ohdang888 Posted December 25, 2007 Share Posted December 25, 2007 hey. i use scpritmills comments. i created my own e-mail list code, users enter their e-mail and are added to e-mailing list. However, their submit buttons are interferring with each other, sending the people who made comments to "emailadded.php" what do i need to change to get this right? <?php if (!isset($_POST['submit'])) {?> <form method="post" action="../emailadded.php"> E-Mail:<input type="text" size="15" maxlength="30" name="e_mail"/> <br/> <input type="submit" name="submit" value="Submit"/> <form> <?php } else { $email = $_POST["e_mail"]; $emailfile = "../emaillist.txt"; $FH = fopen($emailfile, 'a') or die("can't open file"); fwrite($FH,$email . ','); fclose($FH); } ?> heres the code to the comments.php i;m not sure which part you need, so i posted all of it. <? /* Scriptsmill comments script v1.03 Copyright © 2005-2006 ScriptsMill E-Mail: [email protected] URL: http://www.scriptsmill.com Author: Stanislav Perederiy This file is part of ScriptsMill Comments. ScriptsMill Comments is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. ScriptsMill Comments is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with ScriptsMill Comments; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ $COM_CONF['full_path'] = dirname(__FILE__); include("{$COM_CONF['full_path']}/config.php"); if (! $COM_CONF['dbhost']) { echo 'It seems that comments script is not properly installed. See readme.txt for more info.'; } require("{$COM_CONF['full_path']}/lang/lang_{$COM_CONF['lang']}.php"); require("{$COM_CONF['full_path']}/akismet-class.php"); $comments_db_link = mysql_connect($COM_CONF['dbhost'],$COM_CONF['dbuser'],$COM_CONF['dbpassword']); mysql_select_db($COM_CONF['dbname'], $comments_db_link); main(); function main() { if ($_REQUEST['action'] == 'add'){ add(); } elseif ($_REQUEST['action'] == 'unsub'){ unsub(); } elseif (1) { view(); } } function check_for_errors() { global $comments_db_link, $COM_CONF, $COM_LANG; $ip = mysql_escape_string($_SERVER['REMOTE_ADDR']); $result = mysql_query("SELECT ip FROM {$COM_CONF['dbbannedipstable']} WHERE ip='$ip'", $comments_db_link); if (mysql_num_rows($result)>0) { $error_message.=$COM_LANG['not_allowed'] . "<br />"; } if ($_REQUEST['disc_name'] == '') { $error_message.=$_REQUEST['r_disc_name'] . "<br />"; } if ($_REQUEST['disc_body'] == '') { $error_message.=$_REQUEST['r_disc_body'] . "<br />"; } if ($_REQUEST['disc_email'] != '') { if (!is_email($_REQUEST['disc_email'])) { $error_message.="Invalid email address" . "<br />"; } } return $error_message; } function flood_protection($INPUT) { global $comments_db_link, $COM_CONF, $COM_LANG; $result = mysql_query("select time from {$COM_CONF['dbmaintable']} where ip='{$_SERVER['REMOTE_ADDR']}' AND (UNIX_TIMESTAMP( NOW( ) ) - UNIX_TIMESTAMP( time )) < {$COM_CONF['anti_flood_pause']}", $comments_db_link); if (mysql_num_rows($result)>0) { $error_message="Flood detected"; return $error_message; } $result = mysql_query("select ID from {$COM_CONF['dbmaintable']} where text='{$INPUT['disc_body']}' AND author='{$INPUT['disc_name']}' AND href='{$INPUT['href']}'", $comments_db_link); if (mysql_num_rows($result)>0) { $error_message="Flood detected"; return $error_message; } return ""; } function spam_check($email, $name, $url, $text, $path_to_page, $ip) { global $COM_CONF, $comments_db_link; $try = 0; while (!$valid && $try <= 3) { // Initialize and verify API key $akismet = new Akismet($COM_CONF['site_url'], $COM_CONF['akismet_apikey']); $result = $akismet->isKeyValid(); // Possible values: 'valid', 'invalid', 'no connect' if ($result != 'valid') { if (($result == 'invalid')) { // Invalid key return 2; } else { // Could not connect to the Akismet server $try++; } } else { $valid = 1; } } if (!$valid) { return 3; // Could not connect to the Akismet server } // Pass comment info to the class $akismet->setCommentAuthorEmail($email); $akismet->setCommentAuthor($name); $akismet->setCommentAuthorURL($url); $akismet->setCommentContent($text); $akismet->setUserIP($ip); $akismet->setPermalink($COM_CONF['site_url'] . $path_to_page); $akismet->setCommentType('Comment'); $try = 0; while ($try <= 3) { // Check the comment for spam $result = $akismet->isCommentSpam(); // Possible values: 'false' (not spam), 'true' (spam), 'no connect' if ($result != 'false') { if ($result == 'true') { // The comment is spam return 1; } else { // Could not connect to the Akismet server $try++; } } else { return 0; } } return 3; // Could not connect to the Akismet server } function add() { global $comments_db_link, $COM_CONF, $COM_LANG; foreach ($_REQUEST as $key => $value) { if ($key == 'disc_body') { $comment_text=stripslashes($value); } $_REQUEST[$key] = str_replace('<', '<', $_REQUEST[$key]); $_REQUEST[$key] = str_replace('>', '>', $_REQUEST[$key]); if (get_magic_quotes_gpc()) { $_REQUEST[$key] = stripslashes($_REQUEST[$key]); } $_REQUEST[$key] = mysql_escape_string($_REQUEST[$key]); } $_REQUEST['href'] = str_replace('%2F', '/', $_REQUEST['href']); $_REQUEST['href'] = str_replace('%3F', '?', $_REQUEST['href']); $_REQUEST['href'] = str_replace('%26', '&', $_REQUEST['href']); $_REQUEST['href'] = str_replace('%3D', '=', $_REQUEST['href']); if ($_REQUEST['dont_show_email'] != '') { $dont_show="1"; } else { $dont_show="0"; } $error_message = check_for_errors(); $error_message .= flood_protection($_REQUEST); if ($COM_CONF['ckeck_for_spam']) { if (!$error_message) { $spam_check_result = spam_check($_REQUEST['disc_email'], $_REQUEST['disc_name'], "", $comment_text, $_REQUEST['href'], ""); if ($spam_check_result == 1) { $error_message .= "<br>Your comment suspected as spam."; mysql_query("INSERT INTO {$COM_CONF['dbjunktable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link); } if ($spam_check_result == 2) { $error_message .= "<br>Invalid WordPress API key"; } if ($spam_check_result == 3) { $error_message .= "<br>Could not connect to the Akismet server"; } } } if ($error_message) { print "The following errors occured:<br>$error_message<br><br> Please <a href=\"javascript:history.go(-1)\">get back</a> and try again."; return 0; } mysql_query("INSERT INTO {$COM_CONF['dbmaintable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link); if ($_REQUEST['email_me'] != '' && $_REQUEST['disc_email'] != '') { $result = mysql_query("select COUNT(*) from {$COM_CONF['dbemailstable']} where href='{$_REQUEST['href']}' AND email='{$_REQUEST['disc_email']}'", $comments_db_link); list ($count) = mysql_fetch_row($result); if ($count == 0) { $hash=md5($email . $COM_CONF['copy_random_seed']); mysql_query("INSERT INTO {$COM_CONF['dbemailstable']} VALUES (NULL, '{$_REQUEST['disc_email']}', '{$_REQUEST['href']}', '$hash')", $comments_db_link); } } if ($COM_CONF['email_admin']) { notify_admin($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email'], $comment_text, "{$_SERVER['REMOTE_ADDR']}, {$_SERVER['HTTP_USER_AGENT']}"); } notify_users($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email']); header("HTTP/1.1 302"); header("Location: {$COM_CONF['site_url']}{$_REQUEST['href']}"); print "<a href=\"{$COM_CONF['site_url']}{$_REQUEST['href']}\">Click here to get back.</a>"; } function notify_admin($href, $name, $email, $text, $ip) { global $comments_db_link, $COM_CONF, $COM_LANG; $headers = "From: Comments <{$COM_CONF['email_from']}>\r\n"; $text_of_message=" {$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href {$COM_LANG['email_from']}: $name <$email> $text $ip "; mail($COM_CONF['email_admin'], "{$COM_LANG['email_new_comment']} $href", $text_of_message, $headers); } function notify_users($href, $name, $email_from) { global $comments_db_link, $COM_CONF, $COM_LANG; $headers = "From: Comments <{$COM_CONF['email_from']}>\n"; $result=mysql_query("select email, hash from {$COM_CONF['dbemailstable']} where href='$href'", $comments_db_link); while (list($email, $hash) = mysql_fetch_row($result)) { if ($email != $email_from) { $text_of_message=" {$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href {$COM_LANG['email_from']}: $name {$COM_LANG['email_to_unsubscribe']} {$COM_CONF['site_url']}{$COM_CONF['script_url']}?action=unsub&page=$href&id=$hash "; mail($email, "{$COM_LANG['email_new_comment']} $href",$text_of_message, $headers); } } } function unsub() { global $comments_db_link, $COM_CONF, $COM_LANG; $id=mysql_escape_string($_REQUEST['id']); $href=mysql_escape_string($_REQUEST['page']); mysql_query("delete from {$COM_CONF['dbemailstable']} where href='$href' AND hash='$id'", $comments_db_link); if (mysql_affected_rows() > 0) { print "{$COM_LANG['unsubscribed']}"; } else { print "{$COM_LANG['not_unsubscribed']}"; } } function view() { global $comments_db_link, $COM_CONF, $COM_LANG; $request_uri = mysql_escape_string($_SERVER['REQUEST_URI']); $result = mysql_query("select time, text, author, email, dont_show_email from {$COM_CONF['dbmaintable']} where href='$request_uri' order by time {$COM_CONF['sort_order']} LIMIT 10", $comments_db_link); $comments_count=0; $time=$text=$author=$email=$dont_show_email=array(); while (list($time[$comments_count], $text[$comments_count], $author[$comments_count], $email[$comments_count], $dont_show_email[$comments_count])=mysql_fetch_array($result)) { $text[$comments_count] = wordwrap($text[$comments_count], 75, "\n", 1); $time[$comments_count] = format_date($time[$comments_count]); $comments_count++; } require("{$COM_CONF['full_path']}/templates/{$COM_CONF['template']}.php"); } function format_date ($date) { global $COM_LANG; $year = substr($date, 0, 4); $month = intval(substr($date, 5, 2)) - 1; $day = substr($date, 8, 2); $hour = substr($date, 11, 2); $min = substr($date, 14, 2); return "$day {$COM_LANG['months'][$month]} $year, $hour:$min"; } function is_email($Addr) { $p = '/^[a-z0-9!#$%&*+-=?^_`{|}~]+(\.[a-z0-9!#$%&*+-=?^_`{|}~]+)*'; $p.= '@([-a-z0-9]+\.)+([a-z]{2,3}'; $p.= '|info|arpa|aero|coop|name|museum)$/ix'; return preg_match($p, $Addr); } ?> Link to comment https://forums.phpfreaks.com/topic/83166-error-from-comments/ Share on other sites More sharing options...
cooldude832 Posted December 25, 2007 Share Posted December 25, 2007 1) use the [ Code] brackets 2) Whats the error 3) Pinpoint it before people waste time reading 10000 lines Link to comment https://forums.phpfreaks.com/topic/83166-error-from-comments/#findComment-423027 Share on other sites More sharing options...
ohdang888 Posted December 25, 2007 Author Share Posted December 25, 2007 sorry, the error is that the submit button of the comments is acting as the submit button of the e-mail list. but NOT vice-versa.... the e-mail code comes becomes the comment code in the page. <? /* Scriptsmill comments script v1.03 Copyright (C) 2005-2006 ScriptsMill E-Mail: [email protected] URL: http://www.scriptsmill.com Author: Stanislav Perederiy This file is part of ScriptsMill Comments. ScriptsMill Comments is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. ScriptsMill Comments is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with ScriptsMill Comments; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ $COM_CONF['full_path'] = dirname(__FILE__); include("{$COM_CONF['full_path']}/config.php"); if (! $COM_CONF['dbhost']) { echo 'It seems that comments script is not properly installed. See readme.txt for more info.'; } require("{$COM_CONF['full_path']}/lang/lang_{$COM_CONF['lang']}.php"); require("{$COM_CONF['full_path']}/akismet-class.php"); $comments_db_link = mysql_connect($COM_CONF['dbhost'],$COM_CONF['dbuser'],$COM_CONF['dbpassword']); mysql_select_db($COM_CONF['dbname'], $comments_db_link); main(); function main() { if ($_REQUEST['action'] == 'add'){ add(); } elseif ($_REQUEST['action'] == 'unsub'){ unsub(); } elseif (1) { view(); } } function check_for_errors() { global $comments_db_link, $COM_CONF, $COM_LANG; $ip = mysql_escape_string($_SERVER['REMOTE_ADDR']); $result = mysql_query("SELECT ip FROM {$COM_CONF['dbbannedipstable']} WHERE ip='$ip'", $comments_db_link); if (mysql_num_rows($result)>0) { $error_message.=$COM_LANG['not_allowed'] . " "; } if ($_REQUEST['disc_name'] == '') { $error_message.=$_REQUEST['r_disc_name'] . " "; } if ($_REQUEST['disc_body'] == '') { $error_message.=$_REQUEST['r_disc_body'] . " "; } if ($_REQUEST['disc_email'] != '') { if (!is_email($_REQUEST['disc_email'])) { $error_message.="Invalid email address" . " "; } } return $error_message; } function flood_protection($INPUT) { global $comments_db_link, $COM_CONF, $COM_LANG; $result = mysql_query("select time from {$COM_CONF['dbmaintable']} where ip='{$_SERVER['REMOTE_ADDR']}' AND (UNIX_TIMESTAMP( NOW( ) ) - UNIX_TIMESTAMP( time )) < {$COM_CONF['anti_flood_pause']}", $comments_db_link); if (mysql_num_rows($result)>0) { $error_message="Flood detected"; return $error_message; } $result = mysql_query("select ID from {$COM_CONF['dbmaintable']} where text='{$INPUT['disc_body']}' AND author='{$INPUT['disc_name']}' AND href='{$INPUT['href']}'", $comments_db_link); if (mysql_num_rows($result)>0) { $error_message="Flood detected"; return $error_message; } return ""; } function spam_check($email, $name, $url, $text, $path_to_page, $ip) { global $COM_CONF, $comments_db_link; $try = 0; while (!$valid && $try <= 3) { // Initialize and verify API key $akismet = new Akismet($COM_CONF['site_url'], $COM_CONF['akismet_apikey']); $result = $akismet->isKeyValid(); // Possible values: 'valid', 'invalid', 'no connect' if ($result != 'valid') { if (($result == 'invalid')) { // Invalid key return 2; } else { // Could not connect to the Akismet server $try++; } } else { $valid = 1; } } if (!$valid) { return 3; // Could not connect to the Akismet server } // Pass comment info to the class $akismet->setCommentAuthorEmail($email); $akismet->setCommentAuthor($name); $akismet->setCommentAuthorURL($url); $akismet->setCommentContent($text); $akismet->setUserIP($ip); $akismet->setPermalink($COM_CONF['site_url'] . $path_to_page); $akismet->setCommentType('Comment'); $try = 0; while ($try <= 3) { // Check the comment for spam $result = $akismet->isCommentSpam(); // Possible values: 'false' (not spam), 'true' (spam), 'no connect' if ($result != 'false') { if ($result == 'true') { // The comment is spam return 1; } else { // Could not connect to the Akismet server $try++; } } else { return 0; } } return 3; // Could not connect to the Akismet server } function add() { global $comments_db_link, $COM_CONF, $COM_LANG; foreach ($_REQUEST as $key => $value) { if ($key == 'disc_body') { $comment_text=stripslashes($value); } $_REQUEST[$key] = str_replace('<', '<', $_REQUEST[$key]); $_REQUEST[$key] = str_replace('>', '>', $_REQUEST[$key]); if (get_magic_quotes_gpc()) { $_REQUEST[$key] = stripslashes($_REQUEST[$key]); } $_REQUEST[$key] = mysql_escape_string($_REQUEST[$key]); } $_REQUEST['href'] = str_replace('%2F', '/', $_REQUEST['href']); $_REQUEST['href'] = str_replace('%3F', '?', $_REQUEST['href']); $_REQUEST['href'] = str_replace('%26', '&', $_REQUEST['href']); $_REQUEST['href'] = str_replace('%3D', '=', $_REQUEST['href']); if ($_REQUEST['dont_show_email'] != '') { $dont_show="1"; } else { $dont_show="0"; } $error_message = check_for_errors(); $error_message .= flood_protection($_REQUEST); if ($COM_CONF['ckeck_for_spam']) { if (!$error_message) { $spam_check_result = spam_check($_REQUEST['disc_email'], $_REQUEST['disc_name'], "", $comment_text, $_REQUEST['href'], ""); if ($spam_check_result == 1) { $error_message .= " Your comment suspected as spam."; mysql_query("INSERT INTO {$COM_CONF['dbjunktable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link); } if ($spam_check_result == 2) { $error_message .= " Invalid WordPress API key"; } if ($spam_check_result == 3) { $error_message .= " Could not connect to the Akismet server"; } } } if ($error_message) { print "The following errors occured: $error_message Please <a href=\"javascript:history.go(-1)\">get back[/url] and try again."; return 0; } mysql_query("INSERT INTO {$COM_CONF['dbmaintable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link); if ($_REQUEST['email_me'] != '' && $_REQUEST['disc_email'] != '') { $result = mysql_query("select COUNT(*) from {$COM_CONF['dbemailstable']} where href='{$_REQUEST['href']}' AND email='{$_REQUEST['disc_email']}'", $comments_db_link); list ($count) = mysql_fetch_row($result); if ($count == 0) { $hash=md5($email . $COM_CONF['copy_random_seed']); mysql_query("INSERT INTO {$COM_CONF['dbemailstable']} VALUES (NULL, '{$_REQUEST['disc_email']}', '{$_REQUEST['href']}', '$hash')", $comments_db_link); } } if ($COM_CONF['email_admin']) { notify_admin($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email'], $comment_text, "{$_SERVER['REMOTE_ADDR']}, {$_SERVER['HTTP_USER_AGENT']}"); } notify_users($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email']); header("HTTP/1.1 302"); header("Location: {$COM_CONF['site_url']}{$_REQUEST['href']}"); print "<a href=\"{$COM_CONF['site_url']}{$_REQUEST['href']}\">Click here to get back.[/url]"; } function notify_admin($href, $name, $email, $text, $ip) { global $comments_db_link, $COM_CONF, $COM_LANG; $headers = "From: Comments <{$COM_CONF['email_from']}>\r\n"; $text_of_message=" {$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href {$COM_LANG['email_from']}: $name <$email> $text $ip "; mail($COM_CONF['email_admin'], "{$COM_LANG['email_new_comment']} $href", $text_of_message, $headers); } function notify_users($href, $name, $email_from) { global $comments_db_link, $COM_CONF, $COM_LANG; $headers = "From: Comments <{$COM_CONF['email_from']}>\n"; $result=mysql_query("select email, hash from {$COM_CONF['dbemailstable']} where href='$href'", $comments_db_link); while (list($email, $hash) = mysql_fetch_row($result)) { if ($email != $email_from) { $text_of_message=" {$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href {$COM_LANG['email_from']}: $name {$COM_LANG['email_to_unsubscribe']} {$COM_CONF['site_url']}{$COM_CONF['script_url']}?action=unsub&page=$href&id=$hash "; mail($email, "{$COM_LANG['email_new_comment']} $href",$text_of_message, $headers); } } } function unsub() { global $comments_db_link, $COM_CONF, $COM_LANG; $id=mysql_escape_string($_REQUEST['id']); $href=mysql_escape_string($_REQUEST['page']); mysql_query("delete from {$COM_CONF['dbemailstable']} where href='$href' AND hash='$id'", $comments_db_link); if (mysql_affected_rows() > 0) { print "{$COM_LANG['unsubscribed']}"; } else { print "{$COM_LANG['not_unsubscribed']}"; } } function view() { global $comments_db_link, $COM_CONF, $COM_LANG; $request_uri = mysql_escape_string($_SERVER['REQUEST_URI']); $result = mysql_query("select time, text, author, email, dont_show_email from {$COM_CONF['dbmaintable']} where href='$request_uri' order by time {$COM_CONF['sort_order']} LIMIT 10", $comments_db_link); $comments_count=0; $time=$text=$author=$email=$dont_show_email=array(); while (list($time[$comments_count], $text[$comments_count], $author[$comments_count], $email[$comments_count], $dont_show_email[$comments_count])=mysql_fetch_array($result)) { $text[$comments_count] = wordwrap($text[$comments_count], 75, "\n", 1); $time[$comments_count] = format_date($time[$comments_count]); $comments_count++; } require("{$COM_CONF['full_path']}/templates/{$COM_CONF['template']}.php"); } function format_date ($date) { global $COM_LANG; $year = substr($date, 0, 4); $month = intval(substr($date, 5, 2)) - 1; $day = substr($date, 8, 2); $hour = substr($date, 11, 2); $min = substr($date, 14, 2); return "$day {$COM_LANG['months'][$month]} $year, $hour:$min"; } function is_email($Addr) { $p = '/^[a-z0-9!#$%&*+-=?^_`{|}~]+(\.[a-z0-9!#$%&*+-=?^_`{|}~]+)*'; $p.= '@([-a-z0-9]+\.)+([a-z]{2,3}'; $p.= '|info|arpa|aero|coop|name|museum)$/ix'; return preg_match($p, $Addr); } ?> Link to comment https://forums.phpfreaks.com/topic/83166-error-from-comments/#findComment-423029 Share on other sites More sharing options...
ohdang888 Posted December 25, 2007 Author Share Posted December 25, 2007 i didn;t write this comment code myself ( i know, i know, i'm a noob) and i can't find the submit button in the code of the comment Link to comment https://forums.phpfreaks.com/topic/83166-error-from-comments/#findComment-423031 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.