GBook - PHP Guestbook

INDEX

COPYRIGHT NOTICE

Copyright 2004-2009 Klemen Stirn. All Rights Reserved.

The GBook may be used and modified free of charge by anyone AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT. By using this code you agree to indemnify Klemen Stirn from any liability that might arise from it's use.

Selling the code for this program, in part or full, without prior written consent is expressly forbidden.

Using this code, in part or full, to create derivate work, new scripts or products is expressly forbidden. Obtain permission before redistributing this software over the Internet or in any other medium. In all cases copyright and header must remain intact. This copyright is in full effect in any country that has International Trade Agreements with the United States of America or with the European Union.

Removing copyright notice ("Powered by" links)
Removing any of the copyright notices without purchasing a license is expressly forbidden. To remove GBook copyright notice you must purchase a license. For more information on how to obtain a license please visit the page below:
http://www.phpjunkyard.com/copyright-removal.php

DESCRIPTION

Set up a Guestbook on your Web site using this PHP script. Comes with many features and good anti-SPAM protection.

What's new in 1.7
- New user interface (new tableless design, new style.css file, images have alt and title tags, valid XHTML)
- All HTML code has been moved to templates (easier to modify, share templates, add new emoticons, ...)
- Improved JunkMark anti-SPAM filter
- New anti-SPAM feature: a customized anti-SPAM logical question
- Improved Captcha anti-SPAM image
- You can now manually approve new posts
- You can limit length of Comments
- You can limit the number of Emoticons (Smileys) per post
- Customers can receive an e-mail notification when administrator replies to their post
- Removed go.php file (didn't really serve it's initial purpose)

REQUIREMENTS

THANKS TO

I would like to say THANKS to everyone who in any way contributed to the development of this script, especially to (in no particular order):

» Installation

Please take 5 minutes and read the installation instructions carefully and completely! This will ensure a proper and easy installation.

If you have problems/questions see the "HELP and Troubleshooting" section further down.

  1. Open file settings.php in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor) and set these variables:

    Variable Description/Setup
    $settings['apass'] This will be your password for the admin panel. Change it from the default password admin. Use only letters a-Z, A-Z and numbers 0-9
    $settings['website_title'] A short title of your Web site, like "My lovely Web site"
    $settings['website_url'] URL of your Web site (not guestbook!).
    $settings['gbook_title'] Title of your guestbook, like "My Web Site Guestbook"
    $settings['admin_email'] Your e-mail address where new entry notifications will be sent.
    $settings['gbook_url'] URL of the gbook.php script. For example http://www.yourdomain.com/guestbook/gbook.php
    New in version 1.7
    $settings['spam_question']
    A question people will have to answer correctly in order to submit your guestbook. If used correctly this can be an easy but very effective anti-SPAM filter! You can use HTML code in the question. Set to 0 to disable the anti-SPAM question.

    Don't use the default question! Make up a unique one with a simple and obvious answer.

    A good question should be unique and have a simple answer everyone knows. Some examples:
    Type access code ABCDE here: (answer: ABCDE)
    Access code from the bottom of our homepage:
    (place the answer to your homepage)
    Are you a human? (answer: yes)
    How much is 4 plus 11? (answer: 15)
    Is Mars a planet (yes or no)? (answer: yes)
    etc...
    New in version 1.7
    $settings['spam_answer']
    The correct answer to your anti-SPAM question. Answers are not CaSe SeNSiTiVe.


    TIP: Want to get GBook up and running as soon as possible?
    YOU CAN SKIP OTHER SETTINGS AT THE MOMENT AND LEAVE THEM ALL ON DEFAULT. JUST CONTINUE WITH STEP 2 BELOW.

    $settings['notify'] If set to 1 you will receive an e-mail notification at your admin e-mail address every time a new entry is added to your guestbook. Set to 0 if you don't want to be notified.
    New in version 1.7
    $settings['notify_visitor']
    If set to 1 visitors will receive an e-mail notification when you reply to their post (only if they entered their e-mail address when signing the Guestbook). Set to 0 to disable sending notifications.
    New in version 1.7
    $settings['man_approval']
    Set to 1 to manually approve all new posts before they appear in the Guestbook. When someone submits a new Guestbook entry you will receive an e-mail notification with a link to approve or reject the post. If approved, the post will appear in the Guestbook, otherwise it will be deleted. Set to 0 to disable manual approval.
    New in version 1.7
    $settings['template']
    Name of the template you are using. It must match the name of the folder with all required template files inside the templates folder (or your GBook will not work at all!). More information about templates and customizing them can be found further down the page.

    Leave this set to 'default' at first to make sure your GBook works normally!

    Note:
    On most server folder names (and thus template names) are CaSe SeNSiTiVe! Settings 'default' and 'Default' will not work the same!
    $settings['logfile'] Name of the file where posts will be stored. I strongly recommend that you rename this file from the default name entries.txt to some hard-to-guess name, for example g3isht39a.txt
    $settings['use_url'] As of version 1.4 you can easily enable/disable the "Your Web site:" field of the GBook. Set to 1 to enable people posting their Web site URL and 0 to disable. This option has been added to further minimize the odds of people posting your guestbook just to advertise their Web site. The Your Web site field is DISABLED by default since version 1.4
    $settings['url_blank'] If set to 1 if you want all URLs to be opened in a new window (target="_blank"). GBook will still validate as XHTML Transitional but not as Strict. Set to 0 to disable.
    $settings['use_private'] If set to 1 your visitors will have an option to make their post PRIVATE (not publicly displayed and readable only with admin password). Set to 0 to disable private posts.
    $settings['hide_email'] Setting to 1 will hide e-mail addresses from public and require admin password to view them. Set to 0 to disable.

    RECOMMENDED SETTING: $settings['hide_email']=1;

    NOTE:
    If you wish to hide e-mail addresses I also recommend that you change $settings['logfile'] from the default "entries.txt" to some other hard to guess name, like "g3isht39a.txt"
    $settings['smileys'] If set to 1 text like :), ;) etc will be replaced by smileys (image icons). Individual visitors will still be able to disable smileys for their entry. If you don't want to allow smileys set to 0.
    New in version 1.7
    $settings['max_smileys']
    Limit the number of smileys (emoticons) that can be used per post. Set to 0 for unlimited smileys.
    $settings['filter'] If set to 1 all new posts will be filtered for bad words and replaced by * * *.
    $settings['filter_lang'] The language of bad words file. For now only English language is supported so you can only use "en" (CaSe SeNSiTiVe). Please read section "Adding / Translating bad words list" further down for info on how to add/translate bad words.
    $settings['autosubmit'] Setting this to 1 or 2 will require entering a "security number" in order to successfully submit a new entry to the guestbook. I have added this to prevent SPAMing the guestbook. Set to 0 if you want to disable the security number check.

    Setting to 1 will display the security number in a generated image. For this to work your server must have GD library installed. You can test if your server supports all the required functions by uploading the gd_test.php file to your server and open it in your browser. If you get a red image with text WORKS your server shouldn't have problems with it. If you get an error when opening gd_test.php try using the text version as explained below or ask your hosting company to install the GD library for PHP.

    Setting to 2 will display the security number in text format. While this is not as effective as an image it will still block the majority of known spam robots.

    RECOMMENDED SETTING: $settings['autosubmit']=1;
    OR if the above doesn't work try
    RECOMMENDED SETTING: $settings['autosubmit']=2;
    $settings['filter_sum'] This variable is used in the preventing automated submissions and is just a little trick that should make it all even more reliable. The idea is to set this to some random sequence of chars and numbers, for example dhjx72js. It doesn't really matter how long it is, but you should use only chars (a-zA-Z) and digits (0-9). Don't leave the default value (as it would loose the whole point), set it to something of your own. Examples would be g3oyf98, p9ak85i, h398dgf and similar. Again, DO NOT USE these examples, just type some chars of your own!

    This is one of the most important anti-SPAM setting so don't forget to set it!
    $settings['junkmark_use'] JunkMarkTM is a filter, designed to catch spammers who actually visit your guestbook and get past the security number check. Setting this variable to 1 will enable JunkMarkTM, setting it to 0 will disable it. JunkMarkTM calculates probability of a message being SPAM and gives it a score between 0 (not SPAM) and 100 (SPAM). The higher the score the more likely the message is SPAM

    RECOMMENDED SETTING: $settings['junkmark_use']=1;
    $settings['junkmark_limit'] Set to the score after which messages are rejected as SPAM. Messages which are given a JunkMarkTM score same or higher to this limit will not be added to the guestbook. Possible values are between 0 and 100. I don't recommend setting it below 50! The optimal value is around 60 to 70.

    RECOMMENDED SETTING: $settings['junkmark_limit']=61;
    $settings['junkmark_ban100'] If set to 1 Gbook will automatically ban IP if the JunkMark score is 100 (meaning 100% SPAM). Set to 0 to disable automatic banning.

    RECOMMENDED SETTING: $settings['junkmark_ban100']=1;
    $settings['ignore_proxies'] Setting to 1 will ignore proxy servers from calculation of JunkMark score. Set to 0 to disable.

    RECOMMENDED SETTING: $settings['ignore_proxies']=0;
    $settings['show_nospam'] If set to 1 a small banner promoting "NO GUESTBOOK SPAM" with a link to my Guestbook SPAM article will be placed at the bottom of your guestbook. Not required, but very welcome and you help notifying people about the guestbook SPAM problem and how to avoid it. Set to 0 to disable the banner.
    $settings['one_per_session'] If set to 1 each person will be able to make only one post per browser session. As of version 1.33 you can officially disable this by setting this variable to 0.

    RECOMMENDED SETTING: $settings['one_per_session']=1;
    New in version 1.7
    $settings['max_comlen']
    The maximum leght (number of chars) of comments people can post. Set to 0 for unlimited length.
    $settings['max_word'] The maximum length of each line of comments. This is to prevent long "words" like ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff from stretching your guestbook.
    $settings['language'] Name of the language file (file with the translated text). More information about translating GBook is further down in the readme file.
    $settings['allow_IPv6'] If set to 1 if your server uses IPv6 protocol. Should be disabled on most servers.
  2. Save and close the settings.php file.
    Don't forget to rename the entries.txt file to the name you set as $settings['logfile'] in settings.php!

  3. Connect via FTP to the public folder of your server where the rest of your Web site is, usually called "public_html," "www" or "site," and create a folder where you will install GBook (for example named "gbook" or "guestbook").
    Example: /public_html/gbook
    Corresponding URL: http://www.yourdomain.com/gbook

    TIP: Learn how to FTP and CHMOD files, read my simple FTP and CHMOD tutorial

  4. Upload all GBook files to this folder.

Make sure the following files/folders are writable by the script:
- files banned_ip.txt and entries.txt - on Unix (Linux) servers CHMOD this file to 666 (rw-rw-rw-)
- directory apptmp - on Unix (Linux) servers CHMOD this directory to 777 (rwxrwxrwx)

If you have done all this your guestbook should work now. In your browser open your GBook, for example:
http://www.yourdomain.com/gbook/gbook.php and test it. You can delete messages by clicking the red [X] icon and entering your admin password.

Good luck with the script!

» Upgrading from old versions

Please take 5 minutes and read the upgrade instructions carefully and completely! This will ensure a proper and easy upgrade.

To upgrade from a previous version to 1.7 follow these steps:

  1. BACKUP YOUR EXISTING GBOOK FILES! Don't skip this step! Really, don't!
  2. Edit the new settings.php file (more info under "Installation") as new variables have been added
  3. Delete these files from the GBook folder on your server:
    - go.php
    - index.htm
    - smileys.htm
    - style.css
  4. Upload ALL files to your server except: entries.txt, header.txt and footer.txt
  5. CHMOD folder apptmp to 777 (rwxrwxrwx)
  6. If not already, CHMOD file banned_ip.txt to 666 (rw-rw-rw)
  7. Test everything. All your current posts should stay intact.

Good luck with the script!

» Troubleshooting

1. What is CHMOD and FTP?

I have prepared a simple FTP and CHMOD tutorial which will help you FTP files to your server and set correct CHMOD settings.

2. My guestbook doesn't work, HELP!

Here are a few things to check:

  1. Did you upload the entries.txt file and RENAMED it to the name you set as $settings['logfile'] in settings.php
  2. Are entries.txt (or the file named as set under $settings['logfile'] in settings.php) and banned_ip.txt files writable? CHMOD them to 666 (rw-rw-rw) if you are on a UNIX server
  3. Is apptmp folder writable? CHMOD it to 777 (rwxrwxrwx) if you are on a UNIX server
  4. Do you have a valid setting for $settings['template']? Does it match the name of your template folder (inside the templates directory)?
  5. If images don't display correctly check if you uploaded them (the entire "images" folder) correctly. The images folder must be place within the guestbook folder, for example http://www.yourdomain.com/guestbook/images
  6. Go through the entire setup process again carefully
  7. You should get more information about PHP errors (such as the exact file and line where the error occurred) by deleting this code from the settings.php file:
    ini_set('display_errors', 0);
    ini_set('log_errors', 1);
    Once GBook is working normally you should paste the code back into the settings.php file!

3. The security number image/text doesn't work (show up)?

For the image to work your server must have GD library installed. You can test if your server supports all the required functions by uploading the gd_test.php file to your server and open it in your browser. If you get an error when opening gd_test.php you should either ask your hosting company to install the GD library for PHP or try with $settings['autosubmit'] set to 2. This will display the security number in text format which is not as effective but better than nothing.

If you get the red WORKS image but the security image still doesn't work you probably have problems with sessions. Ask your hosting company to check PHP sessions configuration. Same thing if $settings['autosubmit'] set to 2 doesn't work.

4. I installed GBook but I still get many SPAM messages?

Make sure you have the latest version of GBook and that you have variables $settings['autosubmit'] set to 1 or 2 and $settings['junkmark_use'] set to 1. Also make sure the variable $settings['junkmark_limit'] is not set too high or too low (recommended value is 60) and that you have changed variable $settings['filter_sum'] as explained under Installation.

5. May I use JunkMarkTM SPAM filter in my other scripts?

No, you are not allowed to use JunkMarkTM SPAM filter in any other script (commercial or open source) without my express written permission. It may only be used in GBook and scripts that are direct derivates of GBook (customized/modified versions).

6. How can I ban an IP address?

Select "Ban IP address" when deleting a post or viewing IP address from GBook.

You can manually ban an IP address by adding IP% to the banned_ip.txt file. For example to ban IP 123.123.123.123 add this to the banned_ip.txt file:
123.123.123.123%

You don't have to put it in a new line, IPs can be listed like this:
123.123.123.123%321.321.321.321%111.111.111.111%

7. How can I remove an IP address from ban?

Open banned_ip.txt, find and delete the IP address you wish to stop banning, save changes and you're done!

 

Since this script is free no support is guaranteed. You will find solutions for some common problems below. If you can't get the script to work please go through this readme file again carefully and repeat the installation step-by-step (also delete old files and folders from the server). Also please feel free to FIRST SEARCH for solutions and then post any questions or problems you might have to PHPJunkyard forum (you can access it using username php and password php, then register for an account)!

To quickly and easily modify the header and footer of your guestbook you can edit header.txt and footer.txt files. Simply paste the HTML code you want to appear before GBook (just after <body> tag) in the header.txt and code that should appear after GBook (just before </body>) in the footer.txt file. Use only valid (X)HTML code without any <head> or <body> tags.

You will have to use full image URLs in the code. For example instead of <img src="images/image.jpg" ... > use <img src="http://www.yourdomain.com/images/image.jpg" ... >! Same goes for any Javascripts or CSS files if you are calling them from within the header or footer.

» Templates (customize the look and feel)

As of version 1.7 GBook support templates that will allow full control over GBook look and feel, easy switching between templates and sharing custom templates with other users.

Important: before modifying templates make sure your GBook works 100% correctly with the default template!

Templates are located inside the templates folder. Each template is located within a separate folder, for example template default is located inside templates/default folder.

Template files have *.php extensions, you can open the files in any plain text editor. They contain valid XHTML code along with some PHP code (for printing variables). Feel free to modify the HTML code, but do not modify any PHP code (starts with <?php and ends with ?>) unless you are familiar with PHP as this code is used to insert text and data into the templates.

Note: on many servers template names are CaSe SeNSiTiVe!

--» Template folder format and contents

These are the files and folders included in the 'default' template:

/default  (folder with template)
    |- /images  (folder with images used)
    |      |- /emoticons  (folder with smileys used)
    |
    |- admin_reply.php
    |- admin_tasks.php
    |- comments.php
    |- emoticons.php
    |- emoticons_popup.php
    |- error.php
    |- no_comments.php
    |- overall_footer.php
    |- overall_header.php
    |- sign_form.php
    |- style.css

 

  1. Description on files and folders:

    File/Folder Description/Details
    default This is the folder that contains all template files. This is also the template name because the name of this folder is used in the $settings['template'] variable in the settings.php file. If you want to create template named "Very Dark" you could name the folder for example very_black.
    images Folder with all the images used in the template (and thus GBook).
    emoticons Folder inside the images directory that contains all the emoticons (smileys) used by this template (and thus GBook).
    admin_reply.php Contains the form that GBook owner (administrator) uses to reply to guestbook entries
    admin_tasks.php Contains the form that GBook owner uses for tasks like viewing IP address, deleting posts and viewing e-mail addresses.
    comments.php Contains the code for the box that is used to display comments (guestbook entries).
    emoticons.php Contains a list of emoticons (smileys) used by the template. You can add more smileys to the guestbook (template) like this:

    Step 1: upload the new smiley image to the images/emoticons folder.

    Step 2: add this code to the emoticons.php file:
    ":!code:" => "image.gif",
    :!code: will be the text inserted and later replaced with the image.gif. For example if you want to upload smiley image love.gif you would add something like this to the emoticons.php file:
    ":!love:" => "love.gif",
    emoticons_popup.php Pop-up window that lists all available emoticons (those set in the emoticons.php file) when you click the "More..." link next to sample emoticons in the Sign Guestbook form.
    error.php Page that shows when an error occurs.
    no_comments.php Page that shows when the guestbook is empty (no entries have been submitted yet).
    overall_footer.php Bottom (footer) code that appears in all GBook pages except emoticons_popup.php.
    overall_header.php Top (header) code that appears in all GBook pages except emoticons_popup.php.
    sign_form.php Form used for signing the guestbook.
    style.css Contains all the CSS code used by the template. All the classes and IDs have a gbook_ prefix.

    The code inside is CSS (Cascading Style Sheets); you can learn CSS here (it's quite simple and you can easily edit all colors with it).

 

--» Create a new template

A few tips for creating a new template.

  1. Before modifying template make sure your GBook works 100% correctly with the default template!
  2. Choose a name for your new template, for example Dark Knight. Create a new directory inside the templates folder that will contain all the files for the new template. Name it to something like dark_knight. I recommend using only lowercase letters (a-z), digits (0-9) and underscores (_).
  3. Copy all the files from the default template to your new folder.
  4. Set the $settings['template'] to the name of your new template, for example:
    $settings['template'] = 'dark_knight';
  5. Make small changes to the template files and test them to make sure GBook is still working as expected.
  6. It is best to start with files style.css, overall_header.php, overall_footer.php and comments.php
  7. If GBook became empty after modifying the template it is probably an error in the code. You should get more information about PHP errors (such as the exact file and line where the error occurred) by deleting this code from the settings.php file:
    ini_set('display_errors', 0);
    ini_set('log_errors', 1);
    Once GBook is working normally you should paste the code back into the settings.php file!

 

» Translating GBook to your language

To translate GBook to your language follow these steps:

  1. Locate file language.inc.php and open it in a plain text editor like Notepad or Wordpad.
  2. Save the file as yourlanguage.inc.php (deutsch.inc.php, francais.inc.php, ...).
  3. Edit the language file header (first lines that start with *) with your information. Please follow the provided format.
  4. Translate all lines containing language. You may translate only the right side of each line, for example:

    $t['DO_NOT_CHANGE_THIS']='TRANSLATE WORDS HERE';

    When translating make sure to:

    • keep the line format: single quotes (') around each phrase and lines must end with a semi-colon (;)
    • if you use single quotes in the words escape them with a backslash (\). WRONG: can't CORRECT: can\'t
    • do not change these codes as they are used by GBook: %s %d

  5. Save the file and upload it to your server.
  6. Edit the $settings['language'] setting in your settings.php and upload the modified file to your server.
  7. Test GBook with your language and make sure it works ok.
  8. If possible you should also translate this readme.htm file (please name it readme-yourlanguage.htm, for example readme-fr.htm, readme-de.htm, ...).

If you translate GBook to your language please post it to the PHPJunkyard forum for others to download.

» Adding / Translating bad words list

To add new bad words open the en.php file (located in badwords folder) in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor), find the comment saying INSERT NEW BAD WORDS BELOW THIS LINE and add new bad words in this format:

"BADWORD" => "REPLACEMENT",

For example if "asfhkjhfasf" is a bad word you would add this line to the file:

"SomeNastyWord" => "* * *",

Don't forget to add a comma ( , ) after the line!

If you are translating the bad words file I suggest you leave the English words and add new ones in your language as explained above. Then save the file as two letter country code php file. For example, if you are translating the file in French, you should save the file as fr.php (CaSe SeNSiTiVe!). Upload fr.php to your "badwords" folder, go to settings.php again and set $settings['filter_lang'] to "fr" (file name without .php).

Now test the GBook again. If you get an Error or Warning when you try to post a new message this means something is wrong with your language file. It either can't be found (check the name of the file, on most servers names are CaSe SeNsiTiVe!) or something is wrong with PHP syntax in it (make sure all the words are added in
"BADWORD" => "REPLACEMENT", syntax).

Please send me the translated file. If you translate the bad words file to your language please send it to info AT phpjunkyard DOT com (or contact me through PHPJunkard.com contact form) and I will make it available to others for download. You may include your name, Web site URL and e-mail address and I will give you proper credit (translated by John Doe. Visit www.yourwebsite.com).

» Copyright removal

You may NOT edit or remove any copyright or Powered by statements in Gbook code without purchasing a license! For more information please visit http://www.phpjunkyard.com/copyright-removal.php

» Stay updated!

Join my FREE newsletter and you will be notified about new scripts, new versions of the existing scripts and other important news from PHPJunkYard.
Click here for more info

» Please rate this script

If you like this script please rate it or even write a review at:

Rate this Script @ Hot Scripts

Rate this Script @ The PHP Resource Index

» Get more useful FREE scripts!

Looking for more PHP scripts? Here is a list of PHPJunkyard FREE scripts:

CHANGELOG

What's new in 1.7
- New user interface (new tableless design, new style.css file, images have alt and title tags, valid XHTML)
- All HTML code has been moved to templates (easier to modify, share templates, add new emoticons, ...)
- Improved JunkMark anti-SPAM filter
- New anti-SPAM feature: a customized anti-SPAM logical question
- Improved Captcha anti-SPAM image
- You can now manually approve new posts
- You can limit length of Comments
- You can limit the number of Emoticons (Smileys) per post
- Customers can receive an e-mail notification when administrator replies to their post
- Removed go.php file (didn't really serve it's initial purpose)

Changes in 1.6
- added an option to hide e-mail addresses (enabled by default)
- added an option to open links in a new window (if enabled code will validate as XHTML Transitional but not Strict)
- added an option to exclude proxies from JunkMarktm calculation
- IPv6 addresses can now be accepted
- all text used is now in a separate file for easier translating
- some changes to the interface and style file
- fixed wordwrap of HTML entities

Changes in 1.5
- Gbook is now XHTML 1.0 valid (set to Transitional, but valdiates also as Strict)
- added IP address banning
- added fixes for two most common problems with sessions
- improved anti-SPAM features
- multiple empty lines will now be reduced to only one empty line
- fixed display of special language characters

 

© Copyright PHP Scripts from PHPJunkyard 2004-2009. All rights reserved.