| 6 |
kaklik |
1 |
<?php
|
|
|
2 |
#Shout It! Version 1.0 By Tim Lovett of www.alphibia.com
|
|
|
3 |
#You may not take credit for the code...
|
|
|
4 |
#You may redistribute if you keep the original zip intact
|
|
|
5 |
# www.weborum.com <- if you have any questions regarding the script.
|
|
|
6 |
|
|
|
7 |
#The smilies are free from an open directory so I have included them.
|
|
|
8 |
#http://members.shaw.ca/wenpigsfly/smileys/index.htm
|
|
|
9 |
#Some others were made by friends
|
|
|
10 |
#One was made by me.
|
|
|
11 |
#None were stolen, that open directory grants usage of theirs. :-)
|
|
|
12 |
#If you want any more smilies feel free to go there.
|
|
|
13 |
|
|
|
14 |
|
|
|
15 |
include 'ShoutBoxFiles/shoutoptions.php';
|
|
|
16 |
#include the shoutoptions.php file with admin's options...
|
|
|
17 |
|
|
|
18 |
include 'ShoutBoxFiles/shoutfunctions.php';
|
|
|
19 |
#includes all of the functions required
|
|
|
20 |
$Outside = 0;
|
|
|
21 |
$IP = $_SERVER["REMOTE_ADDR"];
|
|
|
22 |
#logs user IP (used for many different parts)
|
|
|
23 |
|
|
|
24 |
if ((isset($_GET['SelfDel']))&&($SelfDelete==1))
|
|
|
25 |
#if selfdel is set and the admin has turned on selfdeleting
|
|
|
26 |
{
|
|
|
27 |
$DelID = dbInsans($_GET['SelfDel']);
|
|
|
28 |
#sets DelID to the SelfDel, it holds the ID of the one you want to delete
|
|
|
29 |
|
|
|
30 |
$ShoutDisplay = $ShowNormal;
|
|
|
31 |
#will only get rid of ones being shown
|
|
|
32 |
|
|
|
33 |
$db = mysql_connect("$dbHost","$dbUser","$dbPass");
|
|
|
34 |
#connect to database
|
|
|
35 |
|
|
|
36 |
mysql_select_db($dbname,$db);
|
|
|
37 |
#select database
|
|
|
38 |
|
|
|
39 |
$requete = "SELECT * FROM ShoutBox ORDER BY Date DESC LIMIT 0,$ShoutDisplay";
|
|
|
40 |
#We want them only to be able to delete from the group that's up there now...
|
|
|
41 |
#not find the ID of one of their older archived and delete doing this protects that
|
|
|
42 |
#because instead of just grabbing the row, we're grabbing the shown ones and
|
|
|
43 |
#checking to see if we find the ID, if we find the ID and the IPs match, it's nuked
|
|
|
44 |
|
|
|
45 |
$result = mysql_query ($requete,$db);
|
|
|
46 |
|
|
|
47 |
while ($article = mysql_fetch_object($result))
|
|
|
48 |
#while we scroll through current ones
|
|
|
49 |
{
|
|
|
50 |
if($DelID==$article->ID)
|
|
|
51 |
#if ID is in the current ones
|
|
|
52 |
{
|
|
|
53 |
if($IP==$article->IP)
|
|
|
54 |
#if user owns the ID (if IPs match.)
|
|
|
55 |
{
|
|
|
56 |
$requete2 = "DELETE FROM ShoutBox WHERE ID='$DelID'";
|
|
|
57 |
#delete the item where the ID is the DelID
|
|
|
58 |
|
|
|
59 |
mysql_query ($requete2,$db);
|
|
|
60 |
#query the database with the query...
|
|
|
61 |
}
|
|
|
62 |
else
|
|
|
63 |
echo '<span class="shoutentry">Your IP does not match.</span>';
|
|
|
64 |
#the IP does not match...
|
|
|
65 |
}
|
|
|
66 |
|
|
|
67 |
}
|
|
|
68 |
|
|
|
69 |
}
|
|
|
70 |
|
|
|
71 |
#the following no script is required for legal reasons
|
|
|
72 |
?>
|
|
|
73 |
<noscript>
|
|
|
74 |
For a free easily customizable shout box/tag board script, head to <a href="www.alphibia.com">www.alphibia.com</a>.
|
|
|
75 |
</noscript>
|
|
|
76 |
<?php
|
|
|
77 |
if (isset($_POST['shoutsubmit']))
|
|
|
78 |
#if the user has clicked the submit button
|
|
|
79 |
{
|
|
|
80 |
|
|
|
81 |
$Name = lefts(dbInsans($_POST['ShoutName']),$NameCutOff);
|
|
|
82 |
# Users Name, it's cut off at the name cutoff, useful for formatting restrictions
|
|
|
83 |
|
|
|
84 |
$URL = dbInsans($_POST['ShoutURL']);
|
|
|
85 |
#for URL/Email
|
|
|
86 |
|
|
|
87 |
$Date = time();
|
|
|
88 |
#Time user is posting...
|
|
|
89 |
|
|
|
90 |
$Message = dbInsans(lefts($_POST['Message'], $MessageCutOff));
|
|
|
91 |
#User's message... lefts cuts it off and dbInsans protects againsts hackers
|
|
|
92 |
|
|
|
93 |
#the next few pieces of code check the user IP against database at ID and the date
|
|
|
94 |
|
|
|
95 |
$r=0;
|
|
|
96 |
#We're going to use the variable r as a switch to determine if they're in the database.
|
|
|
97 |
|
|
|
98 |
$db = mysql_connect("$dbHost","$dbUser","$dbPass");
|
|
|
99 |
#connecting to the database area
|
|
|
100 |
|
|
|
101 |
mysql_select_db($dbname,$db);
|
|
|
102 |
#selecting our database
|
|
|
103 |
|
|
|
104 |
$requete = "SELECT Date FROM ShoutBox WHERE IP='$IP' ORDER By Date Desc LIMIT 1";
|
|
|
105 |
#A query to pull the last date from the owner of this IP
|
|
|
106 |
|
|
|
107 |
$result = mysql_query ($requete,$db);
|
|
|
108 |
#Should return ips of voters
|
|
|
109 |
|
|
|
110 |
$article = mysql_fetch_object($result);
|
|
|
111 |
#since it's only 1 item we want, the first
|
|
|
112 |
|
|
|
113 |
$u=0;$y=0;
|
|
|
114 |
if ($Message==NULL)
|
|
|
115 |
$u=1; #if it's empty...
|
|
|
116 |
if (($Date-$article->Date)<$ShoutWait)
|
|
|
117 |
$u=1; #if the article is posted too soon from last
|
|
|
118 |
#That was flood control.
|
|
|
119 |
|
|
|
120 |
#Check and see if user is banned. :-X
|
|
|
121 |
$requete = "SELECT IP FROM ShoutBoxBanned WHERE IP='$IP'";
|
|
|
122 |
#A query to pull our guy if he's there
|
|
|
123 |
|
|
|
124 |
$result = mysql_query ($requete,$db);
|
|
|
125 |
#Should return ip if he's there
|
|
|
126 |
|
|
|
127 |
$article = mysql_fetch_object($result);
|
|
|
128 |
if ($article->IP!=NULL)
|
|
|
129 |
$y=1; #if it's not empty, he's there
|
|
|
130 |
|
|
|
131 |
if ($u==0)
|
|
|
132 |
#if the message wasn't null and he isn't flooding
|
|
|
133 |
{
|
|
|
134 |
if($y==0)
|
|
|
135 |
#if he's not banned
|
|
|
136 |
{
|
|
|
137 |
#the following sets his cookies
|
|
|
138 |
?>
|
|
|
139 |
<script language="JavaScript" type="text/javascript">
|
|
|
140 |
var now = new Date();
|
|
|
141 |
now.setTime(now.getTime() + 365 * 24 * 60 * 60 * 1000);
|
|
|
142 |
setCookie("ShoutName", "<?php echo $Name;?>", now);
|
|
|
143 |
setCookie("ShoutURL", "<?php echo $URL;?>", now);
|
|
|
144 |
</script>
|
|
|
145 |
<?php
|
|
|
146 |
|
|
|
147 |
$sql = "INSERT INTO ShoutBox (Date, URL, IP, Name, Message) VALUES ('$Date', '$URL', '$IP', '$Name', '$Message')";
|
|
|
148 |
#Creates the insert query string.
|
|
|
149 |
|
|
|
150 |
mysql_query($sql, $db);
|
|
|
151 |
#Queries the database and adds the user.
|
|
|
152 |
}
|
|
|
153 |
else
|
|
|
154 |
{
|
|
|
155 |
echo '<span class="shoutentry">Sorry the admin banned you from posting.</span><br />';
|
|
|
156 |
#let him know he's been banned
|
|
|
157 |
}
|
|
|
158 |
|
|
|
159 |
}
|
|
|
160 |
else
|
|
|
161 |
{
|
|
|
162 |
echo '<span class="shoutentry">Flood Protection is enabled, sorry.</span><br />';
|
|
|
163 |
#if he's sending empty messages or flooding, he gets this
|
|
|
164 |
}
|
|
|
165 |
|
|
|
166 |
}
|
|
|
167 |
|
|
|
168 |
#Code to delete after rows...
|
|
|
169 |
|
|
|
170 |
$db = mysql_connect("$dbHost","$dbUser","$dbPass");
|
|
|
171 |
#connecting to the database area
|
|
|
172 |
|
|
|
173 |
mysql_select_db($dbname,$db);
|
|
|
174 |
#selecting our database
|
|
|
175 |
|
|
|
176 |
$MaxRows2 = $MaxRows-1;
|
|
|
177 |
#used to create limit
|
|
|
178 |
|
|
|
179 |
$requete = "SELECT Date FROM ShoutBox ORDER By Date Desc LIMIT $MaxRows2,$MaxRows";
|
|
|
180 |
#grabs the $MaxRow(set in useroptions)'s entry
|
|
|
181 |
|
|
|
182 |
$result = mysql_query ($requete,$db);
|
|
|
183 |
#Should return the MaxRow's date
|
|
|
184 |
|
|
|
185 |
$article = mysql_fetch_object($result);
|
|
|
186 |
#Only need one article so not looping
|
|
|
187 |
|
|
|
188 |
$Last = $article->Date;
|
|
|
189 |
#We grab his date
|
|
|
190 |
|
|
|
191 |
$requete2 = "DELETE FROM ShoutBox WHERE Date<'$Last'";
|
|
|
192 |
#deletes anything before that entry...
|
|
|
193 |
|
|
|
194 |
mysql_query ($requete2,$db);
|
|
|
195 |
#queries the query
|
|
|
196 |
|
|
|
197 |
$ShoutDisplay = $ShowNormal;
|
|
|
198 |
#Set the display to normal, when entries is called ShoutDisplay is used to determine
|
|
|
199 |
#how many to show...
|
|
|
200 |
if ($IFRAME==1)
|
|
|
201 |
echo '<iframe class="shoutiframe" src="ShoutBoxFiles/shoutiframe.php"></iframe>';
|
|
|
202 |
else
|
|
|
203 |
include 'ShoutBoxFiles/shoutentries.php';
|
|
|
204 |
#include the entries
|
|
|
205 |
|
|
|
206 |
?>
|
|
|
207 |
|
|
|
208 |
<a class="shoutlink" href="javascript:shoutbox('ShoutBoxFiles/shoutboxarch.php')">Display Archived Shouts</a>
|
|
|
209 |
|
|
|
210 |
<br />
|
|
|
211 |
<form method="post" name="shoutbox" action="<?php echo $_SERVER['SCRIPT_NAME'];?>">
|
|
|
212 |
<span class="shoutinput">Name : </span><br /><input type="text" name="ShoutName" /><br />
|
|
|
213 |
<br />
|
|
|
214 |
<span class="shoutinput">Email/URL : </span><br /><input type="text" name="ShoutURL" /><br />
|
|
|
215 |
<br />
|
|
|
216 |
<span class="shoutinput">Message : </span><br />
|
|
|
217 |
<textarea name="Message" rows="3" cols="18" class="shouttextarea" onkeyup="TrackCount(this,'textcount',<?php echo $MessageCutOff;?>)" onkeypress="LimitText(this,<?php echo $MessageCutOff;?>)"></textarea><br />
|
|
|
218 |
<span class="shoutinput">Characters remaining: </span> <input type="text" name="textcount" size="3"
|
|
|
219 |
value="<?php echo $MessageCutOff;?>" /><br />
|
|
|
220 |
<input type="submit" name="shoutsubmit" value="Submit" /> <a class="shoutlink" href="javascript:shoutbox('ShoutBoxFiles/shoutboxpopup.php')">Shout-Code!</a>
|
|
|
221 |
|
|
|
222 |
</form>
|
|
|
223 |
<script language="JavaScript" type="text/javascript">
|
|
|
224 |
var cookievalu = getCookie("ShoutName");
|
|
|
225 |
if (cookievalu!=null)
|
|
|
226 |
document.shoutbox.ShoutName.value = cookievalu;
|
|
|
227 |
else
|
|
|
228 |
document.shoutbox.ShoutName.value ="";
|
|
|
229 |
|
|
|
230 |
var cookieval = getCookie("ShoutURL");
|
|
|
231 |
if (cookieval!=null){
|
|
|
232 |
document.shoutbox.ShoutURL.value = cookieval;
|
|
|
233 |
}
|
|
|
234 |
else
|
|
|
235 |
document.shoutbox.ShoutURL.value ="";
|
|
|
236 |
|
|
|
237 |
</script>
|
|
|
238 |
</div>
|