Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- class Guestbook {
- var $result; // Main query result;
- var $count_result; // Count query result;
- var $dbc; // Database connection;
- var $total_entries; // How many records in database;
- var $table = "newsru"; // Guestbook table;
- function connect_db($server, $database, $user, $password)
- {
- $this->dbc = mysql_connect($server, $user, $password) or die ("Connection failed!");
- mysql_select_db($database) or die ("Database failed!");
- }
- function display_records($offset, $entries_per_page)
- {
- $this->result = mysql_query("SELECT id, name, email, message, date FROM $this->table ORDER BY id DESC LIMIT $offset, $entries_per_page") or die ("Query failed!");
- while ($row = mysql_fetch_array($this->result)) {
- $id = nl2br(htmlspecialchars($row["id"]));
- $display_name = nl2br(htmlspecialchars($row["name"]));
- $display_email = nl2br(htmlspecialchars($row["email"]));
- $display_message = nl2br(htmlspecialchars($row["message"]));
- $display_message = str_replace ("<img src=smiles/", "<img src=smiles/", $display_message);
- $display_message = str_replace (">", ">", $display_message);
- echo "<p class=text>Дата: <b>[" . $display_name . " ]</b><br>" . "Тема: $display_email" . "</a><br><br>" . $display_message."<form><input type=hidden name=id value=$id><input type=submit value=Удалить></form></p><hr width=90%>";
- }
- $this->count_result = mysql_query("SELECT count(id) AS number FROM $this->table") or die ("Query failed!");
- while ($count = mysql_fetch_array($this->count_result)) {
- $total_entries = $count["number"];
- }
- $pages = $total_entries / $entries_per_page;
- if ($pages < 1) {
- $pages = 1;
- }
- if ($pages / (int) $pages <> 1) {
- $pages = (int) $pages + 1;
- }
- else {
- $pages = $pages;
- }
- if (($offset > $total_entries) or (!is_numeric($offset)))
- $offset = 0;
- $pagenow = ($offset/$entries_per_page + 1);
- echo "<div align=center><br>Страница " . $pagenow . " из " . $pages;
- $next = $offset + $entries_per_page;
- $previous = $offset - $entries_per_page;
- if ($pages <> 1) {
- echo " || ";
- if ($previous < 0) {
- echo "<a href=gb.php?offset=" . $next . ">";
- echo "<acronym title='Next " . $entries_per_page . " records'>>>></acronym></a>";
- }
- elseif ($next >= $total_entries) {
- echo "<a href=gb.php?offset=" . $previous . ">";
- echo "<acronym title='Previous " . $entries_per_page . " records'><<<</acronym></a>";
- }
- else {
- echo "<a href=gb.php?offset=" . $previous . ">";
- echo "<acronym title='Previous " . $entries_per_page . " records'><<<</acronym></a>";
- echo " | ";
- echo "<a href=gb.php?offset=" . $next . ">";
- echo "<acronym title='Next " . $entries_per_page . " records'>>>></acronym></a>";
- }
- echo "</div><br>";
- }
- echo "<div align=center>Страниц: ";
- $i = 0;
- while ($i < $pages) {
- $ri = $i + 1;
- $showpage = $i * $entries_per_page;
- if ($ri == $pagenow)
- echo $ri . " ";
- else
- echo "<a href=gb.php?offset=" . $showpage . ">" . $ri . "</a> ";
- $i++;
- }
- echo "</div>";
- }
- function add_record($name, $email, $message, $smilies="on", $webmaster, $message_length, $language_filter, $bad_words)
- {
- if ($email == "") {
- $email = "no_email";
- }
- if (($language_filter == 1) and (strlen($webmaster) <> 0)) {
- for ($i=0;$i<sizeof($bad_words);$i++) {
- if ((strstr($name, $bad_words[$i])) or (strstr($email, $bad_words[$i])) or (strstr($message, $bad_words[$i]))) {
- $warningmessage = "Дата: " . $name . "\nТема: " . $email . "\nСообщение: " . $message;
- @mail($webmaster, "Bad language in the guestbook", $warningmessage);
- }
- }
- }
- if ($message_length <> 0) {
- $message = substr($message, 0, $message_length);
- }
- $this->result = mysql_query("INSERT INTO $this->table (name, email, message, date) VALUES ('$name', '$email', '$message', NOW())");
- // if (strlen($webmaster) <> 0) {
- // $sendmessage = "Name: " . $name . "\nEmail: " . $email . "\nMessage: " . $message;
- // @mail($webmaster, "Guestbook signed", $sendmessage);
- // }
- if (!$this->result)
- echo "Error!";
- }
- function del_record($id)
- {
- $this->result = mysql_query("DELETE FROM $this->table WHERE id=$id");
- if (!$this->result)
- echo "Error!";
- }
- function disconnect_db()
- {
- mysql_close($this->dbc);
- }
- }
- $webmaster = 'phil@peterhost.ru';
- $server = 'jurid.mysql';
- $database = 'db_jurid_1';
- $user = 'dbu_jurid_1';
- $password = 'TOw3e:Jt';
- $entries_per_page = 5;
- $message_length = 1024;
- $language_filter = 0;
- $bad_words = array (
- 'fuck', 'cunt', 'asshole',
- 'dick', 'pussy', 'bitch',
- 'motherfucker', 'nigger'
- );
- $myGB = new Guestbook;
- $myGB->connect_db($server, $database, $user, $password);
- if (isset($message)) {
- if (!isset($smilies))
- $myGB->add_record($name, $email, $message, "no", $webmaster, $message_length, $language_filter, $bad_words);
- else
- $myGB->add_record($name, $email, $message, $smilies, $webmaster, $message_length, $language_filter, $bad_words);
- }
- if (isset($id)) {
- $myGB->del_record($id);
- }
- if ((!isset($offset)) or ($offset < 0) or (!is_numeric($offset))) $offset = 0;
- $myGB->display_records($offset, $entries_per_page);
- $myGB->disconnect_db();
- ?>
- <div align=center>
- <table border=0 cellspacing=10 cellpadding=10 width=85% align=center>
- <tr>
- <td valign=top align=center width=60%>
- <p>
- (*) Обязательные поля
- <form name=myGB action=news.php method=post>
- * Дата:<br><input type='text' name='name' size=40 maxlength=40><br>
- Тема:<br><input type='text' name='email' size=40 maxlength=100><br>
- * Сообщение:<br><textarea name='message' rows=10 cols=40></textarea><br>
- <br>
- <input type=submit value='Оставить сообщение'">
- </form>
- </td>
- </tr>
- </table>
- </div>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement