Habs ohne weiteres im 1.06 zum laufen gebracht.
Kleine Ergänzungen falls jemand braucht:
1. Spammer posten gerne URL's. Wenn man das deaktiviert bekommt man gleich viel weniger Spams.- media/content/guestbook.php
Suche nach:
//-> check values if (strlen($gb_text)< GUESTBOOK_TEXT_MIN_LENGTH
) { $error = true; $error_text .= ERROR_GUESTBOOK_TEXT
. '<br>'; } Füge danach ein:
if(strpos($gb_text, "http://") !== false || preg_match("/(http|https|ftp|ftps)\:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,3}(\/\S*)?/", $gb_text) || preg_match("/(www.)[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,3}(\/\S*)?/", $gb_text) || preg_match("/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,3}(\/\S*)?/", $gb_text)){ $error_text .= ERROR_GUESTBOOK_HTTP
."<br>"; } - lang/german/german.php und lang/english/english.php
ergänzen
define('ERROR_GUESTBOOK_HTTP', 'Bitte keine URLs posten.'); define('ERROR_GUESTBOOK_HTTP', 'URLs are not allowed.'); Texte nach belieben änderbar.
2. Beiträge erst deaktiviert lassenHierzu in der MySQL in der Tabelle "guestbook" den Default Wert von "entry_status" auf 0 setzen.
oder:
- guestbook.sql
Suche nach:
entry_status int(1) default '1',
ersetze durch:
entry_status int(1) default '0',
3. IP-Adresse mitspeichern (für z.b. htaccess block)In der MySQL Datenbank die Tabelle "guestbook" mit einem Feld "ip" erweitern, varchar(50)
oder:
- guestbook.sql
Suche nach:
CREATE TABLE guestbook
( entry_id int
(11) NOT
NULL auto_increment
, visitors_name varchar
(64) NOT
NULL default '', visitors_email varchar
(96) default '', entry_rating int
(1) default NULL, entry_status int
(1) default '1', date_added datetime
default NULL, last_modified datetime
default NULL, entry_read int
(5) NOT
NULL default '0', PRIMARY
KEY (entry_id
)) TYPE
=MyISAM
;Ersetze durch:
CREATE TABLE guestbook
( entry_id int
(11) NOT
NULL auto_increment
, visitors_name varchar
(64) NOT
NULL default '', visitors_email varchar
(96) default '', entry_rating int
(1) default NULL, entry_status int
(1) default '1', date_added datetime
default NULL, last_modified datetime
default NULL, entry_read int
(5) NOT
NULL default '0', ip int
(5) varchar
(50) default '', PRIMARY
KEY (entry_id
)) TYPE
=MyISAM
;- media/content/guestbook.php
Suche nach:
if (!isset($_SESSION['customer_id'])) { $gb_name = xtc_db_prepare_input
($_POST['gb_name']); if (strlen($gb_name) < GUESTBOOK_NAME_MIN_LENGTH
){ $error = true; $error_text .= ERROR_GUESTBOOK_NAME
. '<br>'; }//-> if (strlen($gb_name) < GUESTBOOK_NAME_MIN_LENGTH){ $gb_email = xtc_db_prepare_input
($_POST['gb_email']); if (empty($gb_email) || (!xtc_validate_email
($gb_email))) { $error = true; $error_text .= ERROR_GUESTBOOK_MAIL
. '<br>'; }//->if (empty($gb_email)) }else{ //-> if (!isset($_SESSION['customer_id']) $gb_name = $_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_last_name']; $gb_email = get_customer_mail
((int
)($_SESSION['customer_id'])); }//->else if (!isset($_SESSION['customer_id']) Danach einfügen:
$userip = xtc_db_prepare_input($_SERVER['REMOTE_ADDR']);
Suche nach:
xtc_db_query("insert into " . TABLE_GUESTBOOK . " (visitors_name, visitors_email, date_added) values ('" . xtc_db_input($gb_name) . "', '" . xtc_db_input($gb_email) . "', now())");
Ersetze mit:
xtc_db_query("insert into " . TABLE_GUESTBOOK . " (visitors_name, visitors_email, date_added, ip) values ('" . xtc_db_input($gb_name) . "', '" . xtc_db_input($gb_email) . "', now(), '".$userip."')");
