Sign the Guestbook
If you are actually a human and want to leave a comment on the guestbook, please send the site admin an email explaining who you are and that you have been incorrectly banned from the guestbook and the ban should be lifted within 48 hours.
"); appendLog('Banned IP accessed page'); exit(); } $doAction = $_REQUEST['do']; if($doAction == "add") { // Check if user is human // If hidden inputs are filled, ban IP address if((!empty($_POST["name"])) || (!empty($_POST["url"])) || (!empty($_POST["comments"]))) { echo("
I think you're a spambot!
If you are actually a human and want to leave a comment on the guestbook, please send the site admin an email explaining who you are and that you have been incorrectly banned from the guestbook and the ban should be lifted within 48 hours.
"); banIP(); appendLog('IP banned for filling in hidden input boxes'); exit(); } // Strip slashes if magic quotes is enabled if(get_magic_quotes_gpc()) $_POST = array_map('stripslashes', $_POST); // Retrieve data from HTML form $addName = $_POST["pz5k"]; $addLocation = $_POST["ya94"]; $addEmail = strtolower($_POST["h9ar"]); $addComments = $_POST["j3tr"]; $addIsPrivate = (isset($_POST["r2w3"]) ? 1 : 0); $addIP = getIP(); $pwCheck = trim(strtolower($_POST["woi8"])); // Check input for errors $errCode = GBERR_NONE; // Blank input check if(($addName == "") || ($addComments == "")) $errCode = ($errCode | GBERR_MISSING_DATA); // Valid email check if((strlen($addEmail) > 0) && (isValidEmail($addEmail) == false)) $errCode = ($errCode | GBERR_INVALID_EMAIL); // Presence of URLs in comments check if(hasURL(strtolower($addComments)) == true) { $errCode = ($errCode | GBERR_URL_PRESENT); appendLog('Tried to enter URL' . "\r\nMessage:\r\n\"" . $addComments . "\"\r\n"); } // Password check if($pwCheck != "ohio") { $errCode = ($errCode | GBERR_CHECK_FAILED); if($pwCheck != '') appendLog('Incorrect password input: ' . "\"" . $pwCheck . "\""); } if($errCode != GBERR_NONE) getData($addName, $addLocation, $addEmail, $addComments, $addIsPrivate, 'There was a problem with your input
Please see the warnings in red below', $errCode); else { // Input new entry into database // Connect to MySQL server $dbWedding = @mysql_connect("localhost", "manmaru_wedbook", "guestbook"); if(!$dbWedding) { echo("
MySQL unavailable.
Please try again in a little bit.
If problem persists, please report this error to the site admin.
");
exit();
}
// Open database
if(!@mysql_select_db("manmaru_wedding")) {
echo("Please try again in a little bit.
If problem persists, please report this error to the site admin.
Unable to connect to the wedding database.
Please try again in a few minutes.
If problem persists, please report this error to the site administrator.
");
mysql_close($dbWedding);
exit();
}
// Escape textual database input
$addName = addslashes($addName);
$addLocation = addslashes($addLocation);
$addEmail = addslashes($addEmail);
$addIP = addslashes($addIP);
$addComments = addslashes($addComments);
// Make query
$addTimestamp = time() + 3600;
$sqlQuery = "INSERT INTO guestbook SET " .
"timestamp=$addTimestamp, " .
"name='$addName', " .
"location='$addLocation', " .
"email='$addEmail', " .
"ip='$addIP', " .
"private=$addIsPrivate, " .
"message='$addComments'";
$datResult = mysql_query($sqlQuery);
if(!$datResult) {
echo('Database query errorPlease try again in a few minutes.
If problem persists, please report this error to the site administrator.
Please try again in a few minutes.
If problem persists, please report this error to the site administrator.'); mysql_close($dbWedding); exit(); } // Send confirmation mail to admin mail('admin@mariten.com', 'New Guestbook entry from ' . $addName, "A new guestbook entry has been added.\n\nhttp://wedding.mariten.com/guestbook.html", 'From: wedding.mariten.com
Your message has been added!
\n\n"); mysql_close($dbWedding); } } else { getData(); } ?>