| |
|
|
| |
<?
error_reporting(0);
include("option.php");
$notes = file(GEST_DB);
$count_notes = count($notes);
if (isset($_GET['pg'])) $pg=htmlspecialchars($_GET['pg']); else $pg="1";
if ($pg=="") $pg="1";
if (isset($_GET['note'])) $n=$_GET['note'];
if ($_GET['reply']=="yes") {
$record = explode("|", trim($notes[$n]));
$record[3]=str_replace("<br />", "\n", $record[3]);
$InsStr="[QUOTE]".$record[3]."[/QUOTE]";
echo "<form name=\"ins\"><input type=\"hidden\" name=\"msg\" value=\"".$InsStr."\"></form>";
?>
<a href="#down"></a>
<SCRIPT LANGUAGE="JavaScript">document.links[document.links.length-1].click();</script>
<? }
else {echo "<form name=\"ins\"><input type=\"hidden\" name=\"msg\" value=\"\"></form>";}
$formadmin=false;
if (isset($_GET["t"])) $LocSearch=$_GET["t"]; else $LocSearch="public";
$admin=$_POST["pwd"];
if (($LocSearch=="admin") && ((!isset($_POST["pwd"])) || ($admin != ADMIN_PWD))) GetAdmin ();
if (isset($_GET['action'])) {
if ($admin == ADMIN_PWD) {
if ($_GET['action']=="delete") {
$notes[$n]="";
$fopt = fopen (GEST_DB, "w");
chmod(GEST_DB, 0733);
if ($fopt) {
for ($j=0;$j<$count_notes;$j++) $result = fwrite($fopt, $notes[$j]);
fclose($fopt);
}
}
else {
$record = explode("|", trim($notes[$n]));
if (!$_POST['t_body']) {
$record[3] = str_replace("<br />", " ", $record[3]);
?>
</p>
<center>
<form method="post" action="index.php?t=admin&action=edit¬e=<?php echo $n; ?>">
<input type="hidden" name="pwd" value="<? echo $admin; ?>">
<textarea cols="50" rows="15" name="t_body" style="width:400px"><?php echo $record[3]; ?></textarea>
<center>
<input type="submit">
</form>
<?php exit; }
$t_body = eregi_replace("\n", " ", nl2br(htmlspecialchars($_POST['t_body'])));
$notes[$n]=$record[0]."|".$record[1]."|".$record[2]."|".$t_body."\n";
}
if (($_GET['action']=="edit") && isset($_POST['t_body'])) {
$fopt = fopen (GEST_DB, "w");
chmod(GEST_DB, 0733);
if ($fopt) {
for ($j=0;$j<$count_notes;$j++) $result = fwrite($fopt, $notes[$j]);
fclose($fopt);
}
}
}
else if (!$formadmin) GetAdmin ();
}
if (isset($_POST['body']))
$body = eregi_replace("\n", " ", nl2br(htmlspecialchars($_POST['body'])));
if (isset($_POST['name'])) $name = htmlspecialchars(substr(trim($_POST['name']), 0, 40));
if (isset($_POST['mail'])) {
$mail = htmlspecialchars(substr(trim($_POST['mail']), 0, 40));
eregi("^.+@(.+\.)+.+$", $mail, $mails);
$mail = $mails[0];
}
if (isset($body)) {
if (empty($name) && isset($mail)) {
eregi("^.+@", $mail, $names);
$name = substr($names[0], 0, strlen($names[0])-1);
}
elseif (empty($name)) $name = noname;
if (empty($mail)) $mail = '';
save_note(date('G:i d:m:Y')."|".$name."|".$mail."|".$body);
}
if (file_exists(GEST_DB)) {
$notes = file(GEST_DB);
$count_notes = count($notes);
$on_page = notes_on_page;
$mlim = nav_pages;
$count_pages = ceil($count_notes/$on_page);
if (isset($_GET['pg']) && ereg("^[0-9]{1,3}$", $_GET['pg'])) $start = $_GET['pg']-1;
else $start = 0;
if ($start > $count_pages) $start = 0;
$first = $count_notes - ($start * $on_page);
$last = $count_notes - ($start * $on_page) - $on_page;
}
?>
<DIV><DIV>
<table width=100% height=18 border=0><tr><td nowrap>
<a target="_top" href="index.php?pg=
<?php echo $pg;
if ($LocSearch!="admin") echo "&t=admin\"><i>Администратор</i></a>";
else echo "\"><font><p> Выход</p></a>";
?><td width=100%> <td>
<input type="hidden" name="pwd" value="<?php echo $admin; ?>"></form></td></tr></table></div></div><DIV>
<?
if (isset($count_pages) && $count_pages > 1) {
echo "<DIV><table width=100% border=0><tr><td width=100% align=center>";
$before = $start;
$after = $count_pages - $start - 1;
if ($before > $mlim) $before = $mlim;
if ($after > $mlim) $after = $mlim;
$mstart = $start - $before;
$mfinish = $start + $after+1;
for ($i=$mstart; $i<$mfinish; $i++) {
if ($i == $start) echo "<span><b>[".($i+1)."]</span>";
else echo "<form action=\"index.php?pg=".($i+1)."&t=".$LocSearch."\" method=\"post\"><a href=\"#`".($i+1)."\" onclick=\"submit();\"><span><b>[".($i+1)."]</b></a><input type=\"hidden\" name=\"pwd\" value=\"".$admin."\"></form></span>";
if ($i != $mfinish-1) echo " \n";
}
}
if (isset($count_pages) && $count_pages > 1) echo " </td></tr></table></div>";
if (file_exists(GEST_DB))
for ($i=$first; $i>$last; $i--) if (isset($notes[$i-1])) print_note($notes[$i-1],($i-1));
?>
</div>
<?php
$notes = file(GEST_DB);
print_form();
function print_note($note,$n) {
global $start,$LocSearch,$admin;
$record = explode("|", trim($note));
echo "\t<DIV class=textmenu2><table width=\"100%\" height=75 border=\"0\" cellspacing=\"0\" cellpadding=\"5\">\n";
echo "<tr height=17 class=mukhaits><td align=right nowrap>";
if ($LocSearch=="admin") echo "<form method=\"post\" action=\"index.php?pg=".$pg."&t=".$LocSearch."&action=edit¬e=".$n."\"><a href=\"#`\" onclick=\"submit();\"><b>Редактировать</b></a><input type=\"hidden\" name=\"pwd\" value=\"".$admin."\"></form>/<form method=\"post\" action=\"index.php?pg=".$pg."&t=".$LocSearch."&action=delete¬e=".$n."\"><a href=\"#`\" onclick=\"submit();\"><b>Удалить</b></a><input type=\"hidden\" name=\"pwd\" value=\"".$admin."\"></form>";
$st=$record[3];
$st = str_replace("[QUOTE]", "<table><tr><td>", $st);
$st = str_replace("[/QUOTE]", "</td></tr></table>", $st);
$st = str_replace("[ICON(", "<img src=images/icons/icon%20(", $st);
$st = str_replace("[", "<", $st);
$st = str_replace("]", ">", $st);
$st = str_replace("IMG=", "img src=", $st);
$st = str_replace("COLOR=", "font color=", $st);
$st = str_replace("FONT=", "font face=", $st);
$st = str_replace("SIZE=", "font size=", $st);
$st = str_replace("URL=", "a target=_blank href=", $st);
$st = str_replace("/URL", "a", $st);
echo "\t<tr><td><p>";
echo "<form method=\"post\" action=\"index.php?pg=".$pg."&t=".$LocSearch."&reply=yes¬e=".$n."\"><a href=\"#`\" onclick=\"submit();\"></a><input type=\"hidden\" name=\"pwd\" value=\"".$admin."\"></form></p>".$st."</td></tr>\n";
echo "\t<tr><td height=17 align=\"right\">";
echo "Добавил(а) ";
if ($record[2]!='') echo "<a href=\"mailto:".$record[2]."\">";
echo "<b>".$record[1]."</b>";
if ($record[2]!='') echo "</a>";
echo ', '.$record[0]." \n";
echo "</td></tr></table></DIV>\n";
}
function save_note($data_str) {
$result = false;
$st=$data_str;
$st = str_replace("\"", "\"", $st);
$data_str=$st;
if (!file_exists(GEST_DB)) {
$fopt = fopen(GEST_DB, 'w');
chmod(GEST_DB, 0733);
if ($fopt) {
$result = fwrite($fopt, $data_str);
fclose($fopt);
}
}
else {
$notes = file(GEST_DB);
for ($i=0; $i<count($notes); $i++) $notes[$i] = trim($notes[$i])."\n";
$notes[] = $data_str;
$fopt = fopen(GEST_DB, 'w');
if ($fopt) {
$result = fwrite($fopt, implode("", $notes));
fclose($fopt);
}
}
return $result;
}
function print_form() {
global $LocSearch,$admin;
?>
<DIV><DIV>
<form method="post" name="record" action="index.php?t=<?php echo $LocSearch; ?>" onsubmit="return checkform();">
<script language="jscript">
function checkform() {
if (document.record.body.value=='') {alert('No message to Post !');return false}
return true;
}
</script>
<SCRIPT LANGUAGE="JavaScript">
var _bB=true;
var _bI=true;
var _bU=true;
var _bS=true;
var _bQ=true;
function getVar(_act, _var, lstr, rstr) {
var _str = prompt(_act, _var);
_st=_str;
if (_str !=null) {
_str=lstr+_str+rstr;
document.record.body.value+=_str;
}
}
function getUrl () {
getVar("Введите ссылку:","http://","[URL=","");
getVar("Введите описание ссылки","MyHomePage","]","[/URL]");
}
function getEml () {
getVar("Введите email:","","[URL=mailto:","]");
if (_st != null) {
_st+="[/URL]";
document.record.body.value+=_st;
}
}
function InsertTag(_tag) {
_t=_tag.substr(0,1);
if (_t=="B") {
if (_bB) {_tg='['+_tag+']';_bB=false;}
else {_tg='[/'+_tag+']';_bB=true;}
}
if (_t=="I") {
if (_bI) {_tg='['+_tag+']';_bI=false;}
else {_tg='[/'+_tag+']';_bI=true;}
}
if (_t=="U") {
if (_bU) {_tg='['+_tag+']';_bU=false;}
else {_tg='[/'+_tag+']';_bU=true;}
}
if (_t=="S") {
if (_bS) {_tg='['+_tag+']';_bS=false;}
else {_tg='[/'+_tag+']';_bS=true;}
}
if (_t=="Q") {
if (_bQ) {_tg='['+_tag+']';_bQ=false;}
else {_tg='[/'+_tag+']';_bQ=true;}
}
document.record.body.value+=_tg;
}
function setColor() {
st="[font color=#"+document.record.color.value+"]";
if (document.record.color.value=="") st="";
document.record.body.value+=st;
}
</SCRIPT>
<table border="0" cellspacing="0" cellpadding="0" width=500 align=center><tr><td>
<DIV>
<table border="0" cellspacing="0" cellpadding="4" width=100%>
<tr height=22><td><span class="ptext">Имя</span>: <input type="text" name="name" size="26" maxlength="40"></td>
<td align=center>
<SELECT style="width:180px" Size="1" name="clr" onChange="document.record.body.value+=('[COLOR='+this.options[this.selectedIndex].value+']');">
<OPTION value="" selected>ЦВЕТ</OPTION>
<script language="jscript">
<!--
colors=["black", "blue", "green", "aquamarine", "chocolate", "magenta", "gold", "red", "yellow", "hotpink", "pink", "lime", "violet", "Brown", "Orange", "yellowgreen", "thistle", "silver", "salmon", "tan", "wheat", "tomato", "springgreen", "turquoise", "lightslategray", "lightgreen", "lightblue", "maroon", "olive", "teal", "purple", "aqua", "White"];
for (j=0;j<33;j++) document.write('<OPTION style=\'BACKGROUND-COLOR: ',colors[j],';\' VALUE="',colors[j],'">',colors[j],'</OPTION>');
//-->
</script>
</SELECT>
<tr height=22>
<td><span class="ptext">E-mail: </span><input type="text" name="mail" size="26" maxlength="40"></td>
<td align=center >
<SELECT style="width:120px" Size="1" name="clr" onChange="document.record.body.value+=('[FONT='+this.options[this.selectedIndex].value+']');">
<OPTION value="" selected>ШРИФТ</OPTION>
<script language="jscript">
<!--
fontes=["Arial", "Arial black", "Book Antiqua", "Century", "Courier new", "Georgia", "Impact", "Latha", "Mangal", "Modern", "Roman", "Tahoma", "Times new Roman", "Trebucht MS", "Tunga", "Verdana"];
for (j=0;j<16;j++) document.write('<OPTION VALUE=\'\"',fontes[j],'\"\'>',fontes[j],'</OPTION>');
//-->
</script>
</SELECT> <SELECT Size="1" name="clr" onChange="document.record.body.value+=('[SIZE='+this.options[this.selectedIndex].value+']');">
<OPTION value="" selected>SIZE</OPTION>
<script language="jscript">
<!--
for (j=1;j<8;j++) document.write('<OPTION VALUE="',j,'">',j,'</OPTION>');
//-->
</script>
</SELECT> </tr></table>
<table border="0" cellspacing="0" cellpadding="0" width=500>
<tr>
<td align=center>
<input type='button' value='жирный' onclick='InsertTag("B");' title="Жирный" />
<input type='button' value='наклонный' onclick='InsertTag("I");' title="Наклонный" />
<input type='button' value=' подчеркнутый ' onclick='InsertTag("U");' title="Подчёркнутый" />
<input type='button' value=' зачеркнутый ' onclick='InsertTag("S");' title="Зачёркнутый" />
<input type='button' value='Цитата ' onclick='InsertTag("QUOTE");' title="Цитата" />
<input type='button' value='http://' onclick='getUrl();' title="Ссылка" />
<input type='button' value=' @ ' onclick='getEml();' title="email [@]" /> </td></tr></table>
<table border="0" cellspacing="0" cellpadding="0" width=500 nowrap>
<tr><td colspan="2">
<textarea cols="50" rows="8" name="body" style="width:100%">
</textarea></td></tr></table>
<table border="0" cellspacing="0" cellpadding="4" width=500 nowrap>
<tr><td width=490 nowrap align=center>
</p>
</td></tr></table>
<table border="0" cellspacing="0" cellpadding="4" width=500>
<tr><td colspan="2" align="center"><input type="submit" value="Добавить запись" name="submit">
<input type="reset" value="Очистить"></td></tr></table></DIV></td></tr></table>
<?php
require_once('recaptchalib.php');
$publickey = "указан ключ";
$privatekey = "указан ключ";
# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;
# are we submitting the page?
if ($_POST["submit"]) {
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
echo "You got it!";
# in a real application, you should send an email, create an account, etc
} else {
# set the error code so that we can display it. You could also use
# die ("reCAPTCHA failed"), but using the error message is
# more user friendly
$error = $resp->error;
}
}
echo recaptcha_get_html($publickey, $error);
?>
</form>
<script language="jscript">
document.record.body.value=document.ins.msg.value;
</script>
</DIV></DIV>
<?php
if($_POST['submit'])
{
mail("example@yandex.ru", "Пришло сообщение", "адрес");
}
?>
<?php }
function GetAdmin () {
global $admin,$formadmin;
$formadmin=true;
if ((isset($_POST["pwd"])) && ($admin != "qq")) echo "<center><p>Неверный пароль!</p>";
?>
<form method=post>
<table align=center>
<tr><td><p>Пароль</p></td><td><input type="password" size=25 name="pwd"></td><td><input type="submit" value="Вход"></td> <td></td></tr>
</table></form>
<? exit; } ?>
|
| |
| |
|
|
| |
|
|
| |
для: lastomar
(05.08.2010 в 20:44)
| | | Вы правда верите, что кто-то будет разбираться в этой каше? | |
| |
|
|
| |
|
|
| |
для: Рома
(05.08.2010 в 20:56)
| | | ага. надеялся.
Пойду. повешусь нах...й | |
| |
|
|
| |
|
|
| |
для: lastomar
(05.08.2010 в 21:05)
| | | Вы б хотя бы сказали, что за ошибку выдает, и выдает ли? Что пишет? ... | |
| |
|
|
|
