Hey Leute,
also ich will ab und zu auch mal in meinem Gästebuch die Beiträge kommentieren, aber damit nicht jeder
meinen Namen nehmen kann, möchte ich den absichern.
Ich möchte das wenn ich z.B. für den Namen "RiensArtwork", "Admin" oder "Administrator" eintrage, dass sich ein Label darunter öffnet,
in dem man einen Code eingeben muss, was gleichzeitig dann ncoh auf Richtigkeit überprüft wird. Für andere Namen soll die nicht der Fall sein.
PHP
<span class="syntaxhtml"><br /><span class="syntaxdefault"><?php<br /><br /> session_start</span><span class="syntaxkeyword">();<br /><br /></span><span class="syntaxdefault"> array_walk </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> $_POST</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'eingabebereinigen'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> array_walk </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> $_GET</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'eingabebereinigen'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> array_walk </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> $_REQUEST</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'eingabebereinigen'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> function eingabebereinigen</span><span class="syntaxkeyword">(&</span><span class="syntaxdefault">$value</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> $key</span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// keine HTML-Tags erlaubt, außer p und br<br /></span><span class="syntaxdefault"> $value </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> strip_tags</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$value</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'<p><br /><b><strong>'</span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// HTML-Tags maskieren<br /></span><span class="syntaxdefault"> $value </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> htmlspecialchars</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$value</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> ENT_QUOTES</span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Leerzeichen am Anfang und Ende beseitigen<br /></span><span class="syntaxdefault"> $value </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> trim</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$value</span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Kleine Funktion um die Fehler bequem auszugeben<br /></span><span class="syntaxdefault"> function getError</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$error</span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$error </span><span class="syntaxkeyword">!=</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> return </span><span class="syntaxstring">'<br /><span class="error">'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$error</span><span class="syntaxkeyword">.</span><span class="syntaxstring">'</span>'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /><br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'action'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">!=</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Uberpruft ob der Name leer ist<br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'name'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">==</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxkeyword">)</span><span class="syntaxdefault"> <br /> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> $errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'name'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">'Name is not allowed to be empty!'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Uberpruft ob das Emailfeld leer ist und ob es eine gultige emailadresse enthalt<br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'email'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">==</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">||</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">!</span><span class="syntaxdefault">filter_var</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'email'</span><span class="syntaxkeyword">],</span><span class="syntaxdefault"> FILTER_VALIDATE_EMAIL</span><span class="syntaxkeyword">))<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> $errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'email'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">'E-Mail is not allowed to be empty and musst be a valid email address!'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Uberprufung der letzten beiden Variabeln ob diese nicht leer sind<br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'eintrag'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">==</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> $errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'eintrag'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">'Please add a message!'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">//captcha korrekt?<br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'code'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">==</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxdefault"> or $_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'code'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">!=</span><span class="syntaxdefault"> $_SESSION</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'captcha-wert'</span><span class="syntaxkeyword">])<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> $errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'code'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">'Wrong code!'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Wenn es keine Fehler gibt, soll das Formular verschickt werden<br /></span><span class="syntaxdefault"> if</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$errors </span><span class="syntaxkeyword">==</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">&&</span><span class="syntaxdefault"> $_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'action'</span><span class="syntaxkeyword">]</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">!=</span><span class="syntaxdefault"> </span><span class="syntaxstring">""</span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /><br /></span><span class="syntaxdefault"> $sql </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">"INSERT INTO gaestebuch<br /> (`name`, `email`, `url`, `datum`, `eintrag`)<br /> VALUES<br /> ('"</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'name'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">"', '"</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'email'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">"', '"</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'url'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">"', '"</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">date</span><span class="syntaxkeyword">(</span><span class="syntaxstring">"Y-m-d H:i:s"</span><span class="syntaxkeyword">).</span><span class="syntaxstring">"', '"</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'eintrag'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">"' )"</span><span class="syntaxkeyword">;<br /><br /></span><span class="syntaxdefault"> define </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> </span><span class="syntaxstring">'MYSQL_HOST'</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'localhost'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> define </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> </span><span class="syntaxstring">'MYSQL_BENUTZER'</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'riensartwork_de'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> define </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> </span><span class="syntaxstring">'MYSQL_KENNWORT'</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'yTMMaWiu'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> define </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> </span><span class="syntaxstring">'MYSQL_DATENBANK'</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> </span><span class="syntaxstring">'riensartwork_de'</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> $db_link </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">@</span><span class="syntaxdefault">mysql_connect </span><span class="syntaxkeyword">(</span><span class="syntaxdefault">MYSQL_HOST</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> MYSQL_BENUTZER</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> MYSQL_KENNWORT</span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> if </span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> </span><span class="syntaxkeyword">!</span><span class="syntaxdefault"> $db_link </span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// hier sollte dann später dem Programmierer eine<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// E-Mail mit dem Problem zukommen gelassen werden<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// die Fehlermeldung für den Programmierer sollte<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// das Problem ausgeben mit: mysql_error()<br /><br /></span><span class="syntaxdefault"> die</span><span class="syntaxkeyword">(</span><span class="syntaxstring">'No connection this time - try later'</span><span class="syntaxkeyword">);<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> $db_sel </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> mysql_select_db</span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> MYSQL_DATENBANK </span><span class="syntaxkeyword">)<br /></span><span class="syntaxdefault"> or die</span><span class="syntaxkeyword">(</span><span class="syntaxstring">"Auswahl der Datenbank fehlgeschlagen"</span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// ausführen des mysql-Befehls<br /></span><span class="syntaxdefault"> $db_erg </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> mysql_query</span><span class="syntaxkeyword">(</span><span class="syntaxdefault"> $sql </span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> mysql_insert_id</span><span class="syntaxkeyword">();<br /><br /></span><span class="syntaxdefault"> $empfaenger </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">'info@riensartwork.de'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> $betreff </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">'Guestbook'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> $nachricht </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> </span><span class="syntaxstring">' Freigeben: '</span><span class="syntaxkeyword">.</span><span class="syntaxstring">' http://riensartwork.de/gaestebuch-freischalten.php?id='</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">mysql_insert_id</span><span class="syntaxkeyword">().</span><span class="syntaxdefault"> </span><span class="syntaxstring">'<br /> oder<br /> Loeschen: '</span><span class="syntaxkeyword">.</span><span class="syntaxstring">' http://riensartwork.de/gaestebuch-loeschen.php?id='</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">mysql_insert_id</span><span class="syntaxkeyword">();<br /><br /></span><span class="syntaxdefault"> $mailtext </span><span class="syntaxkeyword">=</span><span class="syntaxdefault"> $_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'eintrag'</span><span class="syntaxkeyword">];<br /><br /></span><span class="syntaxdefault"> mail</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$empfaenger</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> $betreff</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> $nachricht</span><span class="syntaxkeyword">,</span><span class="syntaxdefault"> $mailtext</span><span class="syntaxkeyword">);<br /><br /></span><span class="syntaxdefault"> echo </span><span class="syntaxstring">'<h5>Thank you for your comment</h5><meta http-equiv="refresh" content="3; URL=gaestebuch.php" />'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> else<br /> </span><span class="syntaxkeyword">{<br /></span><span class="syntaxdefault"> </span><span class="syntaxcomment">// Andernfalls, ausgeben des Formulars<br /></span><span class="syntaxdefault"> echo </span><span class="syntaxstring">'<br /> <form name="" action="'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_SERVER</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'PHP_SELF'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">'"<br /> method="POST" enctype="text/html"><br /> <label>Your Name:'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">getError</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'name'</span><span class="syntaxkeyword">]).</span><span class="syntaxstring">'<br /><br /> <p><input type="text" name="name" value="'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'name'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">'" size="50" maxlength="150" /></p></label> //Hier soll überprüft werden ob der Name "RiensArtwork" oder<br /> // "Admin/Administrator" verwendet wird. <br /> //Wenn ja, dann soll sich ein Label unter dem Namen-Label öffnen, in dem man ein Passwort eingeben soll.<br /> //Das Passwort soll dann auch auf Richtigkeit überprüft werden<br /> <label>Your E-Mail:'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">getError</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'email'</span><span class="syntaxkeyword">]).</span><span class="syntaxstring">'<br /><br /> <p><input type="text" name="email" value="'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'email'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">'" size="50" maxlength="150" /></p></label><br /><br /> <label>Your Homepage:<br /><br /> <p></p><input type="text" name="url" value="" size="50" maxlength="150" /></p></label><br /><br /> <label>Message:'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">getError</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'eintrag'</span><span class="syntaxkeyword">]).</span><span class="syntaxstring">'<br /><br /> <p><textarea name="eintrag" rows="10" cols="50">'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">$_POST</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'eintrag'</span><span class="syntaxkeyword">].</span><span class="syntaxstring">'</textarea></p></label><br /><br /> <input type="reset" name="reset" value="Reset" onclick="return confirm(\'Reset this form?\')" /><br /> <br /><br /> Please type the following code: <br /><br /> <img src="captcha.php" id="code" border="0" title="Code"/><br /><br /> <label>'</span><span class="syntaxkeyword">.</span><span class="syntaxdefault">getError</span><span class="syntaxkeyword">(</span><span class="syntaxdefault">$errors</span><span class="syntaxkeyword">[</span><span class="syntaxstring">'code'</span><span class="syntaxkeyword">]).</span><span class="syntaxstring">' <br /><br /> <input type="text" name="code" size="20" maxlength="5"/><br /></label><br /><br /> <input type="submit" name="action" value="Send" /><br /> </form>'</span><span class="syntaxkeyword">;<br /></span><span class="syntaxdefault"> </span><span class="syntaxkeyword">}<br /></span><span class="syntaxdefault"> ?><br /></span></span>
Ich hoffe ihr könnt mir da weiter helfen!
Danke