Gastenboek (smilies, HTML-filter, geen admin)
Auteur: JoWannes - 18 augustus 2007 - 11:57 - Gekeurd door: Abbas - Hits: 4232 - Aantal punten: 4.50 (2 stemmen)
Een simpel gastenboek, met smilies, een HTML-filter, maar geen admin.
Dit gastenboek is een aangepaste versie van het "Gastenboek(met smilies)(zonder admin)" dat je in deze rubriek kan vinden. Credits to J.Z.N./WebPaulsky dan ook.
De aanpassingen zijn:
* HTML-filter
* 'enters' zijn mogelijk
* berichten kunnen langer zijn (255 tekens, (acces) database aanpassing)
* volledig gecentreerde opmaak
Het HTML-filter houdt HTML en JavaScript scriptjes tegen, en vergroot daardoor de veiligheid. En simpel javascriptje als <scr!pt>alert("Boe!")</scr!pt> laat dus al geen popup meer zien. ;)
(Het voorbeeld is op mijn echte, gebruikte site; dus graag geen reacties over dit gastenboek in mijn gastenboek!
)
Geen voorbeeld meer vanwege de onzinnige reacties in m'n gastenboek, hoewel ik explicitiet vraag om dit niet te doen!
:(
Download de zip, dan heb je ineens de database en de smilies! ;)
Link:
klik!
Code:
Sla op als index.asp:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<%
function addSmileys(strBericht)
strBericht = replace(strBericht, ":buig", "<img src=""images/worshippy.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":P", "<img src=""images/tongue.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":)", "<img src=""images/smile1.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":nerd", "<img src=""images/nerd.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":mond", "<img src=""images/mond.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":@", "<img src=""images/mad.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":lijst", "<img src=""images/lijstje.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":king", "<img src=""images/koning.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ";)", "<img src=""images/knipoog.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":heilig", "<img src=""images/hypo.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":evil", "<img src=""images/evil.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":cry", "<img src=""images/cry.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":8", "<img src=""images/cool.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":cheer", "<img src=""images/cheer.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":#", "<img src=""images/bloos.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":bigg", "<img src=""images/biggrin.gif"">", 1, -1, 1)
strBericht = replace(strBericht, ":bier", "<img src=""images/bier.gif"">", 1, -1, 1)
addSmileys = strBericht
end function
function addHtml(strBericht)
strBericht = replace(strBericht, "<", "<", 1, -1, 1)
strBericht = replace(strBericht, ">", ">", 1, -1, 1)
strBericht = replace(strBericht, Chr(13) & Chr(10), "<br />", 1, -1, 1)
strBericht = replace(strBericht, Chr(10), "<br />", 1, -1, 1)
addHtml = strBericht
end function
%>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Gastenboek - Berichten bekijken</title>
<style type="text/css">
* {text-align:center;}
</style>
</head>
<body>
<h1>Gastenboek</h1>
<form>
<div>
<table width="100%">
<tr>
<td width="100%">
<div style="text-align:center"><a href="index.asp">Gastenboek Home</a> - <a href="schrijven.asp">Bericht Schrijven</a> - <a href="mailto:***@***.be">Contact</a></div></td></tr>
</table>
<table width="60%" align="center">
<tr>
<td width="100%" valign="top" height="150"><%
'Variabelen toekennen
Dim adoCon 'Dit doet de Connectie met de Database
Dim rsGuestbook 'Dit doet de records uit de database halen
Dim strSQL 'En dit doet hoe je de recrods uit de database wilt halen
'Hier maken we een ADO connection odject
Set adoCon = Server.CreateObject("ADODB.Connection")
'Nou, hier zetten we een DSN-less connectie op met de pad van de database
adoCon.ConnectionString="PROVIDER=Microsoft.Jet.OLEDB.4.0;DATA SOURCE="&Server.MapPath("gastenboek.mdb") &";Persist Security Info=False"
adoCon.Open
'Set an active connection to the Connection object using DSN connection
'adoCon.Open "DSN=guestbook"
'Recordset openen
Set rsGuestbook = Server.CreateObject("ADODB.Recordset")
'De variablelen van de SQL openen. En de tabbelen uit de database
strSQL = "SELECT gastenboek.naam, gastenboek.email, gastenboek.bericht FROM gastenboek;"
'Alle troep openen
rsGuestbook.Open strSQL, adoCon
'En steeds overnieuw beginnen
Do While not rsGuestbook.EOF
'En dan alles opschrijven op de HTML pagina
Response.Write ("<br>")
Response.Write (addHtml(rsGuestbook("Naam")))
Response.Write ("<br>")
Response.Write (addHtml(rsGuestbook("Email")))
Response.Write ("<br>")
Response.Write (addSmileys(addHtml(rsGuestbook("Bericht"))))
Response.Write ("<hr>")
'En ga naar de volgende record
rsGuestbook.MoveNext
Loop
'En alle troep sluiten
'Reset server objects
rsGuestbook.Close
Set rsGuestbook = Nothing
Set adoCon = Nothing
%></td></tr>
</table>
</div>
</form>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<%
function addSmileys( strBericht)
strBericht = replace ( strBericht, ":buig" , "<img src=" "images/worshippy.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":P" , "<img src=" "images/tongue.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":)" , "<img src=" "images/smile1.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":nerd" , "<img src=" "images/nerd.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":mond" , "<img src=" "images/mond.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":@" , "<img src=" "images/mad.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":lijst" , "<img src=" "images/lijstje.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":king" , "<img src=" "images/koning.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ";)" , "<img src=" "images/knipoog.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":heilig" , "<img src=" "images/hypo.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":evil" , "<img src=" "images/evil.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":cry" , "<img src=" "images/cry.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":8" , "<img src=" "images/cool.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":cheer" , "<img src=" "images/cheer.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":#" , "<img src=" "images/bloos.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":bigg" , "<img src=" "images/biggrin.gif" ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ":bier" , "<img src=" "images/bier.gif" ">" , 1 , -1 , 1 )
addSmileys = strBericht
end function
function addHtml( strBericht)
strBericht = replace ( strBericht, "<" , "<" , 1 , -1 , 1 )
strBericht = replace ( strBericht, ">" , ">" , 1 , -1 , 1 )
strBericht = replace ( strBericht, Chr( 13 ) & Chr( 10 ) , "<br />" , 1 , -1 , 1 )
strBericht = replace ( strBericht, Chr( 10 ) , "<br />" , 1 , -1 , 1 )
addHtml = strBericht
end function
%>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Gastenboek - Berichten bekijken</title>
<style type="text/css">
* {text-align:center;}
</style>
</head>
<body>
<h1>Gastenboek</h1>
<form>
<div>
<table width="100%">
<tr>
<td width="100%">
<div style="text-align:center"><a href="index.asp">Gastenboek Home</a> - <a href="schrijven.asp">Bericht Schrijven</a> - <a href="mailto:***@***.be">Contact</a></div></td></tr>
</table>
<table width="60%" align="center">
<tr>
<td width="100%" valign="top" height="150"><%
'Variabelen toekennen
Dim adoCon 'Dit doet de Connectie met de Database
Dim rsGuestbook 'Dit doet de records uit de database halen
Dim strSQL 'En dit doet hoe je de recrods uit de database wilt halen
'Hier maken we een ADO connection odject
Set adoCon = Server .CreateObject ( "ADODB.Connection" )
'Nou, hier zetten we een DSN-less connectie op met de pad van de database
adoCon.ConnectionString = "PROVIDER=Microsoft.Jet.OLEDB.4.0;DATA SOURCE=" & Server.MapPath ( "gastenboek.mdb" ) & ";Persist Security Info=False"
adoCon.Open
'Set an active connection to the Connection object using DSN connection
'adoCon.Open "DSN=guestbook"
'Recordset openen
Set rsGuestbook = Server .CreateObject ( "ADODB.Recordset" )
'De variablelen van de SQL openen. En de tabbelen uit de database
strSQL = "SELECT gastenboek.naam, gastenboek.email, gastenboek.bericht FROM gastenboek;"
'Alle troep openen
rsGuestbook.Open strSQL, adoCon
'En steeds overnieuw beginnen
Do While not rsGuestbook.EOF
'En dan alles opschrijven op de HTML pagina
Response .Write ( "<br>" )
Response .Write ( addHtml( rsGuestbook( "Naam" ) ) )
Response .Write ( "<br>" )
Response .Write ( addHtml( rsGuestbook( "Email" ) ) )
Response .Write ( "<br>" )
Response .Write ( addSmileys( addHtml( rsGuestbook( "Bericht" ) ) ) )
Response .Write ( "<hr>" )
'En ga naar de volgende record
rsGuestbook.MoveNext
Loop
'En alle troep sluiten
'Reset server objects
rsGuestbook.Close
Set rsGuestbook = Nothing
Set adoCon = Nothing
%> </td></tr>
</table>
</div>
</form>
</body>
</html>
Sla op als schrijven.asp:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Gastenboek - Bericht schrijven</title>
</head>
<body>
<h1>Gastenboek</h1>
<form action="defSchrijven.asp" name="Forumulier1" id="Forumulier1" method="post">
<div align="center">
<table width="400">
<tr><td width="400" height="42" style="text-align:center"><a href="index.asp">Gastenboek Home</a> - <a href="schrijven.asp">Bericht
Schrijven</a> - <a href="mailto:***@***.be">Contact</a></td></tr>
</table>
<table border="0" style="text-align:left">
<tr>
<td>Naam*:</td>
<td><input name="Naam" type="text" id="Naam" size="40" /></td>
</tr>
<tr>
<td>E-mail*:</td>
<td><input name="E-mail" type="text" id="E-mail" size="40" /></td>
</tr>
<tr>
<td>Bericht:</td>
<td>
<textarea name="textarea" cols="50" rows="7"></textarea></td>
</tr>
<tr>
<td colspan="2" style="text-align:center">
<input name="Wis invoer" type="reset" id="Wis invoer" value="Wis invoer" />
<input name="Verstuur" type="submit" id="Verstuur" value="Verstuur" />
</td>
</tr>
</table>
</div>
<p style="text-align:center">Velden met een * erachter zijn verplicht!</p>
<div align="center">
<table width="288" border="0">
<tr>
<th colspan="4" scope="col">Smilies:</th>
</tr>
<tr>
<td width="75">:buig</td>
<td width="60"><img src="images/worshippy.gif" alt=":buig" /></td>
<td width="75">:heilig</td>
<td width="60"><img src="images/hypo.gif" alt=":heilig" /></td>
</tr>
<tr>
<td>:p</td>
<td><img src="images/tongue.gif" alt=":P" /></td>
<td>:evil</td>
<td><img src="images/evil.gif" alt=":evil" /></td>
</tr>
<tr>
<td>:)</td>
<td><img src="images/smile1.gif" alt=":)" /></td>
<td>:cry</td>
<td><img src="images/cry.gif" alt=":cry" /></td>
</tr>
<tr>
<td>;)</td>
<td><img src="images/knipoog.gif" alt=";)" /></td>
<td>:8</td>
<td><img src="images/cool.gif" alt=":8" /></td>
</tr>
<tr>
<td>:nerd</td>
<td><img src="images/nerd.gif" alt=":nerd" /></td>
<td>:cheer</td>
<td><img src="images/cheer.gif" alt=":cheer" /></td>
</tr>
<tr>
<td>:mond</td>
<td><img src="images/mond.gif" alt=":mond" /></td>
<td>:#</td>
<td><img src="images/bloos.gif" alt=":#" /></td>
</tr>
<tr>
<td>:@</td>
<td><img src="images/mad.gif" alt=":@" /></td>
<td>:bigg</td>
<td><img src="images/biggrin.gif" alt=":bigg" /></td>
</tr>
<tr>
<td>:lijst</td>
<td><img src="images/lijstje.gif" alt=":lijst" /></td>
<td>:bier</td>
<td><img src="images/bier.gif" alt=":bier" /></td>
</tr>
<tr>
<td>:king</td>
<td><img src="images/koning.gif" alt=":king" /></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td colspan="4"> </td>
</tr>
<tr>
<td colspan="4">Type de code om de smily in te voeren!</td>
</tr>
</table>
</div>
</form>
</body>
</html>
<! DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
< html xmlns= "http://www.w3.org/1999/xhtml" >
< head>
< meta http-equiv= "Content-Type" content= "text/html; charset=utf-8" />
< title> Gastenboek - Bericht schrijven</ title>
</ head>
< body>
< h1> Gastenboek</ h1>
< form action= "defSchrijven.asp" name= "Forumulier1" id= "Forumulier1" method= "post" >
< div align= "center" >
< table width= "400" >
< tr>< td width= "400" height= "42" style= "text-align:center" >< a href= "index.asp" > Gastenboek Home</ a> - < a href= "schrijven.asp" > Bericht
Schrijven</ a> - < a href= "mailto:***@***.be" > Contact</ a></ td></ tr>
</ table>
< table border= "0" style= "text-align:left" >
< tr>
< td> Naam*:</ td>
< td>< input name= "Naam" type= "text" id= "Naam" size= "40" /></ td>
</ tr>
< tr>
< td> E-mail*:</ td>
< td>< input name= "E-mail" type= "text" id= "E-mail" size= "40" /></ td>
</ tr>
< tr>
< td> Bericht:</ td>
< td>
< textarea name= "textarea" cols= "50" rows= "7" ></ textarea></ td>
</ tr>
< tr>
< td colspan= "2" style= "text-align:center" >
< input name= "Wis invoer" type= "reset" id= "Wis invoer" value= "Wis invoer" />
< input name= "Verstuur" type= "submit" id= "Verstuur" value= "Verstuur" />
</ td>
</ tr>
</ table>
</ div>
< p style= "text-align:center" > Velden met een * erachter zijn verplicht!</ p>
< div align= "center" >
< table width= "288" border= "0" >
< tr>
< th colspan= "4" scope= "col" > Smilies:</ th>
</ tr>
< tr>
< td width= "75" >: buig</ td>
< td width= "60" >< img src= "images/worshippy.gif" alt= ":buig" /></ td>
< td width= "75" >: heilig</ td>
< td width= "60" >< img src= "images/hypo.gif" alt= ":heilig" /></ td>
</ tr>
< tr>
< td>: p</ td>
< td>< img src= "images/tongue.gif" alt= ":P" /></ td>
< td>: evil</ td>
< td>< img src= "images/evil.gif" alt= ":evil" /></ td>
</ tr>
< tr>
< td>: ) </ td>
< td>< img src= "images/smile1.gif" alt= ":)" /></ td>
< td>: cry</ td>
< td>< img src= "images/cry.gif" alt= ":cry" /></ td>
</ tr>
< tr>
< td>; ) </ td>
< td>< img src= "images/knipoog.gif" alt= ";)" /></ td>
< td>: 8 </ td>
< td>< img src= "images/cool.gif" alt= ":8" /></ td>
</ tr>
< tr>
< td>: nerd</ td>
< td>< img src= "images/nerd.gif" alt= ":nerd" /></ td>
< td>: cheer</ td>
< td>< img src= "images/cheer.gif" alt= ":cheer" /></ td>
</ tr>
< tr>
< td>: mond</ td>
< td>< img src= "images/mond.gif" alt= ":mond" /></ td>
< td>: #</ td>
< td>< img src= "images/bloos.gif" alt= ":#" /></ td>
</ tr>
< tr>
< td>:@</ td>
< td>< img src= "images/mad.gif" alt= ":@" /></ td>
< td>: bigg</ td>
< td>< img src= "images/biggrin.gif" alt= ":bigg" /></ td>
</ tr>
< tr>
< td>: lijst</ td>
< td>< img src= "images/lijstje.gif" alt= ":lijst" /></ td>
< td>: bier</ td>
< td>< img src= "images/bier.gif" alt= ":bier" /></ td>
</ tr>
< tr>
< td>: king</ td>
< td>< img src= "images/koning.gif" alt= ":king" /></ td>
< td>& nbsp;</ td>
< td>& nbsp;</ td>
</ tr>
< tr>
< td colspan= "4" >& nbsp;</ td>
</ tr>
< tr>
< td colspan= "4" > Type de code om de smily in te voeren!</ td>
</ tr>
</ table>
</ div>
</ form>
</ body>
</ html>
Sla op als defschrijven.asp:
<title>defSchrijven</title><%
'Dimension variables
Dim adoCon 'Holds the Database Connection Object
Dim rsAddComments 'Holds the recordset for the new record to be added to the database
Dim strSQL 'Holds the SQL query for the database
'Create an ADO connection odject
Set adoCon = Server.CreateObject("ADODB.Connection")
'Set an active connection to the Connection object using a DSN-less connection
adoCon.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("gastenboek.mdb")
'Set an active connection to the Connection object using DSN connection
'adoCon.Open "DSN=guestbook"
'Create an ADO recordset object
Set rsAddComments = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT gastenboek.naam, gastenboek.email, gastenboek.bericht FROM gastenboek;"
'Set the cursor type we are using so we can navigate through the recordset
rsAddComments.CursorType = 2
'Set the lock type so that the record is locked by ADO when it is updated
rsAddComments.LockType = 3
'Open the tblComments table using the SQL query held in the strSQL varaiable
rsAddComments.Open strSQL, adoCon
'Tell the recordset we are adding a new record to it
rsAddComments.AddNew
'Add a new record to the recordset
rsAddComments.Fields("naam") = Request.Form("Naam")
rsAddComments.Fields("email") = Request.Form("E-mail")
rsAddComments.Fields("bericht") = Request.Form("textarea")
'Write the updated recordset to the database
rsAddComments.Update
'Reset server objects
rsAddComments.Close
Set rsAddComments = Nothing
Set adoCon = Nothing
'Redirect to the guestbook.asp page
Response.Redirect "index.asp"
%>
<title>defSchrijven</title><%
'Dimension variables
Dim adoCon 'Holds the Database Connection Object
Dim rsAddComments 'Holds the recordset for the new record to be added to the database
Dim strSQL 'Holds the SQL query for the database
'Create an ADO connection odject
Set adoCon = Server .CreateObject ( "ADODB.Connection" )
'Set an active connection to the Connection object using a DSN-less connection
adoCon.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server .MapPath ( "gastenboek.mdb" )
'Set an active connection to the Connection object using DSN connection
'adoCon.Open "DSN=guestbook"
'Create an ADO recordset object
Set rsAddComments = Server .CreateObject ( "ADODB.Recordset" )
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT gastenboek.naam, gastenboek.email, gastenboek.bericht FROM gastenboek;"
'Set the cursor type we are using so we can navigate through the recordset
rsAddComments.CursorType = 2
'Set the lock type so that the record is locked by ADO when it is updated
rsAddComments.LockType = 3
'Open the tblComments table using the SQL query held in the strSQL varaiable
rsAddComments.Open strSQL, adoCon
'Tell the recordset we are adding a new record to it
rsAddComments.AddNew
'Add a new record to the recordset
rsAddComments.Fields ( "naam" ) = Request .Form ( "Naam" )
rsAddComments.Fields ( "email" ) = Request .Form ( "E-mail" )
rsAddComments.Fields ( "bericht" ) = Request .Form ( "textarea" )
'Write the updated recordset to the database
rsAddComments.Update
'Reset server objects
rsAddComments.Close
Set rsAddComments = Nothing
Set adoCon = Nothing
'Redirect to the guestbook.asp page
Response .Redirect "index.asp"
%>
Download code (.txt)
Stemmen
Niet ingelogd.