Имеется скрипт гостевой книжки, состоящий из файлов index.php(сам скрипт) data.txt(здесь все записи хранятся), russian.inc.php(перевод), ну и картинок пару...
Вот index.php
Код:
<?php
# Конфигурация
session_start();
$gb_name = "Black Parrot's guest book"; // Название
$gb_data = "data.txt"; // Файл куда будут сбрасываться коментарии, chmod ему: 666
$gb_psswd = "pass"; // Пароль админа
$gb_mail = "mymail@mydomain.org"; // Мыло
include("russian.inc.php"); // Путь к файлу с переводом
$gb_flthtml = true; // HTML фильтр (recomended: true)
$gb_url2lnk = true; // Превращать урлы на странице, в ссылки
$gb_smiley = false; // Смайлики (не работает)
$gb_fltbdwrd = false; // Плохие слова
$gb_privmsg = true; // PM
$gb_fltspam = false; // Спам фильтр
$gb_msgpg = 5; // Сообщений на странице
$gb_lngwrd = 35; // Максимальная длинна слова
$gb_lngmsg = 2500; // Максимальная длинна сообщения
# Не трогайте, сломается
############################################################
# Функции
function flt_tags ($text, $html){
if ($html) {$text = strip_tags($text);}
$text = ereg_replace("\|", "", $text);
$text = ereg_replace("\r", "", $text);
$text = ereg_replace("\n", "
", $text);
$text = stripslashes($text);
$text = trim($text);
return $text;
}
function flt_bdwrd ($text, $badwords){
foreach ($badwords as $badword){
$text = str_replace ($badword, "***", $text);}
return $text;
}
function flt_smiley ($text){
$text = ereg_replace(" :)", " <img src=\"images/sm01.gif\" width=\"15\" height=\"15\" alt=\":)\" border=\"0\">", $text);
$text = ereg_replace(" :D", " <img src=\"images/sm02.gif\" width=\"15\" height=\"15\" alt=\":D\" border=\"0\">", $text);
$text = ereg_replace(" 8)", " <img src=\"images/sm03.gif\" width=\"15\" height=\"15\" alt=\"8)\" border=\"0\">", $text);
$text = ereg_replace(" ;)", " <img src=\"images/sm04.gif\" width=\"15\" height=\"15\" alt=\";)\" border=\"0\">", $text);
$text = ereg_replace(" :P", " <img src=\"images/sm05.gif\" width=\"15\" height=\"15\" alt=\":P\" border=\"0\">", $text);
$text = ereg_replace(" :o", " <img src=\"images/sm06.gif\" width=\"15\" height=\"15\" alt=\":o\" border=\"0\">", $text);
$text = ereg_replace(" >:\(", " <img src=\"images/sm08.gif\" width=\"15\" height=\"15\" alt=\">:(\" border=\"0\">", $text);
$text = ereg_replace(" :\(", " <img src=\"images/sm07.gif\" width=\"15\" height=\"15\" alt=\":(\" border=\"0\">", $text);
return $text;
}
function test_lngwrd ($text, $lng){
$test = explode(" ", $text);
foreach ($test as $word){
if (strlen($word) > $lng){$tmp = true;}}
if ($tmp){return $tmp;}
}
function test_lngmsg ($text, $lng){
if (strlen($text) > $lng){$tmp = true;}
if ($tmp){return $tmp;}
}
function test_email($email){
if (eregi("^([a-z]|[0-9]|\.|-|_)+@([a-z]|[0-9]|\.|-|_)+\.([a-z]|[0-9]){2,3}$", $email, $arr_vars) &&
!eregi("(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)", $email, $arr_vars)){
return true;}
else {return false;}
}
############################################################
# Главный код
if($msgnew){
if ($spam && $gb_fltspam){$msg_txt = $lgerr[4]; $msg_cap = $lgerr[0]; $id="message";} else {
if($name & $message){
$name = flt_tags ($name,1);
$email = flt_tags ($email,1);
$page = flt_tags ($page,1);
$message = flt_tags ($message,$gb_flthtml);
$index = date("YmdHis",time());
$day = date("d.m.Y",time());
$time = date("H:i",time());
if (test_lngwrd($message,$gb_lngwrd)){$msg_txt = $lgerr[1]; $msg_cap = $lgerr[0]; $id="message";}
elseif (test_lngmsg($message,$gb_lngmsg)){$msg_txt = $lgerr[2]; $msg_cap = $lgerr[0]; $id="message";}
elseif ($private) {
$mail_msg =
"---------------------------------------------------------------\n".
"The folowning information was submitted on\n".
"$day $time\n".
"---------------------------------------------------------------\n".
"Имя: $name\n".
"E-Mail: $email\n".
"Сайт: $page\n".
"Сообщение: $message.\n".
"---------------------------------------------------------------\n".
"Хост: $REMOTE_HOST \n".
"IP: $REMOTE_ADDR \n".
"Агент: $HTTP_USER_AGENT \n".
"---------------------------------------------------------------\n";
mail($gb_mail, "Приватное сообщение", $mail_msg, "От: $name <$email>");
$msg_txt = $lgpri[1]; $msg_cap = $lgpri[0]; $id="message";
session_register("spam");
$spam = true;
}
else {
$data = fopen($gb_data, "a");
fwrite($data, "$index|$day|$time|$REMOTE_ADDR|$HTTP_USER_AGENT|$name|$email|$page|$message|||\r\n");
fclose($data);
session_register("spam");
$spam = true;
}
}
else{$msg_txt = $lgerr[3]; $msg_cap = $lgerr[0]; $id = "message";}
}
}
if($logon){
if ($password == $gb_psswd){
session_register("psswd");
$psswd = $password;
}
else {$msg_txt = $lgerr[5]; $msg_cap = $lgerr[0]; $id="message";}
}
if($msgdelete || $msgdelete == "0" ){
if ($psswd == $gb_psswd){
$data = file($gb_data);
rsort ($data);
unset($data[$msgdelete]);
$fp = fopen($gb_data,"w");
foreach ($data as $row){fputs($fp, $row);}
fclose($fp);
}
else{$msg_txt = $lgerr[6]; $msg_cap = $lgerr[0]; $id="message";}
}
if($msgedit || $msgedit == "0" ){
if ($psswd == $gb_psswd){
$id = "edit";
}
else{$msg_txt = $lgerr[7]; $msg_cap = $lgerr[0]; $id="message";}
}
if($msgreplace){
if ($psswd == $gb_psswd){
$data = file($gb_data);
rsort ($data);
$message = flt_tags ($message,$gb_flthtml);
$comment = flt_tags ($comment,0);
$data[$num] = "$index|$day|$time|$ip|$browser|$name|$email|$page|$message|$comment|0\r\n";
$fp = fopen($gb_data,"w");
foreach ($data as $row){fputs($fp, $row);}
fclose($fp);
}
else{$msg_txt = $lgerr[6]; $msg_cap = $lgerr[0]; $id="message";}
}
############################################################
# HTML код
?>
<html>
<head>
<title><?php print("$gb_name $lgtxt[0]");?></title>
<?php print("$metatag");?>
<style type="text/css">
<!--
a { text-decoration: none}
.fontnorm { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px}
.fontmini { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px}
-->
</style>
<SCRIPT language="JavaScript" type="text/javascript">
<!--
function setsmiley(which){
document.newmessage.message.value = document.newmessage.message.value + which;
}
//-->
</SCRIPT>
</head>
<body bgcolor="#FFFFFF" text="#000000" link="#333333" vlink="#333333" alink="#333333" background="fon-line.gif">
<table width="500" border="0" cellspacing="0" cellpadding="2" align="center">
<tr><td bgcolor="#333333">
<table width="100%" border="0" cellspacing="1" cellpadding="1" bgcolor="#FFFFFF">
<tr>
<td bgcolor="#EEEEEE" background="bg1.gif"><font face=Tahoma
color=#ffcc00><font size="2">Гостевая</font></font></td>
</tr><tr>
<td bgcolor="#DDDDDD" class="fontmini" background="bg.gif">»
<a href="<?php print("$PHP_SELF");?>">
<?php print("$lgtxt[1]");?>
</a> | <a href="<?php print("$PHP_SELF?id=new");?>">
<?php print("$lgtxt[2]");?>
</a> </td>
</tr></table>
</td></tr>
</table>
<table width="500" border="0" cellspacing="1" cellpadding="0" align="center">
<tr><td class="fontmini"><?php
$data = file($gb_data);
$maxmsg = count($data);
print ("$lgtxt[6]: $maxmsg");
?></td><td align="right" class="fontmini">
<?php
rsort ($data);
If(!$pg){$pg=0;}
If($pg==0){print("<font color=\"#000000\">« $lgtxt[4]</font>");}
else{$tmp = $pg -1; print("<a href=\"$PHP_SELF?pg=$tmp\">« $lgtxt[4]</a>");}
$tmp = $pg * $gb_msgpg + $gb_msgpg; print(" | ");
if ($maxmsg > $tmp){$tmp = $pg + 1; print ("<a href=\"$PHP_SELF?pg=$tmp\">$lgtxt[5] »</a>");}
else {print("<font color=\"#000000\">$lgtxt[5] »</font>");}
?>
</td></tr>
</table>
<table width="500" border="0" cellspacing="0" cellpadding="2" align="center">
<tr><td bgcolor="#333333">
<?php
############################################################
# Ошибка
if ($id=="message"){?>
<table width="100%" border="0" cellspacing="1" cellpadding="1" bgcolor="#FFFFFF">
<tr>
<td bgcolor="#DDDDDD" colspan="2" align="center" class="fontnorm" background="bg1.gif">
<?php print($msg_cap);?>
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" colspan="2" align="center" class="fontnorm" background="bg.gif">
<?php print($msg_txt);?>
</p></td></tr>
</table>
<?php }
############################################################
# Админ
elseif ($id=="admin"){?>
<table width="100%" border="0" cellspacing="1" cellpadding="1" bgcolor="#FFFFFF">
<tr>
<td bgcolor="#DDDDDD" colspan="2" align="center" class="fontnorm" background="bg1.gif">
<font color=#ffcc00><?php print($lgtxt[20]);?></font>
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" colspan="2" align="center" class="fontnorm" background="bg.gif">
<?php print($lgtxt[21]);?>
<form method="post" action="<?php print $PHP_SELF ?>">
<input type="text" name="password">
<input type="submit" name="logon" value="<?php print($lgtxt[22]);?>">
</form>
</p></td></tr>
</table>
<?php }
############################################################
# Редактирование записи
elseif ($id=="edit"){
$data = file($gb_data);
rsort ($data);
$info = explode("|",$data[$msgedit]);
?>
<table width="100%" border="0" cellspacing="1" cellpadding="1" bgcolor="#FFFFFF">
<form method="post" action="<?php print $PHP_SELF ?>">
<tr>
<td bgcolor="#DDDDDD" colspan="2" align="center" class="fontnorm" background="bg1.gif">
<font color=#ffcc00>
<?php print("$lgtxt[29]");?>
</font> </td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[25]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="day" size="40" value="<?php print("$info[1]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[26]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="time" size="40" value="<?php print("$info[2]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[27]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="ip" size="40" value="<?php print("$info[3]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[28]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="browser" size="40" value="<?php print("$info[4]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[8]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="name" size="40" value="<?php print("$info[5]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[9]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="email" size="40" value="<?php print("$info[6]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[10]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="page" size="40" value="<?php print("$info[7]"); ?>">
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[11]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<textarea name="message" cols="40" rows="5"><?php print("$info[8]"); ?></textarea>
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[30]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<textarea name="comment" cols="40" rows="5"><?php print("$info[9]"); ?></textarea>
</td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" background="bg.gif">
<input type="hidden" name="index" value="<?php print("$info[0]"); ?>">
<input type="hidden" name="num" value="<?php print("$msgedit"); ?>">
</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="submit" name="msgreplace" value="<?php print("$lgtxt[14]");?>">
</td>
</tr>
</form>
</table>
<?php }
############################################################
# Добавление записи
elseif ($id=="new"){?>
<table width="100%" border="0" cellspacing="1" cellpadding="1" bgcolor="#FFFFFF">
<form name="newmessage" method="post" action="<?php print $PHP_SELF ?>">
<tr background="bg1.gif" bgcolor="#333333">
<td colspan="2" align="center" class="fontnorm"> <font color=#ffcc00>
<?php print("$lgtxt[7]");?>
</font> </td>
</tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[8]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="name" maxlength="30" size="40"></td></tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[9]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="email" maxlength="40" size="40"></td></tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[10]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="text" name="page" maxlength="40" value="http://" size="40"></td></tr>
<tr>
<td bgcolor="#EEEEEE" width="130" align="right" class="fontnorm" background="bg.gif">
<?php print("$lgtxt[11]");?>
:</td>
<td bgcolor="#EEEEEE" width="363" class="fontnorm" background="bg.gif">
<textarea name="message" cols="40" rows="5"></textarea>
<?php if ($gb_privmsg){?>
<input type="checkbox" name="private" value="true"> <?php print("$lgtxt[12]");?><?php }?></td></tr>
<?php if ($gb_smiley){?>
<tr>
<td bgcolor="#EEEEEE" width="130" background="bg.gif"></td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif"> [img]images/sm01.gif[/img]
[img]images/sm02.gif[/img]
[img]images/sm03.gif[/img]
[img]images/sm04.gif[/img]
[img]images/sm05.gif[/img]
[img]images/sm06.gif[/img]
[img]images/sm07.gif[/img]
[img]images/sm08.gif[/img]:(" border="0">
</td>
</tr>
<?php }?>
<tr>
<td bgcolor="#EEEEEE" width="130" background="bg.gif"></td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif">
<input type="reset" name="reset" value="<?php print("$lgtxt[13]");?>">
<input type="submit" name="msgnew" value="<?php print("$lgtxt[14]");?>">
</td></tr>
</form>
</table>
<?php }
############################################################
# Показываем гесту
else {?>
<table width="100%" border="0" cellspacing="1" cellpadding="1" bgcolor="#FFFFFF">
<tr>
<td bgcolor="#DDDDDD" width="130" align="center" class="fontnorm" background="bg1.gif">
<font color="#ffcc00">
<?php print("$lgtxt[8]");?>
:</font></td> <td bgcolor="#DDDDDD" width="363" align="center" class="fontnorm" background="bg1.gif">
<font color="#ffcc00">
<?php print("$lgtxt[11]");?>
:</font></td>
</tr>
<?php
$frstmsg = $pg * $gb_msgpg;
$lastmsg = $pg * $gb_msgpg + $gb_msgpg;
if ($lastmsg > $maxmsg){$lastmsg=$maxmsg;}
for ($u=$frstmsg; $u<$lastmsg; $u++)
{
$entry = explode("|",$data[$u]);
if ($gb_flthtml) {$entry[8] = strip_tags($entry[8]);}
if ($gb_fltbdwrd) {$entry[8] = flt_bdwrd($entry[8],$lgbdwrd);}
if ($gb_url2lnk) {$entry[8] = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]", "<a href=\"\\0\" target=\"_blank\">\\0</a>", $entry[8]);}
if ($gb_smiley){$entry[8] = flt_smiley ($entry[8]);}
?>
<tr>
<td bgcolor="#EEEEEE" width="130" align="center" class="fontnorm" background="bg.gif">
<?php print("$entry[5]");?>
[img]images/g_ip.gif[/img]">
[img]images/g_br.gif[/img]">
<?php if ($entry[6]){?>
">[img]images/g_em.gif[/img]" border="0">
<?php }
else {?>
[img]images/g_em.gif[/img]" border="0">
<?php }
if ($entry[7] and $entry[7] != "http://"){?>
" target="_blank">[img]images/g_hm.gif[/img]" border="0">
<?php }
else {?>
[img]images/g_hm.gif[/img]" border="0">
<?php }
?>
</p>
</td>
<td bgcolor="#EEEEEE" width="363" background="bg.gif"> <span class="fontmini">
<?php print("$lgtxt[16] $entry[1] $entry[2]"); if ($psswd == $gb_psswd){?>
[ <a href="<?php print("$PHP_SELF?msgdelete=$u"); ?>">
<?php print("$lgtxt[23]"); ?>
</a> | <a href="<?php print("$PHP_SELF?msgedit=$u"); ?>">
<?php print("$lgtxt[24]"); ?>
</a> ]
<?php }?>
</span>
<hr noshade size="1">
<span class="fontnorm">
<?php print("$entry[8]"); if($entry[9]){ print("
- $entry[9]</p>");}?>
</span> </td>
</tr>
<?php }?>
</table>
<?php }
############################################################
?>
</td></tr>
</table>
<table width="500" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td class="fontmini" width="50%">© Dr@gon</td>
<td class="fontmini" width="50%" align="right">
<?php If ($gb_flthtml) print($lgtxt[51]); else print($lgtxt[50]); ?>
</td>
</tr>
</table>
</body>
</html>
Вопрос что нужно набрать в браузере, чтобы войти под админом????
Вот, что я нашёл, что как-то связано с логированием:
$gb_psswd = "pass"; // Пароль админа
-----------
}
if($logon){
if ($password == $gb_psswd){
session_register("psswd");
$psswd = $password;
}
else {$msg_txt = $lgerr[5]; $msg_cap = $lgerr[0]; $id="message";}
}