Pointing out two bunches of code from a php script
As the solution.. I have got this script code.. it's an open source so i can modify it..
The problem is it's a guest book script written in very highly and deeply php language that I am not able to understand all..
BUT I am here you guys can read and help me..
From this script i would need your help, You will have to separate 2 things <PLEASE>
1. Bunch of code, Which writes message and gives a unique id to each entry...SO identified while want to delete..
2. BUNCH of code, by which we get a text linked as file.php?admin= delete&msg=(MES SAGE ID).
Please help friends... I need your help really... I am looking forward for help..[php]<?php
define('ADMIN_P ASS', '123');
function strip_chars($va r)
{
return trim(str_replac e("\r", NULL, htmlspecialchar s(stripslashes( strip_tags($var )), ENT_QUOTES)));
}
function bbcode($var)
{
$var = preg_replace('/http:\/\/[\w]+(.[\w]+)([\w\-\.,@?^=%&:\/~\+#]*[\w\-\@?^=%%&\/~\+#])?/i', '<a href="$0">$0</a>', $var);
$var = preg_replace('( \[b\](.+?)\[\/b\])is', '<b>$1</b>', $var);
$var = preg_replace('( \[i\](.+?)\[\/i\])is', '<i>$1</i>', $var);
$var = preg_replace('( \[u\](.+?)\[\/u\])is', '<u>$1</u>', $var);
return trim($var);
}
if (isset($_POST['password']))
{
$password = md5($_POST['password']);
if ($password == md5(ADMIN_PASS) )
{
setcookie('pass word', $password);
}
}
else
{
$password = isset($_COOKIE['password']) ? $_COOKIE['password'] : NULL;
}
if (isset($_GET['admin']) && $_GET['admin'] == 'logout')
{
setcookie('pass word', '');
unset($_COOKIE['password'], $password);
header("Locatio n: ".$_SERVER['PHP_SELF']);
exit;
}
else
if (isset($_GET['admin']) && $_GET['admin'] == 'delete')
{
if ($password == md5(ADMIN_PASS) )
{
if ($file = fopen('./betadb.txt', 'r'))
{
$data = '';
while (!feof($file))
{
$line = fgets($file, 4096);
list($timestamp ) = explode(chr(02) , trim($line));
if ($timestamp == $_GET['msg'])
{
$data .= fread($file, filesize('./betadb.txt'));
fclose($file);
if (!$file = fopen('./betadb.txt', 'w'))
{
break;
}
fwrite($file, $data);
fclose($file);
break;
}
else
{
$data .= $line;
}
}
}
}
header("Locatio n: ".$_SERVER['PHP_SELF']);
exit;
}
if($_SERVER['REQUEST_METHOD '] == 'POST')
{
$_POST = str_replace(chr (02), ' ', $_POST);
$ip = $_SERVER['REMOTE_ADDR'];
$name = strip_chars($_P OST['name']);
$subject = strip_chars($_P OST['subject']);
$email = strip_chars($_P OST['email']);
$website = strip_chars($_P OST['website']);
$message = str_replace("\n ", "<br>", strip_chars($_P OST['message']));
$message = bbcode($message );
$timestamp = time();
if (!(empty($name) || empty($message) ))
{
$file = fopen('./betadb.txt', 'a+');
$data = $timestamp . chr(02) . $name . chr(02) . $subject . chr(02) . $email . chr(02) . $website . chr(02) . $message . chr(02) . $ip . "\n";
fwrite($file, $data);
fclose($file);
}
header("Locatio n: ".$_SERVER['PHP_SELF']);
exit;
}
?>
<html>
<head>
<title>Fsoft Beta Testing</title>
<style type="text/css">
body
{
background-color: #FFFFFF;
color: #125EC6;
}
td
{
font-family: Arial;
color: #125EC6;
font-size: 13px;
}
input, textarea
{
background-color: #FFFFFF;
color: #125EC6;
font-size: 13px;
border-style: solid;
border-width: 1px;
border-color: #125EC6;
}
p.title
{
font-family: Arial;
font-size: 19px;
color: #0F448E;
font-weight: bold;
}
.banner
{
font-family: Arial;
font-size: 13px;
background-color: #ABCAF6;
color: #0F448E;
font-weight: bold;
}
.message
{
font-family: Arial;
font-size: 13px;
background-color: #E0EBFB;
color: #125EC6;
}
a:link, a:visited
{
color: #125EC6;
}
a:hover
{
color: #125EC6;
}
</style>
</head>
<body>
<?php
if (isset($_GET['admin']))
{
if ($_GET['admin'] == 'login')
{
echo "<center>\n ";
echo "<p class=\"title\" >Guestbook login</p>\n";
echo "<form method=\"post\" action=\"".$_SE RVER['PHP_SELF']."\"><p><inp ut type=\"password \" name=\"password \" size=\"20\" /> <input type=\"submit\" value=\"Login\" name=\"submit\" /></p></form>\n";
echo "</center>\n";
}
}
else
{
echo "<p align=\"center\ " class=\"title\" >Fsoft Beta Testing</p>\n";
if ($password != md5(ADMIN_PASS) )
{
echo "<form action=\"".$_SE RVER['PHP_SELF']."\" method=\"post\" >\n";
echo "<table width=\"100%\" style=\"backgro und-color:#C3D9F8;\ ">\n";
echo " <tr>\n";
echo " <td width=\"67\">Na me:</td>\n";
echo " <td><input type=\"text\" value=\"\" name=\"name\" style=\"width:1 00%;\"/></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td>Message; </td>\n";
echo " <td><textarea name=\"message\ " rows=\"3\" style=\"width:1 00%;\"></textarea></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td></td>\n";
echo " <td><input type=\"submit\" name=\"Submit\" value=\"Submit! \"/>";
echo "<input type=\"reset\" value=\"Reset\"/>";
echo "</td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "</form>\n";
}
if(filesize('./betadb.txt') == 0)
{
echo "<font style=\"font-family:Arial;co lor:#125EC6;fon t-size:13px;\">No posts found.<br></font>\n";
}
else
{
$items = file('./betadb.txt');
$items = array_reverse($ items);
str_replace("<" , "<", $items);
str_replace(">" , ">", $items);
str_replace("\n ", "<br>\n", $items);
foreach($items as $line)
{
list($timestamp , $name, $subject, $email, $website, $message, $ip) = explode(chr(02) , trim($line));
$topic = "\n<div class=\"banner\ ">";
$topic .= date('m/d/Y H:i:s',$timesta mp) . " ";
if ($email != "")
{
$topic .= "<a href=\"mailto:$ email\">";
}
$topic .= "$name";
if ($email != "")
{
$topic .= "</a>";
}
if ($website != "")
{
$website = eregi_replace(" ^http://", "", $website);
$topic .= " (<a href=\"http://$website\" target=\"_blank \">$website</a>) - ";
}
else
{
$topic .= " - ";
}
$topic .= "$subject</div>\n";
$topic .= "<div class=\"message \">$message</div>\n";
echo $topic;
if ($password == md5(ADMIN_PASS) )
{
echo "<div class=\"banner\ "><a href=\"".$_SERV ER['PHP_SELF']."?admin=delete &msg=$times tamp\">[delete]</a> <a href=\"http://whois.sc/".$ip."\" target=\"_blank \" title=\"".$ip." \">[whois]</a></div>\n";
}
echo "<br>\n";
}
}
echo "<br>\n";
if ($password == md5(ADMIN_PASS) )
{
echo "<a href=\"".$_SERV ER['PHP_SELF']."?admin=logout \"><font style=\"font-family:Arial;co lor:#125EC6;fon t-size:13px;\">Lo gout</a><br></font>\n";
}
else
{
echo "<a href=\"".$_SERV ER['PHP_SELF']."?admin=login\ "><font style=\"font-family:Arial;co lor:#125EC6;fon t-size:13px;\">Ad min login</a><br></font>\n";
}
}
?>
</body>
</html>[/php]Thanks in advance..
FAISAL!
The problem is it's a guest book script written in very highly and deeply php language that I am not able to understand all..
BUT I am here you guys can read and help me..
From this script i would need your help, You will have to separate 2 things <PLEASE>
1. Bunch of code, Which writes message and gives a unique id to each entry...SO identified while want to delete..
2. BUNCH of code, by which we get a text linked as file.php?admin= delete&msg=(MES SAGE ID).
Please help friends... I need your help really... I am looking forward for help..[php]<?php
define('ADMIN_P ASS', '123');
function strip_chars($va r)
{
return trim(str_replac e("\r", NULL, htmlspecialchar s(stripslashes( strip_tags($var )), ENT_QUOTES)));
}
function bbcode($var)
{
$var = preg_replace('/http:\/\/[\w]+(.[\w]+)([\w\-\.,@?^=%&:\/~\+#]*[\w\-\@?^=%%&\/~\+#])?/i', '<a href="$0">$0</a>', $var);
$var = preg_replace('( \[b\](.+?)\[\/b\])is', '<b>$1</b>', $var);
$var = preg_replace('( \[i\](.+?)\[\/i\])is', '<i>$1</i>', $var);
$var = preg_replace('( \[u\](.+?)\[\/u\])is', '<u>$1</u>', $var);
return trim($var);
}
if (isset($_POST['password']))
{
$password = md5($_POST['password']);
if ($password == md5(ADMIN_PASS) )
{
setcookie('pass word', $password);
}
}
else
{
$password = isset($_COOKIE['password']) ? $_COOKIE['password'] : NULL;
}
if (isset($_GET['admin']) && $_GET['admin'] == 'logout')
{
setcookie('pass word', '');
unset($_COOKIE['password'], $password);
header("Locatio n: ".$_SERVER['PHP_SELF']);
exit;
}
else
if (isset($_GET['admin']) && $_GET['admin'] == 'delete')
{
if ($password == md5(ADMIN_PASS) )
{
if ($file = fopen('./betadb.txt', 'r'))
{
$data = '';
while (!feof($file))
{
$line = fgets($file, 4096);
list($timestamp ) = explode(chr(02) , trim($line));
if ($timestamp == $_GET['msg'])
{
$data .= fread($file, filesize('./betadb.txt'));
fclose($file);
if (!$file = fopen('./betadb.txt', 'w'))
{
break;
}
fwrite($file, $data);
fclose($file);
break;
}
else
{
$data .= $line;
}
}
}
}
header("Locatio n: ".$_SERVER['PHP_SELF']);
exit;
}
if($_SERVER['REQUEST_METHOD '] == 'POST')
{
$_POST = str_replace(chr (02), ' ', $_POST);
$ip = $_SERVER['REMOTE_ADDR'];
$name = strip_chars($_P OST['name']);
$subject = strip_chars($_P OST['subject']);
$email = strip_chars($_P OST['email']);
$website = strip_chars($_P OST['website']);
$message = str_replace("\n ", "<br>", strip_chars($_P OST['message']));
$message = bbcode($message );
$timestamp = time();
if (!(empty($name) || empty($message) ))
{
$file = fopen('./betadb.txt', 'a+');
$data = $timestamp . chr(02) . $name . chr(02) . $subject . chr(02) . $email . chr(02) . $website . chr(02) . $message . chr(02) . $ip . "\n";
fwrite($file, $data);
fclose($file);
}
header("Locatio n: ".$_SERVER['PHP_SELF']);
exit;
}
?>
<html>
<head>
<title>Fsoft Beta Testing</title>
<style type="text/css">
body
{
background-color: #FFFFFF;
color: #125EC6;
}
td
{
font-family: Arial;
color: #125EC6;
font-size: 13px;
}
input, textarea
{
background-color: #FFFFFF;
color: #125EC6;
font-size: 13px;
border-style: solid;
border-width: 1px;
border-color: #125EC6;
}
p.title
{
font-family: Arial;
font-size: 19px;
color: #0F448E;
font-weight: bold;
}
.banner
{
font-family: Arial;
font-size: 13px;
background-color: #ABCAF6;
color: #0F448E;
font-weight: bold;
}
.message
{
font-family: Arial;
font-size: 13px;
background-color: #E0EBFB;
color: #125EC6;
}
a:link, a:visited
{
color: #125EC6;
}
a:hover
{
color: #125EC6;
}
</style>
</head>
<body>
<?php
if (isset($_GET['admin']))
{
if ($_GET['admin'] == 'login')
{
echo "<center>\n ";
echo "<p class=\"title\" >Guestbook login</p>\n";
echo "<form method=\"post\" action=\"".$_SE RVER['PHP_SELF']."\"><p><inp ut type=\"password \" name=\"password \" size=\"20\" /> <input type=\"submit\" value=\"Login\" name=\"submit\" /></p></form>\n";
echo "</center>\n";
}
}
else
{
echo "<p align=\"center\ " class=\"title\" >Fsoft Beta Testing</p>\n";
if ($password != md5(ADMIN_PASS) )
{
echo "<form action=\"".$_SE RVER['PHP_SELF']."\" method=\"post\" >\n";
echo "<table width=\"100%\" style=\"backgro und-color:#C3D9F8;\ ">\n";
echo " <tr>\n";
echo " <td width=\"67\">Na me:</td>\n";
echo " <td><input type=\"text\" value=\"\" name=\"name\" style=\"width:1 00%;\"/></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td>Message; </td>\n";
echo " <td><textarea name=\"message\ " rows=\"3\" style=\"width:1 00%;\"></textarea></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td></td>\n";
echo " <td><input type=\"submit\" name=\"Submit\" value=\"Submit! \"/>";
echo "<input type=\"reset\" value=\"Reset\"/>";
echo "</td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "</form>\n";
}
if(filesize('./betadb.txt') == 0)
{
echo "<font style=\"font-family:Arial;co lor:#125EC6;fon t-size:13px;\">No posts found.<br></font>\n";
}
else
{
$items = file('./betadb.txt');
$items = array_reverse($ items);
str_replace("<" , "<", $items);
str_replace(">" , ">", $items);
str_replace("\n ", "<br>\n", $items);
foreach($items as $line)
{
list($timestamp , $name, $subject, $email, $website, $message, $ip) = explode(chr(02) , trim($line));
$topic = "\n<div class=\"banner\ ">";
$topic .= date('m/d/Y H:i:s',$timesta mp) . " ";
if ($email != "")
{
$topic .= "<a href=\"mailto:$ email\">";
}
$topic .= "$name";
if ($email != "")
{
$topic .= "</a>";
}
if ($website != "")
{
$website = eregi_replace(" ^http://", "", $website);
$topic .= " (<a href=\"http://$website\" target=\"_blank \">$website</a>) - ";
}
else
{
$topic .= " - ";
}
$topic .= "$subject</div>\n";
$topic .= "<div class=\"message \">$message</div>\n";
echo $topic;
if ($password == md5(ADMIN_PASS) )
{
echo "<div class=\"banner\ "><a href=\"".$_SERV ER['PHP_SELF']."?admin=delete &msg=$times tamp\">[delete]</a> <a href=\"http://whois.sc/".$ip."\" target=\"_blank \" title=\"".$ip." \">[whois]</a></div>\n";
}
echo "<br>\n";
}
}
echo "<br>\n";
if ($password == md5(ADMIN_PASS) )
{
echo "<a href=\"".$_SERV ER['PHP_SELF']."?admin=logout \"><font style=\"font-family:Arial;co lor:#125EC6;fon t-size:13px;\">Lo gout</a><br></font>\n";
}
else
{
echo "<a href=\"".$_SERV ER['PHP_SELF']."?admin=login\ "><font style=\"font-family:Arial;co lor:#125EC6;fon t-size:13px;\">Ad min login</a><br></font>\n";
}
}
?>
</body>
</html>[/php]Thanks in advance..
FAISAL!
Comment