';
$html .= 'Text:';
$html .= '' . '';
$html .= 'Autor:';
$html .= '' . '';
$html .= 'E-mail:';
$html .= '' . '';
$html .= ' ';
$html .= '' . '';
$html .= '' . '';
$html .= '';
return $html;
}
function generateList()
{
$html = '';
$html = 'Nový příspěvek
' . "\n";
if (file_exists(DFILE))
{
if ($handle = fopen(DFILE, "rb"))
{
while ($line = fgets($handle))
{
$item = explode(DITEM_SEPARATOR, htmlspecialchars($line));
if (count($item) == 4)
{
$html .= "";
$html .= $item[1] . "";
$html .= '' . "" . $item[2] . "";
$html .= ", " . $item[3] . ", " . $item[0] . '';
$html .= "
";
}
}
fclose($handle);
}
}
return $html;
}
function addItem()
{
$formDataOk = true;
// check input parameters
if (isset($_REQUEST['text']) && isset($_REQUEST['author']) && isset($_REQUEST['email']))
{
if (strlen($_REQUEST['text']) > 0 && strlen($_REQUEST['author']) > 0)
{
if (strstr($_REQUEST['text'], 'sex') !== FALSE ||
strstr($_REQUEST['text'], 'xxx') !== FALSE ||
strstr($_REQUEST['text'], 'anal') !== FALSE ||
strstr($_REQUEST['text'], 'http') !== FALSE)
{
$formDataOk = false;
}
else
{
$formText = $_REQUEST['text'];
$formAuthor = $_REQUEST['author'];
$formEmail = $_REQUEST['email'];
$formDate = date("G:m:s j.n.Y");
}
}
else
{
$formDataOk = false;
}
}
else
{
$formDataOk = false;
}
if ($formDataOk)
{
if ($handleTmp = fopen(DFILE_TMP, "ab"))
{
fputs($handleTmp,
$formDate . DITEM_SEPARATOR
. $formText . DITEM_SEPARATOR
. $formAuthor . DITEM_SEPARATOR
. $formEmail . "\n");
if ($handleOrig = fopen(DFILE, "rb"))
{
fwrite($handleTmp, fread($handleOrig, filesize(DFILE)));
fclose($handleOrig);
}
fclose($handleTmp);
unlink(DFILE);
rename(DFILE_TMP, DFILE);
}
}
return $formDataOk;
}
// main logic
$html = '';
if (isset($_REQUEST['action']))
{
$action = $_REQUEST['action'];
}
else
{
$action = "list";
}
switch ($action)
{
case 'list':
$html .= generateList();
break;
case 'add':
$html .= generateAddForm('', '', '');
break;
case 'store':
if (! addItem())
{
$html .= "patně vyplněný formulář (text a autor jsou povinné poloky)
";
$html .= generateAddForm(
isset($_REQUEST['text']) ? $_REQUEST['text'] : '',
isset($_REQUEST['author']) ? $_REQUEST['author'] : '',
isset($_REQUEST['email']) ? $_REQUEST['email'] : '');
}
else
{
header('Location: discussion.php');
exit();
}
break;
default:
$html .= "Nedefinovaná akce: $action";
}
header("Content-Type: text/html; charset=windows-1250");
?>
Drive
