PHP - Structure And Code Of Guestbook
Dear people here at phpfreaks
I am working on updating an old guestbook with outdated code (predecated). I will follow the suggestions I have received here on this forum already by using the new MySQL PDO technique. I am pretty rusty on PHP and MySQL, since I haven't been using it for years. So it took me a while to get Xampp running and installing Virtual hosts, so I can test my code locally. This is all working now. I have decided to start from scratch, building my guestbook up gradually in order to be able to understand each step better. I am inspired by the following tutorial:
http://wiki.hashphp....ySQL_Developers
So far I have created four files
1. contribution_to_guestbook.html
2. put_in_guestbook.php
3. show_content_of_guestbook.php
4. mysql_functions.php
The guestbook is implemented as a table with the name guestbook in the MySQL database with the name my_database. The database contains six fields, which a id, time, ip, name, email and contribution. The user can write a contribution by filling in his name, email address and contribution in the form placed in the first file. These data for the fields name, email and contribution respectively are being sent to the second file. At the same time the datetime is automatically registered along with the IP address of the users computer in the fields time and ip. When inserted in the table in the database via the second file, the primary field id is automatically added and incremented by 1. After the insertion in the database, the user is directed to file 3, where the content of the whole guestbook is being displayed for the user to see. The 4th file is containing the connection details for the database, including the password.
NB! The IP address of the users computer is not being displayed but only collected in the case one want to block spammers from specific computers with fixed IP addresses. In order to better block for spam from computer bots, I will later place a question in the first file to only admit humans ...
My questions
Is the structure of my guestbook convenient? Would it be appropriate to create functions to make the code more readable and if so, how can I do it?
I wanted to make a prepared statement in the 3. file in which I select the content on the guestbook in order to display it. Can it be done, and if so how do the code look like? I know I need more error handling. Also I need to test user input. For example if no contribution is being written, an error message should be shown to the user, etc. Do you have some suggestions here and how to do it? What about security? I hope the password for my database will not be accessible in any way? I will appreciate any comments on the four questions above and eventual something else I have overlooked! I hope my thread is not too long. Hope for some replies ... Here is my code so far (still just a framework!): 1. contribution_to_guestbook.html <!doctype html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Contribution to Guestbook</title> <style type="text/css"> body,td,th {font-family: Verdana, Geneva, sans-serif;} form1 table tr td {color: #06C;} h1 {color: #0000A0;} </style> </head> <body> <form method="POST" action="put_in_guestbook.php"> <h1>Contribution to Guestbook</h1> <table border="0" cellspacing="5" cellpadding="5"> <tr> <td>Name</td> <td> <INPUT type="text" name="name" size=40 maxlength=100> </td> </tr> <tr> <td>Email</td> <td> <INPUT type="text" name="email" size=40 maxlength=100> </td> </tr> <tr> <td valign="top">Contribution</td> <td> <TEXTAREA name="contribution" cols=60 rows=10></TEXTAREA> </td> </tr> <tr> <td></td> <td align="center"> <INPUT type="submit" value="Submit contribution"> </td> </tr> </table> </form> <p></p> </body> </html>2. put_in_guestbook.php <?php require("mysql_functions.php"); $ip = $_SERVER['REMOTE_ADDR']; //Clients IP address collected $name = $_POST['name']; //Data from input form etc. $email = $_POST['email']; $contribution = $_POST['contribution']; try { $db = new PDO('mysql:host='.$server.';dbname='.$database.';charset=utf8mb4', $username, $password); //Connecting to database $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $stmt = $db->prepare("INSERT INTO guestbook(`time`, `ip`, `name`, `email`, `contribution`) VALUES(NOW(), ?, ?, ?, ?)"); $stmt->execute(array($ip, $name, $email, $contribution)); //Placing the new contribution with details in Guestbook $db = NULL; //Closing database header("Location: show_content_of_guestbook.php"); //Redirecting to another page to show content of guestbook } catch(PDOException $ex) { echo "Could not insert into guestbook"; } ?>3. show_content_of_guestbook.php <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf8mb4" /> <title>Guestbook</title> </head> <body> <?php require("mysql_functions.php"); header('Content-Type: text/html; charset=utf-8'); try { $db = new PDO('mysql:host='.$server.';dbname='.$database.';charset=utf8mb4', $username, $password); //Connecting to database $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); foreach ($db->query('SELECT * FROM guestbook') as $row) { echo "Contribution number: ".$row['id']."<br/>"; echo "Time: ".$row['time']."<br/>"; echo "Name: ".$row['name']."<br/>"; echo "Email: ".$row['email']."<br/>"; echo "Contribution: ".$row['contribution']."<br/>"."<br/>"; $db=NULL; //Closing database } } catch(PDOException $ex) { echo "An error ocurred"; } ?> </body> </html>4. mysql_functions.php <?php $server = 'localhost'; $username = 'root'; $password = 'my_password'; $database = 'my_database'; ?>Regards, Erik Edited by erikla, 16 July 2014 - 07:52 AM. Similar TutorialsHy I have a question. Do you think that the code structure from php affect the SEO? I mean if the application is made in basic php or OOP. thk hello everyone.
could you advise me on the structure of my code to check if it is correct:
RewriteRule ^/user/([a-z]+)/cake/([a-z\ .*A-Zx0-9-_]+)$ /cakes.php?userid=$1&cakebaked=$2what i am trying to do is to add a - instead of a whitespace which appears in the url as %20. When having different levels of directories, using relative paths will not work anymore, for example: controller - authentication File 1: include('../../model/header.php') model File 2: header.php view File 3. style.css The header.php file includes the css file with a relative path, but the problem is it includes it as follows: ../view/style.css When now the header.php file gets included into File 1 in the folder "authentication", then the css file will not be accessible anymore, for it to be accessible you would have to go two directories up. In this sense my question is, what would be the proper path structure for a folder structure with multiple levels? Should I rather use absolute paths, I am not so prone of absolute path. What if the folders changes a bit, or the domain changes, or the location changes? I'm saving customer comments in an MYSQL. But the when I use mysql_real_escape_string() to filter the input data it's causing wired signs when it's displayed in the guest book. (E.g. whenever there is a ' sign, the output is \'). Is it safe to have a guest book without mysql_real_escape_string( or please suggest how should I go about creating this guest book on my website. Thanks. Bickey. I am trying to modify Guestbook. In order to access the page, the user must log in using a screen name and email address that has been registered with the website. What I want to take the log in information and automatically populate the Name and email field of the input comment form. I have set up SESSION Variables (see below for the login php). <?php session_start(); require_once("dbcon.php"); $form = "<table> <form action='login.php' method='post'> <tr> <td>Username: </td><td><input type='text' name='user' size='20' /> </tr> <tr> <td>Email: </td><td><input type='text' name='emad' size='30' /> </tr> <tr> <td><input type='submit' name='submit' value='Login' /> <td><a href='New Contact.html'>New Account </a> </tr> </form> </table>"; // Do NOT use \" when you still have the option to use singlequotes, looks so messy... $user = $_POST['user']; $emad = $_POST['emad']; //defining these in the start makes the source looks nicer if(!$_POST['submit']) die($form); // just kill the rest of the script if the form isn't submitted. if(!$user || !$emad) die("Required fields missing<br /><br /> $form"); // killing the rest of the script and echoing the form and error $sql = "SELECT ident FROM Mix WHERE password = '$pass' AND username = '$user'"; // just like with the variables and prints/echoes, you don't need to ".$var." anything with double quotemarks $res = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); $_SESSION['uid'] = $row['id']; $_SESSION['un'] = $_POST['user']; //Setup user name into session variable. $_SESSION['ua'] = $_POST['emad']; //Setup email address into session variable. echo "You have been logged in as $user at $emad. Click <a href=\"gbook.php\">here</a> to the member page."; } else { echo "That username/password combination doesn't exist!<br /><br/> $form"; } ?> Below is a copy of the Sign Form. php. I am trying to populate teh Name and email fields but the SESSION variables don't show up. Can someone figure out what I AM DOING WRONG. <?php session_start (); $un = $_SESSION['un']; $ua = $_SESSION['ua']; ?> <div id="gbook_guestbook" align="center"> <span class="gbook_guestbook"><?php echo $lang['t48']; ?></span><br class="clear" /> <span class="gbook_required"><?php echo $lang['t49']; ?></span> </div> <form action="gbook.php" method="post"> <!--SIGN FORM --> <div id="gbook_entries"> <?php if ($error) { echo '<div class="gbook_sign_error">'.$error.'</div>'; } ?> <div class="gbook_left"><span class="gbook_entries"><b><?php echo $lang['t50']; ?></b></span></div> <div class="gbook_right"><input type="hidden" name="<?php echo $myfield['name']; ?>" value="<?php echo $un; ?>" /></div> <?php echo $un; ?> <div class="clear"></div> <div class="gbook_left"><span class="gbook_entries"><?php echo $lang['t51']; ?></span></div> <div class="gbook_right"><input type="text" name="from" value="<?php echo $from; ?>" size="45" /></div> <div class="clear"></div> <?php if ($settings['use_url']) { ?> <div class="gbook_left"><span class="gbook_entries"><?php echo $lang['t53']; ?></span></div> <div class="gbook_right"><input type="text" name="url" value="<?php echo $url; ?>" size="45" maxlength="80" /></div> <div class="clear"></div> <?php } ?> <div class="gbook_left"><span class="gbook_entries"><?php echo $lang['t52']; ?></span></div> <div class="gbook_right"><input type="hidden" name="email" value="<?php echo $ua; ?>" /> <?php echo $ua; ?> <?php if ($settings['hide_emails']) { ?> <br class="clear" /><span class="gbook_entries"><i><?php echo $lang['t66']; ?></i></span> <?php } ?> </div> <div class="clear"></div> <div class="gbook_left"><span class="gbook_entries"><b><?php echo $lang['t16']; ?></b></span></div> <div class="gbook_right"><span class="gbook_entries"><i><?php echo $lang['t54']; ?></i></span></div> <textarea name="<?php echo $myfield['cmnt']; ?>" rows="12" cols="57" id="cmnt"><?php echo $comments; ?></textarea> <!--BOTTOM IMAGES --> <div id="gbook_bottom_images" class="gbook_bottom_images"> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/bigsmile.gif" alt="" title="" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!cool: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/cool.gif" alt=":!cool:" title=":!cool:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!cry: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/crying.gif" alt=":!cry:" title=":!cry:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!devil: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/devil.gif" alt=":!devil:" title=":!devil:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/smile.gif" alt="" title="" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!mad: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/mad.gif" alt=":!mad:" title=":!mad:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!thinking: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/thinking.gif" alt=":!thinking:" title=":!thinking:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :p ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/tongueout.gif" alt=":p" title=":p" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/wink.gif" alt="" title="" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/blush.gif" alt="" title="" width="19" height="19" /></a> <a href="javascript:openSmiley()" class="gbook_submitted"><?php echo $lang['t26']; ?></a><br /> <label><input type="checkbox" name="nosmileys" value="Y" class="gbook_checkbox" <?php echo $nosmileys; ?> /><span class="gbook_entries"><?php echo $lang['t28']; ?></span></label><br class="clear" /> <?php /* Private mesasges */ if ($settings['use_private']) { ?> <label><input type="checkbox" name="private" value="Y" class="gbook_checkbox" <?php echo $isprivate; ?> /><span class="gbook_entries"><?php echo $lang['t55']; ?></span></label><br class="clear" /> <?php } /* Print anti-SPAM features */ echo $settings['antispam']; ?> </div> <!--BOTTOM IMAGES END --> <div align="center"> <div class="clear"> </div> <!--SPAM TRAPS --> <!-- DON'T DELETE THESE HIDDEN FIELDS AND COMMENTS, THEY HELP CATCH STUPID SPAMBOTS! --> <input type="hidden" name="name" /> <input type="hidden" name="<?php echo $myfield['bait']; ?>" /> <!-- > <input type="text" name="comments" value="1" /> < --> <!--SPAM TRAPS END--> <input type="hidden" name="a" value="add" /> <input type="submit" value="<?php echo $lang['t88']; ?>" class="submit" /> </div> <p> </p> </div> <!--SIGN FORM END --> </form> Okay I am extremely new to PHP and am trying to make a 2 page guestbook, where one page has the form to submit a message to the guestbook and the other page displays the messages. However I am having some errors, one being that when I submit a test message it still shows the "please enter your name and comments" thing I have set when people don't fill the required fields. The other error I'm having is if I put two test messages into the guestbook some of the info from the last message fills in the fields of the other one instead of what was actually filled into the form. For example, if I insert the name "Pat" and the comment "testing 1 2 3" into one message and than insert the name "Bob" and the comment "hi" for another message when I submit the second message it may instead of putting "hi" it'll put "testing 1 2 3" so I get: Posted by: Pat testing 1 2 3 ________________ Posted by: Bob testing 1 2 3 instead of: Posted by: Pat testing 1 2 3 ________________ Posted by: Bob hi Like it should.... What am I doing wrong???? My PHP code for submition is: Code: [Select] <?php //connecting to the Database $connect = mysql_connect("127.0.0.1","patben_guestbook","") or die("Error"); //selecting the table mysql_select_db("patben_guestbookdatabase") or die("Error"); //selecting ALL data $queryget = mysql_query("SELECT * FROM guestbook") or die("Error"); //sort the data while ($row = mysql_fetch_assoc($queryget)) { $id = $row['id']; $date = $row['date']; $name = $row['name']; $email = $row['email']; $song = $row['song']; $part = $row['part']; $comments = $row['comments']; //processing data echo " <table> <tr> <td> <b>Posted by:</b> $name ($email)<br /> <b>$date</b><br /> <b>Favorite Pat Song:</b> $song<br /> <b>Favorite Part of the Site:</b> $part </td> </tr> <tr> <td> ".nl2br(strip_tags($comments))." <hr /> </td> </tr> </table> "; } if ($_POST['submit']); { $date = date("Y-m-d"); $name = $_POST['name']; $comments = $_POST['comments']; if ($name&&$comments) { $queryget = mysql_query("INSERT INTO guestbook (id,date, name, email, song, part, comments) VALUES ('','$date','$name','$email','$song','$part','$comments')"); echo "Please wait... <meta http-equiv='refresh' content='2'>"; echo mysql_error(); } else echo "Please enter your name and comments"; } ?> And my HTML form is: Code: [Select] <form action="process.php" method="post"> <table width="500" border="0" cellspacing="2" cellpadding="0"> <tr valign="top"> <td width="500px" class="name"><span style="color:#ff0000"><b>*</b></span>Name:</td> <td width="500px"><input name="name" type="text" id="name" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="bodytext"> Email Address:</td> <td width="500px"><input name="email" type="text" id="email" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="pat"> Your Favorite Pat Song?:</td> <td width="500px"><input name="song" type="text" id="song" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="part"> Your Favorite Part of my Site?:</td> <td width="500px"><input name="part" type="text" id="part" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="comments"><span style="color:#ff0000"><b>*</b></span> Comment:</td> <td width="500px"><textarea name="comments" id="comments" cols="28" rows="6" class="comments"></textarea></td> </tr> <tr valign="top"> <td class="bodytext"> </td> <td align="left" valign="top"><input type="submit" name="Submit" value="Post" class="btn" /></td> </tr> </table> </form> Hi All, Hope you can help. I am doing a very basic guestbook. Having problems with the posting method. The code is below all I am doing is insert a record into a mysql table but when I post getting a blank page with no obvious errors! code is below. if ($_POST['submit']) { $name = $_POST['name']; $email = $_POST['email']; $message = $_POST['message']; $date = $_POST("Y-m-d"); $time = $_POST("H:i:s"); if($name&&$email&&$message) { $querypost = mysql_query("INSERT INTO guestbook (id, name, email, message, date, time) VALUES ('','$name','$email','$message','$date','$time')"); echo "Please wait.... <meta http-equiv='refresh' content='2'>"; } else echo "Please fill out all fields."; } I have a guestbook that writes an entry to a text file, but when I first run it I get this error: Warning: fread() [function.fread]: Length parameter must be greater than 0 in C:\xampp\htdocs\xampp\index.php on line 66 Is there a way I can get rid of that error and still be able to use my guestbook until I actual update my guestbook using a database? Hello! I am trying to make a Guestbook with help from the internet. I have created all sites what i need, but i have some problems with the Input. For example here is the Name inputfrom the "sign.php" <form id="form1" name="form1" method="post" action="addguestbook.php"> <td> <table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td width="117">Name</td> <td width="14">:</td> <td width="357"><input name="name" type="text" id="name" size="40" /></td> </tr> And here is the "insert sequence" from the "guestbook.php": $sql="INSERT INTO $tbl_name(name, email, comment, datetime) VALUES('$name', '$email', '$comment', '$datetime')"; $result=mysql_query($sql); If i open the guestbook.php i just can see the datetime. What went wrong? Thanks, Mark p.S.: sorry for my english. I've found an example of guestbook that I would like to use on my site, but when I tested it I got the following error: Warning: fread() [function.fread]: Length parameter must be greater than 0 in C:\xampp\htdocs\xampp\index.php on line 66 I've included the bits of code for addguestbook.php guestbook.txt(didnt not include) and index.php. Also, is there a way that I could allow the client to look through out entries? I know very little about php, so any help is much appreciated. Code: [Select] ------ addguestbook.php code ------ <HTML> <HEAD> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><style type="text/css"> <!-- body,td,th { font-size: 12px; color: #000000; } a:link { text-decoration: none; color: #0066FF; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } --> </style> </HEAD> <BODY> <?php $file = "guestbook.txt"; $name = $_POST['name']; $email = $_POST['email']; $site = $_POST['site']; $msg = $_POST['msg']; $site = stripslashes($site); $msg = stripslashes($msg); $email = stripslashes($email); $name = stripslashes($name); $msg = str_replace ("<","<",$msg); $msg = str_replace ("\n","<br>",$msg); $site = str_replace ("<","<",$site); $site = str_replace ("\n","<br>",$site); $email = str_replace ("<","<",$email); $email = str_replace ("\n","<br>",$email); $name = str_replace ("<","<",$name); $name = str_replace ("\n","<br>",$name); if(empty($email) || empty($name) || empty($msg)) { echo "<h3>Sorry all fields are required</h3>"; } else { $fp = fopen($file,"a"); fwrite($fp, ' <font size="3"> <BR><BR> Name: '.$name.'<BR> Email: <a href="mailto:'.$email.'">'.$email.'</a><BR> Home Page: <a href="'.$site.'">'.$site.'</a><BR>Message: '.$msg.'<BR> '); fclose($fp); echo '<font size="3"><p align="center">Thank you '.$name.' for singing my guestbook</p></font>'; } ?> <div align="center"></div> <div align="center"></div> <div align="center"></div> <div align="center"></div> <p align="center"><a href="YOU`R INDEX.PHP LINK HERE">Back to GuestBook</a></p> <div align="center"></div> </BODY> </HTML> ---- finish ----- ---- index.php code ----- <HTML> <HEAD> <style type="text/css"> <!-- .style1 {font-size: 12px} body,td,th { font-size: 14px; } a { font-size: 12px; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } a:link { color: #0066FF; text-decoration: none; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } --> </style> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><BODY> <form method="post" action="addguestbook.php"> <div align="center"></div> <div align="center"></div> <div align="center" class="style1"></div> <div align="center"><span class="style1">Name:</span><br /> <input name="name" type="text" size="30" maxlength="40" /> <br /> <span class="style1"><br /> Email:</span><br /> <input name="email" type="text" size="30" maxlength="40" /> <br /> <br /> <span class="style1">Home Page:</span><br /> <input name="site" type="text" size="30" value="http://" maxlength="40" /> <br /> <br /> <span class="style1">Message:</span><br /> <textarea name="msg" cols="22" rows="6"></textarea> <br /> <br /> <input type="reset" value="Reset" /> <input type="submit" value="Send" /> </div> <div align="center"> <p> </p> <?php $file = "guestbook.txt"; if (fopen($file, "r")) { $fil = "guestbook.txt"; $fo = fopen ($fil, "r"); $con = fread ($fo,filesize ($fil)); fclose ($fo); echo "$con"; } else { echo "<h3>Sorry there was an error please contact us now<h3>"; } ?></div> </BODY> </HTML> ---- finish ----- Hi, I've just installed a guestbook but when posting a message (signing in) it shows 'no entries yet'. On clicking the submit a very quick screen splashes up with a load of writing out of whoch I could just read ...line function open data file... You can check it out at www.qualitycarersdirect.com/careasp/portal.asp then click on 'post on the baord' it is a php file. I have a simple guestbook set up. Even when I set the max post size to 6000000 (if you're wondering why Id allow that its cause I'm just using it as a private message board with one other person), after a certain amount of characters, it splits the post up into several messages and in place of the name of the poster, it's an IP. Any ideas why this is happening? Thanks. I try to adjust my date and time to ("M-d-Y h:i:s A"), but when I do, I get 0's for the both the date and time. Code: [Select] <table width="400" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td><strong>Test Sign Guestbook </strong></td> </tr> </table> <table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form id="form1" name="form1" method="post" action="addguestbook.php"> <td> <table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td width="117">Name</td> <td width="14">:</td> <td width="357"><input name="name" type="text" id="name" size="40" /></td> </tr> <tr> <td>Email</td> <td>:</td> <td><input name="email" type="text" id="email" size="40" /></td> </tr> <tr> <td valign="top">Comment</td> <td valign="top">:</td> <td><textarea name="comment" cols="40" rows="3" id="comment"></textarea></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Submit" /> <input type="reset" name="Submit2" value="Reset" /></td> </tr> </table> </td> </form> </tr> </table> <table width="400" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td><strong><a href="viewguestbook.php">View Guestbook</a> </strong></td> </tr> </table> Code: [Select] <?php $mysql_host = "myhost"; $mysql_database = "guest"; $mysql_user = "myusername"; $mysql_password = "mypassword"; //$db_name="guest"; This is not needed, as db_name is $mysql_database above, so please delete this line. $tbl_name="guestbook"; // Table name // Connect to server and select database. mysql_connect("$mysql_host", "$mysql_user", "$mysql_password") or die("cannot connect server "); mysql_select_db("$mysql_database") or die("cannot select DB"); $name = $_POST['name']; $email = $_POST['email']; $comment = $_POST['comment']; $datetime=date("y-m-d h:i:s"); //date time $sql="INSERT INTO $tbl_name (name, email, comment, datetime) VALUES ('$name', '$email', '$comment', '$datetime')"; $result=mysql_query($sql); //check if query successful if($result){ echo "Successful"; echo "<BR>"; echo "<a href='viewguestbook.php'>View guestbook</a>"; // link to view guestbook page } else { echo "ERROR"; } mysql_close(); ?> Code: [Select] <table width="400" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td><strong>View Guestbook | <a href="guestbook.php">Sign Guestbook</a> </strong></td> </tr> </table> <br> <?php $mysql_host = "myhost"; $mysql_database = "guest"; $mysql_user = "myusername"; $mysql_password = "mypassword"; $tbl_name="guestbook"; // Table name // Connect to server and select database. mysql_connect("$mysql_host", "$mysql_user", "$mysql_password") or die("cannot connect server "); mysql_select_db("$mysql_database") or die("cannot select DB"); $sql="SELECT * FROM $tbl_name"; $result=mysql_query($sql); while($rows=mysql_fetch_array($result)){ ?> <table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td><table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td>ID</td> <td>:</td> <td><? echo $rows['id']; ?></td> </tr> <tr> <td width="117">Name</td> <td width="14">:</td> <td width="357"><? echo $rows['name']; ?></td> </tr> <tr> <td>Email</td> <td>:</td> <td><? echo $rows['email']; ?></td> </tr> <tr> <td valign="top">Comment</td> <td valign="top">:</td> <td><? echo nl2br($rows['comment']); ?></td> </tr> <tr> <td valign="top">Date/Time </td> <td valign="top">:</td> <td><? echo $rows['datetime']; ?></td> </tr> </table></td> </tr> </table> <BR> <? } mysql_close(); //close database ?> I have a working guestbook, but adjusting the time is whats getting me. I am trying to get the time to change depending on the timezone. And I also trying to get the time in the format 1:00 PM, not 21:00. Then on a different note, how can I stop spamming and injections. Index page for guestbook Code: [Select] <HTML> <HEAD> <style type="text/css"> <!-- .style1 {font-size: 12px} body,td,th { font-size: 14px; } a { font-size: 12px; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } a:link { color: #0066FF; text-decoration: none; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } --> </style> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><BODY> <form method="post" action="addguestbook.php"> <div align="center"></div> <div align="center"></div> <div align="center" class="style1"></div> <div align="center"><span class="style1">Name:</span><br /> <input name="name" type="text" size="30" maxlength="40" /> <br /> <span class="style1"><br /> Email:</span><br /> <input name="email" type="text" size="30" maxlength="40" /> <br /> <br /> <span class="style1">Home Page:</span><br /> <input name="site" type="text" size="30" value="http://" maxlength="40" /> <br /> <br /> <span class="style1">Message:</span><br /> <textarea name="msg" cols="22" rows="6"></textarea> <br /> <br /> <input type="reset" value="Reset" /> <input type="submit" value="Send" /> </div> <div align="center"> <p> </p> <?php $file = "guestbook.txt"; if (fopen($file, "r")) { $fil = "guestbook.txt"; $fo = fopen ($fil, "r"); $con = fread ($fo,filesize ($fil)); fclose ($fo); echo "$con"; } else { echo "<h3>Sorry there was an error please contact us now<h3>"; } ?></div> </BODY> </HTML> addguestbook.php Code: [Select] <HTML> <HEAD> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><style type="text/css"> <!-- body,td,th { font-size: 12px; color: #000000; } a:link { text-decoration: none; color: #0066FF; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } --> </style> </HEAD> <BODY> <?php function is_leapyear($year = 2004) { return ($year%4)==0; } $file = "guestbook.txt"; $name = $_POST['name']; $email = $_POST['email']; $site = $_POST['site']; $msg = $_POST['msg']; $site = stripslashes($site); $msg = stripslashes($msg); $email = stripslashes($email); $name = stripslashes($name); $msg = str_replace ("<","<",$msg); $msg = str_replace ("\n","<br>",$msg); $site = str_replace ("<","<",$site); $site = str_replace ("\n","<br>",$site); $email = str_replace ("<","<",$email); $email = str_replace ("\n","<br>",$email); $name = str_replace ("<","<",$name); $name = str_replace ("\n","<br>",$name); if(empty($email) || empty($name) || empty($msg)) { echo "<h3>Sorry all fields are required</h3>"; } else { $fp = fopen($file,"a"); $timestamp=date("M/D/Y h:m:s"); fwrite($fp, ' <font size="3"> <BR><BR> Posted: '.$timestamp.'<br /> Name: '.$name.'<BR> Email: <a href="mailto:'.$email.'">'.$email.'</a><BR> Home Page: <a href="'.$site.'">'.$site.'</a><BR>Message: '.$msg.'<BR> '); fclose($fp); echo '<font size="3"><p align="center">Thank you '.$name.' for singing my guestbook</p></font>'; } ?> <div align="center"></div> <div align="center"></div> <div align="center"></div> <div align="center"></div> <p align="center"><a href="index.php">Back to GuestBook</a></p> <div align="center"></div> </BODY> </HTML> Hi I just implementet a PHP Guestbook in my Flash site, and it works almost perfectly. But i have one problem. Every time i try to write on the guestbook, and include a Colon : <---- , it wont work. How do i make it work? You can see the guestbook he http://www.meny-graphics.dk/blog by pressing "Mere" under the first entry, and scrolling down. The PHP file can be found he http://www.meny-graphics.dk/blog/GuestBook.php Thanks in advance! I have created a php guestbook for my site. The only problem I have with it is that when a user puts a carriage return in their entry, it is not replicated in the viewed post. I'm trying to figure out how I turn these returns into <br /> tags for display. Do I do something with the php that handles the input (i.e. somehow replace carriage returns with <br />'s) or is it to do with the output php code? Any pointers would be gratefully appreciated. This is the php for the guestbook entries output: Code: [Select] <?php include "connection.php"; $table = "guestbook"; $data = mysql_query("SELECT * FROM $table ORDER BY id DESC") or die(mysql_error()); echo "<div class='divide_message'>"; while($info = mysql_fetch_array( $data )) { $date = date("d/m/y",strtotime($info['date'])); echo "<div class='block message'>"; echo "<div class='message_name'>" . $info['name'] . ""; echo "<span class='date'>" . $date . "</span></div><br />"; echo "<div class='message_message'>" . $info['message'] . "</div>"; echo "</div>"; } echo "</div>"; ?> I have multiple forms within one php file. What is the best structure to use? Code: [Select] if (isset($_POST["one"])) { include... } if (isset($_POST["two"])) { include... } if (isset($_POST["three"])) { include... } OR Code: [Select] if (isset($_POST["one"])) { include... } else if (isset($_POST["two"])) { include... } else if (isset($_POST["three"])) { include... } thanks I'm currently working on a site that has about 4 separate panels on the page that all use an include to populate. Each include is interacting with the database and I'm thinking that it might congest the databse to have each panel connecting to the same data base and getting data when the page loads. I was wondering if it would be good practice to take all the connections and functions and put them on a 5th include at the top of the page. This way the connections and functions would be available to each include. Is this a good idea? Will it be a problem for the 4 includes to ask the php function list include for data? Is it better to just let each include contain only the code it needs? Also, say I have 20 functions on the php include and one site page only needs to use 1 function. Would the php function include still loop thru and connect to the database for all 20 functions just because it is included or will it only use the bandwidth needed to execute the 1 function it is being asked to use? Hope that's not over confusing. Thanks! Hi. I am creating a database where a user can store up to 50 names of their family members. I have two table structures in mind and curious which one is the more efficient structure. ==================================================================================================== TABLE A: userid-firstfamilymemberid-firstfamilymembername-secondfamilymemberid-secondfamilymembername Note:(the columns would repeated until the fiftiethfamilymemberid and fiftiethfamilymembername for a total of 101 columns) TABLE B: userid-familymemberid-familymembername ====================================================================================================== which is more efficient... Table A which would have more columns but less rows or Table B which would have less rows but more columns.. also keep in mind that the fixed amount is 50 family members per a user. Thanks in advance. Hello dear friends, Let say we have Code: [Select] $to = "gigi"; then we have link like this Code: [Select] mysite.com/file.php?id=$1 We can change it to new form by add rule at .htaccess codes Code: [Select] RewriteRule -(.*)\.htm file.php?id=$1 So that the link be like this Code: [Select] mysite.com/$to-$id.htm it will works , Now what if i want to make the link like this Code: [Select] mysite.com/$id/$to.htm what will be the .htaccess code in this way ??? thanks |