PX : code

ODBC Guestbook by Brad Marsh
Download this code


<?php
require("guestbook-data.php3");
/*
  *****************************************************************
  PHP-mySQL GuestBook
        by Shane Caraveo (shane@caraveo.com)

  PHP-ODBC Guestbook modifications
              by Brad Marsh (research4@snowcrest.net)

  DO NOT EMAIL ME ASKING HOW TO SET THIS UP!
    I do not support this script in any way.  If you fix a bug,
    or add a cool feature, let me know.
        
    Use of this script means you recognize the fact that I am not
  responsible if this script blows up your machine (or causes
  any other problems).

  feel free to use and abuse this script in whatever
    form or fashion you feel fit.

    In somefile.php you need to have the following code:

  $user="shane";  // admin username
    $password="test"; // admin password
    $bookname="mybook"; // the name of the table within the mysql db
    $autodelete=0; //number of days before removal.  0 = disabled
  $notify=0; //notify via email new postings 1=on 0=off
  $email=""; //address to notify
    require("guestbook-data.php3");

    For the modified version, you need in guestbook-data.php3:
  <?php

  $user="name"; // admin username
  $password="test"; // admin password
  $bookname="book"; // the name of the table within the ODBC db
  $autodelete=0; //number of days before removal.  0 = disabled
  $notify=0; //notify via email new postings 1=on 0=off
  $notify_email="yourname@yourISP.com"; //address to notify

  ?>

  accessing your guestbook page with ?admin gets you the admin logon
  which you use the above user and password to gain entry.  The admin
  page is identical to the regular guestbook page except that it lets
  you delete entries.


  mysql table info:

    create table <tablename>(
    id int not null auto_increment,
    posted int not null,
  name char(50) not null,
    email char(40),
    company char(40),
  message text,
    index (posted),
    index (id)
    )\g

  ODBC database info (in my case it was Access - brad):
  Don't forget to create a System DSN called "guestbook"!
  Field name    Datatype    Field size
  ------------------------------------------
     id        Autonumber    Primary key
    posted    number        long integer
     name    text        100
    email    text        40
   company    text        100
   location    text        100
   message    memo

  ******************************************************************
*/

//******************************************************************
//initialize database info
//******************************************************************
$server="127.0.0.1"//database server address
$dbname="guestbook"//ODBC DSN database name
$uid=""// username for that database
$pwd=""// password for that database

$maxmessagelength=1024//set to 0 if you dont care how long it gets
//******************************************************************
//no need to edit below this line
//******************************************************************
//******************************************************************
//check to see if admin login requested
//******************************************************************
if($argv[0]=="admin"){ //show login form
?>

<div align='center'>
<form action="guestbook.php3" method="POST">
Login Name: <input type="Text" name="loginname">&nbsp;&nbsp;
Password: <input type="Password" name="pword">&nbsp;&nbsp;
<input type="Submit" value="Login">
</form>
</div>

<?php

//******************************************************************
}else{ //do guestbook

//******************************************************************
if (!$action) { // Don't show the link to sign the guestbook if they've already done it
?>
<a href="guestbook.php3#post">Sign the Guest Book</a><br>
<?php
}

//******************************************************************
// Connect to the database
$conn=odbc_connect($dbname,$uid,$pwd) or die( "Unable to connect to database" );

//******************************************************************
//if autodelete, delete old entries
//******************************************************************
if($autodelete){
    
$sql="delete from $bookname where posted<".
        (
time()-($autodelete 86400));
    
$result  =  odbc_exec($conn,$sql);
}

/* Are deleting an entry? */

if($d!=""){
    
$sql="delete from $bookname where id=$d";
    if (
$result  =  odbc_exec($conn,$sql)) {
        
odbc_free_result($result);
    } else {
        echo 
"Oops. Failed to delete.<br>\n";
    }
}

//******************************************************************
//check to see if admin logged in
//******************************************************************
$isadmin=0;
if(
$loginname==$user && $pword==$password)$isadmin=1;

//******************************************************************
//Are posting a new entry?
//******************************************************************
if($action=="Submit"){

/* Over-write some variables from the postvars to be sure
   they were at least done via post method. */

    
$name=$email=$company=$message=$loginname=$pword="";
    while(list(
$header,$value)=each($HTTP_POST_VARS)){
        eval(
"$".$header."=\"$value\";");
    }

    if(
$maxmessagelength && strlen($message)>$maxmessagelength){
        echo(
"<p>Your message is too long, please click on your back ".
            
"button and shorten the message.  Thank You!</p>\n");
    }elseif(
strpos($email,"@")==false || strpos($email,".")==false){
        echo 
"<p>You submitted an invalid email address. Please click your back ".
                     
"button and enter a valid email address (of the form \"your_username@your_ISP.com\").</p>\n";
    } else {
        if(
$name && $email && $company && $message){
            
$test odbc_exec($conn,"select id from $bookname where (name='$name' and email='$email')");
            if (
odbc_fetch_row($test)==true) {
                echo 
"Identical record found; updating...<br>\n";
                
$old_id odbc_result($test,"id");
                
$sql="update $bookname set posted=".time().
                
",name='$name',email='$email',company='$company',location='$location',message='$message' where id=$old_id";
            }else{
                
$sql="insert into $bookname (posted,name,email,company,location,message) ".
                
"values (".time().",'".$name."', ".
                
"'".$email."', '".$company."', ".
                
"'".$location."', '".$message."')";
            }
//echo "$sql<br>\n";

            
$result  =  odbc_exec($conn,$sql);
            if(!
$result){
                echo(
"There was an error!");
            }else{
                echo(
'<center><b>Thank you for signing our guestbook!</b></center>');
                
//notify via email
                
if($notify){
                    
$emailmessage="Your guestbook has been signed:\n\n".
                        
"By: $name\nemail: $email\nCompany: $company\n".
                        
"Location: $location\nMessage:\n$message\n\n";
                    
//mail($notify_email,"Guestbook Notification",$emailmessage);
                
}
            }
        }else{
?>
<p>You didn't fill in all the form variables, please click
on your browsers back button now, and complete the form.
Thank You!</p>
<?php
        
}
    }
// End of "if action" statement

//show guestbook entries
//******************************************************************
$sql="select * from $bookname order by posted desc";
if((
$result  =  odbc_exec($conn,$sql))){
    
$bzm 1;
    while(
odbc_fetch_row($result,$bzm)) {
        echo(
'<hr><p>');
        if(
$isadmin){ //
            
echo "<b>IS ADMINISTRATOR</b><br>\n";
?>

<form action="guestbook.php3" method="POST">
<input type="hidden" name="loginname" value="<?php echo($loginname);?>">
<input type="hidden" name="password" value="<?php echo($password);?>">
<input type="hidden" name="d" value="<?php echo odbc_result($result,"id"); ?>">
<input type="Submit" value="Delete"><br>

<?php        }

        echo 
"<table border='0'>\n";
        echo 
" <tr>\n  <td align='right'>\n  <b>Name:</b>\n  </td>\n";
                echo 
"  <td>\n   ".odbc_result($result,"name")."\n  </td>\n </tr>\n";
        echo 
" <tr>\n  <td align='right'>\n  <b>Email:</b>\n  </td>\n";
                echo 
"  <td>\n   ".odbc_result($result,"email")."\n  </td>\n </tr>\n";
        echo 
" <tr>\n  <td align='right'>\n  <b>Company:</b>\n  </td>\n";
                echo 
"  <td>\n   ".odbc_result($result,"company")."\n  </td>\n </tr>\n";
        echo 
" <tr>\n  <td align='right'>\n  <b>Location:</b>\n  </td>\n";
                echo 
"  <td>\n   ".odbc_result($result,"location")."\n  </td>\n </tr>\n";
        echo 
" <tr>\n  <td align='right'>\n  <b>Date:</b>\n  </td>\n";
                echo 
"  <td>\n   ".date("m-d-Y h:i a",odbc_result($result,"posted"))."\n  </td>\n </tr>\n";
        echo 
" <tr>\n  <td align='right'>\n  <b>Message:</b>\n  </td>\n";
                echo 
"  <td>\n   ".odbc_result($result,"message")."\n  </td>\n </tr>\n";
        echo 
"</table>\n";
        if(
$isadmin)echo('</form>');
        
$bzm++;
    }
    
odbc_free_result($result);
}else{
    echo(
"There was an error!");
}

//******************************************************************
//shutdown database connection
//******************************************************************
odbc_close_all();

if (
$action != "Submit") {

?>
<hr>
<a name="post"><b>Please sign our Guest Book</b></a>
<form action="guestbook.php3" method="POST">
<table border='0'>
 <tr valign='top'>
  <td align='right'>
   <br>Name:
  </td>
  <td>
   <br><input type="Text" name="name" size="40" maxlength="100">
  </td>
  <td rowspan='4'>
   Message:<br>
   <textarea name="message" cols="40" rows="10" wrap="PHYSICAL"></textarea><br>
  </td>
 </tr>
 <tr>
  <td align='right'>
   <br>Email:
  </td>
  <td>
   <br><input type="Text" name="email" size="40" maxlength="40">
  </td>
 </tr>
 <tr>
  <td align='right'>
   <br>Company:
  </td>
  <td>
   <br><input type="Text" name="company" size="40" maxlength="100">
  </td>
 </tr>
 <tr>
  <td align='right'>
   <br>Geographic<br>Location:
  </td>
  <td>
   <br><input type="Text" name="location" size="40" maxlength="100">
  </td>
 </tr>
 <tr>
  <td></td>
  <td>
   We ask location because we're curious.<br>
   Please put down your city, county, state,<br>province, country and/or continent. Thanks!
  </td>
  <td align='center'>
   <input type="Submit" name="action" value="Submit">
   <input type="reset">
  </td>
 </tr>
</table>
</form>
<hr>
<?php
}
//******************************************************************
//end guestbook
//******************************************************************
?>

Comments or questions?
PX is running PHP 5.2.17
Thanks to Miranda Productions for hosting and bandwidth.
Use of any code from PX is at your own risk.