/* mySQL table definition
CREATE TABLE hao_soulrevue (
id mediumint(8) unsigned NOT NULL auto_increment,
name varchar(32) default NULL,
message text,
date datetime default NULL,
emailid mediumint(8) NOT NULL default '0',
status tinyint NOT NULL default '0',
ip char(16),
PRIMARY KEY (id),
KEY i_date (date),
KEY i_status (status)
) TYPE=MyISAM;
CREATE TABLE hao_soulrevue_emailids (
id mediumint(8) unsigned NOT NULL auto_increment,
email varchar(64) default NULL,
PRIMARY KEY (id)
) TYPE=MyISAM;
CREATE TABLE users (
id int(10) unsigned NOT NULL auto_increment,
user char(16) NOT NULL default '',
passwd char(32) NOT NULL default '',
ipaddy char(15) default NULL,
last_access datetime default NULL,
secret char(16) default NULL,
email char(69) NOT NULL default '',
realname char(69) NOT NULL default '',
PRIMARY KEY (id),
KEY i_user (user)
) TYPE=MyISAM;
*/
$StartTime = microtime( );
define( USETEMPLATE, 69 );
include_once( 'template.php' );
$Template = new Template( );
mt_srand( ( double )microtime( ) * 1000000.0 );
$DBLink = mysql_pconnect( 'localhost', 'MaryPub', 'jh.A9F31z^X7nb' )
or die( "Unable to connect to the database." );
mysql_select_db( 'MarySites', $DBLink )
or die( "Unable to select the database." );
define( PREG_EMAIL, '/\A(?:[\w-]*\w\.)*[\w-]*\w@(?:[a-zA-Z](?:[\w-]*\w)?\.)+[a-zA-Z](?:[\w-]*\w)?\z/' );
define( PREG_IP, '/\A\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/' );
define( INCR, 20 );
define( MAXCOMMENTLEN, 6000 );
define( MAXNAMELEN, 32 );
define( GBDB, "hao_soulrevue" );
define( GBEMAILIDS, "hao_soulrevue_emailids" );
define( POSTMSG, "
Thank you! Your message has been recorded and is awaiting approval.
" );
define( ERRUNDEF, "Oops, I don't know what happened. Please report this.
" );
define( ERRNAME, "Please give your name to your fans.
" );
define( ERREMAIL, "Please give a valid email or none at all. :)
" );
define( ERRCOMMENT, "Please leave your comment.
" );
define( ERRLONGNAME, "Your name can be a max of 32 characters long, sorry.
" );
define( ERRESSAY, "Please don't write an essay, thanks. :)
" );
$RemoteAddr = $_SERVER[ 'REMOTE_ADDR' ];
if( !preg_match( PREG_IP, $RemoteAddr ) )
{
$RemoteAddr = "0.0.0.0";
}
$ArgCount = 0;
$NewPost = 0;
$PostMsg = ERRUNDEF;
if( !empty( $HTTP_POST_VARS['newcomment'] ) )
{
$NewPost = 1;
if( !empty( $HTTP_POST_VARS['name'] ) )
{
$InName = mysql_real_escape_string( htmlentities( $HTTP_POST_VARS['name'] ) );
if( strlen( $InName ) > MAXNAMELEN )
{
$PostMsg = ERRLONGNAME;
}
else
{
++$ArgCount;
}
}
else
{
$PostMsg = ERRNAME;
}
$InEmail = "";
if( !empty( $HTTP_POST_VARS['email'] ) )
{
if( preg_match( PREG_EMAIL, $HTTP_POST_VARS['email'] )
&& strlen( $HTTP_POST_VARS['email'] ) <= 64 )
{
$InEmail = strtolower( $HTTP_POST_VARS['email'] );
}
else
{
--$ArgCount;
$PostMsg = ERREMAIL;
}
}
if( !empty( $HTTP_POST_VARS['comment'] ) )
{
$InComment = htmlentities( stripslashes( $HTTP_POST_VARS['comment'] ), ENT_QUOTES );
$InComment = mysql_real_escape_string( $InComment );
$InComment = str_replace( "\\r", "", $InComment );
$InComment = str_replace( "\\n", "
", $InComment );
if( strlen( $InComment ) > MAXCOMMENTLEN )
{
$PostMsg = ERRESSAY;
}
else
{
++$ArgCount;
}
}
else
{
$PostMsg = ERRCOMMENT;
}
}
if( 2 == $ArgCount )
{
$NewEmail = 0;
$EmailId = "'0'";
$Email = mysql_real_escape_string( stripslashes($InEmail) );
$Sql = "SELECT id FROM ". GBEMAILIDS ." WHERE email='$Email' ORDER BY id ASC LIMIT 1";
$Result = mysql_query( $Sql, $DBLink );
if( $Result )
{
if( mysql_affected_rows( $DBLink ) > 0
&& ( $RowSet = mysql_fetch_assoc( $Result ) ) )
{
$EmailId = "'" . $RowSet['id'] . "'";
}
else if( strcmp( $InEmail, "" ) )
{
$Sql = "INSERT INTO ". GBEMAILIDS ." (email) VALUES ('$Email')";
$Result = mysql_query( $Sql );
if( $Result )
{
$NewEmail = mysql_insert_id( $DBLink );
$EmailId = "'" . mysql_insert_id( $DBLink ) . "'";
}
}
}
$Sql = "INSERT INTO ". GBDB ." (name,message,date,emailid,ip) VALUES ('$InName','$InComment',NOW(),$EmailId,'$RemoteAddr' )";
mysql_query( $Sql, $DBLink );
$Count = mysql_affected_rows( $DBLink );
if( $Count > 0 )
{
$PostMsg = POSTMSG;
}
/* Generate email images at approve time
/ if( $Count > 0
/ && $NewEmail > 0 )
/ {
/ $Filename = "emails/em_" . $NewEmail . ".png";
/
/ $ImgWidth = ( imagefontwidth( 7 ) * strlen( $InEmail ) ) + 8;
/ $ImgHeight = imagefontheight( 7 ) + 8;
/
/ $Img = imagecreate( $ImgWidth, $ImgHeight );
/ $BGColor = imagecolorallocatealpha( $Img, 255, 255, 255, 127 );
/ $TColor = imagecolorallocatealpha( $Img, 0, 0, 0, 0 );
/
/ imagerectangle( $Img, 0, 0, $ImgWidth - 1, $ImgHeight - 1 , $BGColor );
/
/ !! Don't do circle obfuscation of the images
/ $XCenter = ( $ImgWidth / 2 ) - 1;
/ $YCenter = ( $XCenter / 4 * 3 );
/
/ for( $Diameter = $ImgWidth * 1.5;
/ $Diameter > ( $ImgWidth / 2 );
/ $Diameter -= mt_rand(15,25) )
/ {
/ $CircleColor = mt_rand( 120, 160 );
/ $CircleColor = imagecolorallocatealpha( $Img,
/ $CircleColor,
/ $CircleColor,
/ $CircleColor,
/ 0 );
/ imageellipse( $Img,
/ $XCenter,
/ $YCenter,
/ $Diameter,
/ $Diameter,
/ $CircleColor );
/ }
/
/ $YCenter = -$YCenter;
/
/ for( $Diameter = $ImgWidth * 1.5;
/ $Diameter > ( $ImgWidth / 2 );
/ $Diameter -= mt_rand(15,25) )
/ {
/ $CircleColor = mt_rand( 120, 160 );
/ $CircleColor = imagecolorallocatealpha( $Img,
/ $CircleColor,
/ $CircleColor,
/ $CircleColor,
/ 0 );
/
/ imageellipse( $Img,
/ $XCenter,
/ $YCenter,
/ $Diameter,
/ $Diameter,
/ $CircleColor );
/ }
/ !!
/
/ imagestring( $Img, 7, 4, 4, $InEmail, $TColor );
/
/ if( !file_exists( $Filename ) )
/ {
/ imagepng( $Img, $Filename );
/ }
/ imagedestroy( $Img );
/
/ }
/ else if( $Count <= 0
/ && $NewEmail > 0 )
/ {
/ $Sql = "DELETE FROM ". GBEMAILIDS ." WHERE id='$NewEmail'";
/ mysql_query( $Sql, $DBLink );
/ }
/ */
}
// Page header
$Template->set_filenames(array(
'header' => 'soulrevue_header.tpl'
));
$Sql = "SELECT COUNT(*) AS count FROM ". GBDB ." WHERE status > 0";
$Result = mysql_query( $Sql, $DBLink );
if( !$Result
|| !( $RowSet = mysql_fetch_assoc( $Result ) ) )
{
die( "Database error" );
}
$PageNum = 1;
$Start = 0;
if( $RowSet['count'] > 0 )
{
$PageEnd = ( int )( ( $RowSet['count'] - 1 ) / INCR ) + 1;
if( !empty( $HTTP_GET_VARS['pagenum'] ) )
{
$PageNum = $HTTP_GET_VARS['pagenum'];
if( $PageNum < 1 || $PageNum > $PageEnd )
{
$PageNum = 1;
}
$Start = ( $PageNum - 1 ) * INCR;
}
if( ( $PageNum - 1 ) > 1 )
{
$PagePrev = $PageNum - 1;
}
else
{
$PagePrev = 1;
}
if( ( $PageNum + 1 ) < $PageEnd )
{
$PageNext = $PageNum + 1;
}
else
{
$PageNext = $PageEnd;
}
$PageLine = "<< ";
for( $Ctr = 1; $Ctr <= $PageEnd; ++$Ctr )
{
if( $Ctr == $PageNum )
{
$PageLine = $PageLine
. "$Ctr ";
}
else
{
$PageLine = $PageLine
. "$Ctr ";
}
}
$PageLine = $PageLine
. ">>";
}
$Template->assign_vars(array(
'POSTMSG' => ( $NewPost ? $PostMsg : "" ),
'PAGELINE' => $PageLine
));
$Template->pparse( 'header' );
$Sql = "SELECT *, DATE_FORMAT(date,'%M %e, %Y %l:%i%p PST') AS fdate FROM "
. GBDB ." WHERE status > 0"
. " ORDER BY date DESC LIMIT $Start," . INCR;
if( !( $Result = mysql_query( $Sql, $DBLink ) )
|| mysql_affected_rows( $DBLink ) <= 0 )
{
echo "The board is currently empty. Please remedy that!
";
}
else
{
$Template->set_filenames(array(
'body' => 'soulrevue_body.tpl'
));
$Count = 0;
while( $RowSet = mysql_fetch_assoc( $Result ) )
{
$Email = " ";
if( $RowSet['emailid'] > 0 )
{
$ImgId = $RowSet['emailid'];
if( file_exists( "emails/em_$ImgId.png" ) )
{
$Email = "";
}
}
$Template->assign_block_vars('gcomment', array(
'NAME' => $RowSet['name'],
'EMAIL' => $Email,
'COMMENT' => $RowSet['message'],
'ROWSTYLE' => ( $Count % 2 ) ? "row1" : "row2",
'DATE' => $RowSet['fdate']
));
++$Count;
}
// Parse the page and print
$Template->pparse( 'body' );
}
// Determine page render time
$EndTime = microtime( );
list( $StartUSec, $StartSec ) = explode( " ", $StartTime );
list( $EndUSec, $EndSec ) = explode( " ", $EndTime );
$TotalTime = ( int )( ( $EndSec - $StartSec ) * 1000
+ ( $EndUSec - $StartUSec ) * 1000 );
$Template->assign_vars(array(
'RENDERTIME' => "$TotalTime"
));
// Page footer
$Template->set_filenames(array(
'footer' => 'soulrevue_footer.tpl'
));
$Template->pparse( 'footer' );
?>