Spam Protection Function for the Guestbook!

<?php // Check to see if email address is valid -------------------------------- function checkmail($youremail) { if (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.'. '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $youremail)) { return true; } else { return false; } } // Smiley face insertion function -------------------------------------- function smiley_face($yourmessage) { $i = 0; $rep1 = array( "<", ">", "\n" ); $rep2 = array( "&lt;", "&gt;", "<br>" ); $ubb1 = array( "[b]", "[B]", "[/b]", "[/B]", "[u]", "[U]", "[/u]", "[/U]", "[i]", "[I]", "[/i]", "[/I]", "[center]", "[CENTER]", "[/center]", "[/CENTER]" ); $ubb2 = array( "<b>", "<B>", "</b>", "</B>", "<u>", "<U>", "</u>", "</U>", "<i>", "<I>", "</i>", "</I>", "<center>", "<CENTER>", "</center>", "</CENTER>" ); $sm1 = array( ":?:", ":D", ":?", "8)", ":cry:", ":shock:", ":evil:", ":!:", ":frown:", ":idea:", ":arrow:", ":lol:", ":x", ":mrgreen:", ":|", ":P", ":oops:", ":roll:", ":(", ":)", ":o", ":twisted:", ":wink:" ); $sm2 = array( "question", "biggrin", "confused", "cool", "cry", "eek", "evil", "exclaim", "frown", "idea", "arrow", "lol", "mad", "mrgreen", "neutral", "razz", "redface", "rolleyes", "sad", "smile", "surprised", "twisted", "wink" ); $sm3 = array( ": ?:", ":D", ":?", "8)", ":cry:", ":shock:", ":evil:", ":!:", ":frown:", ":idea:", ":arrow:", ":lol:", ":x", ":mrgreen:", ":|", ":P", ": oops :", ":roll:", ":(", ":)", ":o", ":twisted:", ":wink:" ); // Disable HTML Code in message body --------------------------------------------------------------- // Replacing Brackets to disable the insertion of HTML in the Guestbook and breaking long words $yourmessage = wordbreak($yourmessage, 40); for ($i=0; $i<=2; $i++) { $yourmessage = str_replace($rep1[$i], $rep2[$i], $yourmessage); } // UBB Code Insertion --------------------------------------------------------------------------------- // Replacing UBB tags with the appropriate HTML tag for ($i=0; $i<=15; $i++) { $yourmessage = str_replace($ubb1[$i], $ubb2[$i], $yourmessage); } // Inserting smiley faces for guestbook users for ($i=0; $i<=22; $i++) { $yourmessage = str_replace($sm1[$i], "<img src=\"images/icon_$sm2[$i].gif\" ALT=\"$sm3[$i]\">", $yourmessage); } return $yourmessage; } // Function to breakup log words in message ------------------------- function wordbreak($text, $wordsize) { if (strlen($text) <= $wordsize) { return $text; } # No breaking necessary, return original text. $text = str_replace("\n", "", $text); # Strip linefeeds $done = "false"; $newtext = ""; $start = 0; # Initialize starting position $segment = substr($text, $start, $wordsize + 1); # Initialize first segment while ($done == "false") { # Parse text $lastspace = strrpos($segment, " "); $lastbreak = strrpos($segment, "\r"); if ( $lastspace == "" AND $lastbreak == "" ) { # Break segment $newtext .= substr($text, $start, $wordsize) . " "; $start = $start + $wordsize; } else { # Move start to last space or break $last = max($lastspace, $lastbreak); $newtext .= substr($segment, 0, $last + 1); $start = $start + $last + 1; } # End If - Break segment $segment = substr($text, $start, $wordsize + 1); if ( strlen($segment) <= $wordsize ) { # Final segment is smaller than word size. $newtext .= $segment; $done = "true"; } # End If - Final segment is smaller than word size. } # End While - Parse text $newtext = str_replace("\r", "\r\n", $newtext); # Replace linefeeds return $newtext; } # End of function - Word Break // Function to filter out bad words ------------------------------------------ function swapBadWords($string) { global $gbBadWords; // Count the number of array element of the bad word array $nBadWords = sizeof($gbBadWords); for ($i = 0; $i < $nBadWords; $i++) { // Grab the first letter of bad word $banned = substr($gbBadWords[$i], 0, 1); // Replace remaining letters of bad word for ($j = 1; $j < strlen($gbBadWords[$i]); $j++) { $banned .= "*"; } // chars replaced with *. $string = str_replace($gbBadWords[$i], $banned, $string); } return $string; } function check_referer($referers) { // If there are any referrers in the list ... if (count($referers)) { $found = false; // Use the browsers referrer header. $temp = explode("/",getenv("HTTP_REFERER")); $referer = $temp[2]; if ($referer=="") { $referer = $_SERVER['HTTP_REFERER']; list($remove,$stuff)=split('//',$referer,2); list($home,$stuff)=split('/',$stuff,2); $referer = $home; } // Check agains list. for ($x=0; $x < count($referers); $x++) { if (eregi ($referers[$x], $referer)) { $found = true; } } // Refererer is blank. if ($referer =="") $found = false; if (!$found) { // You might alter this to print some sort of error of your own. echo "<b>You are submitting an entry from an <b>unauthorized domain.</b><br><br>"; } return $found; } else { return true; } } ?> Add.php: <html> <head> <title>Malcolm James' Guestbook</title> <link rel="STYLESHEET" type="text/css" href="style.css"> <style type="text/css"> <!-- .style1 {color: #999999} a:visited { color: #FFCC00; } .style2 {color: #CCCCCC} .style3 { font-size: 10px; font-weight: bold; } .style4 { color: #CCCCCC; font-size: 10px; font-weight: bold; } .style6 {color: #333333} .style7 {color: #666666} --> </style> </head> <p>&nbsp;</p> </html> <?php // Including header, functions and configuration files ------------------ include("config.php"); // Including header of the system --------------------------------------- include("functions.php"); include("header.inc"); $referers = array ('malcolm-james.com','www.malcolm-james.com','111.111.111.111'); if (!check_referer($referers)) { // Form was not submitted from the site so exit echo "<center><br><a href=\"javascript:history.go(-1)\" class=\"text\"><font color=red>NICE TRY! NOW GET LOST!</font></center>"; include("footer.inc"); exit; } // Re-assigning the variables passed by posted form --------------------- $yourname = $_POST['yourname']; $youremail = $_POST['youremail']; $yourmessage = $_POST['yourmessage']; $date = date("D m/j/y g:iA"); // Error Handeling and entry checking ----------------------------------- echo "<center><h2>$addentryheadtxt</h2></center>"; // Name Validation Section ----------------------------- if ($name_optional != 0) { if (strlen($yourname) > 40) // Check Name Length { $error .= "<br>$error1"; } if (empty($yourname)) // Check if Name field is empty { $error .= "<br>$error4"; } } // email Validation Section ----------------------------- if ($email_optional != 0) { if (empty($youremail)) // Check if email field is empty { $error .= "<br>$error5"; } } // Message Validation Section --------------------------- if ($message_optional != 0) { if (empty($yourmessage)) // Check if Message field is empty { $error .= "<br>$error6"; } } // Notify administrator of new email if option is selected ---------------------------------------- if ($notify_admin == 1) { mail("$notify_admin_email", "$notify_subject", "$notify_message"); } // Smiley face insertion into the message --------------------------------------------------------- $yourname = smiley_face($yourname); $yourmessage = smiley_face($yourmessage); // Call for filtering bad words ------------------------------------------------------------------- if ($gbBadWordsKey == 1) { $yourmessage = swapBadWords($yourmessage); } // Give Confirmation that the Guestbook Entry was written ----------------------------------------- echo "<p>$result1 "; echo $date; echo "<br><br>"; $temp1 = stripslashes($yourname); $temp2 = stripslashes($youremail); $temp3 = stripslashes($yourmessage); echo "<b>$yournametxt</b> $temp1 <br>"; echo "<b>$youremailtxt</b> $temp2 <br>"; echo "<b>$yourMessagetxt</b> $temp3 <br>"; echo "<p>&nbsp;</p>"; // Write the verified guestbook entry to file ---------------------------------------------------- $outputstring = "<b>$listDatetxt:</b> ".$date."<br><b>$listnametxt:</b> ".$yourname."<br><b>$listemailtxt: </b>".$youremail."<br><br><b>$listMessagetxt:</b> ".$yourmessage."<hr>\n"; // open file for appending @ $fp = fopen("list.txt", "a"); flock($fp, 2); if (!$fp) { echo "<p><strong> $error7. " ."$error8.</strong></p></body></html>"; exit; } fwrite($fp, $outputstring); flock($fp, 3); fclose($fp); echo "<center><p><b>$result2.</b></p></center>"; include("footer.inc"); ?>