$error = '';
$kkode = false;
if (@$_POST['keykodes'] != @$_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {
$error .= '<li>Key Kode salah</li>';
$kkode = true;
}
if (empty($_POST['nama'])) {
$error .= '<li>Silahkan Isi Nama nya</li>';
}
if (empty($_POST['yousay'])) {
$error .= '<li>Silahkan Isi Pesan nya</li>';
}
if (cek_posted('shoutbox')) {
$error .= '<li>Anda Sudah Memposting, Tunggu beberapa Menit Lagi</li>';
}
if (!empty($_POST['nama']) && !empty($_POST['yousay']) && preg_match('/^[._a-z0-9-]+[._a-z0-9- ]+$/i', $_POST['nama']) && $kkode == false && !cek_posted('shoutbox')) {
global $koneksi_db, $maxadmindata;
$ip_adr = cleartext(@$_SERVER["HTTP_X_FORWARDED_FOR"]);
if (@$_SERVER["HTTP_X_FORWARDED_FOR"] == '') {
$ip_adr = @$_SERVER["REMOTE_ADDR"];
}
$agent_Usr = cleartext(@$_SERVER["HTTP_USER_AGENT"]);
$ket = "{$ip_adr}|{$agent_Usr}";
$DatE = tanggal_simpan_shoutbox();
$name = cleantext($_POST['nama']);
$email = cleantext($_POST['email']);
$yousay = cleantext($_POST['yousay']);
$tglnow = date("Y-m-d");
$tgl = !isset($tgl) ? $tglnow : $tgl;
$valid_mail = "^([._a-z0-9-]+[._a-z0-9-]*)@(([a-z0-9-]+\\.)*([a-z0-9-]+)(\\.[a-z]{2,3}))\$";
if (!preg_match($valid_mail, $email)) {
$email = text_filter($_POST['email']);
$website = text_filter($_POST['website']);
$testimonial = nl2br(text_filter($_POST['testimonial'], 2));
$error = '';
$gfx_check = $_POST['gfx_check'];
if (!$website) {
$error .= "Error: Please enter your website!<br />";
}
if (!$testimonial) {
$error .= "Error: Please enter a testimonial!<br />";
}
// $code = substr(hexdec(md5("".date("F j")."".$_POST['random_num']."".$sitekey."")), 2, 6);
if ($gfx_check != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {
$error .= "Security Code Invalid <br />";
}
if (cek_posted('contact')) {
$error .= 'Anda Telah Memposting Testimonial, Tunggu beberapa Saat';
}
if ($error) {
$tengah .= '<div class="error">' . $error . '</div>';
} else {
$query = mysql_query("INSERT INTO testimonial (nama,email,testimonial,website,tgl) VALUES ('{$nama}','{$email}','{$testimonial}','{$website}','{$tgl}')");
$tengah .= '<div class="sukses">Terima Kasih, Testimoni Anda sudah terkirim!</div>';
unset($nama);
unset($email);
unset($testimonial);
unset($website);
}
}
#######################
# ADD TESTIMONI
$judul = $_POST['judul'];
$konten = $_POST['konten'];
$code = $_POST['codex'];
$error = '';
$open['error'] = false;
$open['errorpesan'] = '';
if (!eregi ("^[a-z0-9]+[._a-z0-9 ]+$",$user)) {$error .= "Error: Please enter your name!<br />";}
if (!is_valid_email($email)) {$error .= "Please use the standard format (admin@domain.com)<br />";}
if (empty($judul)) {$error .= "Please Enter Your Comment Title<br />";}
if (empty($konten)) {$error .= "Please Enter Your Comment<br />";}
if ($code != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {$error .= "Security Code Invalid <br />";}
if (cek_posted('komentar_add.php')){
$error .= 'Anda Telah Memposting Data.. Tunggu Beberapa Saat Lagi';
}
if ($error != ''){
$open['error'] = true;
$open['errorpesan'] = $error;
}else {
$konten = substr($konten,0,500);
$konten = wraptext($konten);
$judul = wraptext($judul);
// File untuk memproses dan menampilkan hasil jejak pendapat
// *********************************************************
if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
header("HTTP/1.1 404 Not Found");
exit;
}
//$index_hal = 1;
$pid = int_filter(@$_POST['pid']);
$pilihan = int_filter(@$_POST['pilihan']);
$cetak['tengah'] = '<h4 class="bg">Jajak Pendapat</h4>';
$sekarang_timeout = time();
$vote_lebih2x = false;
if (isset($_POST['submit'])) {
//setcookie("COOKIE_VOTE", "vote", time()+3600);
$query1 = "SELECT * FROM polling WHERE pid='{$pid}'";
if (cek_posted('polling_result.php')) {
$vote_lebih2x = true;
} else {
posted('polling_result.php');
//---- baca data polling
$hasil = mysql_query($query1);
$data = mysql_fetch_array($hasil);
$PJAWABAN_TMP = explode("#", $data["pjawaban"]);
$jmljwb = count($PJAWABAN_TMP);
$PJAWABAN_TMP[$pilihan]++;
$PJAWABAN = '';
for ($i = 0; $i < $jmljwb; $i++) {
$PJAWABAN .= $PJAWABAN_TMP[$i] . "#";
}
$PJAWABAN = substr_replace($PJAWABAN, "", -1, 1);
//-----------------------------------------------
if (empty($nama) or !eregi("^[a-z0-9]+[._a-z0-9 ]+\$", $nama)) {
$error .= "Error: Please enter your name!<br />";
}
if (!is_valid_email($email)) {
$error .= "Please use the standard format (admin@domain.com)<br />";
}
if (empty($alamat)) {
$error .= "Error: Please enter your Address!<br />";
}
if (empty($komentar)) {
$error .= "Error: Please enter a message!<br />";
}
if ($gfx_check != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) {
$error .= "Security Code Invalid <br />";
}
if (cek_posted('guestbook')) {
$error .= 'Anda Telah Memposting, Tunggu beberapa Saat';
}
if ($error != '') {
$open['pesanError'] = $error;
$open['error'] = true;
} else {
$getconfig = mysql_query("SELECT * FROM `bukutamu_config` WHERE `id` = '1'");
$dataconfig = mysql_fetch_assoc($getconfig);
$gbconfig = unserialize($dataconfig['config']);
$maxChar = empty($gbconfig['char']) ? 500 : $gbconfig['char'];
$komentar = substr($komentar, 0, $maxChar);
$sekarang = date("d-M-Y");
$perintah1 = "INSERT INTO bukutamu (sekarang, nama, email, homepage, alamat, komentar) VALUES ('{$sekarang}', '{$nama}', '{$email}', '{$homepage}', '{$alamat}', '{$komentar}')";
$hasil = mysql_query($perintah1);
if ($hasil) {
