Hi Everyone,

I am looking for a PHP file that can create and provide service to a
quick and easy database (even a TXT file will suffice rather than a CSV
or an XLS) to contain user-submitted data. There would be three
catagories of data: First Name, Last Name, and Email Address.

I got a tip that one existed on http://www.cobra-scripts.com but I
didn't see it.

Does anyone know where I can get a PHP like that, or one that is close
enough and can be modified?

Thanks!

"Phil Buchman" < [at] > wrote in message
news:qJmdndg8I_-bLJnbnZ2dnUVZ_qupnZ2d [at] comcast.com...
| Hi Everyone,
|
| I am looking for a PHP file that can create and provide service to a
| quick and easy database (even a TXT file will suffice rather than a CSV
| or an XLS) to contain user-submitted data. There would be three
| catagories of data: First Name, Last Name, and Email Address.
|
| I got a tip that one existed on http://www.cobra-scripts.com but I
| didn't see it.
|
| Does anyone know where I can get a PHP like that, or one that is close
| enough and can be modified?

csv and xls are text files. xls is a stylization for xml (which is probably
what you meant). as it is, there are hundreds of examples on the net...and,
this sounds a lot like a spamming enterprise.

>
> csv and xls are text files. xls is a stylization for xml (which is probably
> what you meant). as it is, there are hundreds of examples on the net...and,
> this sounds a lot like a spamming enterprise.



Hi Steve,

Actually, it's for the annual group of kids at a Christian Church Camp
who want to leave their email addresses for their friends.

Go to www.campbarbee.com and click on the "Email Addresses" link and
you'll see the CGI script that I want to replace with something a
little more modern before my hosting service does away with their
support for CGI sometime this summer.

Any suggestions about where I can find a few of those hundreds of
examples on the net that you wrote about? I would really like to see a
few of them before our host dumps CGI support.

Thanks Steve!

"Webmaster of campbarbee.com" < [at] > wrote in message
news:UYudncfMqq3d0pjbnZ2dnUVZ_rWnnZ2d [at] comcast.com...
| >
| > csv and xls are text files. xls is a stylization for xml (which is
probably
| > what you meant). as it is, there are hundreds of examples on the
net...and,
| > this sounds a lot like a spamming enterprise.
|
|
|
| Hi Steve,
|
| Actually, it's for the annual group of kids at a Christian Church Camp
| who want to leave their email addresses for their friends.
|
| Go to www.campbarbee.com and click on the "Email Addresses" link and
| you'll see the CGI script that I want to replace with something a
| little more modern before my hosting service does away with their
| support for CGI sometime this summer.
|
| Any suggestions about where I can find a few of those hundreds of
| examples on the net that you wrote about? I would really like to see a
| few of them before our host dumps CGI support.

well, make it hundreds of examples plus one. rather than give a lecture on
how to google and given that you refrained quite nicely from firing back
with 'fuck off', here's what i've been using for years. i'm sure your love
of spammers has fostered your understanding of my reluctance to further the
cause.

here are some supporting files (assumes php 5)...you'll need to clean up the
text-wrapping, and i typed the example at the bottom without testing...you
may get syntax errors from php if i forgot something.

==== cvs.class.php

<?
class csv
{
private $_records = array();

private function __clone(){}

function __construct($path, $delimiter = '", "', $lineTerminator = "\n",
$firstRowHeader = true)
{
$fileHandle = fopen($path, 'r');
$records = explode($lineTerminator, fread($fileHandle,
filesize($path)));
fclose($fileHandle);
$recordCount = count($records);
for ($i = 0; $i < $recordCount; $i++)
{
$record = substr($records[$i], 1, -1);
$records[$i] = explode($delimiter, $record);
}
$columns = array();
$columnCount = count($records[0]);
for ($i = 0; $i < $columnCount; $i++)
{
$columns[$i] = $firstRowHeader ? strtoupper($records[0][$i]) : $i;
}
for ($record = ($firstRowHeader ? 1 : 0); $record < $recordCount;
$record++)
{
for ($column = 0; $column < $columnCount; $column++)
{
$this->_records[$record][$columns[$column]] =
$records[$record][$column];
}
}
}

function records(){ return $this->_records; }
}
?>

====== email.class.php

<?
class email
{
static function send(
$to ,
$from ,
$cc = '' ,
$bcc = '' ,
$subject ,
$text = '' ,
$html = '' ,
$companyName = '' ,
$logo = null ,
$dropDirectory = '' ,
$exec = '' ,
$execOptions = ''
)
{
$messageHtml = $html;
$html = '
<html>
<style>
body
{
background-color : white;
color : black;
font-family : verdana, tahoma, arial, times new
roman, sans-serif;
font-size : 8pt;
margin : 0px;
text-align : left;
}
</style>
<body>
';
if (isset($logo))
{
$image = file_get_contents($logo);
$image = chunk_split(base64_encode($image));
$html .= '
<img alt="' . $companyName . '" border="0px"
src="cid:logo" style="float:right;">
<br>
<br>
<br>
<br clear="all">
';
}
if ($messageHtml == ''){ $messageHtml = '<html><body>' . $text; }
$html .= $messageHtml . '</body></html>';
if ($text == ''){ $text = $html; }
$boundry = '----=' . md5(uniqid(rand()));
$related = '----=' . md5(uniqid(rand()));
$mail = "MIME-Version: 1.0\r\n";
$mail .= "TO: " . $to . "\r\n";
$mail .= "FROM: " . $from . "\r\n";
$mail .= "CC: " . $cc . "\r\n";
$mail .= "BCC: " . $bcc . "\r\n";
$mail .= "Subject: " . $subject . "\r\n";
$mail .= "Content-Type: multipart/related;
boundary=\"$related\"\r\n\r\n\r\n";
$mail .= "--$related\r\n";
$mail .= "Content-Type: multipart/alternative;
boundary=\"$boundry\"\r\n\r\n\r\n";
$mail .= "--$boundry\r\n";
$mail .= "Content-Type: text/plain; charset=\"iso-8859-1\"\r\n";
$mail .= "Content-Transfer-Encoding: 8bit\r\n\r\n";
$mail .= $text . "\r\n\r\n";
$mail .= "--$boundry\r\n";
$mail .= "Content-Type: text/html; charset=\"iso-8859-1\"\r\n";
$mail .= "Content-Transfer-Encoding: 8bit\r\n\r\n";
$mail .= $html . "\r\n\r\n";
$mail .= "--$boundry--\r\n\r\n";
$mail .= "--$related\r\n";
$mail .= "Content-Type: image/jpeg\r\n";
$mail .= "Content-ID: logo\r\n";
$mail .= "Content-Disposition: attachment;
filename=\"logo.jpg\"\r\n";
$mail .= "Content-Transfer-Encoding: base64\r\n\r\n";
$mail .= $image . "\r\n\r\n";
$mail .= "--$related--\r\n\r\n";
$mail .= "-- End --\r\n";
$fileName = $dropDirectory . strtoupper(md5(uniqid(rand()))) . '.eml';
file_put_contents($fileName, $mail);
if (!$exec){ return $mail; }
exec($exec . $fileName . $execOptions);
[at] unlink($fileName);
return $mail;
}
}
?>

====== now to put it all together ...
====== assumes window env using iis smtp.
====== assumes 1st row has field names and that
====== one of them is named 'email'. otherwise
====== access the address based on it's ordinal
====== field position, i.e. $records[3];

<?
require_once 'csv.class.php;
require_once 'email.class.php';

$admin = 'some.one [at] example.com';
$company = 'some enterprise';
$dropDirectory = 'c:/inetpub/mailroot/pickup/'; // php needs write perm.
$exec = ''; // *nix (using sendmail) - '/usr/sbin/sendmail -ti < '
$fileDb = 'data/some.csv';
$logo = 'images/my.email.logo.jpg';
$message = 'hello world';
$options = ''; // *nix - any additional args for sendmail
$subject = 'test email';

$csv = new csv($fileDb);

foreach ($csv->records() as $record)
{
email::send(
$record['EMAIL'] ,
$admin ,
'' ,
'' ,
$subject ,
$message ,
'' ,
$company ,
$logo ,
$dropDirectory ,
$exec ,
$options
);
}
?>

"Steve" <no.one [at] example.com> wrote in message
news:zs9Nh.5$786.0 [at] newsfe03.lga...
|
| "Phil Buchman" < [at] > wrote in message
| news:qJmdndg8I_-bLJnbnZ2dnUVZ_qupnZ2d [at] comcast.com...
|| Hi Everyone,
||
|| I am looking for a PHP file that can create and provide service to a
|| quick and easy database (even a TXT file will suffice rather than a CSV
|| or an XLS) to contain user-submitted data. There would be three
|| catagories of data: First Name, Last Name, and Email Address.

btw, i read xls in dislexic fashion, i.e. xsl(t). oops.

"Webmaster of campbarbee.com" < [at] > wrote in message
news:UYudncfMqq3d0pjbnZ2dnUVZ_rWnnZ2d [at] comcast.com...
| >
| > csv and xls are text files. xls is a stylization for xml (which is
probably
| > what you meant). as it is, there are hundreds of examples on the
net...and,
| > this sounds a lot like a spamming enterprise.
|
|
|
| Hi Steve,
|
| Actually, it's for the annual group of kids at a Christian Church Camp
| who want to leave their email addresses for their friends.
|
| Go to www.campbarbee.com and click on the "Email Addresses" link and
| you'll see the CGI script that I want to replace with something a
| little more modern before my hosting service does away with their
| support for CGI sometime this summer.
|
| Any suggestions about where I can find a few of those hundreds of
| examples on the net that you wrote about? I would really like to see a
| few of them before our host dumps CGI support.
|
| Thanks Steve!

holy shit! you do realize that you have yourself opened wide for negligence,
right? you have no security in place that keeps anyone (read, adult
pedophiles) from accessing the email addresses of those who attend your camp
(read, children - aka prey in the pedophilia dictionary). while i really
could care less about your potential litigation, i do care about the safety
of those children to whom you are providing this 'service'.

you need to create an account for each of them. you need to be able to allow
those posting their email to select specifically to whom they'd like to
share their address or whether they'd like it made public (as limited to
only others who have accounts).

if you have no idea how to do this, i'd be happy to post a couple of pages
of code that integrates security. i'd be very wary of sending my child to
this camp as lack of forethought has trumped safety...makes me worry even
more about the env in which they'd be climing, canoeing, shooting arrows,
etc.

but that's just my 0.02 usd.

i really should get a full night's sleep before posting. so you just want to
store the name and email information. well, there are not hundreds of
examples on the net...there are thousands. start with mysql. here's a sample
table:

CREATE TABLE people
(
Id INT AUTO_INCREMENT PRIMARY KEY
,
FirstName VARCHAR(30) NOT NULL
,
MiddleName VARCHAR(30) NULL
,
LastName VARCHAR(50) NOT NULL
,
UserName VARCHAR(51) NULL
,
Password VARCHAR(50) NOT NULL
,
Phone VARCHAR(50) NULL
,
Email VARCHAR(255) NOT NULL
,
Expired NUMERIC NULL DEFAULT 1
,
Passport VARCHAR(40) NULL DEFAULT ''
,
Stamp TIMESTAMP NULL DEFAULT NOW()
ON UPDATE NOW()
);

notice, the table integrates some security tie-ins?

========== here's an abstract db class. this one uses mysql. you'll see it
used in subsequent code posted below.

<?
class db
{
static private $_instance = null;
static private $_lastStatement = '';

private function __clone(){}

private function __construct(){}

static function connect($server, $user, $password, $catalog = null)
{
try
{
mysql_connect($server, $user, $password);
if (!is_null($catalog)){ mysql_select_db($catalog); }
} catch (exception $ex) {
print "<pre>\r\n" . $ex->getMessage() . "\r\n" .
' in file ' . $ex->getFile() . "\r\n" .
' on line ' . $ex->getLine() . "\r\n" .
'</pre>';
return false;
}
return true;
}

static function getInstance()
{
if (is_null(self::$_instance)){ self::$_instance = new db(); }
return self::$_instance;
}

static function getLastStatement(){ return self::$_lastStatement; }

static function decode($string)
{
$translation = get_html_translation_table(HTML_ENTITIES);
$translation = array_flip($translation);
$string = strtr($string, $translation);
return $string;
}

static function describe($table)
{
$columns = array();
$records = self::execute('DESCRIBE ' . $table);
foreach ($records as $record)
{
foreach ($record as $column => $property)
{
if ($column == 'FIELD'){ continue; }
$columns[strtoupper($record['FIELD'])][$column] = $property;
}
}
return $columns;
}

static function encode($string)
{
$translation = get_html_translation_table(HTML_ENTITIES);
$string = strtr($string, $translation);
return $string;
}

static function execute($sql, $decode = false, $returnNewId = false)
{
self::$_lastStatement = $sql;
$array = array();
$key = 0;
$records = mysql_query($sql);
$fieldCount = [at] mysql_num_fields($records);
$translation = get_html_translation_table(HTML_ENTITIES);
$translation = array_flip($translation);
while ($row = [at] mysql_fetch_array($records, MYSQL_NUM))
{
for ($i = 0; $i < $fieldCount; $i++)
{
$value = $row[$i];
if ($decode){ $value = strtr($value, $translation); }
$array[$key][strtoupper( [at] mysql_field_name($records, $i))] = $value;
}
$key++;
}
if ($returnNewId)
{
$array = array();
$array[0]['ID'] = mysql_insert_id();
}
[at] mysql_free_result($records);
return $array;
}

static function prepare($string, $encode = false)
{
if ($encode){ $string = self::encode($string); }
$string = stripslashes(str_replace("'", "''", $string));
return $string;
}
}
?>

========== here's php to validate (most) email addresses (fix the
text-wrapping)

function isEmail($email)
{
if (!$email){ return false; }
$pattern =
"/^((\"[^\"]*?\")|([^\(\)\<\> \ [at] \,\;\:\\\"\[\]\s\*\/]+)) [at] (\[((25[0-5]|2[0-4][0-9]|1[0-9][0 -9]|[1-9][0-9]|[0-9])\.){3}|((([a-zA-Z0-9\-]+)\.)+))([a-zA-Z ]{2,}|(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\])$ /si";
return preg_match($pattern, $email);
}


========== here's a script to maintain 'people'.

<?
$pageTitle = 'People';
$fullHeader = false;
$securityEnabled = true;
require_once 'relative.path.php';
require_once $relativePath . 'site.cfg.php';

$add = isset($_REQUEST['add']);
$back = isset($_POST['back']);
$confirm = isset($_POST['confirm']);
$delete = isset($_REQUEST['delete']);
$edit = isset($_REQUEST['edit']);

$action = $add ? 'add'
: 'edit';
$method = isset($_POST['method']) ? $_POST['method']
: '';

$errors = array();

$id = isset($_REQUEST['id']) ?
$_REQUEST['id'] : 0;
$personFirstName = isset($_REQUEST['personFirstName']) ?
$_REQUEST['personFirstName'] : '';
$personMiddleName = isset($_REQUEST['personMiddleName']) ?
$_REQUEST['personMiddleName'] : '';
$personLastName = isset($_REQUEST['personLastName']) ?
$_REQUEST['personLastName'] : '';
$personUserName = isset($_REQUEST['personUserName']) ?
$_REQUEST['personUserName'] : '';
$personExpirePassword = isset($_REQUEST['personExpirePassword']) ? 1 : 0;
$personPassword = isset($_REQUEST['personPassword']) ?
$_REQUEST['personPassword'] : '';
$personRePassword = isset($_REQUEST['personRePassword']) ?
$_REQUEST['personRePassword'] : '';
$personEmail = isset($_REQUEST['personEmail']) ?
$_REQUEST['personEmail'] : '';
$personPhoto = isset($_REQUEST['personPhoto']) ?
$_REQUEST['personPhoto'] : '';
$setSiteAccess = isset($_REQUEST['setSiteAccess']) ?
$_REQUEST['setSiteAccess'] : false;
$copyUserPermissions = isset($_REQUEST['copyUserPermissions']) ?
$_REQUEST['copyUserPermissions'] : false;
$passwordMismatch = strtolower($personPassword) !=
strtolower($personRePassword);
if ($back)
{
$add = false;
$delete = false;
$edit = false;
$method = '';
}
if ($confirm)
{
$add = false;
$delete = false;
$edit = false;
$method = '';
$sql = "
DELETE
FROM people
WHERE Id = '" . db::prepare($id) . "'
";
db::execute($sql);
header('location:' . $_SERVER['PHP_SELF']);
exit;
}
if (!($delete || $confirm) && $method == 'put')
{
$sql = "
SELECT COUNT(*) PersonExists
FROM people
WHERE Id != '" .
db::prepare($id) . "'
AND LOWER(UserName) = LOWER('" .
db::prepare($personUserName) . "')
";
unset($records);
$records = db::execute($sql);
$personExists = $records[0]['PERSONEXISTS'] ? true : false;
if (!$personFirstName)
{
$errors['personFirstName'] = 'FIRST NAME is required and cannot be
blank.';
}
if (!$personLastName)
{
$errors['personLastName'] = 'LAST NAME is required and cannot be
blank.';
}
if (!$personPassword)
{
$errors['personPassword'] = 'PASSWORD is required and cannot be
blank.';
}
if ($personPassword && ($personPassword != $personRePassword))
{
$errors['personPassword'] = 'The PASSWORD does not match the PASSWORD
CONFIRMATION.';
}
if ($personExists)
{
$errors['personUserName'] = 'A person with this USER NAME is already
being used.';
}
if (!$personEmail || !isEmail($personEmail))
{
$errors['personEmail'] = 'Invalid EMAIL ADDRESS.';
}
if (!count($errors))
{
if ($action == 'add')
{
$sql = "
INSERT INTO people
(
FirstName ,
MiddleName ,
LastName ,
UserName ,
Password ,
Email ,
Expired
)
VALUES
(
'" . db::prepare($personFirstName) . "' ,
'" . db::prepare($personMiddleName) . "' ,
'" . db::prepare($personLastName) . "' ,
'" . db::prepare($personUserName) . "' ,
'" . db::prepare($personPassword) . "' ,
'" . strtolower(db::prepare($personEmail)) . "' ,
'" . db::prepare($personExpirePassword) . "'
)
";
} else {
$sql = "
UPDATE people
SET FirstName = '" . db::prepare($personFirstName)
.. "' ,
MiddleName = '" . db::prepare($personMiddleName)
.. "' ,
LastName = '" . db::prepare($personLastName)
.. "' ,
UserName = '" . db::prepare($personUserName)
.. "' ,
Password = '" . db::prepare($personPassword)
.. "' ,
Email = '" .
strtolower(db::prepare($personEmail)) . "' ,
Expired = '" .
db::prepare($personExpirePassword) . "' ,
Passport = ''
WHERE Id = '" . $id . "'
";
}
db::execute($sql);
header('location:' . $_SERVER['PHP_SELF']);
exit;
}
}
require_once $site->includeDirectory . 'head.inc.php';
?>
<br>
<div class="bullet" style="background:white no-repeat url('<?=
$site->imagesDirectory ?>bullet.jpg'); color:black; font-size:12pt;
height:50px; padding-top:8px; padding-left:50px;">
<?= $pageTitle ?>
</div>
<hr>
<br>
<?
if ($add || $edit)
{
?>
<script language="javascript">
var skipValidation = false;
function validate()
{
if (skipValidation){ return true; }
var warning = new String();
var el = record.personFirstName;
if (warning.length == 0 && trim(el.value) == '')
{
warning = "FIRST NAME is required.";
}
var el = record.personLastName;
if (warning.length == 0 && trim(el.value) == '')
{
warning = "LAST NAME is required.";
}
var el = record.personUserName;
if (warning.length == 0 && trim(el.value) == '')
{
warning = "USER NAME is required.";
}
var el = record.personEmail;
if (warning.length != 0 && !isEmail(el.value))
{
warning = "Invalid EMAIL.";
}
if (warning.length)
{
alert(warning);
el.focus()
el.select();
return false;
}
return true;
}
</script>
<?
if (!count($errors))
{
$sql = "
SELECT Id ,
FirstName ,
MiddleName ,
LastName ,
UserName ,
Password ,
Email ,
Expired ,
Passport
FROM people
WHERE id = '" . db::prepare($id) . "'
";
unset($records);
$records = db::execute($sql);
$id = $records[0]['ID'];
$personFirstName = $records[0]['FIRSTNAME'];
$personMiddleName = $records[0]['MIDDLENAME'];
$personLastName = $records[0]['LASTNAME'];
$personUserName = $records[0]['USERNAME'];
$personPassword = $records[0]['PASSWORD'];
$personRePassword = $records[0]['PASSWORD'];
$personEmail = $records[0]['EMAIL'];
$personExpirePassword = $records[0]['EXPIRED'];
$personPassport = $records[0]['PASSPORT'];
}
if (count($errors))
{
$displayedErrors = array_unique(array_values($errors));
?>
<div style="color:#660000; font-size:10pt; font-weight:bold;">
ERROR
</div>
<hr style="background-color:#660000; color:#660000;">
<ol>
<?= '<li style="color:#660000; font-size:8pt;">' . implode('<li
style="color:#660000; font-size:8pt;">' . "\r\n", $displayedErrors) ?>
</ol>
<hr style="background-color:#660000; color:#660000;">
<br>
<br>
<?
}
if ($delete)
{
?>
<div style="color:#CC0000; font-size:10pt; font-weight:500;
margin-bottom:20px;">
Are you sure you want to delete this record?
<br>
If so, click the "Confirm" button below. Otherwise, click the "Back"
button below to return.
</div>
<?
}
?>
<form name="record" method="post" onsubmit="return validate();">
<table style="width:400px;">
<tr>
<td class="label" style="width:150px;">
First Name
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personFirstName']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personFirstName"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personFirstName ?>"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
Middle Name
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personMiddleName']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personMiddleName"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personMiddleName ?>"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
Last Name
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personLastName']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personLastName"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personLastName ?>"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
User Name
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personUserName']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personUserName"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personUserName ?>"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
Password
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personPassword']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personPassword"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personPassword ?>"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
Password Confirmation
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personRePassword']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personRePassword"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personRePassword ?>"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
Email
<span style="color:#660000; font-size:10pt;"><?=
(isset($errors['personEmail']) ? '*' : '') ?></span>
</td>
<td colspan="2">
<input class="value"
name="personEmail"
maxlength="255"
type="text"
autocomplete="off"
value="<?= $personEmail ?>"
style="text-transform:lowercase;"
>
</td>
</tr>
<tr>
<td class="label" style="width:150px;">
Password Expired
</td>
<td colspan="2" style="text-align:left;">
<input name="personExpirePassword"
type="checkbox"
<?= ($personExpirePassword ? 'checked' : '') ?>
>
</td>
</tr>
<tr><td colspan="3"> </td></tr>
<tr><td colspan="3"> </td></tr>
</table>
<?
if ($delete)
{
?>
<input name="confirm" type="submit" style="cursor:'hand';
width:100px;" value="Confirm " onclick="skipValidation=true;">
<?
} else {
?>
<input name="<?= $action ?>" type="submit" style="cursor:'hand';
width:100px;" value="Save ">
<input name="delete" type="submit" style="cursor:'hand';
width:100px;" value="Delete " onclick="skipValidation=true;">
<?
}
?>
<input name="back" type="submit" style="cursor:'hand';
width:100px;" value="Back " onclick="skipValidation=true;">
<input name="id" type="hidden" value="<?= $id ?>">
<input name="method" type="hidden" value="put">
</form>
<script language="javascript">
record.personFirstName.focus();
record.personFirstName.select();
</script>
<?
echo $sessionFooter;
exit;
}

$lastSort = isset($_REQUEST['lastSort']) ?
$_REQUEST['lastSort'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort']
: 'LASTNAME';
$sortDirection = isset($_REQUEST['sortDirection']) ?
$_REQUEST['sortDirection'] : 'ASC';
if ($sort == $lastSort){ $sortDirection = $sortDirection == 'ASC' ? 'DESC' :
'ASC'; }
$lastSort = $sort;

$group = $_REQUEST['group'];
$page = $_REQUEST['page'];
$pages = $_REQUEST['pages'];
$recordsPerPage = $_REQUEST['recordsPerPage'];
if (!is_numeric($group)){ $group = 0; }
if (!is_numeric($page)){ $page = 1; }
if (!is_numeric($pages)){ $pages = 5; }
if (!is_numeric($recordsPerPage)){ $recordsPerPage = 10; }
$findIn = isset($_REQUEST['findIn']) ? $_REQUEST['findIn']
: '';
$find = isset($_REQUEST['find']) ? $_REQUEST['find']
: '';
$sql = "
SELECT COUNT(*) RecordCount
FROM people
";
if ($findIn && $find)
{
$sql .= "
WHERE UPPER(" . $findIn . ") LIKE UPPER('%" .
db::prepare($find) . "%')
";
}
unset($records);
$records = db::execute($sql);
$recordCount = $records[0]['RECORDCOUNT'];
$currentPage = $page;
$group = floor((($page - 1) * $recordsPerPage) / ($recordsPerPage *
$pages));
$navigation = array();
$page = $group * $pages + 1;
$lastPage = $page + $pages;
$maxPages = ceil($recordCount / $recordsPerPage);
$range = ($currentPage * $recordsPerPage) - $recordsPerPage;
if ($group)
{
$navigation[] = '<a class="navigation" href="?page=' . ($page - 1) .
'&sortDirection=' . $sortDirection . '&sort=' . $sort . '"
title="Previous"><<</a>';
}
for ($index = 0; $index < $pages; $index++)
{
$navigation[] = '<a class="navigation" href="?page=' . $page .
'&sortDirection=' . $sortDirection . '&sort=' . $sort . '" title="Page ' .
$page . '">' . $page. '</a>';
if ($page == $maxPages){ break; }
$page++;
}
if ($lastPage < $maxPages)
{
$navigation[] = '<a class="navigation" href="?page=' . $page .
'&sortDirection=' . $sortDirection . '&sort=' . $sort . '"
title="Next">>></a>';
}
$navigation[] = '<span style="color:#666666; padding-left:25px;
font-size:7.25pt;">[Page ' . $currentPage . ' of ' . $maxPages . ']</span>';
?>
<div style="float:right; margin-right:5px;">
<select name="findIn" class="input">
<option value="" <?= (!$findIn ? 'selected' :
'' ) ?>></option>
<option value="LASTNAME" <?= ($findIn == 'LASTNAME' ? 'selected' :
'' ) ?>>Last Name</option>
<option value="FIRSTNAME" <?= ($findIn == 'FIRSTNAME' ? 'selected' :
'' ) ?>>First Name</option>
<option value="MIDDLENAME" <?= ($findIn == 'MIDDLENAME' ? 'selected' :
'' ) ?>>Middle Name</option>
<option value="EMAIL" <?= ($findIn == 'EMAIL' ? 'selected' :
'' ) ?>>Email</option>
</select>
<input name="find" class="input" type="text" value="<?= $find ?>">
<input type="button" value="Find ..." onclick="return navigate('<?=
$_SERVER['PHP_SELF'] ?>', '1');">
</div>
<br clear="all">
<br>
<table style="width:730px;">
<th style="background-color:#336699; border-bottom:1px solid
lightsteelblue; padding:5px; text-align:center; width:100px;">
<a
class="menuItem"
href="<?= $_SERVER['PHP_SELF'] ?>?add=1"
style="background-color:#336699; border:none; color:white;
font-weight:600; text-decoration:underline;"
>Add Person</a>
</th>
<th
style="border-bottom:1px solid lightsteelblue; border-right:1px solid
lightsteelblue; cursor:pointer; font-size:8pt;"
title="Click to sort"
onclick="document.location='<?= $_SERVER['PHP_SELF'] ?>?lastSort=<?=
$lastSort ?>&sortDirection=<?= $sortDirection ?>&sort=LASTNAME'"
>Last Name</th>
<th
style="border-bottom:1px solid lightsteelblue; border-right:1px solid
lightsteelblue; cursor:pointer; font-size:8pt;"
title="Click to sort"
onclick="document.location='<?= $_SERVER['PHP_SELF'] ?>?lastSort=<?=
$lastSort ?>&sortDirection=<?= $sortDirection ?>&sort=FIRSTNAME'"
>First Name</th>
<th
style="border-bottom:1px solid lightsteelblue; border-right:1px solid
lightsteelblue; cursor:pointer; font-size:8pt;"
title="Click to sort"
onclick="document.location='<?= $_SERVER['PHP_SELF'] ?>?lastSort=<?=
$lastSort ?>&sortDirection=<?= $sortDirection ?>&sort=MIDDLENAME'"
>Middle Name</th>
<th
style="border-bottom:1px solid lightsteelblue; border-right:1px solid
lightsteelblue; cursor:pointer; font-size:8pt;"
title="Click to sort"
onclick="document.location='<?= $_SERVER['PHP_SELF'] ?>?lastSort=<?=
$lastSort ?>&sortDirection=<?= $sortDirection ?>&sort=EMAIL'"
>Email</th>
<?
$sql = "
SELECT Id ,
FirstName ,
MiddleName ,
LastName ,
UserName ,
Email
FROM people
";
if ($findIn && $find)
{
$sql .= "
WHERE UPPER(" . $findIn . ") LIKE UPPER('%" .
db::prepare($find) . "%')
";
}
$sql .= "
ORDER BY " . $sort . " " . $sortDirection . "
LIMIT " . $range . ", " . $recordsPerPage . "
";
unset($records);
$records = db::execute($sql);
foreach ($records as $record)
{
$color = $color == 'white' ? '#EEEEEE' : 'white';
$description = trim($record['LASTNAME'] . ', ' . $record['FIRSTNAME'] . '
' . substr($record['MIDDLENAME'], 0, 1));
?>
<tr>
<td style="background-color:<?= $color ?>; font-size:8pt;
text-align:right;">
<a
class="menuItem"
href="<?= $_SERVER['PHP_SELF']?>?edit=1&id=<?= $record['ID'] ?>"
style="background-color:<?= $color ?>; font-size:7.25pt;
font-weight:normal; text-decoration:underline; white-space:nowrap;"
title="EDIT [ <?= $description ?> ]"
>Edit ▷</a>
<br>
<a
class="menuItem"
href="<?= $_SERVER['PHP_SELF']?>?edit=1&delete=1&id=<?=
$record['ID'] ?>"
style="background-color:<?= $color ?>; font-size:7.25pt;
font-weight:normal; text-decoration:underline; white-space:nowrap;"
title="DELETE [ <?= $description ?> ]"
>Delete ▷</a>
</td>
<td style="background-color:<?= $color ?>; width:150px;
text-align:left;"><?= $record['LASTNAME'] ?></td>
<td style="background-color:<?= $color ?>; font-size:8pt;
text-align:left;"><?= $record['FIRSTNAME'] ?></td>
<td style="background-color:<?= $color ?>; font-size:8pt;
text-align:left;"><?= $record['MIDDLENAME'] ?></td>
<td style="background-color:<?= $color ?>; font-size:8pt;"><?=
$record['EMAIL'] ?></td>
</tr>
<?
}
?>
</table>
<br>
<hr>
<br>
<?
if (!count($records))
{
echo 'There are currently no records to display.';
} else {
?>
<div style="float:right; margin-right:15px;">
<?
echo implode("\r\n", $navigation);
?>
</div>
<br clear="all">
<br>
<?
}
echo $sessionFooter;
?>

Hi Steve,

> rather than give a lecture on
> how to google

To be honest---I know HTML, and that is pretty much all. I can tweak
some portions of Javascript and Coldfusion but not much. I do this as a
hobby, not professionally, and I had to get help to create the original
CGI scripts---that now have to be replaced. I would actually
*appreciate* it if you could give me some search-terms for Google (or a
lecture) so I could find examples for guidance and tutoring to set up
this "database."


> and given that you refrained quite nicely from firing back
> with 'fuck off'

I read your sentence wondering if I was a spammer and I realized that
my original post DID sound like I wanted to collect email addresses for
malicious purposes. Besides, I need your help. If you have a suspicion,
it is easier to clear up the issue in a friendly manner rather than
write "fuck-off" to the people whose help I came searching for! ;)



> i'm sure your love
> of spammers has fostered your understanding of my reluctance to further the
> cause.

I agree completely with you. I hate spammers. I had to take the
Guestbook on campbarbee.com offline about two weeks ago because we
received more spam in six hours than I received legitimate messages in
two years. That's just wrong.

There's got to be a lawyer somewhere who can figure out how to make a
profit by suing spammers out of existence.



> here are some supporting files (assumes php 5)...you'll need to clean up the
> text-wrapping, and i typed the example at the bottom without testing...you
> may get syntax errors from php if i forgot something.


Thank you! I'll get started immediately!

"Webmaster of campbarbee.com" < [at] > wrote in message
news:jaqdnaGe6vmL6pjbnZ2dnUVZ_u-unZ2d [at] comcast.com...
| Hi Steve,
|
| > rather than give a lecture on
| > how to google
|
| To be honest---I know HTML, and that is pretty much all. I can tweak
| some portions of Javascript and Coldfusion but not much. I do this as a
| hobby, not professionally, and I had to get help to create the original
| CGI scripts---that now have to be replaced. I would actually
| *appreciate* it if you could give me some search-terms for Google (or a
| lecture) so I could find examples for guidance and tutoring to set up
| this "database."

if you want to use php for this, start all searches with 'php'. php.net is
great for examples, functional references, etc.. the rest just depends on
what you are wanting to do.


| > and given that you refrained quite nicely from firing back
| > with 'fuck off'
|
| I read your sentence wondering if I was a spammer and I realized that
| my original post DID sound like I wanted to collect email addresses for
| malicious purposes. Besides, I need your help. If you have a suspicion,
| it is easier to clear up the issue in a friendly manner rather than
| write "fuck-off" to the people whose help I came searching for! ;)

;^)

but you'd be suprised at how many do...even though i'm quite short with
those just being lazy (where it is probably slightly warranted on their
part).

| > i'm sure your love
| > of spammers has fostered your understanding of my reluctance to further
the
| > cause.
|
| I agree completely with you. I hate spammers. I had to take the
| Guestbook on campbarbee.com offline about two weeks ago because we
| received more spam in six hours than I received legitimate messages in
| two years. That's just wrong.
|
| There's got to be a lawyer somewhere who can figure out how to make a
| profit by suing spammers out of existence.

any lawyer will do, though you have to provide most of the evidence and hope
their hosting isp coughs up account info on the offender. otherwise, you can
only ask the isp to kick the account...which they are happy to do. problem
is, they just get another provider or have someone else create an account.

| > here are some supporting files (assumes php 5)...you'll need to clean up
the
| > text-wrapping, and i typed the example at the bottom without
testing...you
| > may get syntax errors from php if i forgot something.
|
|
| Thank you! I'll get started immediately!

well, it really wasn't what you wanted since i re-read your op. i hope the
other code i posted helps as well.

Hi Steve,

> you need to create an account for each of them. you need to be able to allow
> those posting their email to select specifically to whom they'd like to
> share their address or whether they'd like it made public (as limited to
> only others who have accounts).

I would **LOVE** to provide security and personal accounts for the
audience!


> if you have no idea how to do this, i'd be happy to post a couple of pages
> of code that integrates security.

Yes, please!

Steve wrote:

>
> "Phil Buchman" < [at] > wrote in message
> news:qJmdndg8I_-bLJnbnZ2dnUVZ_qupnZ2d [at] comcast.com...
> > Hi Everyone,
> >
> > I am looking for a PHP file that can create and provide service to
> > a quick and easy database (even a TXT file will suffice rather
> > than a CSV or an XLS) to contain user-submitted data. There would
> > be three catagories of data: First Name, Last Name, and Email
> > Address.
> >
> > I got a tip that one existed on http://www.cobra-scripts.com but I
> > didn't see it.
> >
> > Does anyone know where I can get a PHP like that, or one that is
> > close enough and can be modified?
>
> csv and xls are text files. xls is a stylization for xml (which is
> probably what you meant).

Not quite. XLS is a Excel Spreadsheet (which, in a way, can contain
information much like a CSV file does), while XSL is stylization for
XML. Big difference.

--
Kim André Akerø
- kimandre [at] NOSPAMbetadome.com
(remove NOSPAM to contact me directly)

| > csv and xls are text files. xls is a stylization for xml (which is
| > probably what you meant).
|
| Not quite. XLS is a Excel Spreadsheet (which, in a way, can contain
| information much like a CSV file does), while XSL is stylization for
| XML. Big difference.

yes, and i already explained my dislexia and duely appologized for the
oversite...but thanks for the lesson. ;^)

| > if you have no idea how to do this, i'd be happy to post a couple of
pages
| > of code that integrates security.
|
| Yes, please!

ok, well i just posted the email class and gave a script for maintaing
'people'. here is a configuration script that is included in every page.
i'll post the subsequent scripts it includes as replies to this post.

======= site.cfg.php

<?
ini_set('error_reporting' , E_ERROR & E_WARNING );
ini_set('display_errors' , true );
ini_set('max_execution_time' , 0 );
ini_set('memory_limit' , '100M' );

session_start();

// site basic information

$rootDirectory = '/var/www/html/demo/';

require_once $rootDirectory . 'classes/application.class.php';

$site = application::getInstance();
$site->rootDirectory = $rootDirectory;
$site->uri = 'http' . ($securityEnabled ? 's' : '') .
'://' . $_SERVER['HTTP_HOST'];
$site->uri = 'http://' . $_SERVER['HTTP_HOST'] . '/';
$site->uploadBaseDirectory = $site->rootDirectory . 'data/';
$site->mailDropDirectory = $site->rootDirectory . 'data/mail/';
$site->adminEmail = 'Web Administrator <some.one [at] example.com>';

$site->title = 'Your Web Site';
$site->description = 'A Sample Of PHP In Action';

$site->currentPage = basename($_SERVER['PHP_SELF']);

$site->classDirectory = $site->rootDirectory . 'classes/';
$site->cssDirectory = $site->uri . 'css/';
$site->errorLogFile = $site->rootDirectory . $siteHost .
'.errors.log';
$site->fontDirectory = '/var/www/fonts/';
$site->homePage = $site->uri . 'index.php';
$site->host = 'Progress Rail Services';
$site->htdocsDirectory = $site->rootDirectory;
$site->imagesDirectory = $site->uri . 'images/';
$site->includeDirectory = $site->rootDirectory . 'inc/';
$site->jscriptDirectory = $site->uri . 'jscript/';
$site->logo = $site->imagesDirectory . 'logo.jpg';
$site->PopUpAttributes = 'dependent,height=475,width=600'; //
"channelmode=no,directories=no,fullscreen=no,location=no,men ubar=no,resizable=no,status=no,titlebar=no,toolbar=no,";

// common php functionality

require_once $site->includeDirectory . 'functions.inc.php';

// source code security

$enableContextMenu = true;

// site database information

require_once $site->classDirectory . 'db.class.php';
try
{
db::connect('localhost', 'someUser', 'somePassword', 'yourDb');

} catch (exception $ex) {
print "<pre>\r\n" . $ex->getMessage() . "\r\n" .
' in file ' . $ex->getFile() . "\r\n" .
' on line ' . $ex->getLine() . "\r\n" .
'</pre>';
}

// site notifcations

$emailNotify['TO'] = $site->adminEmail;
$emailNotify['CC'] = $site->adminEmail;
$emailNotify['BCC'] = '';

// archives

$wsArchive = 'error.log.xml';

// get relative font sizes for the browser if not set

require_once $site->classDirectory . 'browser.class.php';

$browser = browser::getInstance();
$sessionFonts = $browser->getFonts();

// user interaction

$logOut = isset($_REQUEST['logOut']);

if ($logOut)
{
$userName = '';
$userPassword = '';
$userVerified = false;
$_SESSION['securityAttempts'] = 0;
$_SESSION['userName'] = '';
$_SESSION['userPassword'] = '';
$_SESSION['userFullName'] = '';
header('location:' . $site->uri);
exit;
}

$userName = $_SESSION['userName'];
$userPassword = $_SESSION['userPassword'];
$userFullName = $_SESSION['userFullName'];

$site->lastSecurityCode = $_SESSION['securityCode'];
$alphabet = '2347ACEFHJKLMNPRTWXYZ'; // removed 0, 1, I,
O, Q, D, 8, 9, B, 5, S, 6, G, U, V - look too similar
$alphabetLength = strlen($alphabet) - 1;
$site->securityCode = '';
for ($i = 0; $i < 6; $i++)
{
$site->securityCode .= $alphabet[mt_rand(0, $alphabetLength)];
}
$_SESSION['securityCode'] = strtoupper($site->securityCode);
if (!isset($site->lastSecurityCode)){ $site->lastSecurityCode =
$_SESSION['securityCode']; }
?>

===== application.class.php

<?
class application
{
static private $_instance = null;

static public $adminEmail = '';
static public $classDirectory = '';
static public $cssDirectory = '';
static public $currentPage = '';
static public $description = '';
static public $errorLogFile = '';
static public $fontDirectory = '';
static public $homePage = '';
static public $host = '';
static public $htdocsDirectory = '';
static public $imagesDirectory = '';
static public $includeDirectory = '';
static public $jscriptDirectory = '';
static public $lastSecurityCode = '';
static public $logo = '';
static public $mailDropDirectory = '';
static public $popUpAttributes = '';
static public $rootDirectory = '';
static public $securityCode = '';
static public $title = '';
static public $uploadBaseDirectory = '';
static public $uri = '';

private function __clone(){}

private function __construct(){}

static function getInstance()
{
if (is_null(self::$_instance)){ self::$_instance = new application(); }
return self::$_instance;
}
}
?>

========== browser.class.php

<?
class browser
{
const LINUX = 0;
const MACINTOSH = 1;
const OTHER = 2;
const UNIX = 4;
const WINDOWS = 8;

const IE = 16;
const NETSCAPE = 32;
const OPERA = 64;

static private $_properties = array();
static private $_instance = null;

private function __clone(){}

private function __construct()
{
$userAgent = $_SERVER['HTTP_USER_AGENT'];
switch (true)
{
case strstr($userAgent, 'Linux') : self::$_properties['PLATFORM'] =
LINUX; break;
case strstr($userAgent, 'Mac') : self::$_properties['PLATFORM'] =
MACINTOSH; break;
case strstr($userAgent, 'Unix') : self::$_properties['PLATFORM'] =
UNIX; break;
case strstr($userAgent, 'Win') : self::$_properties['PLATFORM'] =
WINDOWS; break;
default : self::$_properties['PLATFORM'] =
OTHER; break;
}
switch (true)
{
case ereg('MSIE ([0-9].[0-9]{1,2})' , $userAgent, $version) :
self::$_properties['AGENT'] = IE; break;
case ereg('Mozilla/([0-9].[0-9]{1,2})', $userAgent, $version) :
self::$_properties['AGENT'] = NETSCAPE; break;
case ereg('Opera ([0-9].[0-9]{1,2})' , $userAgent, $version) :
self::$_properties['AGENT'] = OPERA; break;
default :
self::$_properties['AGENT'] = OTHER; break;
}
self::$_properties['VERSION'] = $version[1] != '' ? $version[1] : 0;
switch (true)
{
case self::$_properties['PLATFORM'] == WINDOWS:
if (self::$_properties['AGENT'] == IE)
{
self::$_properties['FONT']['LARGEST'] = 'medium';
self::$_properties['FONT']['LARGE'] = 'small';
self::$_properties['FONT']['NORMAL'] = 'x-small';
self::$_properties['FONT']['SMALL'] = 'xx-small';
self::$_properties['FONT']['SMALLEST'] = '7pt';
}
else
{
self::$_properties['FONT']['LARGEST'] = 'large';
self::$_properties['FONT']['LARGE'] = 'medium';
self::$_properties['FONT']['NORMAL'] = 'small';
self::$_properties['FONT']['SMALL'] = 'x-small';
self::$_properties['FONT']['SMALLEST'] = 'xx-small';
}
break;
case self::$_properties['PLATFORM'] == MACINTOSH:
self::$_properties['FONT']['LARGEST'] = 'x-large';
self::$_properties['FONT']['LARGE'] = 'large';
self::$_properties['FONT']['NORMAL'] = 'medium';
self::$_properties['FONT']['SMALL'] = 'small';
self::$_properties['FONT']['SMALLEST'] = 'x-small';
break;
default:
self::$_properties['FONT']['LARGEST'] = 'large';
self::$_properties['FONT']['LARGE'] = 'medium';
self::$_properties['FONT']['NORMAL'] = 'small';
self::$_properties['FONT']['SMALL'] = 'x-small';
self::$_properties['FONT']['SMALLEST'] = 'xx-small';
break;
}
}

static function getInstance()
{
if (is_null(self::$_instance)){ self::$_instance = new browser(); }
return self::$_instance;
}

static function getProperties(){ return self::$_properties; }

static function getFonts($size = '')
{
$size = strtoupper($size);
if ($size == ''){ return self::$_properties['FONT']; }
if (!array_key_exists($size, self::$_properties['FONT'])){ $size =
'NORMAL'; }
return self::$_properties['FONT'][$size];
}
}
?>

| > if you have no idea how to do this, i'd be happy to post a couple of
pages
| > of code that integrates security.
|
| Yes, please!

site.cfg.php is required by every page. this next script is used most of the
time but not always. it sets up the basic look/feel of the site...if the
$securityEnable variable is set, then the page including this script will
only be accessible via a login. you will want to modify the header and
footer to suit your needs...just keep the logic entact.

======= header.inc.php

<?
require_once 'relative.path.php';
require_once $relativePath . 'site.cfg.php';
$showHeader = isset($showHeader) ? $showHeader : true;
$fullHeader = isset($fullHeader) ? $fullHeader : true;
$outputMenu = isset($outputMenu) ? $outputMenu : true;
$sessionHeader = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01
Transitional//EN\">
\r\n";
$sessionHeader .= "<html>
\r\n";
$sessionHeader .= " <head>
\r\n";
$sessionHeader .= " <title>$pageTitle</title>
\r\n";
$sessionHeader .= " <meta http-equiv=\"content-type\"
content=\"text/html; charset=iso-8859-1\">
\r\n";
$sessionHeader .= " <meta name=\"description\"
content=\"$listDescription\">
\r\n";
$sessionHeader .= " <meta name=\"keywords\" content=\"$listKeywords\">
\r\n";
$sessionHeader .= " <link rel=\"stylesheet\" type=\"text/css\" href=\"" .
$site->cssDirectory . "base.css.php" . "\"> \r\n";
$sessionHeader .= " <script type=\"text/javascript\" src=\"" .
$site->jscriptDirectory . "standard.js" . "\"></script>
\r\n";
$sessionHeader .= " </head>
\r\n";
if (!$enableContextMenu)
{
$sessionHeader .= " <script language=\"javascript\">
\r\n";
$sessionHeader .= " document.onmousedown=clickFilter;
\r\n";
$sessionHeader .= " document.onmouseup=clickFilter;
\r\n";
$sessionHeader .= " if (document.layers)
window.captureEvents(Event.MOUSEDOWN);
\r\n";
$sessionHeader .= " if (document.layers)
window.captureEvents(Event.MOUSEUP);
\r\n";
$sessionHeader .= " window.onmousedown=clickFilter;
\r\n";
$sessionHeader .= " window.onmouseup=clickFilter;
\r\n";
$sessionHeader .= " document.oncontextmenu=new Function('return
false;') \r\n";
$sessionHeader .= " </script>
\r\n";
}
$sessionHeader .= " <body>
\r\n";
$sessionHeader .= " <!----- start page header -----!>
\r\n";
if ($securityEnabled)
{
require_once $site->includeDirectory . 'security.inc.php';
$sessionHeader .= " <head>
\r\n";
$sessionHeader .= " <meta forua=\"true\"
http-equiv=\"cache-control\" content=\"no-cache, must-revalidate\">
\r\n";
$sessionHeader .= " <meta forua=\"true\" http-equiv=\"expires\"
content=\"-1\"> \r\n";
$sessionHeader .= " <meta forua=\"true\" http-equiv=\"pragma\"
content=\"no-cache\"> \r\n";
$sessionHeader .= " </head>
\r\n";
}
$sessionHeader .= " <div class=\"body\" style=\"background-image:url("
.. $site->imagesDirectory . 'background.jpg' . ");\"> \r\n";
if ($fullHeader)
{
$sessionHeader .= " <div style=\"background:white no-repeat url(" .
$site->imagesDirectory . 'header.jpg' . "); height:270px; margin-left:20px;
margin-right:20px; padding-top:270px; width:790px;\">\r\n";
} else {
$sessionHeader .= " <div style=\"background:white no-repeat url(" .
$site->imagesDirectory . 'header.jpg' . "); height:100px; margin-left:20px;
margin-right:20px; padding-top:100px; width:790px;\">\r\n";
}
$menuItems = array();
if ($userVerified && $outputMenu)
{
$menuItems = array(
'Dashboard' => $site->uri ,
'Create Report' => $site->uri . '?' ,
'Edit Profile' => $site->uri . '?' ,
'Help' => $site->uri . '?' ,
'Log Out' => $site->uri . '?logOut=yes'
);
$sessionHeader .= " <div style=\"padding-right:2px;
position:absolute; top:88px; width:800px;\">
\r\n";
foreach ($menuItems as $description => $uri)
{
$style = $description == 'Log Out' ? 'style="float:right;
margin-right:5px;"' : 'style="float:left; margin-left:8px"';
$sessionHeader .= " <span " . $style . ">
\r\n";
$sessionHeader .= " <a class=\"topMenu\" href=\"" . $uri .
"\"><span class=\"menuItem\" style=\"border:solid 1px white;
width:100px;\">" . $description . "</span></a>\r\n";
$sessionHeader .= " </span>
\r\n";
}
$sessionHeader .= " </div>
\r\n";
}
$sessionHeader .= " <!----- end page header -----!>
\r\n";
$sessionHeader .= " <div class=\"pageContent\">
\r\n";
$sessionHeader .= " <!----- start page content -----!>
\r\n";
$sessionHeader .= "
\r\n\r\n";
$sessionFooter = "
\r\n\r\n";
$sessionFooter .= " <!----- end page content -----!>
\r\n";
$sessionFooter .= " <!----- start page footer -----!>
\r\n";
$sessionFooter .= " <br clear=\"all\">
\r\n";
$sessionFooter .= " <div class=\"footer\"
style=\"background-image:url(" . $site->imagesDirectory . 'border.jpg' . ");
width:790px;\"> \r\n";
$sessionFooter .= " <span style=\"color:gray; float:left;
padding-top:15px;\">© " . date('Y') . " Summit Consulting Int'l,
Inc.</span> \r\n";
if ($userVerified && $outputMenu)
{
$menuItems = array_reverse($menuItems);
foreach ($menuItems as $description => $uri)
{
$sessionFooter .= " <span style=\"float:right; font-size:8pt;
padding-right:10px; padding-top:15px;\"> \r\n";
$sessionFooter .= " <a class=\"menuItem\" href=\"" . $uri .
"\" style=\"background-color:white; border-bottom:none; border-top:none;
color:gray; padding-left:5px; padding-right:5px;\">" . $description .
"</a>\r\n";
$sessionFooter .= " </span>
\r\n";
}
}
$sessionFooter .= " </div>
\r\n";
$sessionFooter .= " <!----- end page footer -----!>
\r\n";
$sessionFooter .= " </div>
\r\n";
$sessionFooter .= " </div>
\r\n";
$sessionFooter .= " </div>
\r\n";
$sessionFooter .= " </body>
\r\n";
$sessionFooter .= "</html>
\r\n";
if ($showHeader){ echo $sessionHeader; }
siteTracking($site->currentPage, $userName);
?>

this script is a general function script included by the header.inc.php
script.

======= functions.inc.php

<?
require_once 'relative.path.php';
require_once $relativePath . 'site.cfg.php';

function accountingDate($date)
{
$date = strtotime($date);
$newDate = mktime(0, 0, 0, date('m', $date), date('d', $date) - 1,
date('Y', $date));
if (date('Hi', $date) < '0630') { $date = $newDate; }
return strtotime(date('m/d/Y', $date));
}

function dateDiff($firstDate, $secondDate, $interval = 'd')
{
$diff = abs($firstDate - $secondDate);
switch ($interval)
{
case 'w': return floor($diff / 604800); break;
case 'd': return floor($diff / 86400); break;
case 'h': return floor($diff / 3600); break;
case 'n': return floor($diff / 60); break;
case 's': return $diff; break;
}
}

function formatBytes($bytes)
{
if (!is_numeric($bytes)){ $bytes = 0; }
if ($bytes < 0){ $bytes = 0; }
$format = array( 'B', 'KB', 'MB', 'GB', 'TB');
$values = array( 0, 1024, 1048576, 1073741824, 1099511627776);
$i = floor(log($bytes)/6.9314718055994530941723212145818);
if ($values[$i] == 0){ return '0 B'; }
return number_format(round($bytes / $values[$i])) . ' ' . $format[$i];
}

function getMultipleSegments($segment, $xml)
{
$pattern = "/<(" . $segment . ")>(.*?)<\/\\1>/si";
preg_match_all($pattern, $xml, $matches);
foreach ($matches[2] as $content)
{
$output[] = $content;
}
return $output;
}

function getMultipleSegmentNames($xml)
{
$output = array();
$pattern = "/<([^>]+)>.*?<\/\\1>/si";
preg_match_all($pattern, $xml, $matches);
foreach ($matches[1] as $content)
{
$output[] = $content;
}
return $output;
}

function getSegmentValue($xml, $emptyDefault = '')
{
$pattern = "/<([^>]+)>(.*?)<\/\\1>/si";
preg_match($pattern, $xml, $match);
$value = $match[2];
if ($value == ''){ $value = $emptyDefault; }
return htmlDecode($value);
}

function getSetting($db, $scope, $context, $label)
{
$sql = "
SELECT Value
FROM settings
WHERE LOWER(Scope) = LOWER('" .
$db->prepare($scope) . "')
AND LOWER(Context) = LOWER('" .
$db->prepare($context) . "')
AND LOWER(Label) = LOWER('" .
$db->prepare($label) . "')
";
unset($records);
$records = $db->execute($sql);
return $records[0]['VALUE'];
}

function getSingleSegment($segment, $xml)
{
$output = '';
$pattern = "/<(" . $segment . ")>(.*?)<\/\\1>/si";
preg_match_all($pattern, $xml, $matches);
foreach ($matches[0] as $content)
{
$output .= $content;
}
return $output;
}

function getSingleSegmentName($xml)
{
$output = '';
$pattern = "/<([^>]+)>.*?<\/\\1>/si";
preg_match($pattern, $xml, $match);
return $match[1];
}

function getXml($appId, $company, $client, $xml)
{
$params = array(
'appid' => $appId,
'company' => $company,
'records' => $xml
);
$client->call('sendData', $params);
return getSingleSegment("ROOT", htmlDecode($client->response));
}

function htmlDecode($string)
{
$translation = get_html_translation_table(HTML_ENTITIES);
$translation = array_flip($translation);
$string = strtr($string, $translation);
return $string;
}

function htmlEncode($string)
{
$translation = get_html_translation_table(HTML_ENTITIES);
$string = strtr($string, $translation);
return $string;
}

function isEmail($email)
{
if (!$email){ return false; }
$pattern =
"/^((\"[^\"]*?\")|([^\(\)\<\> \ [at] \,\;\:\\\"\[\]\s\*\/]+)) [at] (\[((25[0-5]|2[0-4][0-9]|1[0-9][0 -9]|[1-9][0-9]|[0-9])\.){3}|((([a-zA-Z0-9\-]+)\.)+))([a-zA-Z ]{2,}|(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\])$ /si";
return preg_match($pattern, $email);
}

function isSupportedImage($description)
{
$description = strtolower($description);
$supportedExtensions = array (
'bmp' ,
'gif' ,
'jpg' ,
'jpeg' ,
'png' ,
'tif' ,
'tiff'
);
foreach ($supportedExtensions as $extension)
{
if (substr($description, -1 * strlen($extension)) == $extension){ return
true; }
}
return false;
}

function isSupportedMedia($description)
{
$description = strtolower($description);
$supportedExtensions = array (
'aif' ,
'aifc' ,
'aiff' ,
'asf' ,
'au' ,
'avi' ,
'cda' ,
'dvr-ms' ,
'm1v' ,
'mid' ,
'midi' ,
'mpa' ,
'mpe' ,
'mpeg' ,
'mpg' ,
'mp2' ,
'mp3' ,
'rmi' ,
'snd' ,
'vob' ,
'wav' ,
'wm' ,
'wma' ,
'wmv'
);
foreach ($supportedExtensions as $extension)
{
if (substr($description, -1 * strlen($extension)) == $extension){ return
true; }
}
return false;
}

function permission($string)
{
$permission = array(
'USER' => array(
'READ' => false ,
'WRITE' => false
),
'GROUP' => array(
'READ' => false ,
'WRITE' => false
),
'OTHER' => array(
'READ' => false ,
'WRITE' => false
)
);
$string = str_pad($string, 8, '-');
$permission['USER']['READ'] = [at] substr($string, 0, 1) == 'r' ? true :
false;
$permission['USER']['WRITE'] = [at] substr($string, 1, 1) == 'w' ? true :
false;
$permission['GROUP']['READ'] = [at] substr($string, 3, 1) == 'r' ? true :
false;
$permission['GROUP']['WRITE'] = [at] substr($string, 4, 1) == 'w' ? true :
false;
$permission['OTHER']['READ'] = [at] substr($string, 6, 1) == 'r' ? true :
false;
$permission['OTHER']['WRITE'] = [at] substr($string, 7, 1) == 'w' ? true :
false;
return $permission;
}

function prepare($string)
{
htmlEncode($string);
$string = str_replace("'", "''", $string);
return $string;
}

function siteTracking($page, $user)
{
$ip = '';
if (!$ip = $_SERVER['HTTP_CLIENT_IP'])
{
if (!$ip = $_SERVER['HTTP_X_FORWARDED_FOR'])
{
if (!$ip = $_SERVER['REMOTE_ADDR']){ $ip = 'UNKNOWN'; }
}
}
$sql = "
INSERT INTO siteTracking
(
Page ,
IpAddress ,
UserName ,
Stamp
)
VALUES
(
'" . $page . "' ,
'" . $ip . "' ,
'" . $user . "' ,
'" . date('Y-m-d H:i:s') . "'
)
";
db::execute($sql);
}
?>

now here's the most important one...

======== security.inc.php

<?
header('pragma: public' );
header('expires: 0' );
header('cache-control: private', false );
header('cache-control: must-revalidate, post-check=0, pre-check=0' );
if (!isset($pageTitle)){ $pageTitle = 'Authorization Required'; }
$logIn = isset($_POST['logIn']);
$logOut = isset($_REQUEST['logOut']);
$refresh = isset($_POST['refresh']);
$_SESSION['securityAttempts'] = $_SESSION['securityAttempts'] == '' ? 0 :
$_SESSION['securityAttempts'];
$securityCode = isset($_POST['securityCode']) ?
$_POST['securityCode'] : '';
$userPassword = isset($_POST['userPassword']) ?
$_POST['userPassword'] : $_SESSION['userPassword'];
$userName = isset($_POST['userName']) ?
$_POST['userName'] : $_SESSION['userName'];
$userVerified = false;
$_SESSION['userId'] = 0;
$sql = "
SELECT Id ,
CONCAT(
FirstName ,
' ' ,
LastName
)
Description
FROM people
WHERE LOWER(UserName) = LOWER('"
.. $userName . "')
AND LOWER(Password) = LOWER('"
.. $userPassword . "')
";
$records = $db->execute($sql);
$userFullName = $records[0]['DESCRIPTION'];
$chancesLeft = 2 - $_SESSION['securityAttempts'];
$securityCode = strtoupper($securityCode);
$logInMessage = 'Please Log In';
$isSecure = count($records) && ($logIn ? $securityCode
== $site->lastSecurityCode : !$logOut);
if (!$isSecure)
{
setcookie('userFullName' , '');
setcookie('userName' , '');
setcookie('userPassword' , '');
setcookie('userVerified' , '');
unset($userFullName);
unset($userName);
unset($userPassword);
echo $sessionHeader;
if ($chancesLeft < 1)
{
require_once $site->classDirectory . 'isp.class.php';
$isp = new isp();
$userFullName = '';
$userName = '';
$userPassword = '';
?>
<hr>
<br>
<br>
<font style="color:#990000; font-weight:bold;">Unauthorized Access Not
Permitted</font>
<br>
<br>
Your IP address and all related internet traffic is being monitored and
logged. If this is a mistake, please
notify the <a href="mailto:<?= $site->adminEmail ?>" title="Web
Administrator">Web Administrator</a> of your
need of assistance. Continued attempts from your IP address to login will be
seen as an effort to compromise
this site's security - which we simply will not tolerate.
<br>
<br>
<hr>
<br>
<table>
<tr>
<td style="font-weight:bold">Your IP</td>
<td><?= $isp->clientIp ?></td>
</tr>
<tr>
<td style="font-weight:bold">Your ISP</td>
<td><?= $isp->name ?></td>
</tr>
<tr>
<td style="font-weight:bold">Address</td>
<td><?= $isp->address ?></td>
</tr>
<tr>
<td style="font-weight:bold">City</td>
<td><?= $isp->city ?></td>
</tr>
<tr>
<td style="font-weight:bold">State / Province</td>
<td><?= $isp->state ?></td>
</tr>
<tr>
<td style="font-weight:bold">Postal Code</td>
<td><?= $isp->zip ?></td>
</tr>
<tr>
<td style="font-weight:bold">Country</td>
<td><?= $isp->country ?></td>
</tr>
<tr>
<td style="font-weight:bold">Phone</td>
<td><?= $isp->phone ?></td>
</tr>
<tr>
<td style="font-weight:bold">Email</td>
<td><?= $isp->email ?></td>
</tr>
</table>
<br>
<hr>
<br>
<?
echo $sessionFooter;
exit;
}
if ($logIn)
{
$_SESSION['securityAttempts']++;
$logInMessage = '<font style="color:#990000;">';
$logInMessage .= $securityCode == $site->lastSecurityCode ? ' Invalid
User Name/Password' : ' Invalid Security Code';
$logInMessage .= ' - You have ' . $chancesLeft . ' chance' .
($chancesLeft == 1 ? '' : 's') . ' left';
$logInMessage .= '</font>';
}
if ($refresh || $logIn || !$isSecure)
{
?>
<br>
<hr>
<br>
<span style="color:'#990000'; font-size:'<?= $sessionFonts["LARGEST"] ?>';
font-weight:bold;">
<i><?= $logInMessage ?></i>
</span>
<hr>
<br>
Please enter your User Name (i.e. jdoe, alincoln)
<br>
<br>
<br>
<form method="post" name="logIn" action="<?= $_SERVER['PHP_SELF'] ?>">
<table>
<tr>
<td style="width:150px;"><span class="label">User Name</span></td>
<td>
<input class="value" name="userName" type="text" autocomplete="off">
</td>
</tr>
<tr>
<td style="width:150px;"><span class="label">Password</span></td>
<td>
<input class="value" name="userPassword" type="password"
autocomplete="off">
</td>
</tr>
<tr>
<td style="width:150px;"><span class="label">Security Code</span></td>
<td>
<input class="value" name="securityCode"
style="text-transform:uppercase;" type="text" autocomplete="off">
</td>
</tr>
<tr><td colspan="2"> </td></tr>
<tr>
<td colspan="2"><img alt="Loading security code ..." title="Security
Code" src="<?= $site->uri ?>get.security.image.php"></td>
</tr>
</table>
<br>
<br>
<input type="submit" name="logIn" style="cursor:'hand';"
value="Continue  ▷">
<input type="submit" name="refresh" style="cursor:'hand';"
value="Refresh  ▷">
</form>
<hr>
<a href="<?= $site->uri ?>maint/my.account.php?add=1">I don't have an
account yet</a>
<br>
<br>
<a href="<?= $site->uri ?>maint/forgot.account.php">I forgot my login
information</a>
<br>
<hr>
<br>
<script language="javascript">
logIn.userName.focus();
logIn.userName.select();
</script>
<?
echo $sessionFooter;
exit;
}
}
$userVerified = true;
$_SESSION['securityAttempts'] = 0;
$_SESSION['userFullName'] = $userFullName;
$_SESSION['userId'] = $records[0]['ID'];
$_SESSION['userName'] = $userName;
$_SESSION['userPassword'] = $userPassword;
$_SESSION['userVerified'] = $userVerified;
?>

security.inc.php conditionally requires this script...

======== isp.class.php

<?
class isp
{
public $address = '';
public $city = '';
public $clientIp = '';
public $country = '';
public $email = '';
public $name = '';
public $phone = '';
public $state = '';
public $zip = '';

private function __clone(){}

public function __construct($ip = '')
{
if (!$ip)
{
if (!$ip = $_SERVER['HTTP_CLIENT_IP'])
{
if (!$ip = $_SERVER['HTTP_X_FORWARDED_FOR'])
{
if (!$ip = $_SERVER['REMOTE_ADDR']){ $ip = ''; }
}
}
}
$this->clientIp = $ip;
$query =
file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?query input=$ip");
if(strstr($query, "No match")){ return; }
$this->name = $this->getSegment('OrgName:', $query);
if ($isp->isp == '')
{
$href = preg_match('/HREF="([^"]*)"/', $query, $uri);
$href = 'http://ws.arin.net' . $uri[1];
$query = file_get_contents($href);
}

$this->address = strtoupper($this->getSegment('Address:' ,
$query));
$this->city = strtoupper($this->getSegment('City:' ,
$query));
$this->country = strtoupper($this->getSegment('Country:' ,
$query));
$this->email = strtolower($this->getSegment('OrgAbuseEmail:' ,
$query));
$this->name = strtoupper($this->getSegment('OrgName:' ,
$query));
$this->phone = strtoupper($this->getSegment('OrgAbusePhone:' ,
$query));
$this->state = strtoupper($this->getSegment('StateProv:' ,
$query));
$this->zip = strtoupper($this->getSegment('PostalCode:' ,
$query));
}

private function getSegment($segment, $source)
{
$pattern = '/' . $segment . '([^\n]*)\n/i';
$segment = preg_match($pattern, $source, $matches);
$segment = preg_replace('/<[^>]*>/', '', $matches[1]);
return $segment;
}
}
?>

security.inc.php creates a dynamic image with an overlay of text (i'm sure
you've seen this before). here's how it's done...


====== get.security.image.php

<?
require_once 'relative.path.php';
require_once $relativePath . 'site.cfg.php';
require_once $site->classDirectory . 'security.image.class.php';
$image = new securityImage($site->securityCode, $site->rootDirectory .
'images/security.image.jpg');
$image->create(securityImageConstants::PNG);
?>

======= security.image.class.php

<?
class securityImageConstants
{
const GD = 0;
const GIF = 1;
const JPG = 2;
const PNG = 3;
}

class securityImage
{
public $codeLength = 6;
public $accentColor = '990000';
public $fontColor = '990000';
public $fontSize = 48;
public $image = null;
public $securityCode = '';
public $securityImage = '';

private function __clone(){}

public function __construct($securityCode, $securityImage)
{
$this->securityCode = $securityCode;
$this->securityImage = $securityImage;
}

private function __copy(){}

public function create($type = securityImageConstants::PNG)
{
$imageSize = getimagesize($this->securityImage);
$this->image = imagecreatefromjpeg($this->securityImage);
$imageWidth = $imageSize[0];
$imageHeight = $imageSize[1];
$accentColor = imagecolorallocate(
$this->image
,
hexdec(substr($this->accentColor,
0, 2)) ,
hexdec(substr($this->accentColor,
2, 2)) ,
hexdec(substr($this->accentColor,
4, 2))
);
$fontColor = imagecolorallocate(
$this->image
,
hexdec(substr($this->fontColor,
0, 2)) ,
hexdec(substr($this->fontColor,
2, 2)) ,
hexdec(substr($this->fontColor,
4, 2))
);
$fontHeight = imagefontheight($this->fontSize);
$fontWidth = imagefontwidth($this->fontSize);
$text = substr(preg_replace('//', '$1 ',
$this->securityCode), 0, - 1);
$x = ($imageWidth - strlen($text) * $fontWidth) / 2;
$y = ($imageHeight - $fontHeight) / 2;
for ($i = 0; $i < strlen($text); $i++)
{
imagechar(
$this->image ,
$fontHeight ,
$x + ($fontWidth * $i) - 1 ,
$y ,
$text[$i] ,
$accentColor
);
imagechar(
$this->image ,
$fontHeight ,
$x + ($fontWidth * $i) ,
$y - 1 ,
$text[$i] ,
$fontColor
);
}
switch ($type)
{
case securityImageConstants::GD : imagegd($this->image) ; break;
case securityImageConstants::GIF : imagegif($this->image) ; break;
case securityImageConstants::JPG : imagejpeg($this->image) ; break;
default : imagepng($this->image) ; break;
}
imagedestroy($this->image);
}
}
?>

btw, all of these reference this script...it just determines what your
relative path is given where a script is accessed based on your directory
structure. based on the system on which you run, you may need to take out
the - 1 at the end of line 4. i use this because even though there is a
$_SERVER variable letting you know this same information, it is reliant on
php compiled options and versions of php...this is the sledgehammer
approach.

======== relative.path.php

<?
$parsedUri = dirname($_SERVER['PHP_SELF']);
$relativeUri = str_replace('/', '', $parsedUri);
$relativePath = strlen($parsedUri) - strlen($relativeUri) - 1;
if ($relativePath < 0){ $relativePath = 0; }
$relativePath = str_repeat('../', $relativePath);
if (!$relativePath){ $relativePath = './'; }
?>

i believe you should be sufficiently overwhelmed by now, and have a lot of
text-wrapping to clean up. if you need further help, just post a reply.

cheers.

Steve wrote:

> | > csv and xls are text files. xls is a stylization for xml (which is
> | > probably what you meant).
> >
> > Not quite. XLS is a Excel Spreadsheet (which, in a way, can contain
> > information much like a CSV file does), while XSL is stylization
> > for XML. Big difference.
>
> yes, and i already explained my dislexia and duely appologized for
> the oversite...but thanks for the lesson. ;^)

Yep, I noticed that about 10 seconds AFTER I had posted that, though.

--
Kim André Akerø
- kimandre [at] NOSPAMbetadome.com
(remove NOSPAM to contact me directly)