gusucode.com > weenCompany闻名企业网站系统 4.0.0 繁体中英文 UTF8源码程序 > modules/m4_guestbook/guestbook.php
<?php
// +---------------------------------------------+
// | Copyright 2007 - 2008 weenCompany |
// | http://www.weentech.com |
// | This file may not be redistributed. |
// +---------------------------------------------+
if(!defined('IN_WEENCOMPANY'))
die('File not found!');
// ############################## INSERT MESSAGE ###############################
function m4_InsertMessage($language)
{
global $DB, $sdlanguage;
// get message lenth setting
$getmessagelength = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 4 AND title = '內容字符長度'");
$messagelength = $getmessagelength['value'];
if(!strlen($_POST['m4_username']))
{
$errors[] = $language['no_username'];
}
if(!strlen($_POST['m4_message']))
{
$errors[] = $language['no_message'];
}
if(strlen($_POST['m4_message']) > $messagelength)
{
$errors[] = $language['message_too_long'] . ' ' . $messagelength . ' ' . $language['characters'];
}
if(strlen($_POST['m4_website']))
{
// get rid of any trailing slash (doesn't work with ereg pattern)
if(substr($_POST['m4_website'], -1) == '/')
{
$_POST['m4_website'] = substr($_POST['m4_website'], 0, -1);
}
// add http if (needed with the ereg pattern)
if(substr($_POST['m4_website'], 0, 3) == 'www')
{
$_POST['m4_website'] = 'http://' . $_POST['m4_website'];
}
if(!ereg("^(http|https|ftp)\://((([a-zA-Z0-9\-]+\.){1,}[a-zA-Z]{2,4})|(localhost))(:[0-9]+){0,1}(/[a-zA-Z0-9\-\_\,\./\+&%\$#\=~]+)*$", $_POST['m4_website']))
{
$errors[] = $language['url_invalid']; // doesn't accept links without http, needs to be fixed so it does
}
if(strlen($_POST['m4_websitename']) == 0)
{
$errors[] = $language['no_site_name'] . '<br />';
}
}
// Check Visual Verify Code if set
$vvc = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 4 AND title = '驗證碼'");
if($vvc[0] == 1)
{
$vvcid = $_POST['m4_vvcid'];
$code = $_POST['m4_verifycode'];
if(!ValidVisualVerifyCode($vvcid, $code))
{
$errors[] = $sdlanguage['incorrect_vvc_code'];
}
}
if(!isset($errors))
{
// check for repeat posting
$lastentry = $DB->query_first("SELECT username, message FROM " . TABLE_PREFIX . "m4_guestbook ORDER BY messageid DESC LIMIT 1");
if($lastentry['username'] == $_POST['m4_username'] AND $lastentry['message'] == $_POST['m4_message'])
{
echo $language['repeat_comment'] . '<br />';
}
else
{
$getoncheck = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 4 AND title = '審核發佈'");
$checkedon = $getoncheck['value'];
$DB->query("INSERT INTO " . TABLE_PREFIX . "m4_guestbook (noactivated, username, websitename, website, message, datecreated)
VALUES ('".$checkedon."', '".$_POST['m4_username']."', '".$_POST['m4_websitename']."', '".$_POST['m4_website']."', '".$_POST['m4_message']."', " . time() . ")");
}
m4_DisplayMessages(0, $language);
}
else
{
foreach($errors as $key => $value)
{
echo $value . '<br /><br />';
}
m4_SubmitMessage($language);
}
}
// ############################## SUBMIT MESSAGE ###############################
function m4_SubmitMessage($language)
{
global $DB, $categoryid, $userinfo, $inputsize, $sdlanguage;
$vvc = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 4 AND title = '驗證碼'");
echo '<form method="post" action="' . RewriteLink('index.php?categoryid=' . $categoryid . '&m4_action=insertmessage') . '">
<table width="100%" border="0" cellspacing="0" cellpadding="0">';
if($userinfo['loggedin'])
{
echo '<input type="hidden" name="m4_username" value="' . $userinfo['username'] . '" />';
}
else
{
echo '<tr>
<td valign="top" width="100">' . $language['name'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="text" size="' . $inputsize . '" name="m4_username" value="' . $_POST['m4_username'] . '" /> <font color=red>*</font></td>
</tr>';
}
echo '<tr>
<td valign="top" width="100">' . $language['website_name'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="text" size="' . $inputsize . '" name="m4_websitename" value="' . $_POST['m4_websitename'] . '" /></td>
</tr>
<tr>
<td valign="top" width="100">' . $language['website_url'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="text" size="' . $inputsize . '" name="m4_website" value="' . $_POST['m4_website'] . '" /></td>
</tr>
<tr>
<td valign="top" width="100">' . $language['message'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><textarea name="m4_message" rows="5" cols="' . $inputsize . '">' . $_POST['m4_message'] . '</textarea> <font color=red>*</font></td>
</tr>';
if($vvc[0])
{
$vvcid = CreateVisualVerifyCode();
echo '<tr>
<td valign="top" width="100"></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="hidden" name="m4_vvcid" value="' . $vvcid . '"/>
<img src="includes/vvc.php?vvcid=' . $vvcid . '"/></td>
</tr>
<tr>
<td style="padding-left: 10px; padding-bottom: 10px;" colspan="2">' . $sdlanguage['enter_verify_code'] . '</td>
</tr>
<tr>
<td valign="top" width="100"></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="text" size="'.$inputsize.'" name="m4_verifycode"/> <font color=red>*</font></td>
</tr>';
}
echo '<tr>
<td></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="submit" name="m4_Submit" value="' . strip_tags($language['submit_message']) . '" /> <input type="reset" value="' . strip_tags($language['reset']) . '"></td>
</tr>
</table>
</form>';
}
// ############################# DISPLAY GUESTBOOK #############################
function m4_DisplayMessages($start, $language)
{
global $DB, $categoryid, $userinfo, $inputsize, $sdlanguage;
// load guestbook settings
$getsettings = $DB->query("SELECT title, value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 4");
for($i = 0; $setting = $DB->fetch_array($getsettings); $i++)
{
$settings[$setting['title']] = $setting['value'];
}
$messagelimit = $settings['顯示條目數']; // number of messages to display per page
$wordwrap = $settings['換行字符數'];
if(in_array(4, $userinfo['modulesubmitids']))
{
echo '<center><a href="' . RewriteLink('index.php?categoryid=' . $categoryid . '&m4_action=submitmessage') . '">' . $language['sign_guestbook'] . '</a></center>
<br /><br />';
}
else
{
echo '<center>' . $sdlanguage['no_post_access'] . '</center>
<br /><br />';
}
$getmessages = $DB->query("SELECT * FROM " . TABLE_PREFIX . "m4_guestbook ORDER BY messageid DESC LIMIT $start, " . ($messagelimit +1) . "");
$rows = $DB->get_num_rows($getmessages);
for($i = 0; $i < $rows AND $i < $messagelimit; $i++)
{
$message = $DB->fetch_array($getmessages);
$username = $message['username'];
$websitename = $message['websitename'];
if($message['noactivated']){
$comment = $language['message_checking'];
}else{
$comment = nl2br($message['message']);
}
if($wordwrap)
{
$username = cws_wordwrap($username, $wordwrap, "<br />", 1);
$websitename = cws_wordwrap($websitename, $wordwrap, "<br />", 1);
$comment = cws_wordwrap($comment, $wordwrap, "<br />", 1);
}
if($settings['允許表情符號'])
{
$comment = AddSmilies($comment);
}
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="70" valign="top" style="padding-right: 10px; padding-bottom: 10px;">' . $language['name'] . '</td>
<td valign="top">'.$username.'</td>
</tr>';
if($settings['顯示發表日期'])
{
echo '<tr>
<td width="70" valign="top" style="padding-right: 10px; padding-bottom: 10px;">' . $language['date'] . '</td>
<td valign="top">'.DisplayDate($message['datecreated']).'</td>
</tr>';
}
if(strlen($message['website']) > 0)
{
echo '<tr>
<td width="70" valign="top" style="padding-right: 10px; padding-bottom: 10px;">' . $language['website'] . '</td>
<td valign="top"><a href="'.$message['website'].'" target="_blank">'.$websitename.'</a></td>
</tr>';
}
echo '<tr>
<td width="70" valign="top" style="padding-right: 10px;">' . $language['message'] . '</td>
<td valign="top">'.$comment.'</td>
</tr>
</table>';
if( (($i + 1) < $rows) AND (($i + 1) < $messagelimit) )
{
echo '<br /><hr /><br />';
}
} // end for loop
// previous and next section
if($start > 0 OR $rows > $messagelimit)
{
echo '<br /><hr /><br />
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>';
if($start > 0)
{
echo '<td><a href="' . RewriteLink('index.php?categoryid=' . $categoryid . '&m4_start=' . ($start - $messagelimit)) . '">' . $language['previous'] . '</a></td>';
}
if($rows > $messagelimit)
{
$start += $messagelimit;
echo '<td align="right"><a href="' . RewriteLink('index.php?categoryid=' . $categoryid . '&m4_start=' . $start) . '">' . $language['next'] . '</a></td>';
}
echo '</tr></table>';
}
}
// ############################ VALIDATE VARIABLES #############################
$m4_action = isset($_GET['m4_action']) ? $_GET['m4_action'] : (isset($_POST['m4_action']) ? $_POST['m4_action'] : '');
$m4_start = (isset($_GET['m4_start']) AND ereg("^[0-9]+$", $_GET['m4_start'])) ? $_GET['m4_start'] : ((isset($_POST['m4_start']) AND ereg("^[0-9]+$", $_POST['m4_start'])) ? $_POST['m4_start'] : 0);
// ########################### LOAD MODULE LANGUAGE ############################
$m4_language = GetLanguage(4);
// ############################## SELECT FUNCTION ##############################
if($m4_action == 'insertmessage' AND in_array(4, $userinfo['modulesubmitids']))
{
m4_InsertMessage($m4_language);
}
else if($m4_action == 'submitmessage' AND in_array(4, $userinfo['modulesubmitids']))
{
m4_SubmitMessage($m4_language);
}
else
{
m4_DisplayMessages($m4_start, $m4_language);
}
unset($m4_action, $m4_start, $m4_language);
?>