alert("no h4x0ring allowed")';
$dafile = fopen('blog' . $dbnum . '.db', 'a');
$pname = $_POST['name'];
$pwebsite = $_POST['website'];
$pcomment = $_POST['comment'];
$pdate = date("j F, Y, g:i a");
$IP = getenv ('REMOTE_ADDR');
$name = "";
$website = "";
$comment = "";
$date = "";
$ip = "";
$c = "";
if (isset($pname) && isset($pcomment))
{
if ($pname == "" || $pcomment == "")
{
echo '
';
}
else
{
$pname = str_ireplace("|", "FOOBAR", $pname);
$pwebsite = str_ireplace("|", "FOOBAR", $pwebsite);
$pcomment = str_ireplace("|", "FOOBAR", $pcomment);
$pname = stripslashes($pname);
$pwebsite = stripslashes($pwebsite);
$pcomment = stripslashes($pcomment);
fwrite($dafile, "
" . $pname . "|"
. $pdate . "|"
. $pwebsite . "|"
. $pcomment . "|"
. $IP . "|");
}
}
fclose($dafile);
$dafile = fopen('blog' . $dbnum . '.db', 'r');
while (false != ($c = fgetc($dafile)))
{
while ($c !== '|')
{
$name = $name . $c;
$c = fgetc($dafile);
}
$c = fgetc($dafile);
while ($c !== '|')
{
$entrydate = $entrydate . $c;
$c = fgetc($dafile);
}
$c = fgetc($dafile);
while ($c !== '|')
{
$website = $website . $c;
$c = fgetc($dafile);
}
$c = fgetc($dafile);
while ($c !== '|')
{
$comment = $comment . $c;
$c = fgetc($dafile);
}
$c = fgetc($dafile);
while ($c !== '|')
{
$ip = $ip . $c;
$c = fgetc($dafile);
}
echo "" . $comment .
"
" . $name .
" | Homepage | " . $entrydate .
"
|
";
$comment = "";
$name = "";
$website = "";
$entrydate = "";
}
fclose($dafile);
?>
|