"; ?>
Name:
Email:
Location:
Comments:
"; ?>
"; } // PREVIEW POST else if ($_POST[mode] == "Preview") { include("$Home_Path/$Inc_Dir/formaccept.php"); $stripname = pullspam(stripbadstuff($_POST[name]), "header", "strip", "yes"); $striplocation = pullspam(stripbadstuff($_POST[location]), "header", "strip", "yes"); $stripcomments = pullspam(str_replace("@", " at ", stripbadstuff($_POST[comments])), "body", "strip", "yes"); $stripemail = pullspam(stripbadstuff($_POST[email]), "header", "strip", "yes"); if (!$stripname OR !$stripcomments) echo "

Sorry, but we did not receive either your name or comments. Please go back and re-enter them.

"; else { echo "
"; ?> "; echo ""; echo ""; echo ""; } if ($email) { echo ""; echo ""; echo ""; echo ""; } if ($location) { echo ""; echo ""; echo ""; echo ""; } if ($comments) { echo ""; echo ""; echo ""; echo ""; } ?>
Name:$stripname
Email:$stripemail
Location:$striplocation
Comments:$stripcomments
"; echo ""; echo ""; echo ""; if (!empty($rndfrmval) AND ctype_alnum($rndfrmval)) echo ""; ?>
"; } } // SHOW FORMS else if ($_POST[mode] == "Submit" OR !$_POST[mode]) { // SUBMIT POST if ($_POST[mode] == "Submit") { include("$Home_Path/$Inc_Dir/formaccept.php"); $stripname = pullspam(stripbadstuff($_POST[name]), "header", "strip", "yes"); $striplocation = pullspam(stripbadstuff($_POST[location]), "header", "strip", "yes"); $stripcomments = pullspam(str_replace("@", " at ", stripbadstuff($_POST[comments])), "body", "strip", "yes"); $stripemail = pullspam(stripbadstuff($_POST[email]), "header", "strip", "yes"); $addname = pullspam(stripbadstuff($_POST[name]), "header", "add", "yes"); $addlocation = pullspam(stripbadstuff($_POST[location]), "header", "add", "yes"); $addcomments = pullspam(str_replace("@", " at ", stripbadstuff($_POST[comments])), "body", "add", "yes"); $addemail = pullspam(stripbadstuff($_POST[email]), "header", "add", "yes"); $adminemail = pullspam(stripbadstuff($Admin_Email), "header", "add", "yes"); if (!$stripname OR !$stripcomments) echo "

Sorry, but we did not receive either your name or comments. Please go back and re-enter them.

"; else { $ckquery = "SELECT ID FROM " .$DB_Prefix ."_guestbook WHERE Name='$addname' AND Email='$addemail' AND Location='$addlocation' AND Comments='$addcomments'"; $ckresult = mysql_query($ckquery, $dblink) or die ("Unable to check. Try again later."); if (mysql_num_rows($ckresult) == 0) { $insquery = "INSERT INTO " .$DB_Prefix ."_guestbook (Name, Email, Location, IPAddress, Comments, Date) "; $insquery .= "VALUES ('$addname', '$addemail', '$addlocation', '$ipaddress', '$addcomments', '0000-00-00')"; $insresult = mysql_query($insquery, $dblink) or die("Unable to add. Please try again later."); $gbid = mysql_insert_id(); echo "

"; echo "Thank you for your post. We will activate your message shortly.

"; @mail($adminemail, "Guestbook Entry", "The following guestbook entry was submitted, and must be approved through your administration area before it will appear on your site: Name: $stripname Email: $stripemail Location: $striplocation Comments: $stripcomments Edit this post: $urldir/$Adm_Dir/guestbook.php?gbid=$gbid&mode=Edit Delete this post: $urldir/$Adm_Dir/guestbook.php?gbid=$gbid&mode=Delete Activate this post: $urldir/$Adm_Dir/guestbook.php?gbid=$gbid&mode=Activate", "From: $adminemail\r\nReply-To: $adminemail"); } } } // EMPTY POST METHOD if (empty($_POST[mode])) { echo ""; echo "

"; echo "

"; echo "
"; // Set page numbers if (!$page) $offset = 0; else $offset = (($LimitOfItems * $page)-$LimitOfItems); $gbquery = "SELECT * FROM " .$DB_Prefix ."_guestbook WHERE Date<>'0000-00-00' ORDER BY ID DESC"; $totalgbquery = $gbquery; $gbquery .= " LIMIT $offset, $LimitOfItems"; $gbresult = mysql_query($gbquery, $dblink) or die ("Unable to select totals. Please try again later."); $totalgbresult = mysql_query($totalgbquery, $dblink) or die ("Unable to access total records."); $totalgbnum = mysql_num_rows($totalgbresult); if ($totalgbnum > 0) { // START FORMATTING OF PAGE NUMBERS $offset = ($page-1)*$LimitOfItems; if ($totalgbnum % $LimitOfItems == 0) $page_count = ($totalgbnum-($totalgbnum%$LimitOfItems)) / $LimitOfItems; else $page_count = ($totalgbnum-($totalgbnum%$LimitOfItems)) / $LimitOfItems + 1; $previous = $page - 1; $next = $page + 1; if ($page_count > 1) { $i = 1; $n = 3; if ($page < $n+1) $pagestart = 1; else if ($page > ($page_count-$n)) $pagestart = $page_count-$n*2; else $pagestart = $page-$n; while ($i <= $page_count) { if (($i >= $pagestart) AND ($i <= $n*2+$pagestart)) { if ($i != $page) $output_string .= "$i"; else $output_string .= "$i"; if ($i != $page_count AND $i != $n*2+$pagestart) $output_string .= " | "; } $i++; } } // END FORMATTING OF PAGE NUMBERS // START DISPLAY OF PAGE NUMBERS if ($page_count > 1) { if ($Page_Numbers == "Yes") { echo "

"; if ($page > 1) { echo "<< | "; echo "< | "; } echo "$output_string"; if ($page < $page_count) { echo " | >"; echo " | >>"; } echo "
Page $page of $page_count"; echo "

"; } else { echo "

"; if ($page > 1) echo "<< First | < Previous | "; echo "Page $page of $page_count"; if ($page < $page_count) echo " | Next > | Last >>"; echo "

"; } } // END DISPLAY OF PAGE NUMBERS echo ""; for ($gb = 1; $gbrow = mysql_fetch_row($gbresult); ++$gb) { $gbname = stripslashes(stripbadstuff($gbrow[1])); $gblocation = stripslashes(stripbadstuff($gbrow[3])); $gbcomments = stripslashes(stripbadstuff($gbrow[5])); $gbemail = stripslashes(stripbadstuff($gbrow[2])); $gbdate = $gbrow[6]; echo ""; ?> "; echo "
"; if ($Line_Color) echo "
"; else echo " "; echo "
"; if ($Line_Color) echo "
"; else echo " "; echo "
"; } } } ?>