-
Notifications
You must be signed in to change notification settings - Fork 0
/
guestbook.site.php
executable file
·111 lines (86 loc) · 3.84 KB
/
guestbook.site.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
//This is a module for pluck, an opensource content management system
//Website: http://www.pluck-cms.org
//Make sure the file isn't accessed directly.
defined('IN_PLUCK') or exit('Access denied!');
//Include language-items
function guestbook_pages_site() {
global $lang;
$module_page_admin[] = array(
'func' => 'Main',
'title' => $lang['guestbook']['main']
);
$module_page_admin[] = array(
'func' => 'newentry',
'title' => $lang['guestbook']['newentry']
);
return $module_page_admin;
}
function guestbook_theme_Main() {
global $lang;
if (!file_exists('data/settings/modules/guestbook')) {
mkdir('data/settings/modules/guestbook', 0775, true);
}
if (!file_exists('data/settings/modules/guestbook/new')) {
mkdir('data/settings/modules/guestbook/new', 0775, true);
}
echo "<br/><br/>";
$dir = opendir('data/settings/modules/guestbook');
while (false !== ($file = readdir($dir))) {
if(($file !== ".") and ($file !== "..") and ($file !== "new")) {
include ('data/settings/modules/guestbook/'.$file);
echo '<h2>'.$entrytitle.'</h2><div>'.$entry.'<br/></div>';
}
}
echo '<br/><a href="'.SITE_URL.'/'.PAGE_URL_PREFIX.CURRENT_PAGE_SEONAME.'&module=guestbook&page=newentry">' . $lang['guestbook']['newentry'] . '</a>';
}
function guestbook_page_site_newentry(){
global $lang;
?>
<div>
<form method="post" action="" style="margin-top: 5px; margin-bottom: 15px;">
<?php echo $lang['guestbook']['title']; ?> <br /><input name="title" type="text" value="" /><br />
<?php echo $lang['guestbook']['email']; ?> <br /><input name="email" type="text" value="" /><br />
<?php echo $lang['guestbook']['descr']; ?> <br /><textarea name="description" rows="7" cols="45" class="mceNoEditor"></textarea><br />
<input type="submit" name="Submit" value="<?php echo $lang['guestbook']['send']; ?>" />
</form>
</div>
<?php
if(isset($_POST['Submit'])) {
//Check if everything has been filled in
if((!isset($_POST['title'])) || (!isset($_POST['email'])) || (!isset($_POST['description']))) { ?>
<span style="color: red;"><?php echo $lang['guestbook']['fillall']; ?></span>
<?php
// exit;
}
else {
//Then fetch our posted variables
$title = $_POST['title'];
$email = $_POST['email'];
$description = $_POST['description'];
//Check for HTML, and eventually block it
if ((ereg('<', $title)) || (ereg('>', $title)) || (ereg('<', $email)) || (ereg('>', $email)) || (ereg('<', $description)) || (ereg('>', $description))) { ?>
<span style="color: red;"><?php echo $lang['guestbook']['nohtml']; ?></span>
<?php }
else {
$description=str_replace("\n", '<br \>', $description);
$file=str_replace(" ", "_", $title);
$file=date ("dmY"). '-' . $file;
$fp = fopen ('data/settings/modules/guestbook/new/' . $file . '.php',"w");
fputs ($fp, '<?php'."\n"
.'$entrytitle = "'.$title.'";'."\n"
.'$email = "'.$email.'";'."\n"
.'$entry = "'.$description.'";'."\n"
.'');
fclose ($fp);
$message = $lang['guestbook']['mail']."<br><br>".
$lang['guestbook']['mail_tit'].'<br><b>'.$title."</b><br>".
$lang['guestbook']['mail_dis'].'<br>'.$description."<br>".
$lang['guestbook']['mail_email'].'<br>'.$email.'<br>';
mail ($site_email,$lang['guestbook']['msubject'],$message,"From: ".$email." \n" . "Content-type: text/html; charset=utf-8");
echo $lang['guestbook']['wsend'];
}
}
}
}
?>