/**
* clean_encode_message
*
* clean message or potentially dangerous (X)HTML and encode UBB to XHTML
*
* @author DigiOz Guestbook, Scott Trevithick
* @copyright DigiOz.com, 2009.
* @param string $yourmessage The string to reformat
* @return string $yourmessage The reformatted string
**/
function clean_encode_message($yourmessage)
{
require_once 'class.UBBCodeN.php';
$myUBB = new UBBCodeN();
$yourmessage = $myUBB->encode($yourmessage);
// $yourmessage = str_replace('"','"', $yourmessage);
$yourmessage = entify_nonprinting_chars($yourmessage);
return $yourmessage;
}
// Log visitor IP Number and IP Address if option is set by guestbook administrator ---------------
if ($gbIPLogKey == 1) {
$message_ip_log = $_SERVER['REMOTE_ADDR'];
$message_ip_address_log = gethostbyaddr($_SERVER['REMOTE_ADDR']);
$message_time_log = $date;
add_to_post_log($yourname, $message_ip_log, $message_ip_address_log, $message_time_log);
}
// Notify administrator of new email if option is selected ----------------------------------------
if ($notify_admin == 1) {
mail("{$notify_admin_email}", "{$notify_subject}", "{$notify_message}");
}
// Make user input safe, insert emoticons, and encode UBB code -------------------------------------
$yourname = clean_encode_message(stripslashes($yourname));
$youremail = stripslashes($youremail);
$yourmessage = smiley_face($yourmessage);
$myUBB = new UBBCodeN();
$yourmessage = $myUBB->encode($yourmessage);
$yourmessage = stripcslashes($yourmessage);
// Call for filtering bad words -------------------------------------------------------------------
if ($gbBadWordsKey == 1) {
$yourmessage = swap_bad_words($yourmessage);
}
// Write the verified guestbook entry to file ----------------------------------------------------
$gbXML = new gbXML('messages', 'message', 'data/data.xml');
$id = $gbXML->get_max_value_for_tag('id');
++$id;
$tmpArray = array('id' => $id, 'date' => $date, 'name' => $yourname, 'email' => $youremail, 'msg' => $yourmessage);
if ($gbXML->append_record_to_file($tmpArray) === TRUE) {
// Give Confirmation that the Guestbook Entry was written ----------------------------------------
echo "<p>{$result1}</p>";
echo "<p>{$date}</p>";
HTML;
include '../includes/admin_footer.php';
exit;
}
//go to the guestbook and get the ID requested to edit
if (!($recordArray = $mygbXML->get_record_from_file($_GET['id']))) {
echo <<<HTML
<p class="error">An unknown error occured. The record could not be read from the data file.</p>
<p><a href="javascript: history.go(-1);">Go Back</a></p>
HTML;
include '../includes/admin_footer.php';
exit;
} else {
//get a UBBClass object to decode values
$myUBB = new UBBCodeN();
//decode the HTML to UBB and assign the variables to populate our template included below:
$id_value = $_GET['id'];
$your_name_value = stripslashes($myUBB->decode($recordArray['name']));
$your_email_value = stripslashes($myUBB->decode($recordArray['email']));
$your_message_value = stripslashes(swap_image($myUBB->decode($recordArray['msg'])));
//set the form that will process our submission
$form_processor = 'edit_process.php';
//set the path to the javascript file that the guestbook form uses
$guestbook_entry_javascript = '../includes/guestbook_entry.js';
}
echo "<center>";
//include the main editing interface:
$inside_admin_area = "1";
include '../includes/guestbook_new_entry_page_template.php';
echo "</center>";
