Ultimate Guestbook Tutorial: How to build a Guestbook with a honeypot, error checking, IP banning, pagination, e-mail notification and smilies with PHP and mySQL

April 26th, 2008 by VoiDeT | Posted in PHP | With 28,209 views | Word Count: 147 |

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13

If you don't know what smilies are, then please give me the address of the rock that you live under. Smilies are those little graphics that popup in replacement of a textual smiley, like:

  1. :D :P :O :o) ^__^ (>0_o)>

This is a guestbook tutorial, so expect people to be posting some smilies. We will making a smilies function to take care of the smilies replacement. Functions are basically code that sit outside of your main program. They do only a certain job, and operate via code in our main application sending information to them and then information getting returned. Think of functions as worker bees. You give them a job, and they return to you with something. Lets get started!

In your includes folder make a file called functions.php. Next in your index.php file do:

Under:

  1. include('includes/config.php');

Add:

  1. include('includes/functions.php');

You should understand what include statements do now. Open up your functions.php page and add:

  1. <?php
  2.  
  3.   function smilies($text){
  4.  
  5.     $smilies = array(':)', ':o', ':O', ':D', ':bounce:', ':(', ':yay:', ':love:', ':shout:');
  6.     $images = array('<img src="templates/smilies/smile.gif" />', '<img src="templates/smilies/bigsmile.gif" />','<img src="templates/smilies/bigsmile.gif" />','<img src="templates/smilies/bigsmile.gif" />', '<img src="templates/smilies/bounce.gif" />', '<img src="templates/smilies/sad.gif" />', '<img src="templates/smilies/yay.gif" />', '<img src="templates/smilies/love.gif" />', '<img src="templates/smilies/shout.gif" />');
  7.  
  8.     $text = str_replace($smilies,$images,$text);
  9.     return $text;
  10.        
  11.   }
  12.  
  13. ?>

This basically sets up our function. You declare a function with 'function' then the name of the function. The bit in brackets is what the function accepts and stores it in its own value. For example we will be sending this function the message text, so the message text will be stored in the value $text. You can send functions more parameters, just separate them with commas.

The next line we have a list of all the smilies we will accept. Nothing special really. The next line is the $images line. Its in order with the above array of smilies, so that when they get replaced, we slot in the right image. Its merely HTML code we replace the text with. The work horse here is:

  1. $text = str_replace($smilies,$images,$text);

This compares both arrays, searching for the smiley text and replacing it with the images array. Then it stores it back into the $text variable. The next line returns the value of $text back to the caller. We haven't set up the caller yet! So lets go and open entries.php and:

Find:

  1. <?php echo stripslashes($row['message']); ?>

Replace with:

  1. <?php echo smilies(stripslashes($row['message'])); ?>

We have our smilies function, sending the contents of the message to the smilies function! When the function is complete it sends it back here and then will be echoed to the screen! Amazing stuff. You can of course expand the smilies yourself, i just did it quickly. You will of course need to make sure you have the smilies images on your server. I made a folder in templates called smilies and dropped the smilies in there.

You can of course do the same with swear words, simple find and replace! I won't do it here, we need to get going on finishing the tutorial! Plus freedom of speech :P

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13

Tags
, , , , , , , ,

  1. 32 Responses to “Ultimate Guestbook Tutorial: How to build a Guestbook with a honeypot, error checking, IP banning, pagination, e-mail notification and smilies with PHP and mySQL”

  2. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 2, 2008

    I make this guestbook.
    It go not me. It always write this errors:

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /3w/wz.cz/m/medvede/5/includes/actions.php on line 3

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /3w/wz.cz/m/medvede/5/includes/functions.php on line 12

    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /3w/wz.cz/m/medvede/5/templates/entries.php on line 15

    i have it on http://medvede.wz.cz/5/index.php

    Help me, please.
    thank you

  3. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 2, 2008

    Hey Vladis,

    Did you make sure you have created the database correctly?

    Please make sure you have done this, otherwise this error would definitely show up.

  4. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 3, 2008

    I make this TABLE :

    CREATE TABLE `entries` (
    `id` int(8) NOT NULL auto_increment,
    `name` varchar(255) collate latin1_general_ci NOT NULL,
    `email` varchar(255) collate latin1_general_ci NOT NULL,
    `website` varchar(255) collate latin1_general_ci NOT NULL,
    `message` text collate latin1_general_ci NOT NULL,
    `date` timestamp NOT NULL default CURRENT_TIMESTAMP,
    `ip` varchar(15) collate latin1_general_ci NOT NULL,
    PRIMARY KEY (`id`)
    ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;

    and this:

    CREATE TABLE `spam` (
    `id` int(8) NOT NULL auto_increment,
    `ip` varchar(15) collate latin1_general_ci NOT NULL,
    PRIMARY KEY (`id`),
    KEY `ip` (`ip`)
    ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;

    I have in config.php this code:

    And it doesn’t go.

  5. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 3, 2008

    I have in config.php this code:

    $host = ‘mysql.webzdarma.cz’;
    $username = ‘medvede48′;
    $password = ‘xxx’;
    $dbname = ‘guestbook’; - - I try also entries
    $email = ‘your@email.com’;
    $connect = mysql_connect($host, $username, $password);
    $dbselect = mysql_select_db($dbname);
    $items = 10;

  6. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 3, 2008

    Can you please provide me with your ftp details?
    It could be my end, or it could be your end. But i thought i tested this script without any rows in the database. Let me know

  7. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 3, 2008

    I have it on: photoshopsk.wz.cz
    password: 7754705

    I have files from this tutorial.

  8. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 4, 2008

    And your username for me to log in please?

  9. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 5, 2008

    (https://www.webzdarma.cz/)
    My username on FTP is : photoshopsk.wz.cz
    and password: 7754705

    (https://www.webzdarma.cz/mysql/index.php)
    And username on mysql server is: photoshopsk
    password:ragp3s

  10. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 7, 2008

    Those settings do not work.

    I need username, password, and address.

    Otherwise i cannot look for you.

  11. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 7, 2008

    Look you:
    1) http://photoshopsk.wz.cz/1/1.JPG
    2) http://photoshopsk.wz.cz/1/2.JPG
    3) http://photoshopsk.wz.cz/1/3.JPG

    Do you thing this or no?
    If no this, then what you think? What of address?

  12. By Linnea SWEDEN Windows XP Internet Explorer 7.0 on Jun 9, 2008

    Hi! I just want to say thank you for a wonderful tutorial. I will probably use this at my website when I have finished it, so I can send the link later. Thank you!

  13. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 9, 2008

    @ Linnea - Thanks alot for your comment. I would love to see your website when you have finished with it!

    @Vladis - Doesn’t work dude. Maybe you have limited the IP range of access?

  14. By VLADIS SLOVAKIA Windows XP Mozilla Firefox 2.0.0.14 on Jun 11, 2008

    My action what I make.

    1.) I am download this tutorial: http://www.jotlab.com/wp-content/uploads/2008/04/guestbook.zip

    2.) I give it on a web all. (http://photoshopsk.wz.cz/)

    3.) I am create table :

    CREATE TABLE `entries` (
    `id` int(8) NOT NULL auto_increment,
    `name` varchar(255) collate latin1_general_ci NOT NULL,
    `email` varchar(255) collate latin1_general_ci NOT NULL,
    `website` varchar(255) collate latin1_general_ci NOT NULL,
    `message` text collate latin1_general_ci NOT NULL,
    `date` timestamp NOT NULL default CURRENT_TIMESTAMP,
    `ip` varchar(15) collate latin1_general_ci NOT NULL,
    PRIMARY KEY (`id`)
    ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;

    and this:

    CREATE TABLE `spam` (
    `id` int(8) NOT NULL auto_increment,
    `ip` varchar(15) collate latin1_general_ci NOT NULL,
    PRIMARY KEY (`id`),
    KEY `ip` (`ip`)
    ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;

    4.) I chanqe in config.php on it :

    AND IT NO GO.
    You know where is mistake???

  15. By Amanda UNITED STATES Windows XP Internet Explorer 6.0 on Jun 11, 2008

    Hello. I am trying to make a wedding website and want to add a guestbook feature. Everything seemed to be working okay but now I get two big errors.

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/.magdalen/danfrancis/www/attempt/includes/actions.php on line 3

    and

    Fatal error: Call to undefined function: pagination() in /home/.magdalen/danfrancis/www/attempt/templates/skin.php on line 48

    Any clue what is going on? Any help would be great. The site it’s at right now (just testing it out) is: http://www.danfrancisphotography.com/attempt/index.php

    THANKS AGAIN!

  16. By Lily DENMARK Windows XP Internet Explorer 7.0 on Jun 11, 2008

    Hello there.

    It doesn’t work at myhomepage.. Can you please tell me, what I’ve done wrong?

    - Lily.

  17. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 11, 2008

    Hey people,

    I don’t know why you are having these problems. It sounds like an error in the SQL. I am happy to look on your server if you provide me with the correct FTP details or cpanel details.

    I have installed this script from the zip file and it works fine.

    Thank you

  18. By Lily DENMARK Windows XP Internet Explorer 7.0 on Jun 12, 2008

    What do you mean with the correct FTP details or cpanel details?

  19. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 12, 2008

    However you upload the files to your server,
    so i can see what the problem is. Because i cant replicate it

  20. By Lily DENMARK Windows XP Internet Explorer 7.0 on Jun 12, 2008

    The only thing I’ve changed is the MySQL otherwise I haven’t touched anything. The same text as Amanda got I have at my page.

  21. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jun 12, 2008

    Yep,
    what sql did you change?
    the connection settings?

  22. By eHobayyeb SAUDI ARABIA Windows Vista Mozilla Firefox 3.0 on Jun 22, 2008

    Amazing!

    Everything works fine.
    I am new PHPier and found many useful tips & tricks!

    Keep it up VoiDeT, I will do all PHP tuts here.

    Thanks
    Mohammad
    hattoon.com

  23. By HCF GERMANY Windows Vista Mozilla Firefox 3.0 on Jul 5, 2008

    Hi, awesome tutorial, shows exactly how to use the basics. 2 questions regarding your techniques:
    1. What about using mySQLi instead of the usual mySQL (only PHP5, but way better), since it is faster and more secure.
    2. I guess this was designed for beginner and advanced user, so it would be useful to show a lil bit of object oriented programming, since it makes the source code more accessible and php more flexible.

    Awesome work, greetings from Germany.

  24. By VoiDeT AUSTRALIA Mac OS X Safari 525.20 on Jul 5, 2008

    HCF!

    Vielen dank für ihre nette antwort. Du hast auf Englisch geschreiben, so ich werde auf Deutsch antworten. Es freut mich so viel das du die tutorial magst. So danke noch mal. Ich hab noch nicht viele mysqli probiert. Aber ich weiß das es OOP ist. Für dieser tutorial will ich sehr einfach machen, aber vielleicht lern ich MySQLi für meine selber projekte.

    Vielen dank noch mal,

  25. By Fredrik Windows XP Flock 1.2.1 on Jul 7, 2008

    Hi voidet,

    I like the icons you use to identify the country, OS and browser. How did you do that?

  26. By VoiDeT AUSTRALIA Mac OS X Safari 525.20.1 on Jul 7, 2008

    Firestats plugin mate ;)

  27. By Akira SWEDEN Windows XP Mozilla Firefox 3.0.1 on Jul 30, 2008

    Nice guestbook. I like it. :)

  28. By Dan Bunyard UNITED STATES Windows XP Mozilla Firefox 3.0.1 on Aug 9, 2008

    Awesome work! I have a guestbook on my existing site but….to put it mildly….it was hacked together to make it work. You have sure a great example here of the things you can do with PHP/MySQL. Keep up the great work, and happy coding!!

  29. By Franklyn CANADA Windows XP Mozilla Firefox 3.0.1 on Aug 11, 2008

    I havent read the code in detail but wouldnt it be better to do the error handling client side ?.

  30. By VoiDeT AUSTRALIA Mac OS X Safari 525.20.1 on Aug 12, 2008

    Doing just client side opens you up to attacks.
    This is a server side tutorial anyhow. By just doing client side error checking would be insecure and negligent.

  31. By mm UNITED STATES Windows Vista Internet Explorer 7.0 on Aug 24, 2008

    hi - this is really a great tutorial. Im very glad you did this as I was confused about how to add a honeypot.

    listen, do you know how to add an ADMIN page/function to this GB, or is it already there? I was testing mine and managed to ban my own IP! I’m not sure how to manage the database at this point. Any help is appreciated.
    Thanks!

  32. By VoiDeT AUSTRALIA Mac OS X Safari 525.20.1 on Aug 24, 2008

    Hey,

    Simply go into phpmyadmin and delete the entry in the banlist that is associated with your IP address :)

    Thanks for the comments!

  33. By Yousha ISLAMIC REPUBLIC OF IRAN Windows XP Opera 9.27 on Sep 11, 2008

    This form needs CAPTCHA security image.
    GL.

Post a Comment