Zend - The PHP Company




Guestbooks

Add Code


gBook  
Type: application
Added by: niallj
Entered: 23/12/2004
Last modified: 01/12/2004
Rating: - (fewer than 3 votes)
Views: 16621
Simple database application, using MySQL. Supports a customisable frontend and admin panel, index.php and gbookadmin.php included as examples. Actual display of messages is customisable by changing guestbook.msg.tpl, configuration variables are set in code.guestbook.php. The admin panel is by default non-protected. You will need to add your own check that a user is an admin.


index.php :: Example frontend
<?php
 //PROJECT guestbook
//MODULE index.php
//MODULEDESC Frontend (Test Page)
 require("code.guestbook.php");
 $guesttplfile_get_contents("guestbook.msg.tpl");
 ?>
 <html>
<head>
<title><?php echo $title?></title>
</head>
<body>
<h2>Welcome to My Guestbook!</h2>
<br />
<a href="gbookadd.php">Add your message</a>
<br />
<?php
    $dbInitialiseDB();
    GetGuestbookMessages($guesttpl$db);
    EndDB($db);
 ?>
 </body>
</html>

gbookadd.php :: example add new messages to gbook page

<?php
 //PROJECT guestbook
//MODULE add.php
//MODULEDESC Add to the guestbook (Test Page)
 require("code.guestbook.php");
 ?>
 <html>
<head>
<title><?php echo $title?></title>
</head>
<body>
<h2>Add A Message</h2>
<?php
    $dbInitialiseDB();
    if(isset($_REQUEST["readytoadd"])){
        AddGuestbookMessage($_POST$db);
    }
    else PrepareGuestbookSubmissionForm();
    EndDB($db);
 ?>
 </body>
</html>

guestbook.msg.tpl :: how messages are displayed

FRAME<table width="100%" style="border-style:solid">MESSAGES</table>ENDFRAME
MESSAGEHOLDER
<tr>
<td align="left"><b>AUTHOR</b></td><td align="right"><b>POSTDATE</b></td>
</tr>
<tr>
<td>TEXT</td>
</tr>
ENDMESSAGEHOLDER

gbookadmin.php : example admin panel

<?php
 //PROJECT guestbook
//MODULE gbookadmin.php
//MODULEDESC Administration (Test Page)
 require("code.guestbook.php");
 $guesttplfile_get_contents("guestbook.msg.tpl");
 ?>
 <html>
<head>
<title><?php echo $title?></title>
</head>
<body>
<h2>Guestbook Admin</h2>
<br />
<?php
 if(1){ //check if the user is an admin here. YOU MUST ADD YOUR OWN CHECK!!!!!
    $dbInitialiseDB();
    if(isset($_REQUEST["del"])){
        DeleteMessage($_REQUEST$db);
    }
    else GetAdminMsgList($db);
    EndDB($db);
}
else echo "You aren't an admin, f00l!n<br />n";
echo "<a href='".$guestbookmain."'>Guestbook Main</a>n<br />n";
 ?>
 </body>
</html>

code.guestbook.php : guestbook functions implemented by previous pages

<?php
 //PROJECT guestbook
//MODULE code.guestbook.php
//MODULEDESC Guestbook PHP Code
 $title"Niallj's bitchin guestbook."//the title of the guestbook
 $guestbookmain"index.php"//the file providing the frontend, in the example index.php
 $dbhost"localhost"//the host of the mysql database
 $dbuser""//the db username
 $dbpass""//the db password
 $dbname""//the name of the database
 function InitialiseDB(){
    $dbmysql_connect($dbhost$dbuser$dbhost);
    mysql_select_db($dbname$db);
    return $db;
}
function EndDB($db){
    mysql_close($db);
}
function GetGuestBookMessages($guestbookframe$db){
    $frameexplode("ENDFRAME"$guestbookframe);
    $frameexplode("FRAME"$frame[0]);
    $frameexplode("MESSAGES"$frame[1]);
    $beginframe$frame[0];
    $endframe$frame[1];
    $messagetplexplode("ENDMESSAGEHOLDER"$guestbookframe);
    $messagetplexplode("MESSAGEHOLDER"$messagetpl[0]);
    $messagetpl$messagetpl[1];
    echo $beginframe;
    $sql"SELECT * FROM `messages` ORDER BY `date` DESC";
    $querymysql_query($sql$db);
    while($postmysql_fetch_array($query)){
        $localmessagetpl$messagetpl;
        if($post["email"] != ""){
            $localmessagetplstr_replace("AUTHOR""<a href="mailto:".$post["email"]."">".$post["name"]."</a>"$localmessagetpl);
        }
        else $localmessagetplstr_replace("AUTHOR"$post["name"], $localmessagetpl);
        $localmessagetplstr_replace("POSTDATE"date("r"$post["date"]), $localmessagetpl);
        $localmessagetplstr_replace("TEXT"$post["text"], $localmessagetpl);
        echo $localmessagetpl;
    }
    echo $endframe;
}
function PrepareGuestbookSubmissionForm(){    
    echo "<form method='post'>n";
    echo "Your Name: <input type='text' name='name' value='' />n<br />n<br />n";
    echo "Your E-Mail: <input type='text' name='email' value='' />n<br />n<br />n";
    echo "<textarea name='text' cols='30' rows='10'>Your Message</textarea>n<br />n<br />n";
    echo "<input type='submit' value='Add!' /><input type='hidden' name='readytoadd' value='yep' />";
    echo "</form>n";
}
function AddGuestbookMessage($data$db){
    if($data["name"] == ""$data["name"]= "Anonymous";
    $data["name"]= str_replace("'""'"$data["name"]);
    $data["email"]= str_replace("'""'"$data["email"]);
    $data["text"]= str_replace("'""'"$data["text"]);
    if($data["text"] == ""){
        die("Yeah, very funny. You have to add a message to post :Pn<br />n<a href='javascript: history.go(-1)'>Go Back</a>");
    }
    $sql"INSERT INTO `messages` ( `name` , `email` , `text` , `date` ) VALUES ( '".$data["name"]."' , '".$data["email"]."' , '".$data["text"]."' , ".time()." )";
    mysql_query($sql$db);
    if(mysql_errno() != 0) die("There was a database error!n<br />n".mysql_errno().": ".mysql_error());
    else {
        echo "Your message has been added.n<br />n";
        echo "<a href='".$guestbookmain."'>Guestbook Main</a>";
    }
}
function GetAdminMsgList($db){
    $sql"SELECT * FROM `messages` ORDER BY `date` DESC";
    $query=    mysql_query($sql$db);
    while($messagemysql_fetch_array($query)){
        echo "Name: ".$message["name"]."n<br />n";
        echo "E-Mail: ".$message["email"]."n<br />n";
        echo "Posted at: ".date("r"$message["date"])."n<br />n";
        echo "Text: ".$message["text"]."n<br />n";
        echo "<a href='gbookadmin.php?del&name=".$message["name"]."&email=".$message["email"]."&date=".$message["date"]."'>Delete</a>n<br />n";
        echo "<hr />n";
    }
}
function DeleteMessage($data$db){
    $sql"DELETE FROM `messages` WHERE `name` = '".$data["name"]."' AND `email` = "".$data["email"]."" AND `date` = '".$data["date"]."'";
    mysql_query($sql$db);
    if(mysql_errno() != 0) die("There was a database error!n<br />n".mysql_errno().": ".mysql_error());
    else {
        echo "Done.n<br />n";
        echo "<a href='gbookadmin.php'>Admin</a><br />";
    }
}
 ?>


Usage Example




Rate This Script





Search



This Category All Categories
Solutions
Products
Services
© 2013 Zend Technologies Ltd. All rights reserved.