Hi, I've got a small scipt I usually use to allow users to post comments to my site to a comment.dat file, but recently my host switched to register_globals = off. I thought I updated the script to be okay with it set to off, bu tits still not working. What am I doing wrong? In factm its is now throwing a 500 error. Here's my code:
<?
$address = "http://www.domain.com/tb/talkback.php"; //Full URL to where the talkback.php script is installed
$file = "comment.dat"; //name of the file where data will be stored. the default comment.dat value is recommended
$path = "/home/domain/public_html/tb/";// Finally, the full path to the script directory
$img = "0"; // 1 - user can post images 0 - images are disabled
$title_colour = "#e4ebeb"; //background colour of the part where user's name is displayed
$message_colour = "#ffffff"; //background colour of the message displayed
// CHMOD THE DIRECTORY WHICH YOU SPECIFIED IN $address TO 0777!!!
//THATS ALL YOU NEED TO EDIT, PLEASE STOP NOW. TO USE THE SCRIPT, USE include("path/to/script/talkback.php");
$version = "1.1";
$maxlen = 30;
$route = "true";
if($img){
$imgnfo = "enabled. \\n\\n[img=http://imageaddress.com/image.jpg][/img]";
}
else{
$imgnfo = "disabled";
}
function reWriteDataInFile($fileData,$fileName = "talkback.tb")
{
if(!file_exists($fileName))
{
@$createFile = fopen($fileName, "w") or die ("Can't create file ".$fileName."");
fwrite ($createFile,"",0);
@chmod($fileName, 0666);
fclose($createFile);
}
@$openFile = fopen($fileName,"w+") or die ("Access is denied. Set permission to ".$fileName." by command in console \"chmod 666 ".$fileName."\"");
if ($openFile && flock($openFile,LOCK_EX)) {
@fwrite($openFile,$fileData);
}
fclose($openFile);
}
function createFile($fileName)
{
if(!file_exists($fileName))
{
@$createFile = fopen($fileName, "w") or die ("Can't create file ".$fileName."");
fwrite ($createFile,"",0);
@chmod($fileName, 0666);
fclose($createFile);
}
}
function convertLink($content)
{
global $constant;
$content = preg_replace('/(http|ftp|news|https)(:\/\/)([^<> ])+/i', "<a href='\\0' class='messagelink'>\\0</a>", $content);
$content = preg_replace('/([\w-?&;#~=\.\/]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?))/i', "<a href='mailto:\\1'>\\1</a>", $content);
return $content;
}
function divideWord($content,$maxWordLength = "30")
{
return wordwrap($content, $maxWordLength, " ", 1);
}
$back = "${_SERVER['HTTP_REFERER']}";
$time = date("M d, Y");
//############
//start of the script for adding
//############
if($action){
if($name){
if($comment){
$id = date("dMYHis");
if (file_exists("${file}"))
include("${file}");
else
createFile("${file}");
$comment = ereg_replace("[ ]{2,}", " ", $comment);
$comment = convertLink($comment);
$comment = str_replace("\"", """, $comment);
$comment = str_replace("\n", " <br/>", $comment);
$comment = str_replace("\$", " $", $comment);
$comment = strip_tags($comment, '');
if($img){
$comment = str_replace("[img=", "<img src='", $comment);
$comment = str_replace("][/img]", "'>", $comment);
}
$comment = trim($comment);
$comment = stripslashes($comment);
$cnt = 0;
$addContent = "<?php\n";
$addContent .= "\t\$content[0]['page'] = \"".$page."\";\n";
$addContent .= "\t\$content[0]['delete'] = \"".$id."\";\n";
$addContent .= "\t\$content[0]['name'] = \"".$name."\";\n";
$addContent .= "\t\$content[0]['comment'] = \"".$comment."\";\n";
$addContent .= "\t\$content[0]['time'] = \"".$time."\";\n";
$contentCnt = sizeof($content);
if ($contentCnt != 0)
$addContent .= "\n";
for($i = 0; $i < $contentCnt; $i++)
{
$cnt++;
while(list($key, $value) = each($content[$i]))
{
$addContent .= "\t\$content[".$cnt."]['".$key."'] = \"".$value."\";\n";
}
if ($i != $contentCnt-1)
$addContent .= "\n";
}
$addContent .= "?>";
reWriteDataInFile ($addContent, "$file");
}}
header ("location: $back");
exit;}
//#############
//end of script for adding
//#############
//show the entry form if nothing has been added
//#############
$page = "${_SERVER['HTTP_HOST']}${_SERVER['PHP_SELF']}";
if (file_exists("${path}${file}"))
include("${path}${file}");
print
"<form action=\"${address}\" name=\"form\" method=\"post\">
<fieldset>
<legend>Add Comments</legend>
<b>Name:</b><br />
<input name=\"name\" type=\"text\" size=\"30\" maxlength=\"40\" /><br />
<b>Comments:</b><br />
<textarea name=\"comment\" cols=\"30\" rows=\"2\"></textarea><br />
<input type=\"submit\" name=\"Submit\" value=\"Submit\" class=\"buu\" />
<input type=\"reset\" name=\"Reset\" value=\"Reset\" class=\"buu\" />
<input type=\"hidden\" name=\"action\" value=\"yeah_baby\" />
<input type=\"hidden\" name=\"page\" value=\"$page\" />
</fieldset>
</form>";
?>
<hr size="1" />
<?php
$now = "${_SERVER['HTTP_HOST']}${_SERVER['PHP_SELF']}";
$currentContent = $content;
for ($i = 0; $i < sizeof($currentContent); $i++)
{
$try = $currentContent[$i]['page'];
$message = $currentContent[$i]['comment'];
$message = str_replace("javascript:", "[talkback JS filter]", $message);
if($try == $now){
?>
<p class="smtxt2" style="margin-bottom:0; background-color:<?php echo $title_colour ?>">
<b><?php echo ereg_replace("@", "[at]", $currentContent[$i]['name']) ; ?></b>
commented on <?php echo $currentContent[$i]['time']; ?><br />
</p>
<p><?php //echo $message_colour; no need for this ?>
<?php echo $message; ?>
</p>
<?php }} ?>
