Need a PHP Script

[Rising]

I need a php script, where i can let people add content to my site without resgistering, but i also need to set it so i can delete if people spam, and whoever posted it, im gonna need their IP also, can it be done? i will pay all of my points if someone does this, preferably id like it to be done by Nedren.


also, could you tell me what to change to make the stuff they post go into other files, so i can have it setup for muiltiple pages

(would like it to be a form kindve, like a simple guestbook)

Name: (Box)
Email: (Box)
Content: (Box)

 

[Phil]

I need a php script, where i can let people add content to my site without resgistering, but i also need to set it so i can delete if people spam, and whoever posted it, im gonna need their IP also, can it be done? i will pay all of my points if someone does this, preferably id like it to be done by Nedren.


also, could you tell me what to change to make the stuff they post go into other files, so i can have it setup for muiltiple pages

(would like it to be a form kindve, like a simple guestbook)

Name: (Box)
Email: (Box)
Content: (Box)

You can try sending Nedren a PM. But he is very very very busy.

 

[Woolie]

Well, I personally can't, but have you ever thought of using a wiki? Such as "Media Wiki" used on WikiPedia.org.

Clicky here

It allows everyone to contribute to the content.

 

[Rising]

i dont like CMS's too much

 

[Brandon]

http://www.hotscripts.com/PHP/Scripts_and_Programs/Content_Management/index.html

There might be one that users can post to.

 

[dharmil]

http://www.pixel2life.com/

go there to php section and click on asub menu and they will give you tuts to do just about anything with php

 

[Chris S]

i could help when i get home

im just at school right now. Seeing what book I want to read for my parallel reading project

Right now "The Cure" is looking good

 

[Rising]

never read, but that sounds good, also, could you put a white border around each post?

 

[Chris S]

well what color is the background going to be?

 

[Rising]

black, http://www.schematic.x10hosting.com/DiY/Index1.html
is the url for the mainoutline, but all pages in iframe are gonna be php

 

[Chris S]

im almost done... I need to get the database created

What do you want the database named?

 

[Rising]

diydb

 

[Rising]

wait, couldnt you just send it to a .txt file, i basically, just want a simple guestbook

 

[Chris S]

This should work

Your Very Own *Insert name here* Scrip

Files needed:
add.php
submit.php
db.php
admin.php
protect.php
display.php

--Extra--
createtable.php


--Lets start working--

The db.php code:

<?

/*  Database Information - Required!!  */
/* -- Configure the Variables Below --*/
$dbhost = 'localhost';
$dbusername = '*******';
$dbpasswd = '*******';
$database_name = '*******';


/* Database Stuff, do not modify below this line */

$connection = mysql_pconnect("$dbhost","$dbusername","$dbpasswd")
	or die ("Couldn't connect to server.");

$db = mysql_select_db("$database_name", $connection)
	or die("Couldn't select database.");

?>

The createtable.php code:

<?php
include ('db.php');
$sql = 'CREATE TABLE `diydb` ('
        . ' `id` BIGINT(15) NOT NULL AUTO_INCREMENT, '
        . ' `name` VARCHAR(255) NOT NULL, '
        . ' `email` VARCHAR(255) NOT NULL, '
        . ' `content` LONGTEXT NOT NULL, '
        . ' `ip` VARCHAR(20) NOT NULL,'
        . ' PRIMARY KEY (`id`)'
        . ' )'
        . ' TYPE = myisam';
$query = mysql_query($sql) or die(mysql_error());

if (($query) == 'True'){
echo "Success, Your table was created correctly";
}else{
echo "Error, There was something wrong. Please try the phpmyadmin code and see if it works.";
}

OR

CREATE TABLE `diydb` (
`id` BIGINT( 15 ) NOT NULL AUTO_INCREMENT ,
`name` VARCHAR( 255 ) NOT NULL ,
`email` VARCHAR( 255 ) NOT NULL ,
`content` LONGTEXT NOT NULL ,
`ip` VARCHAR( 20 ) NOT NULL ,
PRIMARY KEY ( `id` )
) TYPE = MYISAM ;

add.php Page code is as follows:

<html>
<head>
<style type="text/css">

table, td
{
    border-color: #600;
    border-style: solid;
}

table
{
    border-width: 0 0 1px 1px;
    border-spacing: 0;
    border-collapse: collapse;
}

td
{
    margin: 0;
    padding: 4px;
    border-width: 1px 1px 0 0;
    background-color: #FFC;
}


</style>
<body>
<form method="post" action="submit.php">
<table>
    <tr>
        <td>Name</td>
        <td><input type="text" name="name"></td>
    </tr>
    <tr>
        <td>Email</td>
        <td><input type="text" name="email"></td>
    </tr>
    <tr>
        <td>Content</td>
        <td><textarea name="content"></textarea></td>
    </tr>
    <tr>
        <td colspan="2"><center><input type="submit" value="Submit"></center></td>

    </tr>
</table>
</form>

Ok Well that is the index page. That just has it so they can see the form to submit the data to

Well now for submit.php page:

<?php

include ('db.php');

$name = $_POST['name'];
$email = $_POST['email'];
$content = $_POST['content'];

$name = addslashes($name);
$email = addslashes($email);
$content = addslashes($content);

$query = mysql_query("INSERT INTO `diydb` (`name`, `email`, `content`) VALUES ('$name', '$email', '$content')") or die(mysql_error());

if (($query) == 'True'){
echo "Comment was added Correctly. Please Hit the back button";
}else{
echo "Whoops, There was an error. Please Hit the back button and try again.";
}
?>

Next comes the admin.php:

<?php

include ('db.php');
echo '<table>';

$query = mysql_query("SELECT * FROM `diydb`") or die(mysql_error());
while ($row = mysql_fetch_array($query)){
$id=$row['id'];
$name=$row['name'];
$email=$row['email'];
$content=$row['content'];

$name = stripslashes($name);
$email = stripslashes($email);
$content = stripslashes($content);
$link = "<a href=\"delete.php?id=$id\">Delete This Post</a>";
?>

    <tr>
        <td>Delete this Post</td>
        <td><?php echo $link; ?></td>
    </tr>
    <tr>
        <td>Name</td>
        <td><?php echo $name; ?></td>
    </tr>
    <tr>
        <td>Email</td>
        <td><?php echo $email; ?></td>
    </tr>
    <tr>
        <td>Content</td>
        <td><?php echo $content; ?></td>
    </tr>
    <tr>
        <td colspan="2"><center><input type="submit" value="Submit"></center></td>

    </tr>
<?php
}
echo '</table>';
?>

Now for display.php

<?php

include ('db.php');
echo '<table>';

$query = mysql_query("SELECT * FROM `diydb`") or die(mysql_error());
while ($row = mysql_fetch_array($query)){

$name=$row['name'];
$email=$row['email'];
$content=$row['content'];

$name = stripslashes($name);
$email = stripslashes($email);
$content = stripslashes($content);

?>

    <tr>
        <td>Name</td>
        <td><?php echo $name; ?></td>
    </tr>
    <tr>
        <td>Email</td>
        <td><?php echo $email; ?></td>
    </tr>
    <tr>
        <td>Content</td>
        <td><?php echo $content; ?></td>
    </tr>
    <tr>
        <td colspan="2"><center><input type="submit" value="Submit"></center></td>

    </tr>
<?php
}
echo '</table>';
?>

Finally protect.php:

<?php

#    IP BANNING ADMIN PANEL
#    THIS WILL PROTECT PEOPLE FROM DELETING NEWS


session_start();

$admin_user_name = "admin";
$admin_password = "pass";
//you can change the username and password by changing the above two strings 

if (!isset($HTTP_SESSION_VARS['user'])) {
    
    if(isset($HTTP_POST_VARS['u_name'])) 
        $u_name = $HTTP_POST_VARS['u_name'];
    
    if(isset($HTTP_POST_VARS['u_password'])) 
        $u_password = $HTTP_POST_VARS['u_password'];
    
    if(!isset($u_name)) {
        ?>
        <HTML>
        <HEAD>
        <TITLE><?php echo $HTTP_SERVER_VARS['HTTP_HOST']; ?> : Authentication Required</TITLE>
        </HEAD>
        <BODY bgcolor=#ffffff>
        <table border=0 cellspacing=0 cellpadding=0 width=100%>
             <TR><TD>
             <font face=verdana size=2><B>(Access Restricted to Authorized Personnel)</b> </font></td>
             </tr></table>
        <P></P>
        <font face=verdana size=2>
        <center>
        <?php
        $form_to = "http://$HTTP_SERVER_VARS[HTTP_HOST]$HTTP_SERVER_VARS[PHP_SELF]";
        
        if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))
        $form_to = $form_to ."?". $HTTP_SERVER_VARS["QUERY_STRING"];
        
        ?>
        <form method=post action=<?php echo $form_to; ?>>
        <table border=0 width=350>
        <TR>
        <TD><font face=verdana size=2><B>User Name</B></font></TD>
        <TD><font face=verdana size=2><input type=text name=u_name size=20></font></TD></TR>
        <TR>
        <TD><font face=verdana size=2><B>Password</B></font></TD>
        <TD><font face=verdana size=2><input type=password name=u_password size=20></font></TD>
        </TR>
        </table>
        <input type=submit value=Login></form>
        </center>
        </font>
        </BODY>
        </HTML>
        
        <?php
        exit;
    }
    else {
        
        function login_error($host,$php_self) {
            echo "<HTML><HEAD>
            <TITLE>$host :  Administration</TITLE>
            </HEAD><BODY bgcolor=#ffffff>
            <table border=0 cellspacing=0 cellpadding=0 width=100%>
                 <TR><TD align=left>
                 <font face=verdana size=2><B> &nbsp;You Need to log on to access this part of the site! </b> </font></td>
                 </tr></table>
            <P></P>
            <font face=verdana size=2>
            <center>";
                        
            echo "Error: You are not authorized to access this part of the site!
            <B><a href=$php_self>Click here</a></b> to login again.<P>
            </center>
            </font>
            </BODY>
            </HTML>";
            session_unregister("adb_password");
            session_unregister("user");
            exit;
        }
        
        $user_checked_passed = false;
        
        
        if(isset($HTTP_SESSION_VARS['adb_password'])) {
            
            $adb_session_password = $HTTP_SESSION_VARS['adb_password'];
            
            if($admin_password != $adb_session_password) 
                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);
            else {
                $user_checked_passed = true;
            }
        }
        
        
        if($user_checked_passed == false) {
            
            if(strlen($u_name)< 2) 
                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);
            
            if($admin_user_name != $u_name) //if username not correct
                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);        
            
            if(isset($admin_password)) {
                
                if($admin_password == $u_password) {
                    
                    session_register("adb_password");
                    session_register("user");
                    
                    $adb_password = $admin_password;
                    $user = $u_name;
                }
                else { //password in-correct
                    login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);
                }
            }
            else {
                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);
            }
                
            $page_location = $HTTP_SERVER_VARS['PHP_SELF'];
            if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))
            $page_location = $page_location ."?". $HTTP_SERVER_VARS["QUERY_STRING"];
            
            header ("Location: ". $page_location);
        }
    }
}
?>

Now to show the table on other php pages do

include ('display.php');

Note: I have not tested this code. So if there are any errors. E-mail me at demosthnes705 [a][t] gmail.com

Edit: I forgot to make delete.php I will add that on in a few moments.

 

[Chris S]

sorry for the double post but its 336 characaters too long to post in 1 post

Last but not least delete.php code:

<?php
include ('db.php');

$id = G$_GET['id'];

$query = mysql_query("DELETE FROM `diydb` WHERE `id` = '$id'") or die(mysql_error());

if (($query) == 'True'){
echo "Comment was deleted Correctly. Please Hit the back button";
}else{
echo "Whoops, There was an error. Please Hit the back button and try again.";
}
?>

 

[Chris S]

if i knew how i probably could but i don't know how.

 

[Rising]

ill just keep the script, heres the points though, i found a tutorial on pixel2life