVEN said sorry. But you didn't fix the code! Your top line reads almost the same thing!! It uses the "<?" again!! BAD CODING!!! Do you really expect me to help you if you completely ignore my comments and help? ??? Quote Link to comment Share on other sites More sharing options...
Azu Posted September 4, 2007 Share Posted September 4, 2007 Whoa wtf why is this suddenly like 100 pages long. Not even going to TRY to read that all. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.