For more information, go to http://www.karlo.ph.tc
<?php header("Content-type: text/html; charset=utf-8"); //Send to browser that the charset is utf-8 ?>
<?php
/* ******************************
kShoutBox 0.2
******************************
*/
/* ****************************************
This ShoutBox script was created by
Juan Karlo Aquino de Guzman
DO NOT MODIFY THIS CODE AND DISTRIBUTING
IT WITHOUT ANY PERMISSION. E-MAIL THE
AUTHOR FIRST. Email: 01karlo@gmail.com
DO NOT REMOVE THE "POWERED BY".
FOR SUGGESTIONS, COMMENTS, ETC, SEND AN
EMAIL TO 01karlo@gmail.com
HOPE THAT YOU ENJOY THIS SCRIPT!
MY FRIENDSTER: karlo@*BLEEP*it.com
****************************************
*/
/* ******************************
Make sure that your editor supports WordWrap
******************************
*/
//error_reporting("0"); // Turns error reporting off
$dbHost = 'localhost'; // Database host
$dbUser = 'username'; // Database username
$dbPass = 'password'; // Database password
$dbName = 'karlo_scripts'; // Database name
$color1 = '#6699FF'; // Color #1
$color2 = '#66CCFF'; // Color #2
$ver = '0.2'; // kShoutBox version
/* ******************************
kShoutBox 0.2 - UNINSTALL
******************************
Please make sure that you change
it to something else. Or, take the
risk. If someone tries to enter
"uninstall in their taskbar, the
kShoutBox will be uninstalled.
You can change it to anything that
you like. Example, convert "uninstall"
to your own language. Example, "Tanggalin"
means "to remove".
*/
if(preg_match('/uninstall/',$_SERVER['QUERY_STRING'])) { // Check if "uninstall" is found it's value from tha table
mysql_connect($dbHost,$dbUser,$dbPass,$dbName);
mysql_select_db($dbName);
$query = mysql_query("SELECT * FROM password"); // Requests MySQL to show the table
$password = mysql_fetch_row($query); // Gets the "password" field and
if(isset($_GET['choice'])) { // Check if the user choses to delete the database or not
switch($_GET['choice']) {
case 0:
mysql_query("DROP DATABASE $dbName"); // Deletes the database
die('<b>Database deleted and Uninstalled!<br><br><a href="'.$_SERVER['SCRIPT_NAME'].'" style="color: blue;">Continue</a></b>');
mysql_close(); // Closes MySQL
exit;
break;
case 1:
die('<b>Uninstalled!<br><br><a href="'.$_SERVER['SCRIPT_NAME'].'" style="color: blue;">Continue</a></b>');
mysql_close(); // Closes MySQL
exit;
break;
}
}
if($_POST['password']===$password[0]) { // Check if it's the same
mysql_query("DROP TABLE kShoutBox"); // Drops the Table
mysql_query("DROP TABLE password"); // Drops the Table
die('<form name="database" method="get"><b>Would you like to delete the Database?</b><br><br>Yes <input type="radio" name="choice" value="0"> No <input type="radio" name="choice" value="1"><br><br><input type="submit" value="Continue" style="width: 200px;"><input type="hidden" name="password" value="'.$_POST['password'].'"><input type="hidden" name="uninstall"</b></form>'); // Outputs the question
}
die('Enter the password:<br><br><form name="authentication" method="post"><input type="textbox" name="password" size="30"><br><br>Then press enter.</form>'); // Outputs the verify page
}
mysql_connect($dbHost,$dbUser,$dbPass,$dbName) or error_msg("Unable to connect to MySQL!"); // Connects to MySQL
mysql_select_db($dbName) or doInstall(); // Selects the MySQL Database
$list1 = mysql_query("SELECT * FROM password"); // Check if the password table exists
$list2 = mysql_fetch_row($list1); // fetch the password
if($list2 < 1) { // If there is no password, then it means that this script is not installed yet
doInstall();
}
/* ******************************
kShoutBox 0.2 - INFO ABOUT THE POST
******************************
*/
if(isset($_GET['info'])) {
$ra = array('pid' => 'Post ID','nickname' => 'Nickname','nickname_info' => 'Email/Website','happened' => 'Date','content' => 'Message','ip' => 'IP Address'); // Array, if the MySQL's result is "pid", it will be automatically changed to "Post ID"
$i=0; // sets the counter to zero.
$query_fields = mysql_query("SHOW COLUMNS FROM kShoutBox"); // shows the columns in kShoutBox
// HTML Body
echo('<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" http://www.w3.org/TR/html4/loose.dtd"...ead><meta name="keywords" content="kshoutbox, shoutbox, juan, karlo, aquino, de, guzman, box, shout, '.$_GET['info'].'"><meta name="kShoutBox '.$ver.' created by Juan Karlo Aquino de Guzman"><title>User info: '.$_GET['info'].'</title></head><body>'); // HTML Body
echo('<table align="center" cellpadding="8" cellspacing="4" width="250%"><tr width="100%">'); // the table
while($qfields = mysql_fetch_assoc($query_fields)){
$colors = ($i % 2) ? '#6699FF':'#33CCFF';
$a = $qfields[Field];
$b = $ra[$a];
echo("<td align=\"center\" style=\"background: $colors; font-weight: bold; font-family: verdana; font-size: 12px;\">$b</td>");
$i++;
} // Outputs the Post ID, Nickname, etc...
$query_rows = mysql_query("SELECT * FROM kShoutBox WHERE nickname LIKE '".$_GET['info']."' ORDER BY pid"); // Find the Nickname
echo("</tr>");
// Outputs the search results
$i = 1;
while($fetch_row=mysql_fetch_object($query_rows)){
$colors = ($i %2) ? '#FFFFCC':'#33FFCC'; // Alternate table colors
$date_replace = str_replace("\n",'<br>',$fetch_row->happened); // Replaces the "\n" or the "blank line" with <br>
// Table Body
echo('<tr width="100%"><td align="center" style="background: '.$colors.'; font-weight: bold; font-family: verdana; font-size: 12px;" onmouseover="this.style.background=\'white\';" onmouseout="this.style.background=\''.$colors.'\';">'.$i.'</td>'.'<td align="center" style="background: '.$colors.'; font-weight: bold; font-family: verdana; font-size: 12px;" onmouseover="this.style.background=\'white\';" onmouseout="this.style.background=\''.$colors.'\';">'.$fetch_row->nickname.'</td><td align="center" style="background: '.$colors.'; font-weight: bold; font-family: verdana; font-size: 12px;" onmouseover="this.style.background=\'white\';" onmouseout="this.style.background=\''.$colors.'\';">'.$fetch_row->nickname_info.'</td><td align="center" style="background: '.$colors.'; font-weight: bold; font-family: verdana; font-size: 12px;" onmouseover="this.style.background=\'white\';" onmouseout="this.style.background=\''.$colors.'\';">'.$date_replace.'</td><td align="center" style="background: '.$colors.'; font-weight: bold; font-family: verdana; font-size: 12px;" onmouseover="this.style.background=\'white\';" onmouseout="this.style.background=\''.$colors.'\';">'.$fetch_row->content.'</td><td align="center" style="background: '.$colors.'; font-weight: bold; font-family: verdana; font-size: 12px;" onmouseover="this.style.background=\'white\';" onmouseout="this.style.background=\''.$colors.'\';">'.$fetch_row->ip.'</td></tr>'); // Table Body = The Results
$i++; // Add something to the counter
}
mysql_close(); // Closes MysQL
die("</table><br><div align=\"center\" style=\"font-family: verdana; font-size: 9px;\">Date and Time, GMT+8, from the PHP manual of gmdate() function, thanks to info@kogik.com<br><br>Thanks to:<br><br><a href=\"http://tm-software.uni.cc\" style=\"color: blue;\" target=\"_blank\">http://tm-software.uni.cc</a><br><a href=\"http://www.freewebmasterhelp.com\" style=\"color: blue;\" target=\"blank\">http://www.freewebmasterhelp.com</a></div></body></html>"); // Closes the HTML.
}
/* ******************************
kShoutBox 0.2 - Record the Data
******************************
*/
if(isset($_POST['nickname'])) {
$timezone = +8; // your timezone. default is +8 (philippines)
$nickname = $_POST['nickname']; // the nickname of the user
$nickname_info = $_POST['nickname_info']; // the email/website of the user
$happened = "Summer time: ".gmdate("F d Y, h:i:s a",time()+3600*($timezone+date("I"))); // from the PHP manual of gmdate() function, thanks to info@kogik.com
$happened.= "\nWinter time: ".gmdate("F d Y, h:i:s a",time()+3600*($timezone+date("0"))); // from the PHP manual of gmdate() function, thanks to info@kogik.com
$content = $_POST['content']; // content of the post
$ip = $_SERVER['REMOTE_ADDR']; // IP address of the user
// Checks if the user entered something
empty($nickname) ? error_msg("You didn't enter your nickname!"):null;
empty($nickname_info) ? error_msg("You didn't enter your website/email!"):null;
empty($content) ? error_msg("You didn't enter any message!"):null; // Checks if the user entered something
// Checks the length of the string that the user entered
strlen($nickname > 10) ? error_msg("You are only allowed to enter a nickname that is not more than 10 characters."):null;
strlen($nickname_info > 50) ? error_msg("You are only allowed to enter a website/email that is not more than 50 characters."):null;
strlen($content > 500) ? error_msg("You are only allowed to enter a message that is not more than 500 characters."):null; // Checks the length of the string that the user entered
if(!preg_match('/[\\wa-z]/',$nickname)) {
error_msg("You entered an invalid nickname!");
}
if(!preg_match('/\\b(?P<protocol>https?|ftp):\/\/(?P<domain>[-A-Z0-9.]+)(?P<file>\/[-A-Z0-9+&@#\/%=~_|!:,.;]*)?(?P<parameters>\\?[-A-Z0-9+&@#\/%=~_|!:,.;]*)?/i',$nickname_info)){ // Checks if the user entered a website address
if(!preg_match('/\\b[A-Z0-9._%-]+@[A-Z0-9._%-]+\\.[A-Z]{2,4}\\b/i',$nickname_info)){ error_msg("You entered an invalid e-mail address or websie! If you entered your website, you probably forgot to<br>include \"http\". If you entered your e-mail address, you probably forgot to include the \"@\" sign and the \".\" <- dots."); } // Checks if the user entered an email address
}
mysql_query("INSERT INTO kShoutBox VALUES(null,'$nickname','$nickname_info','$happened','$content','$ip')"); // Inserts the values to MySQL
jredirect($_SERVER['SCRIPT_NAME']); // Redirects to the main page
}
?>
<?php
/* ******************************
kShoutBox - Installation
******************************
*/
function doInstall() {
global $dbHost,$dbUser,$dbPass,$dbName,$ver;
mysql_close(); // Closes the left opened MySQL connection.
echo("<h3>kShoutBox $ver Installation</h3>"); // The Header
if(!isset($_POST['password'])) { // If "install" is not yet called/set
die('<form name="install" method="post">Enter a password (which will protect this script in case someone tries to install it):<br><br><input type="textbox" name="password" size="30"><br><br>Enter your email address (must be valid):<br><br><input type="textbox" name="email" size="30"><br><br><input type="submit" style="width: 150px;" value="Install"></form>'); // Shows the confirmation message to the user
}else{
mysql_connect($dbHost,$dbUser,$dbPass); // Connects to MySQL
echo('<h4>Creating Database "'.$dbName.'" ...');
$query_install = mysql_select_db($dbName) or $query_verify=1;
if($query_verify===1) {
mysql_query("CREATE DATABASE $dbName") or die('FAILED</h4>');
} // Creates the Database
echo('DONE</h4>');
echo('<h4>Creating Table "kShoutBox" ...');
mysql_select_db($dbName); // Selects the newly created Database
$q = "CREATE TABLE kShoutBox ( pid INT(50) NOT NULL AUTO_INCREMENT,"; // Creates the PostID
$q.= "nickname VARCHAR(10) NOT NULL,"; // Creates the Nickname
$q.= "nickname_info VARCHAR(50) NOT NULL,"; // Creates the Nickname Info, email, website, etc...
$q.= "happened VARCHAR(100) NOT NULL,"; // When did it happened?
$q.= "content TEXT NOT NULL,"; // The content of the post
$q.= "ip VARCHAR(20) NOT NULL,"; // The IP address of the poster.
$q.= "INDEX (pid) \n)"; // Makes pid as the index
mysql_query($q); // Requests "$q" to be inserted into the MySQL database.
mysql_query("CREATE TABLE password ( password VARCHAR(25) NOT NULL UNIQUE )");
mysql_query("INSERT INTO password VALUES('".sha1($_POST['password'])."');"); // Creates the table for the password
mail($_POST['email'],'Password for kShoutbox '.$ver,'The password is: '.sha1($_POST['password']),'From: server@'.str_replace('www',null,$_SERVER['SERVER_NAME']));
$query = mysql_query("SELECT * FROM password");
$password = mysql_fetch_row($query);
mysql_close(); // Closes MySQL
die('DONE</h4><h4>The password was sended to the e-mail address that you entered.<br>Please do not lost it!<br>Your password is:<br>'.$password[0].'</h4><h4><a href="'.$_SERVER['SCRIPT_NAME'].'" style="color: blue;">Success!</h4>');
}
}
?>
<?php
/* ******************************
kShoutBox - Error Message
******************************
*/
function error_msg($msg) {
mysql_close(); // Closes MySQL
die("<div align=\"center\" style=\"background-color: red; padding: 4px; font-family: verdana; font-size: 12px; font-weight: bold; color: white; width: 30%;\">There was an error!</div><div align=\"center\" style=\"background-color: #FFFFCC; padding: 8px; font-family: verdana; font-size: 12px; font-weight: bold; color: black; width: 30%;\">$msg<br><a href=\"javascript:history.back();\" style=\"color: blue; font-family: verdana; font-weight: bold; font-size: 12px;\">Go back</a></div>");
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>kShoutBox <?=$ver;?></title>
<style type="text/css">
body { background: White; font-family: Verdana; font-size: 12px; }
td { background: White; font-size: 12px; }
#nickname { font-family: Verdana; font-size: 12px; height: 20px; }
#nickname_info { font-family: Verdana; font-size: 12px; height: 20px; }
#content { font-family: Verdana; font-size: 12px; }
#submit { width: 150px; }
</style>
</head>
<body>
<?php
/* ******************************
kShoutBox - Main
******************************
*/
$q = mysql_query("SELECT * FROM kShoutBox"); // Displays all of the available informations on the Table
$rows = mysql_numrows($q); // Gets the number of rows on the Table
$hr = $rows<1 ? null:'<hr>'; // Checks if the number of rows if it's empty
if($rows > 10) {
$page = 11;
$hr = "<a href=\"?page=$page\" style=\"color: blue; font-size: 11px\">next</a><hr>";
}
if(isset($_GET['page'])) { // Checks if the "page" is set
if($_GET['page'] === '1') {
jredirect($_SERVER['SCRIPT_NAME']);
}
if($_GET['page'] > 10) { // Checks if the "page" is more than 10
$page = $_GET['page'];
$pagenext = $page + 10;
$pageprev = $page - 10;
$q = mysql_query("SELECT * FROM kShoutBox ORDER BY pid DESC LIMIT $page,10");
$hr = "<a href=\"?page=$pageprev\" style=\"color: blue; font-size: 11px\">previous</a> <a href=\"?page=$pagenext\" style=\"color: blue; font-size: 11px\">next</a><hr>";
} // Generates the next page, previous page, etc...
if($_GET['page']+9 > $rows) {
$page = $_GET['page'];
$pageprev = $page - 10;
$q = mysql_query("SELECT * FROM kShoutBox ORDER BY pid DESC LIMIT $page,10");
$hr = "<a href=\"?page=$pageprev\" style=\"color: blue; font-size: 11px\">previous</a><hr>";
}
}else{ $q = mysql_query("SELECT * FROM kShoutBox ORDER BY pid DESC LIMIT 10"); } // Gets the post
$color_count=0; // Sets the alternate table color to "0"
while($data=mysql_fetch_assoc($q)) {
$color_count++; // Adds something
$color = ($color_count % 2) ? $color1:$color2; // Alternate table color
echo("<div style=\"background: $color;\" onmouseover=\"this.style.background='White';\" onmouseout=\"this.style.background='$color';\"><a href=\"?info=$data[nickname]\" style=\"font-weight: bold; color: black; text-decoration: none;\" target=\"_blank\">$data[nickname]:</a> $data[content]</div>"); // Outputs the posts
}
?>
<?=$hr;?>
<form name="kShoutBox" method="post" action="<?=$_SERVER['SCRIPT_NAME'];?>">
<table width="310px">
<tr>
<td>Nickname:</td>
<td><input id="nickname" type="text" name="nickname" size="15"></td>
</tr>
<tr>
<td>Website/Email:</td>
<td><input id="nickname_info" type="text" name="nickname_info" size="30" onmouseover="window.status='Please include \' http:// \'';" onmouseout="window.status='';"></td>
</tr>
<tr valign="middle">
<td>Message:</td>
<td><textarea id="content" name="content" rows="5" cols="25"></textarea></td>
</tr>
</table>
<table width="310px">
<tr align="center">
<td><input id="submit" type="submit" value="Shout"><br><a href="?uninstall" style="color: #EAEAEA; font-size: 10px;">Uninstall</a></td>
</tr>
</table>
<br>
<a href="http://www.karlo.ph.tc" style="color: gray; font-size: 10px; text-decoration: none;" target="_blank">Powered by kShoutBox <?=$ver;?><br>Created by Juan Karlo Aquino de Guzman</a>
</form>
</body>
</html>
<?php mysql_close(); // Closes MySQL ?>
<?php
/* ******************************
kShoutBox - Redirect
******************************
*/
function jredirect($url) {
die("<script language=\"javascript\" type=\"text/javascript\">window.location='$url';</script>");
}
?>
