Jump to content

hide admin login and viewers email

evelinej

By evelinej
in PHP Coding Help

Recommended Posts

evelinej Newbie

evelinej

Posted
Posted

Hello.  I copied this free guestbook php code but I wanted to edit it so that the admin login is viewed only by me and not not on the same page as the guestbook form and guest entries.  I will also like to hide the email address that is entered by the viewers so that I can only see it. Please help.  Thanks a lot!

 

 

<?php
function say($chars = array()) { $str = null; $alphabeth = range('a','z'); foreach($chars as $char) { $str .= $char==-1 ? ' ' : $alphabeth[$char]; } return $str; }
echo say(array(7,4,11,11,14,-1,22,14,17,11,3));
?> 


froppo 
n00bie

Offline

Posts: 7


   Re: Change text color? 
« Reply #2 on: October 05, 2006, 02:12:12 PM » Quote  

--------------------------------------------------------------------------------
Sorry.

The entire page script is as follows:

Code:

<?php
# You must set this correctly to a
# location where you are allowed to
# create a file! 
$guestbook = 'guestbook.dat';
# Choose your own password
$adminPassword = 'CHANGEME';
        # Hide harmless warning messages that confuse users.
        # If you have problems and you don't know why,
        # comment this line out for a while to get more
        # information from PHP
        error_reporting (E_ALL ^ (E_NOTICE | E_WARNING));

# No changes required below here

$admin = 0;
if ($adminPassword == 'frank2') {
	die("You need to change \$adminPassword first.");
}

# Undo magic quotes - useless for flat files,
# and inadequate and therefore dangerous for databases. See:
# http://www.boutell.com/newfaq/creating/magicquotes.html

function stripslashes_nested($v)
{
	if (is_array($v)) {
		return array_map('stripslashes_nested', $v);
	} else {
		return stripslashes($v);
	}
}

if (get_magic_quotes_gpc()) {
	$_GET = stripslashes_nested($_GET);
	$_POST = stripslashes_nested($_POST);
}
?>
<html>
<head>
<title>Really Simple PHP Guestbook</title>
</head>
<BODY BGCOLOR=#000000 LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0 link="#97C5F4" vlink="#80A8D1">
<font face="helvetica" size=2 color="#ffffff">
<h1 align="center">Really Simple PHP Guestbook</h1>
<div align="center">

<?php
   $password = "";
   if ($_POST['password'] == $adminPassword) {
      $admin = 1;
      $password = $adminPassword;
   } else if (strlen($_POST['password'])) {
      echo("<h2>Login Failed (Bad Password)</h2>\n");
   }
?>   
<table border="0" cellpadding="3" cellspacing="3">
<tr><th>Date</th><th>Name</th><th>Email</th><th>Comment</th>
<?php
   if ($admin) {
      echo "<th>Controls</th>";
   }
?>
</tr>
<?php
   if ($_POST['submit']) {
      $file = fopen($guestbook, "a");
      if (!$file) {
         die("Can't write to guestbook file");
      }
      $date = date('F j, Y, g:i a');
      $id = rand();
      $name = $_POST['name'];
      $email = $_POST['email'];
      $comment = $_POST['comment'];
      $name = clean($name, 40);
      $email = clean($email, 40);
      $comment = clean($comment, 40);
      fwrite($file,
         "$date\t$name\t$email\t$comment\t$id\n");
      fclose($file);   
   }
   $file = fopen($guestbook, 'r');
   $tfile = null;
   $delete = 0;
   $deleteId = '';
   if ($admin && $_POST['delete']) {
      $delete = 1;
      $deleteId = $_POST['id'];
      $tfile = @fopen("$guestbook.tmp", 'w');
      if (!$tfile) {
         die("Can't create temporary file for delete operation");
      }
   }
   if ($file) {
      while (!feof($file)) {
         $line = fgets($file);
         $line = trim($line);
         list ($date, $name, $email, $comment, $id) =
            split("\t", $line, 5);
         if (!strlen($date)) {
            break;
         }
         if (!strlen($id)) {
            // Support my old version
            $id = $date;
         }   
         if ($delete) {
            if ($id == $deleteId) {
               continue;
            } else {
               fwrite($tfile,
                  "$date\t$name\t$email\t$comment\t$id\n");
            }
         }
         echo "<tr><td>$date</td><td>$name</td>";
         echo "<td>$email</td><td>$comment</td>";
         if ($admin) {
            echo "<td>";
            echo "<form action=\"guestbook.php\" " .
               "method=\"POST\">";
            passwordField();
            hiddenField('id', $id);
            echo "<input type=\"submit\" " .
               "value=\"Delete\" " .
               "name=\"delete\">";
            echo "</form>";
            echo "</td>";
         }
         echo "</tr>\n";
      }
      fclose($file);
      if ($delete) {
         fclose($tfile);
         unlink($guestbook);
         rename("$guestbook.tmp", $guestbook);
      }   
   }
   function clean($name, $max) {
      # Turn tabs and CRs into spaces so they can't
      # fake other fields or extra entries
      $name = ereg_replace("[[:space:]]", ' ', $name);
      # Escape < > and and & so they
      # can't mess withour HTML markup
      $name = ereg_replace('&', '&', $name);
      $name = ereg_replace('<', '<', $name);
      $name = ereg_replace('>', '>', $name);
      # Don't allow excessively long entries
      $name = substr($name, 0, $max);
      # Undo PHP's "magic quotes" feature, which has
      # inserted a \ in front of any " characters.
      # We undo this because we're using a file, not a
      # database, so we don't want " escaped. Those
      # using databases should do the opposite:
      # call addslashes if get_magic_quotes_gpc()
      # returns false.
      return $name;
   }
   function passwordField() {
      global $admin;
      global $password;
      if (!$admin) {
         return;
      }
      hiddenField('password', $password);
   }
   function hiddenField($name, $value) {
      echo "<input type=\"hidden\" " .
         "name=\"$name\" value=\"$value\">";
   }
?>
</table>
<?php
   if (!$admin) {
?>
<form action="guestbook.php" method="POST">
Admin Login
<p>
Admin Password: <input type="password" name="password">
<input type="submit" name="login" value="Log In">
</form>
<?php
   }
?>
<form action="guestbook.php" method="POST">
<table border="0" cellpadding="5" cellspacing="5">
<tr>
<td colspan="2">Sign My Guestbook!</td>
</tr>
<tr>
<th>Name</th><td><input name="name" maxlength="40"></td>
</tr>
<tr>
<th>Email</th><td><input name="email" maxlength="40"></td>
</tr>
<tr>
<th>Comment</th><td><input name="comment" maxlength="40"></td>
</tr>
<tr>
<th colspan="2">
<input type="submit" name="submit" value="Sign the Guestbook">
</th>
</tr>
</table>
<?php
   passwordField();
?>
</form>
</div>
</body>
</html>

 

 

Link to comment
https://forums.phpfreaks.com/topic/98744-hide-admin-login-and-viewers-email/
Share on other sites
ohdang888 Advanced Member

ohdang888

Posted
Posted

dude....

 

we don't know anything about the way your tables and databases are set up, or anything like that.. we can't help you with this.

and you're obvisouly at a level where you would need help on every single tiny error received.

 

 

This forum isn't going to create stuff for you.... you create it, see the errors, and then we'll help to solve those errors.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.