From d32f9aeafd556085c2e47a4b626091fa5be0b96c Mon Sep 17 00:00:00 2001
From: Frankie B <floppydisk05@aol.com>
Date: Sun, 2 Oct 2022 17:10:23 +0000
Subject: Add guestbook

---
 guestbook/submit.php | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100755 guestbook/submit.php

(limited to 'guestbook/submit.php')

diff --git a/guestbook/submit.php b/guestbook/submit.php
new file mode 100755
index 0000000..9187223
--- /dev/null
+++ b/guestbook/submit.php
@@ -0,0 +1,60 @@
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+	<!-- Global -->
+	<?php require('../inc/head.html'); ?>
+
+	<!-- Page-specific -->
+	<title>Bookmarks</title>
+	<!--<link rel="shortcut icon" href="../res/img/icons/ico/calc.ico" type="image/x-icon">-->
+	<!--<meta property="og:image" content="/res/img/icons/png/computer.png">-->
+</head>
+<body>
+<div class="page">  
+<?php require('../inc/nav.php') ?>
+
+<div id="pagebody">
+	<div id="content">
+		<?php
+		ini_set('display_errors', 1);
+		ini_set('display_startup_errors', 1);
+		error_reporting(E_ALL);
+		// Open the DB
+		if ($_POST['name'] === "" || $_POST['message'] === "") {
+		    echo '<b>You must provide both a name and message!</b>';
+		} else {
+		    $db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db");
+		    $name = $_POST["name"];
+		    $msg = strip_tags($_POST["message"]);
+		    $showinfo = isset($_POST["showinfo"]) ? true : false;
+		    $showip = isset($_POST["showip"]) ? true : false;
+		    $ip = $_SERVER['REMOTE_ADDR'];
+		    $browser = get_browser(null, true);
+		    $sys = $browser['parent'] . ' (' . $browser['platform_description'] . ' ' . $browser['platform_version'] . ')';
+		
+		    $data = array('name' => $name, 'message' => $msg, 'show_info' => $showinfo, 'show_ip' => $showip, 'ip' => $ip, 'submitted' => time(), 'sys' => $sys);
+		
+		    $insert = "INSERT INTO Entries (name, message, show_info, show_ip, ip, submitted, browser_info) VALUES (:name, :message, :show_info, :show_ip, :ip, :submitted, :browser)";
+		    $stmt = $db->prepare($insert);
+		    $stmt->bindParam(':name', $data['name'], PDO::PARAM_STR);
+		    $stmt->bindParam(':message', $data['message'], PDO::PARAM_STR);
+		    $stmt->bindParam(':show_info', $data['show_info'], PDO::PARAM_STR);
+		    $stmt->bindParam(':show_ip', $data['show_ip'], PDO::PARAM_STR);
+		    $stmt->bindParam(':ip', $data['ip'], PDO::PARAM_STR);
+		    $stmt->bindParam(':submitted', $data['submitted'], PDO::PARAM_STR);
+		    $stmt->bindParam(':browser', $data['sys'], PDO::PARAM_STR);
+		    $stmt->execute();
+			echo '<b>Success!</b>';
+		}
+		?><br><br>
+		<a href="./">Back</a>
+	</div> <!-- content -->
+
+	<div id="footer" class="pagefooter">
+		<!-- Created <span class="date">Sat 26 Mar 2011 03:11:41 PM CET</span> -->
+	</div> <!-- footer -->
+</div> <!-- pagebody -->
+</div> <!-- page -->
+</body>
+</html>
-- 
cgit v1.2.3-54-g00ecf