function guestbook_validate($entry)
{
global $MAX_NAME_LENGTH;
global $MAX_EMAIL_LENGTH;
global $MAX_URL_LENGTH;
global $MAX_COMMENTS_LENGTH;
global $MIN_COMMENTS_LENGTH;
global $NAME_FIELD_NAME;
global $EMAIL_FIELD_NAME;
global $URL_FIELD_NAME;
global $COMMENTS_FIELD_NAME;
global $ERROR_MSG_BAD_WORD;
global $dbs_error;
$dbs_error = "";
validate_notempty($entry, "name", $NAME_FIELD_NAME);
global $ENABLE_COMMENT_FIELD;
if ($ENABLE_COMMENT_FIELD === TRUE) {
if (validate_notempty($entry, "comments", $COMMENTS_FIELD_NAME)) {
validate_minlength($entry, "comments", $MIN_COMMENTS_LENGTH, $COMMENTS_FIELD_NAME);
}
} else {
if (isset($entry["comments"])) {
die("Comments field is disabled.");
}
}
validate_length($entry, "name", $MAX_NAME_LENGTH, $NAME_FIELD_NAME);
validate_notags($entry, "name", $NAME_FIELD_NAME);
validate_length($entry, "email", $MAX_EMAIL_LENGTH, $EMAIL_FIELD_NAME);
validate_email($entry, "email", $EMAIL_FIELD_NAME);
validate_length($entry, "url", $MAX_URL_LENGTH, $URL_FIELD_NAME);
validate_url($entry, "url", $URL_FIELD_NAME);
validate_length($entry, "comments", $MAX_COMMENTS_LENGTH, $COMMENTS_FIELD_NAME);
validate_notags($entry, "comments", $COMMENTS_FIELD_NAME);
validate_max_word_length($entry, "comments", $COMMENTS_FIELD_NAME);
if (isset($entry["name"]) && has_bad_word($entry["name"]) || isset($entry["comments"]) && has_bad_word($entry["comments"]) || isset($entry["url"]) && has_bad_word($entry["url"]) || isset($entry["email"]) && has_bad_word($entry["email"])) {
$dbs_error .= htmlspecialchars_default($ERROR_MSG_BAD_WORD) . '<br />';
}
global $PREVENT_URLS_IN_COMMENTS;
if ($PREVENT_URLS_IN_COMMENTS === TRUE && isset($entry["comments"]) && has_url($entry["comments"])) {
global $ERROR_MSG_URLS_NOT_ALLOWED;
$dbs_error .= htmlspecialchars_default($ERROR_MSG_URLS_NOT_ALLOWED) . '<br />';
}
// Challenge-response test
global $CHALLENGE_ENABLED;
if ($CHALLENGE_ENABLED === TRUE) {
// Check entered value
global $CHALLENGE_FIELD_PARAM_NAME;
$entered_challenge_value = $entry[$CHALLENGE_FIELD_PARAM_NAME];
if (!isChallengeAccepted($entered_challenge_value)) {
// Android!
global $ERROR_MSG_BAD_CHALLENGE_STRING;
$dbs_error .= htmlspecialchars_default($ERROR_MSG_BAD_CHALLENGE_STRING) . '<br />';
}
}
// Time delay test
global $MIN_POST_DELAY;
global $MAX_POST_DELAY;
global $ERROR_MSG_MIN_DELAY_STRING;
global $ERROR_MSG_MAX_DELAY_STRING;
@session_start();
if (!isset($_SESSION['dbs_req_time'])) {
$dbs_error .= htmlspecialchars_default($ERROR_MSG_MAX_DELAY_STRING) . '<br />';
} else {
$delay = time() - $_SESSION['dbs_req_time'];
if ($delay < $MIN_POST_DELAY) {
$dbs_error .= htmlspecialchars_default($ERROR_MSG_MIN_DELAY_STRING) . '<br />';
} else {
if ($delay > $MAX_POST_DELAY) {
$dbs_error .= htmlspecialchars_default($ERROR_MSG_MAX_DELAY_STRING) . '<br />';
}
}
}
return empty($dbs_error);
}
*/
//Includes config file
include "includes/config.inc.php";
$CHALLENGE_FIELD_PARAM_NAME = "challenge_string";
//Includes config file
include "includes/challenge.php";
//Includes global class file
include DIR_CLASSES . "/clsGlobal.php";
//Creates object for global class file
$hldGlobal = new clsGlobal($hdlDb);
if ($_POST["Submit"] == "Contact Us") {
$intSuccess = 0;
if (trim($_POST["name"]) == "" || trim($_POST["email"]) == "" || trim($_POST["briefmessage"] == "" || trim($_POST['challenge_string']) == "")) {
$intSuccess = 1;
} else {
if (isChallengeAccepted($_POST['challenge_string']) === FALSE) {
$intSuccess = 3;
} else {
$sqlContact = "INSERT INTO tblContact(id,name,email,briefmessage) VALUES('','" . addslashes(trim($_POST["name"])) . "','" . addslashes(trim($_POST["email"])) . "','" . addslashes(trim($_POST["briefmessage"])) . "')";
mysql_query($sqlContact) or die(mysql_error());
$intSuccess = 2;
header("Location:contactus.php?succ=2");
}
}
}
//Creates the object for sigma template.
$hdlTpl =& new HTML_Template_Sigma(DIR_TEMPLATE, DIR_TEMPLATE . "/prepared");
//Loads index template file
$hdlTpl->loadTemplateFile("contactus.htm", TRUE, TRUE);
$strHeader = $hldGlobal->fnGetHeader();
//Fetches header template
