[code=sql] CREATE TABLE `messages` ( `message_id` int(10) NOT NULL auto_increment, `name` varchar(50) NOT NULL, `email` varchar(50) default NULL, `message` longtext NOT NULL, `posted` datetime default NULL, PRIMARY KEY (`message_id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; [code=php] '', 'background_color' => '', 'font_face' => 'verdana', 'font_color' => '', 'font_size' => '', 'link_color' => '', 'hover_link_color' => '', 'visited_link_color' => '', 'active_link_color' => '', 'title_font_color' => '', 'title_font_face' => '', 'title_font_size' => '', 'add_font_face' => 'verdana', 'add_font_size' => '', 'add_font_color' => '', 'cell_background_color1' => '', 'cell_background_color2' => '', 'cell_background_color3' => '', 'cell_background_color4' => '', 'border_size' => '', 'border_color' => '', 'table_spacing' => '', 'table_width' => '', 'messages_per_page' => 10); /** * Database connection * * @var Object */ private $db; /** * The last stored message id * * @var unknown_type */ public $message_id; /** * The message * * @var String */ public $message; /** * The email * * @var string */ public $email; /** * The poster's name * * @var string */ public $name; /** * Stores the last error message * * @var String */ public $error; /** * Constructor, Set the database connection and set the class variables to an empty string * * @param Object $db */ public function __construct($db) { $this->db = $db; $this->message_id = ''; $this->message = ''; $this->email = ''; $this->name = ''; $this->error = ''; } /** * Set the message * * @param unknown_type $message */ public function setMessage($message) { $this->message = $message; } /** * Set an email address * * @param String $email */ public function setEmail($email) { $this->email = $email; } /** * Set the poster's name * * @param String $name */ public function setName($name) { $this->name = $name; } /** * Get the stored message * * @return String */ public function getMessage() { if (isset($this->message)) { return $this->message; } } /** * Get the stored email address * * @return String */ public function getEmail() { if (isset($this->email)) { return $this->email; } } /** * Get the stored poster's name * * @return String */ public function getName() { if (isset($this->name)) { return $this->name; } } /** * Return a setting * If you want return all settings you need $setting = all * * @author Marten van Urk .: ComSi :. m.van.urk@comsi.nl .: www.comsi.nl :. * @param $setting The desired setting | $setting = all for the complete array */ public function getSetting($setting) { if ($setting == 'all') { return $this->settings; } else { if (array_key_exists($setting)) { return $this->settings[$setting]; } else { return false; } } } /** * Set a setting * * @author Marten van Urk .: ComSi :. m.van.urk@comsi.nl .: www.comsi.nl :. * @param String $setting The setting key * @param String $value The new value * @return Boolean True when succesfull, False when failed */ public function setSetting($setting, $value) { if (array_key_exists($setting)) { $this->settings[$setting] = $value; return true; } else { return false; } } /** * Add message in the guestbook. Message, Name and email should be filled * * @author Marten van Urk .: ComSi :. m.van.urk@comsi.nl .: www.comsi.nl :. * @param String $message * @param String $name * @param String $email * @return Boolean True when successfully inserted the message in the database otherwise false */ public function addMessage() { if ($this->checkEmail($this->email) === true) { if (strlen($this->message) != 0) { if (strlen($this->name) != 0) { /** * Filter the user-supplied text from (bad) html code */ $this->message = htmlspecialchars($this->message, ENT_QUOTES); $this->email = htmlspecialchars($this->email, ENT_QUOTES); $this->name = htmlspecialchars($this->name, ENT_QUOTES); $sQuery = "INSERT INTO messages (name, email, message, posted) VALEUS ('" .$this->name. "', '" .$this->email. "', '" .$this->message. "', NOW())"; /** * Try to execute the query. When a error occurs the error message will be stored in $this->error */ try { $this->db->query($sQuery); return true; } catch (PDOException $e) { $this->error = 'Can\'t insert the message:' . $e->getMessage(); return false; } return true; } else { return false; } } else { return false; } } else { return false; } } /** * Check a email address * * @author Marten van Urk .: ComSi :. m.van.urk@comsi.nl .: www.comsi.nl :. * @param String $email * @return Boolean True when the email is correct otherwise false */ private function checkEmail($email) { if(!eregi("^[a-z0-9_-]+@[a-z0-9._-]+\.[a-z]{2,4}$", $email)) { return false; } else { return true; } } /** * Moderate a message. * * @author Marten van Urk .: ComSi :. m.van.urk@comsi.nl .: www.comsi.nl :. * @return Boolean True when the message is moderated succesfully, false when the message can't be moderated. */ public function modMessage() { if (is_int($this->message_id)) { $sQuery = "UPDATE messages SET message = '" .htmlspecialchars($this->message, ENT_QUOTES). "', name = '" .htmlspecialchars($this->name, ENT_QUOTES). "', email = '" .htmlspecialchars($this->email, ENT_QUOTES). "' WHERE message_id = " . $this->message_id; /** * Try to execute the query. When a error occurs, the error message will be stored in $this->error */ try { $rResult = $this->db->query($sQuery); return true; } catch(PDOException $e) { $this->error = 'Can\'t update the message:' . $e->getMessage(); return false; } } else { $this->error = 'Can\'t update the message: Message_id is not set or not set properly'; return false; } } /** * Delete a message * * @author Marten van Urk .: ComSi :. m.van.urk@comsi.nl .: www.comsi.nl :. * @return Boolean True when the message is succesfull deleted, false when an error occurs. */ public function delMessage() { if (is_int($this->message_id)) { $sQuery = "DELETE FROM messages WHERE message_id = " . $this->message_id; try { $rResult = $this->db->query($sQuery); return true; } catch (PDOException $e) { $this->error = 'Can\'t delete the message: ' . $e->getMessage(); return false; } } else { $this->error = 'Can\'t delete the message: Message_id is not set or not set properly'; return false; } } } ?>