Jump to content

Shoutbox


Recommended Posts

Ok, I wrote a shoutbox script, which is viewable by visiting: http://www.imperialized.net/shoutbox/shoutbox.php

 

What my question is, do you see any problems with the functions or the code. Also, how can I better write my next page script? I'm sure there is a better way.

 

 

<?php
session_start();
/**
* @author David Lallone
* @title Shoutbox
* @copyright Imperialized.net 2008
* NOT FOR DISTROBUTIONAL PURPOSES (DO NOT USE WITHOUT PRIOR CONSENT)
*/

//Set Time & Date for easy display and also for use when posting a shout!
date_default_timezone_set('EST');

//Connect to DB
include("../sql/db_con.php");


//Check to see if the session is registered
$admin = $_SESSION['admin'];

//If the logout button was pressed, set session to 0
if($_POST['logout']) {
$pass = $_POST['password'];
$realpass = "bigmak50";
if($pass == $realpass) {
	$_SESSION['admin'] = 0;
	$admin = $_SESSION['admin'];
    } else {
	print "Wrong Password";
}
}

//Login button was pressed, check password then register session
if($_POST['admin_login']){
$pass = $_POST['password'];
$realpass = "Password Removed For Security Purposes.";
if($pass == $realpass) {
	$_SESSION['admin'] = 1;
	$admin = $_SESSION['admin'];
} else {
	Print "Wrong password, asshole.";
}
}



//What page are we at? If none, Set $pg = 1
//Also set the $start and $end variables for the pages.
$pg = $_GET['page'];
  if(is_numeric($pg)){
  if ($pg == "") {
  	$pg = 1; 
$start=0; 
$end=10;
 }
  if ($pg == 1){
  		$start=0; 
    $end=10;
} else {
  	$start = $pg * 10 - 9;
  	$end = $pg * 10;
}
} else {
  $pg = 1;
  $start=0; 
  $end=10;
}

//Count our shots for page usage and display
$count_shouts = "Select * from shoutbox";
$count_shouts_query = mysql_query($count_shouts);
$tshouts = mysql_num_rows($count_shouts_query);

//Set Date & Time
$date = date("m-d-Y");
$time = date("g:i a");

//What is the page supposed to do? 
$action = $_GET['action'];

?>
<html>
<head>
<link href="http://markjmcintosh.com/style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body bgcolor=#E8E8E8>
<?

//Ok, We want to delete a SHOUT!
if($action == "delshout"){
    $admin = $_SESSION['admin'];
$id = $_GET['id'];
if($admin =! 1) { print "You are not an admin..idiot"; exit; }
if($id == "") { print "No shout was selected..idiot"; exit; }
$del = "DELETE from shoutbox where id='$id'";
    $del_query = mysql_query($del);
    if(!$del_query) {
	print "delete failed, sorry!";
} else {
	print "
	<SCRIPT LANGUAGE=\"JavaScript\">
	window.location=\"shoutbox.php\";
        </script>";
}
}
// SEE IF WE HAVE SET THE COOKIE YET!
$name = "";
$website = "http://";

if($_POST['post_shout']){
$ip=$_SERVER['REMOTE_ADDR'];
$name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
$website = mysql_real_escape_string(htmlspecialchars($_POST['website']));
$shout = mysql_real_escape_string(htmlspecialchars($_POST['shout']));
$errormsg = "";
if (empty($name)) $errormsg .= "Name is Empty<br>";
if (empty($shout)) $errormsg .= "Shout is empty!";
if($errormsg != "") {
	echo $errormsg;
	exit;
} else {
	$add_shout = mysql_query("INSERT INTO `shoutbox` (`name`,`website`,`shout`,`date`,`time`,`ip`) VALUES ('$name','$website','$shout','$date','$time','$ip')");
	if(!$add_shout) { print "Failed to add shout!"; exit; } else {
		print "
		<SCRIPT LANGUAGE=\"JavaScript\">
window.location=\"shoutbox.php\";
</script>

		";
	}

}
}


// ADMIN LOGIN WAS CLICKED >> DISPLAY PASSWORD FORM

if($action == "login"){
?>
<table border=1 cellspacing=0 cellpadding=2 bgcolor=#ffffff width=425 height=200 align=center>
<tr>
<td width=160 valign=top>
<font size=1 color=#cccccc><?php print "$date : $time"; ?></font>
<?php
print "
<form name=\"shoutbox\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">
<font size=\"1\">Name:</font><br>
<input name=\"name\" type=\"text\"  STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"15\">
<font size=1>Website:</font><br>
<input name=\"website\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"45\" value=\"http://\">
<font size=1>Shout:</font>";
?>
<a href="shoutbox.php?action=smile" target=_self><font size=1>(smilies)</font></a><br>
<?php
print "
<input name=\"shout\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" maxlength=100 size=20><br>
<center><input type=submit name=\"post_shout\" style=\"color: #000000; border: 1; border-color: #000000; background-color: #cccccc; font-size: 8pt; height: 17px; width=50px;\" value=\"::Shout\">
</form>
";
?>
</td>
<td valign=center width=265>
<?
print "
<form name=\"admin_form\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">
<input type=\"password\" name=\"password\" STYLE=\"color: #000000; font-family: arial; font-size: 10px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"10\"><br>
<input type=submit name=\"admin_login\" style=\"color: #000000; border: 1px; border-color: #000000; background-color: #cccccc; font-size: 8pt; height: 17px; width=75px;\" value=\"Verify Me!\"> |
<input type=submit name=\"logout\" style=\"color: #000000; border: 1px; border-color: #000000; background-color: #cccccc; font-size: 8pt; height: 17px; width=75px;\" value=\"Logout\">
";
exit;
}

// SMILE LINK WAS CLICKED >> DONT DISPLAY SHOUTBOX INSTEAD SHOW THE SMILIES TABLE!



if($action == "smile"){
?>
<table border=1 cellspacing=0 cellpadding=2 bgcolor=#ffffff width=425 height=200 align=center>
<tr>
<td width=160 valign=top>
<center><font size=1 color=#cccccc><?php print "$date : $time"; ?> </center></font>
<?php
print "
<form name=\"shoutbox\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">
<font size=\"1\">Name:</font><br>
<input name=\"name\" type=\"text\"  STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"15\" value=\"$name\">
<font size=1>Website:</font><br>
<input name=\"website\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"45\" value=\"$website\">
<font size=1>Shout:</font>";
?>
<a href="shoutbox.php?action=smile" target=_self><font size=1>(smilies)</font></a><br>
<?php
print "
<input name=\"shout\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" maxlength=100 size=20><br>
<center><input type=submit name=\"post_shout\" style=\"color: #000000; border: 1; border-color: #000000; background-color: #cccccc; font-size: 10pt; font-weight: bold; height: 17px; width=50px;\" value=\"::Shout\">
</form>
<br><br>
<a href=shoutbox.php?action=login><img src=spacer.gif width=50 height=50 border=0></a>
";
?>
</td>
<td valign=top width=265>
<?php

// Load the Emoticons & Then display them in a table.
$smilies = file("emotes_faces.txt");
$smiliesp = file("emotes_pics_add_news.txt");
$csmile=count($smilies);
$row = 1;

echo "<div width='95%'><table width='100%' valign='top' cellpadding='2' cellspacing='0'><tr><td width='100%' align='center' bgcolor=#000000 border=1 colspan=5><font color=#ffffff size=1>Click the smiley to add it to your post</td></tr><tr>";

//This is the Similey Table
for($x=1;$x<count($smilies);$x++) {
$trim = htmlspecialchars(trim($smilies[$x]),ENT_QUOTES);

if($row == 6){ print "</tr><tr>"; $row = 1; } 
echo "<td align='left' onclick=\"document.forms['shoutbox'].elements['shout'].value+='$trim'\"><img src=\"emoticons/$smiliesp[$x]\" alt=\"$trim\"></td>";
$row++;
}
print "</tr>";
echo "</table></div>";
print "<center><font size=1><a href=\"shoutbox.php\">Back to Shouts</a></font></center>";
?>
</td>
</tr>
</table>


<?
die();	
}
?>


<!-- DEFAULT DISPLAY -->

<table border=1 cellspacing=0 cellpadding=2 bgcolor=#ffffff width=425 height=200 align=center>
<tr>
<td width=160 valign=top>
<font size=1 color=#cccccc><?php print "$date : $time"; ?></font>
<?php
print "
<form name=\"shoutbox\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">
<font size=\"1\">Name:</font><br>
<input name=\"name\" type=\"text\"  STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"15\">
<font size=1>Website:</font><br>
<input name=\"website\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"45\" value=\"http://\">
<font size=1>Shout:</font>";
?>
<a href="shoutbox.php?action=smile" target=_self><font size=1>(smilies)</font></a><br>
<?php
print "
<input name=\"shout\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" maxlength=100 size=20><br>
<center><input type=submit name=\"post_shout\" style=\"color: #000000; border: 1; border-color: #000000; background-color: #cccccc; font-size: 10pt; font-weight: bold; height: 17px; width=50px;\" value=\"::Shout\">
</form><br><br>
<a href=shoutbox.php?action=login><img src=spacer.gif width=50 height=50 border=0></a>
";
?>
</td>
<td valign=top width=265>
<table width=100% valign=top border=0 cellspacing=0 cellpadding=0>
<tr bgcolor=#cccccc><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=1>Total Shouts: <?php echo $tshouts; ?></a></font></center></td></tr>
<?php
$getshouts = "SELECT * FROM shoutbox ORDER BY id DESC LIMIT $start, $end";
$getshouts_query = mysql_query($getshouts);
$xrow = 0;
?>
<?php
while($x = mysql_fetch_array($getshouts_query)){
$id = $x['id'];
$name = $x['name'];
$website = $x['website'];
$shout = $x['shout'];
$date = $x['date'];
$time = $x['time'];

// Add Smilies!
$bbcode = file("emotes_faces.txt", FILE_IGNORE_NEW_LINES);
    $bbreplacements = file("emotes_pics.txt", FILE_IGNORE_NEW_LINES);
    $shout = str_replace($bbcode, $bbreplacements, $shout);
    
//Remove Slashes
$shout = stripslashes($shout);
    if($xrow == 0){
    
         if($admin == 1)
         { 
	 print "<tr bgcolor=#ffffff><td><font size=2>[<a href=shoutbox.php?id=$id&action=delshout&admin=1>X</a>]</font><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>";
         $xrow++;
     } else {
         print "<tr bgcolor=#ffffff><td><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>";
         $xrow++;
          }
    } else {
    	 if($admin == 1){
    	 	print "<tr bgcolor=#cccccc><td><font size=2>[<a href=shoutbox.php?id=$id&action=delshout&admin=1>X</a>]</font><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>";
         $xrow = 0;
    	  } else {	
     print "<tr bgcolor=#cccccc><td><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>";
     $xrow = 0;
     }
}
}
if($pg == 1){ 
	if($tshouts > 10){ 
		 print "<tr bgcolor=#ffffff><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=2> Next Page (2) </a></font></center></td></tr>"; }			
   }

if($pg != 1){
	$prev = $pg - 1;
        $next = $pg + 1;
        if($tshouts > $end){
	print "<br>
	<tr bgcolor=#cccccc><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=$prev> Previous ($prev)</a> | <a href=shoutbox.php?page=$next> Next Page ($next) </a></font></center></td></tr>
	";
	} else {
	print "<tr bgcolor=#cccccc><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=$prev> Previous ($prev)</a></font></center></td></tr>";	
}
}

print "</table>";
?>
</td>
</tr>
</table>

Link to comment
Share on other sites

CHMOD, done.

 

 

Anyways, you all were talking about this AJAX... I've googled it but am having some trouble understanding it. Could anyone point me in the right direction?

 

/edit: nevermind, I did not realize there was an AJAX forum here. 

 

// Does my Next Page & Previous Page code look ok? It looks so boggled and suggestions?

Link to comment
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.