dottorkame
17-06-2006, 17:41
Ciao ragazzi, mi sono fatto un semplice guestbook in php, il problema e' che ogni giorno ci trovo dentro un sacco di spam e devo sempre ripulire. Mi hanno detto che posso mettere anche dei controlli per evitarlo, qualcuno mi sa aiutare?
il codice e' questo:
<?php
// This program writes the data to a file called guestbook.data
// Create a blank file with this name, put it in the same directory as this script, and then set the file to user read/write and group read/write, you may also have to set it to other read/write depending upon your hosting situation.
// set error to false
$error = false;
// the sign guestbook function
function signGuestbook(){
// gain access to the global form variables
global $name,$comments;
// put a new guestbook entry together
// urlencode it for easy storage
$new_guestbook_entry = urlencode($name).",".urlencode($comments)."\n";
// write the new guestbook entry to
// the guestbook data file
$fp=fopen("guestbook.data",a) or exit;
fwrite($fp,$new_guestbook_entry);
fclose($fp);
// reset form variables
$name="";
$comments="";
}
// the read guestbook function
function readGuestbook(){
// read the guestbook data
$fp=fopen("guestbook.data",r) or exit;
$rawdata=fread($fp,filesize("guestbook.data"));
fclose($fp);
// if guestbook is empty
if($rawdata == ""){
echo "<p><font face=\"sans-serif\">My Guestbook is empty</font></p>";
return;
}
// put each guestbook entry into an array element
$each_line = explode("\n",$rawdata);
// sort from newest to oldest
// rsort($each_line);
// if guestbook is not empty
$entries = count($each_line)-1;
echo "<p><font face=\"sans-serif\">Ci sono <b>$entries</b> messaggi</font></p>";
// step through each guestbook entry
for ($key = 0; $key < count($each_line)-1; $key++){
// put each field in the current guestbook entry
// into a temporary array
$temp = explode(",",$each_line[$key]);
// put each guestbook field into the guestbook multi-array
$guestbook[$key]["name"] = $temp[0];
$guestbook[$key]["comments"] = $temp[1];
}
// display the guestbook
for($key = count($guestbook) - 1; $key >= 0; $key--){
echo "<p><font face=\"sans-serif\"><b>Nome:</b> ";
echo htmlspecialchars(urldecode($guestbook[$key]["name"]));
echo "</a><br><b>Messaggio:</b> ";
echo htmlspecialchars(urldecode($guestbook[$key]["comments"]));
echo "</font></p>";
}
}
// check for form values and sign guestbook if not empty
if ($sign_guestbook){
if($name != "" && $comments != ""){
signGuestbook();
}else{
$error = true;
}
}
?>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<title>The Wall - guestbook -</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body bgcolor="#000000" text="#CCCCCC">
<p><font face="sans-serif"><b>Lasciaci un messaggio</b></font></p>
<hr noshade size="1" color="#000000">
<?php if($error){ ?>
<p><font face="sans-serif" color="red">One or more fields have not been filled out, please fill them out before signing the guestbook.</font></p>
<?php } ?>
<form name=guestbook method="post" action="guestbook.php">
<div align="left">
<table width="520" border="0" cellpadding="5" cellspacing="0">
<!--DWLayoutTable-->
<tr>
<td width="80" align="left" valign="top"><font face="sans-serif">Nome:</font></td>
<td width="420" align="left" valign="top"><input type="text" name="name" size="70" value="<?php echo addslashes($name); ?>"></td>
</tr>
<tr>
<td height="61"> </td>
<td> </td>
</tr>
<tr>
<td rowspan="2" align="left" valign="top"><font face="sans-serif">Messaggio:</font></td>
<td height="112" align="left" valign="top"><textarea rows="5" name="comments" cols="61" wrap=virtual><?php echo htmlspecialchars($comments); ?></textarea></td>
</tr>
<tr>
<td height="43" align="left" valign="top"><input type="hidden" name="sign_guestbook" value="true">
<input type="submit" value="Submit"> <input type="reset" value="Reset"></td>
</tr>
</table>
</div>
</form>
<p> </p>
<p><b><font face="sans-serif" size="3">Leggi il nostro guestbook</font></b></p>
<hr noshade size="1" color="#000000">
<?php readGuestbook(); ?>
</body>
</html>
il codice e' questo:
<?php
// This program writes the data to a file called guestbook.data
// Create a blank file with this name, put it in the same directory as this script, and then set the file to user read/write and group read/write, you may also have to set it to other read/write depending upon your hosting situation.
// set error to false
$error = false;
// the sign guestbook function
function signGuestbook(){
// gain access to the global form variables
global $name,$comments;
// put a new guestbook entry together
// urlencode it for easy storage
$new_guestbook_entry = urlencode($name).",".urlencode($comments)."\n";
// write the new guestbook entry to
// the guestbook data file
$fp=fopen("guestbook.data",a) or exit;
fwrite($fp,$new_guestbook_entry);
fclose($fp);
// reset form variables
$name="";
$comments="";
}
// the read guestbook function
function readGuestbook(){
// read the guestbook data
$fp=fopen("guestbook.data",r) or exit;
$rawdata=fread($fp,filesize("guestbook.data"));
fclose($fp);
// if guestbook is empty
if($rawdata == ""){
echo "<p><font face=\"sans-serif\">My Guestbook is empty</font></p>";
return;
}
// put each guestbook entry into an array element
$each_line = explode("\n",$rawdata);
// sort from newest to oldest
// rsort($each_line);
// if guestbook is not empty
$entries = count($each_line)-1;
echo "<p><font face=\"sans-serif\">Ci sono <b>$entries</b> messaggi</font></p>";
// step through each guestbook entry
for ($key = 0; $key < count($each_line)-1; $key++){
// put each field in the current guestbook entry
// into a temporary array
$temp = explode(",",$each_line[$key]);
// put each guestbook field into the guestbook multi-array
$guestbook[$key]["name"] = $temp[0];
$guestbook[$key]["comments"] = $temp[1];
}
// display the guestbook
for($key = count($guestbook) - 1; $key >= 0; $key--){
echo "<p><font face=\"sans-serif\"><b>Nome:</b> ";
echo htmlspecialchars(urldecode($guestbook[$key]["name"]));
echo "</a><br><b>Messaggio:</b> ";
echo htmlspecialchars(urldecode($guestbook[$key]["comments"]));
echo "</font></p>";
}
}
// check for form values and sign guestbook if not empty
if ($sign_guestbook){
if($name != "" && $comments != ""){
signGuestbook();
}else{
$error = true;
}
}
?>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<title>The Wall - guestbook -</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body bgcolor="#000000" text="#CCCCCC">
<p><font face="sans-serif"><b>Lasciaci un messaggio</b></font></p>
<hr noshade size="1" color="#000000">
<?php if($error){ ?>
<p><font face="sans-serif" color="red">One or more fields have not been filled out, please fill them out before signing the guestbook.</font></p>
<?php } ?>
<form name=guestbook method="post" action="guestbook.php">
<div align="left">
<table width="520" border="0" cellpadding="5" cellspacing="0">
<!--DWLayoutTable-->
<tr>
<td width="80" align="left" valign="top"><font face="sans-serif">Nome:</font></td>
<td width="420" align="left" valign="top"><input type="text" name="name" size="70" value="<?php echo addslashes($name); ?>"></td>
</tr>
<tr>
<td height="61"> </td>
<td> </td>
</tr>
<tr>
<td rowspan="2" align="left" valign="top"><font face="sans-serif">Messaggio:</font></td>
<td height="112" align="left" valign="top"><textarea rows="5" name="comments" cols="61" wrap=virtual><?php echo htmlspecialchars($comments); ?></textarea></td>
</tr>
<tr>
<td height="43" align="left" valign="top"><input type="hidden" name="sign_guestbook" value="true">
<input type="submit" value="Submit"> <input type="reset" value="Reset"></td>
</tr>
</table>
</div>
</form>
<p> </p>
<p><b><font face="sans-serif" size="3">Leggi il nostro guestbook</font></b></p>
<hr noshade size="1" color="#000000">
<?php readGuestbook(); ?>
</body>
</html>