Here's my MySQL version of the Hak5 Graffiti Wall.
Table structures:
CREATE TABLE IF NOT EXISTS `h5w_badwords` (
`word` varchar(255) collate latin1_general_ci NOT NULL,
`replacement` varchar(255) collate latin1_general_ci NOT NULL,
KEY `word` (`word`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
CREATE TABLE IF NOT EXISTS `h5w_banlist` (
`ip` varchar(16) collate latin1_general_ci NOT NULL,
KEY `ip` (`ip`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
CREATE TABLE IF NOT EXISTS `h5w_messages` (
`ip` varchar(16) collate latin1_general_ci NOT NULL,
`name` varchar(256) collate latin1_general_ci NOT NULL,
`message` varchar(256) collate latin1_general_ci NOT NULL,
`time` timestamp NOT NULL default CURRENT_TIMESTAMP,
KEY `time` (`time`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
common.php:
<?php
define('DEBUG', 'false');
$dbname = "test";
$dbhost = "localhost";
$dbuser = "test";
$dbpass = "test";
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die("Unable to connect!");
mysql_select_db($dbname, $conn) or die("Unable to select database!");
function diemsg($msg){
echo "$msg</div>\r\n\t</body>\r\n</html>";
die();
}
?>
write.php:
<html lang="en">
<head>
<title>Hak5 Graffiti Wall</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="keywords" content="hak5, wall, hakwall, hak5wall" />
<meta name="description" content="Hak5 Graffiti Wall" />
<meta name="author" content="Hak5" />
<style>
body { color:#fff; background:#000; }
#msg { font-family: courier new; font-weight: bold; color: #f00; }
#form { align: center; }
</style>
</head>
<body>
<div id="msg"><?php
require_once "common.php";
if(isset($_POST['name']) && !empty($_POST['name'])) {
//censor
$blocked = array();
$replacewith = array();
$result = mysql_query("SELECT word, replacement FROM h5w_badwords") or diemsg("Query failed");
while(list($word, $replacement) = mysql_fetch_array($result)){
$blocked[] = $word;
$replacewith[] = $replacement;
}
$name = str_ireplace($blocked, $replacewith, stripslashes(htmlentities($_POST['name'])));
$msg = str_ireplace($blocked, $replacewith, stripslashes(htmlentities($_POST['message'])));
//Check ban list
$result = mysql_query("SELECT ip FROM h5w_banlist") or diemsg("Query failed");
while(list($ip) = mysql_fetch_array($result)){
if($_SERVER['REMOTE_ADDR'] == $ip) diemsg("You have been banned for being lame. Come back when you grow up.");
}
//Check spam user
$result = mysql_query("SELECT ip FROM h5w_messages ORDER BY time DESC LIMIT 1") or diemsg("Query failed");
$row = mysql_fetch_assoc($result);
if(DEBUG or $row['ip'] != $_SERVER['REMOTE_ADDR']){
mysql_query("INSERT INTO h5w_messages (ip, name, message) VALUES ('" . $_SERVER['REMOTE_ADDR'] ."', '" . $name . "', '" . $msg . "')") or diemsg("Query failed");
echo "Posted your message, ". $_SERVER['REMOTE_ADDR'] . "!";
}else{
echo "Please wait a while and try again!";
}
}
mysql_close($conn);
?></div>
<div id="form">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="application/x-www-form-urlencoded">
Name:<br /><input type="text" name="name" size="14"><br /><br />
Message:<br /><textarea rows="4" cols="25" name="message"></textarea><br /><br />
<input type="submit" value="Write on the Hak5 Wall" name="submit">
</form>
</div>
</body>
</html>
show.php:
<html lang="en">
<head>
<title>Hak5 Graffiti Wall</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="keywords" content="hak5, wall, hakwall, hak5wall" />
<meta name="description" content="Hak5 Graffiti Wall" />
<meta name="author" content="Hak5" />
<meta http-equiv="refresh" content="4">
<style>
body { color:#fff; background:#000; }
h1 { font:700% courier new; font-weight: bold; }
</style>
</head>
<body>
<?php
require_once "common.php";
$result = mysql_query("SELECT ip, name, message FROM h5w_messages ORDER BY time DESC LIMIT 1") or die("Query failed\r\n\t</body>\r\n</html>");
list($ip, $name, $msg) = mysql_fetch_array($result);
//BB Code
$msg = str_ireplace("", "<strong>", $msg);
$msg = str_ireplace("", "</strong>", $msg);
$msg = str_ireplace("", "<em>", $msg);
$msg = str_ireplace("", "</em>", $msg);
$msg = str_ireplace("", "<u>", $msg);
$msg = str_ireplace("", "</u>", $msg);
$msg = str_ireplace("[li]", "<li>", $msg);
$msg = str_ireplace("[/li]", "</li>", $msg);
echo "<h1>" . $name . ": " . $msg . "</h1>\r\n";
mysql_close($conn);
?>
</body>
</html>