Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $conn = mysql_connect('localhost', 'root' , '') or die('Cannot Connect To MySQL Server. <b' . 'r>' . mysql_error());
- mysql_select_db('test', $conn) or die('Cannot Select MySQL Database.<b' . 'r>' . mysql_error());
- $guessbook_name = '';
- $guessbook_email = '';
- $guessbook_message = '';
- $errors = Array ();
- if($_SERVER['REQUEST_METHOD'] === 'POST'){
- $time = time ();
- if (isset($_POST['guestbook_name'], $_POST['guestbook_email'], $_POST['guestbook_message'] )) {
- $guessbook_name = mysql_real_escape_string( htmlentities( $_POST['guestbook_name'] ));
- $guessbook_email = mysql_real_escape_string( htmlentities( $_POST['guessbook_email'] ));
- $guessbook_message = mysql_real_escape_string( htmlentities( $_POST['guessbook_message'] ));
- /** More Descriptive Errors Are Better **/
- if( strlen($guessbook_name) > 25){ $errors[] = '<span style="font-weight: bold";>Name</span> is too long -or- Contains Invalid Characters (Max 25 Characters).'; }
- if( strlen($guessbook_email) > 255){ $errors[] = '<span style="font-weight: bold";>Email</span> is too long -or- Contains Invalid Characters (Max 255 Characters).'; }
- if( strlen($guessbook_message) > 255){ $errors[] = '<span style="font-weight: bold";>Message</span> is too long -or- Contains Invalid Characters (Max 255 Characters).'; }
- }else{
- $errors[] = 'All Fields Are Required.';
- }
- /** If No Errors, Proceed And Insert Data In To Database **/
- if(count($errors) === 0){
- $insert = "INSERT INTO entries VALUES('', '{$time}', '{$guessbook_name}', '{$guessbook_email}', '{$guessbook_message}')";
- if(!mysql_query( $insert )){
- $errors[] = 'Server Error, please try again later.';
- // Really should log the error.
- }
- }
- }
- $form = <<<FORM
- <form method="post" action="{$_SERVER['PHP_SELF']}">
- <span style="font-weight: bold">Post Something...</span><br>
- Name:
- <br>
- <input type= "text" name="guestbook_name" maxlength="25" value="{$guessbook_name}">
- <br>
- Email
- <br>
- <input type= "text" name="guestbook_email" maxlength"255" value="{$guessbook_email}">
- <br>
- Message:
- <br>
- <textarea name= "guestbook_message" rows="6" cols="30" maxlength="255">{$guessbook_message}</textarea>
- <br>
- <input type="submit" value="Post">
- </form>
- FORM;
- $entries = '';
- $results = mysql_query("SELECT timestamp,name,email,message FROM entries ORDER BY timestamp DESC") or die(mysql_error());
- if(mysql_num_rows($results) === 0){
- $entries = '<p>No Entries Yet</p>';
- }else{
- while($row = mysql_fetch_assoc($results)){
- $timestamp = date('D M Y @ h:i:s', $row['timestamp']);
- $entries .= <<<ENTRY
- <p>
- <span style="font-weight: bold;">
- Posted By: {$row['name']}({$row['email']}) on {$timestamp}.
- </span>
- <br>
- {$row['message']}
- </p>
- ENTRY;
- }
- }
- if(count($errors) > 0){
- echo '<p><span style="font-weight: bold;">Errors</span><br>';
- echo implode('<br>', $errors);
- echo '</p>';
- }
- echo $form;
- echo $entries;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement