<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <?// including header here: #ppcinclude "header.ppc" // checking password if admin is entering: bool isadmin=false;// this variable will show us if admin is browsing now. if(ppc.op=="admin" || cookie.ppc_guestbook_admin=="yes"){ isadmin=true;// yes, this is a real administrator! If he will pass an "exit(0)"... string password=ppc.read_file("password.cgi"); if(cookie.ppc_guestbook_password != password){ if(ppc.password!=password){// nor cookie, neither request variable... // let's check if it is a real admin: ?><center>password:<br><form action='<?=ppc.__FILE__?>?op=admin' method=post> <input name=password type=password><br><input type=submit value=Enter> </form> <?}else{/*oh, he is!*/ cookie.set("ppc_guestbook_password="+ppc.password); cookie.set("ppc_guestbook_admin=yes"); ?><script>window.location.replace('<?=ppc.__FILE__?>');</script> <a href='<?=ppc.__FILE__?>'>Logged in! Click here if your browser does not redirect.</a> </body></html><?} exit(0);} } if(ppc.op=="logout"){// logging out? Clearing all cookies and redirecting back: cookie.set("ppc_guestbook_password="); cookie.set("ppc_guestbook_admin="); ?><script>window.location.replace('<?=ppc.__FILE__?>');</script> <a href='<?=ppc.__FILE__?>'>Logged out! Click here if your browser does not redirect.</a><?exit(0); } ?> <?if(isadmin){?><a href='<?=ppc.__FILE__?>?op=logout'>Don't forget to log out!</a> <?}else{?> <a href='<?=ppc.__FILE__?>?op=admin'>Admin</a> <?}?> <?openTableA()?> <?/*guest input form*/?> <form method=POST name=uform action='<?=ppc.__FILE__?>?op=add<?/*add - command for adding user's entry*/?>' > <table width='100%' border=0> <tr><td align=right>name:</td> <td><input class=entry name=uname value='<?=ppc.uname?>'></td></tr> <tr><td align=right>e-mail:</td> <td><input class=entry name=uemail value='<?=ppc.uemail?>'></td></tr> <tr><td> </td> <td><textarea class=entry name=uinput cols=50 rows=10><?=ppc.uinput?></textarea></td></tr> <tr><td align=right><input class=entry type=submit value=send></td> <td><input class=entry type=reset> </td></tr> </form></table> <?closeTable()?> <?if(ppc.op=="add"){ // adding users entry to "dat" directory // as a separate file "<num>.html" if(ppc.uinput!="" && ppc.uname!=""&&ppc.uemail!=""){//we cannot add an empty entry #include <time.h> time_t t; time(&t); string uinput="", aa=ppc.uinput; // unescaping tags and new lines: for(int i=0;i<aa.length();++i) if(aa[i]=='\n')uinput+="<br>"; else if(aa[i]=='<')uinput+="<"; else if(aa[i]=='>')uinput+=">"; else uinput+=aa[i]; string tosave="<table border=0 width='88%' cellspacing=0>"; tosave += "<tr><td class=isoth width='30%' align=right>name:</td><td class=entryH width='70%'>"+ppc.uname+"</td></tr>"; tosave += "<tr><td class=isoth width='30%' align=right>e-mail:</td><td class=entryH width='70%'>"+ppc.uemail+"</td></tr>"; tosave += "<tr><td class=issmall >"+string(ctime(&t))+"<br>"+ string(getenv("REMOTE_ADDR"))+"</td><td class=entryA >"+uinput+"</td></tr></table>"; ppc.save_file(datname(numfs), tosave); numfs++; }else{?> <script>alert("Please fill ALL fields!")</script> <?} }?> <center> <?// how many entries will be shown on one page? const int SHOW_COUNT=10?> <?// position of showing, which maybe was sent via query string: int showx = ppc.int(ppc.showx); // it wasn't sent? Showing the last 'SHOW_COUNT' entries: if(ppc.showx=="")showx=numfs-SHOW_COUNT; // we cannot sow negative entries if(showx<0)showx=0;?> <?if(numfs>SHOW_COUNT){?> <span class=isexe> * <?if( showx+SHOW_COUNT < numfs ){?> <a href="<?=ppc.__FILE__?>?showx=<?=showx+SHOW_COUNT?>">prev <b><?=SHOW_COUNT?></b></a> <?}else{?> <a href="<?=ppc.__FILE__?>?showx=0">go to end</a> <?}?> * <?if(showx){?> <a href="<?=ppc.__FILE__?>?showx=<?=showx-SHOW_COUNT?>">next <b><?=SHOW_COUNT?></b></a> <?}else{?> <a href="<?=ppc.__FILE__?>?showx=<?=numfs-SHOW_COUNT?>">go to start</a> <?}?> * </span><br> <?}?> <?// changing entry if requested: if(ppc.op=="answer"){ ?><script>alert(<? if(ppc.save_file(answname(ppc.int(ppc.entryn)), ppc.answer)){?>"Answer <?=ppc.entryn?> was changed succesfully!"<?} else {?>"Could not save answer <?=ppc.entryn?>..."<?} ?>);</script><? }?> <?// printing files from "dat" directory(from "<numfs>.html" till "0.html"): bool taba=false; if(numfs){// we have some entries to show: for(int i=numfs-1;i>=0;--i){ if(i >= showx && i < showx+SHOW_COUNT ){// from 'showx' and 'SHOW_COUNT' after: //differ entries colors: if(taba=!taba)openTableD(80);else openTableC(80)?><center> <?/*outputing entry:*/?> <span class=entryH><?=i?></span> <?=ppc.read_file(datname(i)); ?><span class=answer><? if(isadmin){?><form action='<?=ppc.__FILE__?>?op=answer&entryn=<?=i?>' method=post> <textarea name=answer cols="50" rows="10" class=entry><?} if(ppc.read_file(answname(i))!=""){/*does an answer to this entry exist?*/ cout << ppc.read_file(answname(i)); } if(isadmin){?></textarea><br> <input type=submit value='change answer to entry <?=i?>' class=entry></form> <?}?> </span></center><?closeTable(); } } }?> </center> <?// including footer here: #ppcinclude "footer.ppc" ?> </html> |