PHP Classes

File: data_file.php

Recommend this page to a friend!
  Classes of german gomez bajo   Simple comments   data_file.php   Download  
File: data_file.php
Role: Auxiliary script
Content type: text/plain
Description: do not edit this, it populates the datebase
Class: Simple comments
Store and show user comments in site pages
Author: By
Last change:
Date: 13 years ago
Size: 3,037 bytes
 

Contents

Class file image Download
<?php
session_start
();
/*include settings (db included)*/
include("settings.php");
    if (
$_POST['name'] and $_POST['email'] and $_POST['history'] and $_POST['return'])
    {
       
/////////////////////
       
       
$_SESSION['the_name'] = $_POST['name'];
       
$_SESSION['the_email'] = $_POST['email'];
       
$_SESSION['the_history'] = $_POST['history'];
       
       
//vars
       
$name = (string)$_POST['name'];
       
$email = (string)$_POST['email'];
       
$history = (string)$_POST['history'];
       
$ip = (string)$_POST['ip'];
       
$return = (string)$_POST['return'];
       
       
/////////////////
                /*check lenghts*/
                   
$name_lenght = strlen($name);
                   
$email_lenght = strlen($email);
                   
$history_lenght = strlen($history);
                        if (
$name_lenght > $max_name or $email_lenght > $max_email or $history_lenght > $max_history)
                        {
                            if (
$show_error_messages == "on") $_SESSION['lenght'] = "on";
                           
header("location: ".$return);
                            die(
"too long name");
                        }
               
               
/*check spam*/
               
if ($allow_urls == "off")
                {
                   
$findme = array('www', 'http', '.com', '.org', '.net', '.ly', '.es', '.cat', '.ar', '.tv', '[dot]');
                   
                   
/*cheekings*/
                       
$pos = strpos($history, $findme[0]);
                       
$pos2 = strpos($history, $findme[1]);
                       
$pos3 = strpos($history, $findme[2]);
                       
$pos4 = strpos($history, $findme[3]);
                       
$pos5 = strpos($history, $findme[4]);
                       
$pos6 = strpos($history, $findme[5]);
                       
$pos7 = strpos($history, $findme[6]);
                       
$pos8 = strpos($history, $findme[7]);
                       
$pos9 = strpos($history, $findme[8]);
                       
$pos10 = strpos($history, $findme[9]);
                       
$pos11 = strpos($history, $findme[10]);
                    if ((
$pos or $pos2 or $pos3 or $pos4 or $pos5 or $pos6 or $pos7 or $pos8 or $pos9 or $pos10 or $pos11) === true)
                    {
                        if (
$show_error_messages == "on") $_SESSION['spam'] = "on";
                       
header("location: ".$_POST['return']);
                        die(
"nospaaaap");
                    }
               
                }
       
               
       
//we check if the written email is correct
       
$check_email = strpos($email, '@'); //find the @ char
           
if ($check_email === false)
            {
                if (
$show_error_messages == "on") $_SESSION['email'] = "on";
               
header("location: ".$_POST['return']);
            }
            else
            {
                   
/*we replace < and > in the message, name and history*/
                       
$marks = array("<", ">");
                       
$replaced = array("&lt;", "&gt;");
                           
$new_name = str_replace($marks, $replaced, $name);
                           
$new_history = str_replace($marks, $replaced, $history);
               
               
               
/*population of the db*/
               
$date = date("d/m/Y");
               
$ip = $_SERVER['REMOTE_ADDR'];
               
               
mysql_query("
                INSERT INTO comments VALUES (
                '"
.$new_name."', '".$email."', '".$new_history."', '".$ip."', '".$date."', '".$return."', ''
                )
                "
) or die('error trying to populate the db');
               
                if (
$show_error_messages == "on") $_SESSION['published'] = "yes";
               
/*get back*/
               
header("location: ".$return);
            }
   
    }
    else
    {
       
       
$_SESSION['fields'] = "on";
       
header("location: ".$return);
    }
?>