Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
  1. #1
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Mod on Nightfire's PHP GuestBook.

    Why do I keep getting this when several rows of text is entered? it messes everything up.

    http://212.112.183.83/contents/inter..._guestbook.php

    The code is this:
    PHP Code:
    <HTML>
    <HEAD>
    <TITLE>CLAYMEN</TITLE>
    <LINK REL="stylesheet" HREF="../style.css" TYPE="text/css">
    </HEAD>
    <BODY>
    <TABLE HEIGHT="100%" WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="0">
        <TR>
            <TD ALIGN="center" VALIGN="top">
                <?php
                $host 
    'localhost'// This should be either localhost or 127.0.0.1
                
    $username 'root'// Your database username
                
    $password ''// Your database password
                
    $dbname 'guestbook'// Your database name
                
                
    $listing 'DESC'// Choose how you want your guestbook results to show. ASC = ascending (Older entries at the top of the page), DESC = descending (New entries on the top of the page)
                
                
    $link = @mysql_connect($host,$username,$password) or die("Unable to connect to the database. Reason: ".mysql_error());
                    
    mysql_select_db($dbname,$link) or die("Unable to find database. Reason: ".mysql_error());
                
                if(isset(
    $_POST['submit'])){
                            
                    
    $sql "INSERT INTO entries (id,uname,email,website,entry,dates) VALUES ('','".$_POST['uname']."','".$_POST['email']."','".$_POST['website']."','".$_POST['entry']."',NOW())";
                    
    $result = @mysql_query($sql) or die("Error with mysql query on line ".__LINE__.". <BR />".mysql_error());
                
                }
                            
                    
    $sql "SELECT uname,email,website,entry,dates FROM entries ORDER BY id ".$listing;
                    
    $result = @mysql_query($sql) or die("Error with mysql query on line "__LINE__.".<BR />"mysql_error());

                    if(@
    mysql_num_rows($result) >0){
                    while(
    $row mysql_fetch_array($result)){
                        echo 
    '<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0" WIDTH="250">'."\n";
                        echo 
    '    <TR WIDTH="250">'."\n";
                        echo 
    '        <TD HEIGHT="13" ALIGN="left" BGCOLOR="#455058"><FONT>&nbsp;<B>'.$row['uname'].'</B></FONT></B></TD>'."\n";
                        echo 
    '        <TD HEIGHT="13" ALIGN="right" BGCOLOR="#455058"><FONT>'.$row['dates'].'&nbsp;</FONT></TD>'."\n";
                        echo 
    '    </TR>'."\n";
                        echo 
    '    <TR WIDTH="250">'."\n";
                        echo 
    '        <TD ALIGN="left" WIDTH="250" COLSPAN="2"><DIV ALIGN="justify" WIDTH="250"><FONT>&nbsp;'.$row['entry'].'</FONT><BR><BR></DIV></TD>'."\n";
                        echo 
    '    </TR>'."\n";
                        echo 
    '    <TR WIDTH="250">'."\n";
                        echo 
    '        <TD ALIGN="center" WIDTH="250" COLSPAN="2"><IMG SRC="../pics/999999.gif" HEIGHT="1" WIDTH="250"><BR><FONT><A HREF="'.$row['website'].'" TARGET="blank_">Website</A>&nbsp;|&nbsp;<A HREF="mailto:'.$row['email'].'">Email</A></FONT><BR><IMG SRC="../pics/999999.gif" HEIGHT="1" WIDTH="250"><BR><BR></TD>'."\n";
                        echo 
    '    </TR>'."\n";
                        echo 
    '</TABLE>'."\n";
                    }
                }
                else { 
                    echo 
    "<FONT>No entries yet.</FONT>\n";
                }
                
    ?>
            </TD>
            <TD ALIGN="right" VALIGN="top">
                <FORM ACTION="<?php echo $_SERVER['PHP_SELF']; ?>" METHOD="post">
                    <INPUT TYPE="text" NAME="uname"    SIZE="22" VALUE=" Name" CLASS="formstyle" STYLE="-moz-opacity:0.6;filter:alpha(opacity=60)" onMouseOver="this.style.MozOpacity=1;this.filters.alpha.opacity=100" onMouseOut="this.style.MozOpacity=0.6;this.filters.alpha.opacity=60" onFocus="javascript:this.select()"><BR>
                    <INPUT TYPE="text" NAME="email"    SIZE="22" VALUE=" Email" CLASS="formstyle" STYLE="-moz-opacity:0.6;filter:alpha(opacity=60)" onMouseOver="this.style.MozOpacity=1;this.filters.alpha.opacity=100" onMouseOut="this.style.MozOpacity=0.6;this.filters.alpha.opacity=60" onFocus="javascript:this.select()"><BR>
                    <INPUT TYPE="text" NAME="website" SIZE="22" VALUE=" Website" CLASS="formstyle" STYLE="-moz-opacity:0.6;filter:alpha(opacity=60)" onMouseOver="this.style.MozOpacity=1;this.filters.alpha.opacity=100" onMouseOut="this.style.MozOpacity=0.6;this.filters.alpha.opacity=60" onFocus="javascript:this.select()"><BR>
                    <TEXTAREA NAME="entry" ROWS="7" COLS="19" CLASS="formstyle" STYLE="-moz-opacity:0.6;filter:alpha(opacity=60)" onMouseOver="this.style.MozOpacity=1;this.filters.alpha.opacity=100" onMouseOut="this.style.MozOpacity=0.6;this.filters.alpha.opacity=60" onFocus="javascript:this.select()">&nbsp;Message</TEXTAREA><BR>
                    <INPUT TYPE="submit" VALUE=" Post " NAME="submit" CLASS="submitstyle" STYLE="-moz-opacity:0.6;filter:alpha(opacity=60)" onMouseOver="this.style.MozOpacity=1;this.filters.alpha.opacity=100" onMouseOut="this.style.MozOpacity=0.6;this.filters.alpha.opacity=60">
                </FORM>
            </TD>
        </TR>
    </TABLE>
    </BODY>
    </HTML>
    And how do I make it so that there are links at the bottom for other pages when the content of the gb is more than a certain number of pixels or so? (like the google 1,2,3,4,5,6,7,8,9....)
    Last edited by Noumenon; 10-08-2004 at 07:15 PM.

  • #2
    Senior Coder Nightfire's Avatar
    Join Date
    Jun 2002
    Posts
    4,266
    Thanks
    6
    Thanked 48 Times in 48 Posts
    1)
    PHP Code:
    $sql "INSERT INTO entries (id,uname,email,website,entry,dates) VALUES ('','".$_POST['uname']."','".$_POST['email']."','".$_POST['website']."','".nl2br($_POST['entry'])."',NOW())"
    2) Do a search on the forums for pagination. It works by number of records found, not pixels. Would modify it for you myself but haven't got the time tonight to do it

  • #3
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    hm. the first bit regarding
    PHP Code:
    $sql "INSERT INTO entries (id,uname,email,website,entry,dates) VALUES ('','".$_POST['uname']."','".$_POST['email']."','".$_POST['website']."','".nl2br($_POST['entry'])."',NOW())"
    that doesn't fix the problem with the "messagemessagemessagemessagemessagemessagemessage" entry, it still doesn't break the line.


    btw. shouldn't the guestbook entries show up in an iframe if you have put the gb-code inside an iframe tag?
    <IFRAME><GB PHP CODE></IFRAME>

    another thing.
    if the user don't fill in Website nor Email no link should be printed.
    this could be done with an if-statement for each of them, right?

    like this
    PHP Code:
    if  ($row['website']==website) {
    }
    else {
        echo 
    '<A HREF="'.$row['website'].'" TARGET="blank_">Website</A>'."\n";

    Last edited by Noumenon; 10-08-2004 at 09:25 PM.

  • #4
    New Coder
    Join Date
    May 2003
    Location
    in a small damp cupboard
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noumenon
    PHP Code:
    if  ($row['website']==website) {
    }
    else {
        echo 
    '<A HREF="'.$row['website'].'" TARGET="blank_">Website</A>'."\n";

    try:
    PHP Code:
    echo strlen($row['website']) != || $row['website'] != 'website' '<A HREF="'.$row['website'].'" TARGET="_blank">Website</A>'."\n" NULL
    better yet, do the checking to see if a website/email address has been entered when the data is on the way into the database, provided you set the column to allow NULL values, you can do a simple isset() on the way out

  • #5
    Regular Coder
    Join Date
    Aug 2004
    Location
    The US of A
    Posts
    767
    Thanks
    1
    Thanked 0 Times in 0 Posts
    There is a way to deal with the messagemessagemessage thing, however I can't think of the function (I thought it was stripos, but it wasn't). However, I do have the solution for the optional info. =)

    PHP Code:
    <?php
    if (isset($row["website"])) { print " <strong><a href=\""$row["website"] ."\">Website</a></strong>";}

    if (isset(
    $row["email"])) { print " <strong><a href=\"mailto:"$row["email"] ."\">E-Mail</a></strong>";}
    ?>
    Edit: Typoed a var name. Never good to leave unfixed. =)

  • #6
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mrjamin
    try:
    PHP Code:
    echo strlen($row['website']) != || $row['website'] != 'website' '<A HREF="'.$row['website'].'" TARGET="_blank">Website</A>'."\n" NULL
    better yet, do the checking to see if a website/email address has been entered when the data is on the way into the database, provided you set the column to allow NULL values, you can do a simple isset() on the way out
    How would one do that?

  • #7
    New Coder
    Join Date
    May 2003
    Location
    in a small damp cupboard
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noumenon
    How would one do that?
    First off, set the email/website columns to allow NULL values using:

    Code:
    ALTER TABLE `entries` CHANGE `website` `website` VARCHAR(255), CHANGE `email` `email` VARCHAR(255)
    Change the 'varchar(255)' bits to whatever field type/length they were before, although it doesn't explicitly say it, the above will 'allow' them to have NULL values as it removes the NOT NULL that they may have been created with.

    Anyway. Next, do some basic error checking before you build the insert query:

    PHP Code:
    <?php
    // Loop through the post vars and escape slashes which might confuse MySQL
    foreach($_POST as $key => $val){
        
    $_POST[$key] = addslashes($val);
    }
    // set the default 'email' form field value so we can check to see if its been changed by the user
    $defaultEmail 'email';
    // then do the same for the website field
    $defaultWebsite 'website';

    // then, check to see if the fields have no length, or are equal to the default value
    // if so then set it to NULL, otherwise add it to the query and pre/append with 's
    $email strlen($_POST['email']) > || $_POST['email'] != 'email' "'$_POST[email]'" "NULL";
    $website strlen($_POST['website']) > || $_POST['website'] != 'website' "'$_POST[website]'" "NULL";

    // build the query :: NOTICE THAT $email AND $website DON'T HAVE ' AROUND THEM, LOOK ABOVE!
    $sql "INSERT INTO `entries` SET
            `uname` = '$_POST[uname]',
            `email` = $email,
            `website` = $website`
            `entry` = '" 
    nl2br($_POST['entry']) . "',
            `dates` = NOW()"
    ;  
    ?>
    ...and there you have it.

    Edit:
    Forgot to add, on the way out, just do:
    PHP Code:
    echo isset($row['website']) != "<A HREF=\"".$row['website']."\" TARGET=\"_blank\">Website</A>\n" NULL;
    echo isset(
    $row['email']) != "<A HREF=\"mailto:".$row['email']."\" TARGET=\"_blank\">Email</A>\n" NULL
    instead of isset(), you could just use
    PHP Code:
    echo $row['website'] ? /* true */ /* false */
    but you might get some PHP notices if your server's error reporting is too aggressive, its generally bad practice to write could that'd output notices (even if displaying notices are turned off) anyway so probably best avoided full stop and sticking with isset().
    ANOTHER EDIT: fixed error checking typo
    Last edited by mrjamin; 10-09-2004 at 01:03 AM.

  • #8
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    In phpmyadmin it shows the guestbook DB and the table entries.
    for the field email and website null was set to "not null" and now changed to "null".. and still varchar(250)... is this what you meant?

    Actually, I don't get it at all *lol*
    Have no idea what to do with that code and the previous code. heh.
    Last edited by Noumenon; 10-09-2004 at 01:12 AM.

  • #9
    New Coder
    Join Date
    May 2003
    Location
    in a small damp cupboard
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noumenon
    In phpmyadmin it shows the guestbook DB and the table entries.
    for the field email and website null was set to "not null" and now changed to "null".. and still varchar(250)... is this what you meant?
    Yep, that'd do it

  • #10
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Heh, I feel kinda stupid right now.

    what do I change in this code?
    PHP Code:
    <?php
    $host 
    'localhost'// This should be either localhost or 127.0.0.1
    $username 'root'// Your database username
    $password ''// Your database password
    $dbname 'guestbook'// Your database name
                
    $listing 'DESC'// Choose how you want your guestbook results to show. ASC = ascending (Older entries at the top of the page), DESC = descending (New entries on the top of the page)
                
    $link = @mysql_connect($host,$username,$password) or die("Unable to connect to the database. Reason: ".mysql_error());
        
    mysql_select_db($dbname,$link) or die("Unable to find database. Reason: ".mysql_error());
                
    if(isset(
    $_POST['submit'])){
                            
        
    $sql "INSERT INTO entries (id,uname,email,website,entry,dates) VALUES ('','".$_POST['uname']."','".$_POST['email']."','".$_POST['website']."','".nl2br($_POST['entry'])."',NOW())";
        
    $result = @mysql_query($sql) or die("Error with mysql query on line ".__LINE__.". <BR />".mysql_error());
    }

        
    $sql "SELECT uname,email,website,entry,dates FROM entries ORDER BY id ".$listing;
        
    $result = @mysql_query($sql) or die("Error with mysql query on line "__LINE__.".<BR />"mysql_error());

    if(@
    mysql_num_rows($result) >0){
        while(
    $row mysql_fetch_array($result)){
            echo 
    '<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0" WIDTH="250">'."\n";
            echo 
    '    <TR WIDTH="250">'."\n";
            echo 
    '        <TD HEIGHT="13" ALIGN="left" BGCOLOR="#455058"><FONT>&nbsp;<B>'.$row['uname'].'</B></FONT></B></TD>'."\n";
            echo 
    '        <TD HEIGHT="13" ALIGN="right" BGCOLOR="#455058"><FONT>'.$row['dates'].'&nbsp;</FONT></TD>'."\n";
            echo 
    '    </TR>'."\n";
            echo 
    '    <TR WIDTH="250">'."\n";
            echo 
    '        <TD ALIGN="left" WIDTH="250" COLSPAN="2"><DIV ALIGN="justify" WIDTH="250"><FONT>&nbsp;'.$row['entry'].'</FONT><BR><BR></DIV></TD>'."\n";
            echo 
    '    </TR>'."\n";
            echo 
    '    <TR WIDTH="250">'."\n";
            echo 
    '        <TD ALIGN="center" WIDTH="250" COLSPAN="2"><IMG SRC="../pics/999999.gif" HEIGHT="1" WIDTH="250"><BR><FONT><A HREF="'.$row['website'].'" TARGET="blank_">Website</A>&nbsp;|&nbsp;<A HREF="mailto:'.$row['email'].'">Email</A></FONT><BR><IMG SRC="../pics/999999.gif" HEIGHT="1" WIDTH="250"><BR><BR></TD>'."\n";
            echo 
    '    </TR>'."\n";
            echo 
    '</TABLE>'."\n";
        }
    }
    else { 
        echo 
    "<FONT>No entries yet.</FONT>\n";
    }
    ?>

  • #11
    New Coder
    Join Date
    May 2003
    Location
    in a small damp cupboard
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noumenon
    what do I change in this code?
    PHP Code:
    <?php
    // turn email address into spam-bot proof ones
    function mail_mash($addy) { 
        
    $addy 'mailto:'.$addy
        for(
    $i=0;$i<strlen($addy);$i++){
            
    $letters[]=$addy[$i];
        } 
        while (list(
    $key$val) = each($letters)) { 
            
    $r rand(0,20); 
            if(
    $r 9){
                
    $letters[$key] = '&#'.ord($letters[$key]).';';
            } 
        } 
        
    $mashed_email_addy implode(''$letters); 
        return 
    $mashed_email_addy
    }
    $host 'localhost'// This should be either localhost or 127.0.0.1
    $username 'root'// Your database username
    $password ''// Your database password
    $dbname 'guestbook'// Your database name
                
    $listing 'DESC'// Choose how you want your guestbook results to show. ASC = ascending (Older entries at the top of the page), DESC = descending (New entries on the top of the page)
                
    $link = @mysql_connect($host,$username,$password) or die("Unable to connect to the database. Reason: ".mysql_error());
        
    mysql_select_db($dbname,$link) or die("Unable to find database. Reason: ".mysql_error());
                
    if(isset(
    $_POST['submit'])){
    // MRJAMIN'S MOD
    // Loop through the post vars and escape slashes which might confuse MySQL
    foreach($_POST as $key => $val){
        
    $_POST[$key] = addslashes($val);
    }
    // set the default 'email' form field value so we can check to see if its been changed by the user
    $defaultEmail 'email';
    // then do the same for the website field
    $defaultWebsite 'website';

    // then, check to see if the fields have no length, or are equal to the default value
    // if so then set it to NULL, otherwise add it to the query and pre/append with 's
    $email strlen($_POST['email']) > || $_POST['email'] != 'email' "'$_POST[email]'" "NULL";
    $website strlen($_POST['website']) > || $_POST['website'] != 'website' "'$_POST[website]'" "NULL";

    // build the query :: NOTICE THAT $email AND $website DON'T HAVE ' AROUND THEM, LOOK ABOVE!
    $sql "INSERT INTO `entries` SET
            `uname` = '$_POST[uname]',
            `email` = $email,
            `website` = $website`
            `entry` = '$_POST[entry]',
            `dates` = NOW()"
    ;  
    // END MRJAMIN'S MOD
        
    $result = @mysql_query($sql) or die("Error with mysql query on line ".__LINE__.". <BR />".mysql_error());
    }

        
    $sql "SELECT uname,email,website,entry,dates FROM entries ORDER BY id ".$listing;
        
    $result = @mysql_query($sql) or die("Error with mysql query on line "__LINE__.".<BR />"mysql_error());

    if(@
    mysql_num_rows($result) >0){
        while(
    $row mysql_fetch_assoc($result)){
            foreach(
    $row as $key => $val){
                
    $row[$key] = htmlentities(trim(stripslashes($val)));
            }
            
    $email "<a href=\"" mail_mash($row['email']) . "\">email</a>";
            echo 
    '<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0" WIDTH="250">'."\n";
            echo 
    '    <TR WIDTH="250">'."\n";
            echo 
    '        <TD HEIGHT="13" ALIGN="left" BGCOLOR="#455058"><FONT>&nbsp;<B>'.$row['uname'].'</B></FONT></B></TD>'."\n";
            echo 
    '        <TD HEIGHT="13" ALIGN="right" BGCOLOR="#455058"><FONT>'.$row['dates'].'&nbsp;</FONT></TD>'."\n";
            echo 
    '    </TR>'."\n";
            echo 
    '    <TR WIDTH="250">'."\n";
            echo 
    '        <TD ALIGN="left" WIDTH="250" COLSPAN="2"><DIV ALIGN="justify" WIDTH="250"><FONT>&nbsp;'.$row['entry'].'</FONT><BR><BR></DIV></TD>'."\n";
            echo 
    '    </TR>'."\n";
            echo 
    '    <TR WIDTH="250">'."\n";
            echo 
    '        <TD ALIGN="center" WIDTH="250" COLSPAN="2"><IMG SRC="../pics/999999.gif" HEIGHT="1" WIDTH="250"><BR><FONT>';
    // MRJAMIN'S MOD
    echo isset($row['website']) != "<A HREF=\"".$row['website']."\" TARGET=\"_blank\">Website</A>\n" NULL;
    echo isset(
    $row['email']) && isset($row['website']) ? "&nbsp;|&nbsp;" NULL;
    echo isset(
    $row['email']) != $email NULL;
    // END MRJAMIN'S MOD
    echo '</FONT><BR><IMG SRC="../pics/999999.gif" HEIGHT="1" WIDTH="250"><BR><BR></TD>'."\n";
            echo 
    '    </TR>'."\n";
            echo 
    '</TABLE>'."\n";
        }
    }
    else { 
        echo 
    "<FONT>No entries yet.</FONT>\n";
    }
    ?>
    that should fix it. I've not tested it in any way, so it may or may not work. Lemme know if it doesn't. I've commented the bits I added.

    Don't feel stupid mate, I'm happy to help

    MrJ
    Last edited by mrjamin; 10-09-2004 at 01:39 AM. Reason: added some tidying up to printing the results to the browser

  • #12
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Great! I'll check it tomorrow though.
    Have to go to bed now (damn those nagging girlfriends)

  • #13
    New Coder
    Join Date
    May 2003
    Location
    in a small damp cupboard
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noumenon
    Great! I'll check it tomorrow though.
    Have to go to bed now (damn those nagging girlfriends)
    Top stuff, hope it works. Have just added a couple more improvements:
    o Added some code to tidy up the data from the MySQL database
    o Made it 'mash up' email addresses so they're harder for spam bots to pick up, but still viewable by users over a web browser. If you mouseover them and look at what the status bar says, it looks like perfectly normal, do a view source on the end result, and you won't be able to spot the address!
    Last edited by mrjamin; 10-09-2004 at 01:37 AM.

  • #14
    New Coder
    Join Date
    Aug 2004
    Location
    Uppsala, Sweden
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    it still prints the url and the mail adress.
    and the mailadress isn't a link anymore.

  • #15
    New Coder
    Join Date
    May 2003
    Location
    in a small damp cupboard
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noumenon
    it still prints the url and the mail adress.
    and the mailadress isn't a link anymore.
    try again using the code above again now, made some changes to it last night.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •