mguestbook/ 0040755 0001750 0001750 00000000000 07447212517 011746 5 ustar matt matt mguestbook/thanks.html 0100644 0001750 0001750 00000000037 07320312406 014105 0 ustar matt matt Thanks for your post blah blah mguestbook/badcontent.html 0100644 0001750 0001750 00000000064 07320312377 014745 0 ustar matt matt Sorry but the entry contained bad content blah blah mguestbook/routines.cgi 0100755 0001750 0001750 00000001617 07447212517 014307 0 ustar matt matt #!/usr/bin/perl use DBI; local $debug; local $db_password; local $db_username; require 'config.cgi'; # only prints if debug is set! sub print_debug { if($debug) { print "\n"; } } # connects to the database and returns a database handler sub db_connect { print_debug "connecting to database ".$db_name; $db = DBI->connect('DBI:mysql:database='.$db_name, $db_username, $db_password) or return -1; print_debug "connection successful, returning valid database handler"; return $db; } # lists the fields of the table/database - must provide a valid database handler! sub list_fields { $db = $_[0]; print_debug "retrieving list of fields for table `".$db_table."'"; $q = $db->prepare('DESC '.$db_table); $q->execute; local @fields; while(@r = $q->fetchrow_array) { print_debug "adding `".$r[0]."' to list of fields"; push @fields, $r[0]; } return @fields; } mguestbook/README 0100644 0001750 0001750 00000032301 07320336256 012617 0 ustar matt matt Matt's Guestbook script Readme ============================== 1. Introduction --------------- This script can be used to put a guestbook on a website (hence the name) using a template system for easy integration with the original site. To do this, the script uses perl and a MySQL database. 2. Setup & Configuration ------------------------ The script is easy to configure and doesn't take much in terms of brain power or logical reasoning. Let's begin with the admin stuff, open the "config.cgi" file, this contains some variables that can be set to configure certain aspects of the script. The first thing to change is the "$admin_username" and "$admin_password" variables, these are _not_ the MySQL details, nor are they any other usernames or passwords that you have, these are a specific username and password for administrating _this_ guestbook - nothing else - so set them to anything you want (hint: don't leave "$admin_password" as "password"!). The next thing to change is the "$admin_authorisation", if this is set to "1" then anybody who tries to post an entry to your guestbook will have their entry placed in a "pending" queue, the administrator must then login to the administration page and authorise the entry (add it to the main list), if on the other hand, this is set to "0" then anybody who posts an entry to your guestbook will have their entry go automatically into the main list and will show on the list instantly (this isn't a particularly good idea!). Next comes the MySQL configuration stuff, firstly we have "$db_name", this should be set to the name of the MySQL database you have setup to hold the guestbook details. Next is the MySQL hostname, "$db_host", most people will leave this set to "localhost", although I am sure some people will want to change this. Then we have the MySQL authorisation details, the username and password ("$db_username" and "$db_password"), these are of course used to connect to the MySQL database server to query/update/add to the main list and pending list and hence should be set to your specific MySQL username and password. Then we have "$db_table", this is the name of the table that will hold all your guestbook entries, this will have to be constructed and configured (see 3. Making the necessary tables) as well as a "pending" table with the same name, but with "_pending" appended to the name. OK, that's all the MySQL configuration stuff done. Next we have "$okpost_redirect", this is a URL to redirect the client's browser to when he/she posts an entry to the list, can either be local form ("thanks.html") or full URL form ("https://domain.name/thanks.html"), either will do fine. Content control can be used to block certain words from entries that people post, while all entries can be administered and hence alterations can be made, some entries can be blocked by checking for certain words The template stuff comes next and for help on this see "4. Constructing usable templates". "$results_page_template" is the template that is going to hold the results, the design of the whole page, in other words. "$results_template" is a template for how each individual entry will be shown in the guestbook list. Next up is "$date_format", which is used to display the date and time at which the entries were posted to the list, there are a couple of examples shown in the config.cgi file, but for more detailed help on exactly how to configure this value see https://www.mysql.com/doc/D/a/Date_and_time_functions.html under the header "DATE_FORMAT". To accompany the date formatting routines is the "$time_diff" variable, this allows you to adjust the time to a specific time zone _relative_to_the_timezone_of_the_server_, this means that if the server is in the US (-5) and you want the guestbook's time to show UK time (+0) then you would set the time difference to +5 to accomodate the difference in time. Now comes the entry list specific configuration, firstly "$entries_per_page" tells the script how many guestbook entries to show on a particular page, if this is set to "0" then _all_ the guestbook entries will be shown on one page however, if this is "5" then only 5 entries will be shown (there will be "Next page" and/or "Previous page buttons if needed! Speaking of which:). "$prev_page_link" is the HTML to show in order to access the previous page in the guestbook, this defaults to 'Prev. page' which as you can see is a simple HTML link with the text "Prev. page" that links back a page, the "guestbook.cgi?pagenumber=[>PREVPAGENUMBER<]" is the text that you should use for linking to a previous page within your templates. Sometimes (ie on the first page of the guestbook!) there won't be a previous page and so there is no point in displaying the link, for this reason we also have "$no_prev_page" which is displayed instead of "$prev_page_link" when no previous page is available, by default this is simply set to " " to avoid any design corruption problems! The next page stuff is very similar to the previous page stuff except that it is configured with "$next_page_link" and "$no_next_page" instead of the "$prev_page_link" and "$no_prev_page" variables, but the details are very similar (use "guestbook.cgi?pagenumber=[>NEXTPAGENUMBER<]" for the next page link though!). IMPORTANT: When the files have been uploaded onto the server there a couple of things that you _have_ to do to make the script work, firstly the "guestbook.cgi", "guestbookadmin.cgi", "routines.cgi" and "config.cgi" must be made executable (using CHMOD 755) as the "config.cgi" must not be world-readable (if the server tries to execute it then it won't be world-readable - hence 755) alternatively you can use some kind of protection system (as i'm sure you'll have to on an NT system). That should be enough to make the script work. 3. Making the necessary tables ------------------------------ PLEASE NOTE: All database/table fields are case-sensitive! [ See example_tables.sql for a simple set of tables ] Once the basic configuration has been done and the appropriate MySQL database has been setup you can begin to construct your guestbook. There are two mandatory fields within the tables, these are the first two, the first one must be called "id", have the type "int not null auto_increment" and be set as the primary key, the second mandatory field is the date/time field, this must be the second field and have type "datetime", it can be called anything that you want as long as it complies to MySQL naming conventions, ie to construct the simplist possible table for using the guestbook, the following MySQL statement could be used; CREATE TABLE guestbook (id int not null auto_increment, primary_key(id), edate datetime) which would create a table looking like so; +---------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +---------+--------------+------+-----+---------+----------------+ | id | int(11) | | PRI | NULL | auto_increment | | edate | datetime | YES | | NULL | | +---------+--------------+------+-----+---------+----------------+ and could be used for holding our guestbook information, however, this isn't going to be a very exciting guestbook is it? No, so for this reason we need to add extra fields to hold our data! My example tables that I used looked something like this ; +---------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +---------+--------------+------+-----+---------+----------------+ | id | int(11) | | PRI | NULL | auto_increment | | edate | datetime | YES | | NULL | | | name | varchar(100) | YES | | NULL | | | comment | text | YES | | NULL | | +---------+--------------+------+-----+---------+----------------+ which was used to hold a name and a comment, nothing else. You can use any fields that you wanted, with any names to hold any data! For help on creating your tables you could use my MySQL Control Panel, freely downloadable from https://www.mattsscripts.co.uk/mpanel.htm. Note that you need two tables within your database for using this guestbook, one named the same as "$db_table" is set in the config.cgi file and one called "$db_table"_pending (ie, "guestbook" and "guestbook_pending" would work), both of these tables should be _identical_ in field structure, the only difference should be the name of the table! If you are not familiar with MySQL and it's field types then you can always see the documentation on the MySQL website (https://www.mysql.com/) for help and pointers in the right direction. 4. Constructing usable templates -------------------------------- The templates are very easy to configure and take little to no time to do, I have provided a couple of very simple templates to go with the example tables, the "$results_page_template" is the page design which is used to hold the guestbook entries, within this page there are a couple of template macros which should be used; [>GUESTBOOK_ENTRIES<] : Used to tell the script where to place the guestbook entries within the design, this will be replaced by a list of all the entries within the database. [>PREV_PAGE<] : If needed this will be replaced by the configured "$prev_page_link", or if not needed it will be replaced by "$no_prev_page". [>NEXT_PAGE<] : This will be replaced by the "$next_page_link" when needed, or "$no_next_page" if it is not necessary. More important is the "$results_template" template file, this contains the template for each individual entry in the guestbook, within this file the fields within the main table are used as macros, each one being surrounded by "[>" and "<]" and is case sensitive, this doesn't make much sense, however, if I show with examples it might make more sense, eg in my example tables I have a field called "comment", by placing the macro "[>comment<]" (no speech marks) in this template file the script will replace it with the value in the "comment" field for that particular entry of the guestbook, does that make sense? For some help it would be a good idea to see the provdided "results_template.html" file. For each entry within the guestbook database an entry using the results template file will be constructed and added to a long list, this list will then replace the "[>GUESTBOOK_ENTRIES<]" macro within the main template design file. [ I realise this is a bit awkward to follow but try it and see if you can catch on ] 5. Posting entries to the guestbook ----------------------------------- The provided html file "comment.html" holds an example html form to post to the example tables. For your own tables this file should not be used as it will be fairly useless! To post to the guestbook your form should use "action=/" and have a hidden field called "action" with value "post", eg;