| px | top | add code | search | signup | login | help |
<?
/*
PHP Guestbook
Written by Tony Awtrey
Anthony Awtrey Consulting
See http://www.awtrey.com/support/dbeweb/ for more information
This is the SQL statement to create the database required for
this application.
CREATE TABLE guests (
guest_id
int(4)
unsigned
zerofill
DEFAULT '0000'
NOT NULL
auto_increment,
guest_name varchar(50),
guest_email varchar(50),
guest_time timestamp(14),
guest_message text,
PRIMARY KEY (guest_id)
);
*/
////////////////////////////////
// This checks to see if we need to add another guestbook entry.
////////////////////////////////
if (($REQUEST_METHOD=='POST')) {
////////////////////////////////
// This loop removed "dangerous" characters from the posted data
// and puts backslashes in front of characters that might cause
// problems in the database.
////////////////////////////////
for(reset($HTTP_POST_VARS);
$key=key($HTTP_POST_VARS);
next($HTTP_POST_VARS)) {
$this = addslashes($HTTP_POST_VARS[$key]);
$this = strtr($this, ">", " ");
$this = strtr($this, "<", " ");
$this = strtr($this, "|", " ");
$$key = $this;
}
////////////////////////////////
// This will catch if someone is trying to submit a blank
// or incomplete form.
////////////////////////////////
if ($name && $email && $message ) {
////////////////////////////////
// This is the meat of the query that updates the guests table
////////////////////////////////
$query = "INSERT INTO guests ";
$query .= "(guest_id, guest_name, ";
$query .= "guest_email, guest_time, guest_message) ";
$query .= "values(0000,'$name','$email',NULL,'$message')";
mysql_pconnect("db2.pair.com","tator_w","password")
or die("Unable to connect to SQL server");
mysql_select_db("tator_awtrey") or die("Unable to select database");
mysql_query($query) or die("Insert Failed!");
} else {
////////////////////////////////
// If they didn't include all the required fields set a variable
// and keep going.
////////////////////////////////
$notall = 1;
}
}
?>
<!-- Start Page -->
<HTML>
<HEAD>
<TITLE>Add a Message</TITLE>
</HEAD>
<BODY BGCOLOR="white">
<H1>Add A Message</H1>
<!-- Let them know that they have to fill in all the blanks -->
<? if ($notall == 1) { ?>
<P><FONT COLOR="red">Please answer all fields</FONT></P>
<? } ?>
<!-- The bits of PHP in the form allow the data that was already input
to be placed back in the form if it is filled out incompletely -->
<FORM METHOD="post" ACTION="guest.php3">
<PRE>
Your Name: <INPUT
TYPE="text"
NAME="name"
SIZE="20"
MAXSIZE="50"
VALUE="<? echo $name; ?>">
Your Email: <INPUT
TYPE="text"
NAME="email"
SIZE="20"
MAXSIZE="50"
VALUE="<? echo $email; ?>">
Enter Message:
<TEXTAREA NAME="message" COLS="40" ROWS="8" WRAP="Virtual">
<? echo $message; ?>
</TEXTAREA>
<INPUT TYPE="submit" VALUE="Add">
</PRE>
</FORM>
<HR>
<?
////////////////////////////////
// This is where the date is retrieved back out of the database.
////////////////////////////////
mysql_pconnect("db2.pair.com","tator_r","password")
or die("Unable to connect to SQL server");
mysql_select_db("tator_awtrey") or die("Unable to select database");
$query = "SELECT * FROM guests";
$guests = mysql_query($query) or die("Select Failed!");
////////////////////////////////
// This will loop as long as there are records waiting to be processed.
// Notice the plain HTML inside the while loop structure. PHP is flexable
// enough to allow you to break into and out of the "code" at any point.
////////////////////////////////
while ($guest = mysql_fetch_array($guests)) {
?>
<TABLE BORDER="1" WIDTH="500">
<TR><TD>
Name: <? echo $guest['guest_name']; ?>
</TD><TD>
Email: <A HREF="mailto:<? echo $guest['guest_email']; ?>">
<? echo $guest['guest_email']; ?></A>
</TD><TD>
<?
////////////////////////////////
// The database has a timestamp record type that we can use to show the
// date the guestbook was filled out.
////////////////////////////////
$datefromdb = $guest['guest_time'];
$year = substr($datefromdb,0,4);
$mon = substr($datefromdb,4,2);
$day = substr($datefromdb,6,2);
$hour = substr($datefromdb,8,2);
$min = substr($datefromdb,10,2);
$sec = substr($datefromdb,12,2);
$orgdate = date("l F dS, Y h:i A",mktime($hour,$min,$sec,$mon,$day,$year));
echo "Date: $orgdate\n";
?>
</TD></TR>
<TR><TD COLSPAN="3">
<? echo $guest['guest_message']; ?>
</TD></TR>
</TABLE>
<BR>
<? } ?>
</BODY>
</HTML>
Comments or questions?
PX is running PHP 5.2.11
Thanks to Miranda Productions for hosting and bandwidth.
Use of any code from PX is at your own risk.