Page 1 of 1

Minichat code problem

Posted: Tue Dec 30, 2008 1:12 pm
by urshag
I have this minichat block I use on a site I maintain on a PHPNuke site. It's very simple, it lets you enter a nickname and a message and displays it.

However, it's supposed to return an error if the person doesn't enter any nickname or if the nickname is "nickname".

It does not do this. I have been getting a lot of bot spam and if it did reject the "Nickname" nickname, It would solve the problem.

However it does nothing. If you don't enter a nickname or enter "Nickname" it goes through with no error. The code that seems to check it is:

function validar() {
if(formulario.nick.value == '' || formulario.nick.value == 'Nickname') { alert('Your nick is empty') ; return false ; }
if(formulario.mensaje.value == '' || formulario.mensaje.value == 'Message') { alert('Your message is empty') ; return false ; }
}

Below is the entire code of minichat.php

Any help would be appreciated!

Code: Select all

<?
//****************************
//*** MiniChat v.1.2       ***
//*** Creado por: Electros ***
//*** Web: http://www.electros.tk ***
//****************************
 
//*********************
//*** Configuración ***
//*********************
 
// Mensajes a mostrar (0 para mostrar todos)
$mostrar = 30 ;
// Maximo de caracteres por nick
$max_nick = 20 ;
// Maximo de caracteres por mensaje
$max_mensaje = 200 ;
// Maximo de caracteres por web
$max_web = 50 ;
// Maximo de caracteres por palabra (palabras muy grandes como una URL puede descuadrar el diseño
// y ocasionar que el minichat no se vea correctamente) si no deseas esta opción pon 0.
$max_palabra = 25 ;
// smilies
$smilies = "ON" ;
// Censura de palabras
$censura = "OFF" ;
// Permitir código HTML (se recomienda que esté desactivado)
$codigo = "OFF" ;
// Altura de la tabla de mensajes (cuando los mensajes mostrados rebasan la altura marcada
// aparece una barra de desplazamiento) 
$altura = 230 ;
// csschat (archivo que contiene el csschat del minichat, tipo de letra, tamaño, color, fondo)
$csschat = "csschat.php" ;
// Lista de smilies (si $smilies está en ON)
if($smilies == "ON") {
function smilies($texto) {
// --> Inicio smilies
$texto = str_replace(":D","[:alegre.gif:]",$texto) ;
$texto = str_replace(":8","[:asustado.gif:]",$texto) ;
$texto = str_replace(":P","[:burla.gif:]",$texto) ;
$texto = str_replace(":S","[:confundido.gif:]",$texto) ;
$texto = str_replace(":(1","[:demonio.gif:]",$texto) ;
$texto = str_replace(":(2","[:demonio2.gif:]",$texto) ;
$texto = str_replace(":?","[:duda.gif:]",$texto) ;
$texto = str_replace(":-(","[:enojado.gif:]",$texto) ;
$texto = str_replace(";)","[:guino.gif:]",$texto) ;
$texto = str_replace(":'(","[:llorar.gif:]",$texto) ;
$texto = str_replace(":lol","[:lol.gif:]",$texto) ;
$texto = str_replace(":M","[:moda.gif:]",$texto) ;
$texto = str_replace(":|","[:neutral.gif:]",$texto) ;
$texto = str_replace(":)","[:risa.gif:]",$texto) ;
$texto = str_replace(":-)","[:sonrisa.gif:]",$texto) ;
$texto = str_replace(":R","[:sonrojado.gif:]",$texto) ;
$texto = str_replace(":O","[:sorprendido.gif:]",$texto) ;
$texto = str_replace(":(","[:triste.gif:]",$texto) ;
// --> Fin smilies
$texto = str_replace("[:","<img src=\"smilies/",$texto) ;
$texto = str_replace(":]","\" width=\"15\" height=\"15\">",$texto) ;
return $texto ;
}
}
// Lista de censura de palabras (si $censura está en ON)
if($censura == "ON") {
function censura($texto) {
// --> Inicio palabras
$texto = str_replace("insulto","***",$texto) ;
// --> Fin palabras
return $texto ;
}
}
// Código HTML (si $codigo está en OFF)
if($codigo == "OFF") {
function codigo($texto) {
$texto = htmlspecialchars($texto) ;
return $texto ;
}
}
 
//*******************************
//*** Fin de la configuración ***
//*******************************
 
// *** Guardar mensaje ***
if($enviar) {
function quitar($texto) {
$texto = trim($texto) ;
$texto = stripslashes($texto) ;
return $texto ;
}
$nick = quitar($nick) ;
$mensaje = quitar($mensaje) ;
$web = quitar($web) ;
if($codigo == "OFF") {
$nick = codigo($nick) ;
$mensaje = codigo($mensaje) ;
$web = codigo($web) ;
}
// Si $max_palabra es mayor que cero
if($max_palabra > 0) {
$palabras = explode(" ",$mensaje) ;
$total = count($palabras) ;
for($a = 0 ; $a < $total ; $a++) {
if(strlen($palabras[$a]) > $max_palabra) { $palabras[$a] = chunk_split($palabras[$a],$max_palabra," ") ; }
}
$mensaje = implode($palabras," ") ;
}
$minichat = fopen("minichat.txt",a) ;
if($web == "" || $web == "http://") {
fwrite($minichat,"\n<b><$nick></b> $mensaje") ;
}
else {
fwrite($minichat,"\n<a href=\"$web\" target=\"_blank\"><$nick></a> $mensaje") ;
}
fclose($minichat) ;
}
?>
<html>
<head>
<title></title>
<?
include("$csschat") ;
?>
 
</head>
<body>
<div style="height: <? echo $altura ?> ; overflow: auto">
<?
// *** Mostrar los mensajes ***
$mensajes = file("minichat.txt") ;
$total = count($mensajes) ;
if($total < $mostrar || $mostrar == 0) {
$maximo = 0 ;
}
else {
$maximo = $total - $mostrar ;
}
while($total > $maximo) {
$total-- ;
$mensaje = $mensajes[$total] ;
if($smilies == "ON") {
$mensaje = smilies($mensaje) ;
}
if($censura == "ON") {
$mensaje = censura($mensaje) ;
}
?>
<table width="100%" border="0" cellpadding="1" cellspacing="0" class="mensaje">
<tr>
<td>
<? echo $mensaje ?>
</td>
</tr>
</table>
<div style="margin-top: 1"></div>
<?
}
?>
</div>
<script>
function revisar(campo) {
if(campo.value=='Your Nick{ campo.value='' ; }
if(campo.value=='Message') { campo.value='' ; }
}
function validar() {
if(formulario.nick.value == '' || formulario.nick.value == 'Nickname') { alert('Your nick is empty') ; return false ; }
if(formulario.mensaje.value == '' || formulario.mensaje.value == 'Message') { alert('Your message is empty') ; return false ; }
}
</script>
<script>
function smilies(codigo) {
formulario.mensaje.value += codigo ;
formulario.mensaje.focus() ;
}
</script>
<div align="center">
<br>
<form name="formulario" method="post" action="minichat.php" onsubmit="return validar()">
<input type="text" name="nick" size="10" maxlength="<? echo $max_nick ?>" value="Nickname" onfocus="revisar(this)" class="formulario"><br>
<textarea cols="21" rows="7" name="mensaje" <? echo $max_mensaje ?>" value="Message" onfocus="revisar(this)" class="formulario">Message</textarea><br>
<input type="submit" name="enviar" value="Send" class="formulario"></form>
<p align="center">
<b>Smilies:</b><br>
<table border="0" cellpadding="5" cellspacing="0" align="center">
<tr>
<td><a href="javascript&#058;smilies(':D')">
<img src="smilies/alegre.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':8')">
<img src="smilies/asustado.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':P')">
<img src="smilies/burla.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':S')">
<img src="smilies/confundido.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':(1')">
<img src="smilies/demonio.gif" width="15" height="15" border="0"></a></td>
</tr>
<tr>
<td><a href="javascript&#058;smilies(':(2')">
<img src="smilies/demonio2.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':?')">
<img src="smilies/duda.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':-(')">
<img src="smilies/enojado.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(';)')">
<img src="smilies/guino.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':\'(')">
<img src="smilies/llorar.gif" width="15" height="15" border="0"></a></td>
</tr>
<tr>
<td><a href="javascript&#058;smilies(':lol')">
<img src="smilies/lol.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':M')">
<img src="smilies/moda.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':|')">
<img src="smilies/neutral.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':)')">
<img src="smilies/risa.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':-)')">
<img src="smilies/sonrisa.gif" width="15" height="15" border="0"></a></td>
</tr>
<tr>
<td></td>
<td><a href="javascript&#058;smilies(':R')">
<img src="smilies/sonrojado.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':O')">
<img src="smilies/sorprendido.gif" width="15" height="15" border="0"></a></td>
<td><a href="javascript&#058;smilies(':(')">
<img src="smilies/triste.gif" width="15" height="15" border="0"></a></td>
<td></td>
</tr>
 
</table>
<p>&nbsp;</p>
<tr>
 
 
<p align="center">
<a href="http://zulkiplyharun.com" target="_blank">ChatMini</a>
</body>
</html>

Re: Minichat code problem

Posted: Wed Dec 31, 2008 8:54 am
by SteveC
Using JavaScript won't stop people from submitting forms without a name. You need some detection in your PHP script too, for example:

Code: Select all

if ($nick=='') exit('Your nickname was empty!')

Re: Minichat code problem

Posted: Wed Dec 31, 2008 9:00 am
by urshag
Ok thanks, i'm a noob at this, where would I put that line of code?

Re: Minichat code problem

Posted: Wed Dec 31, 2008 7:17 pm
by watson516
You could check pretty much anywhere before the file is written. Somewhere around line 91 would work.

Re: Minichat code problem

Posted: Fri Jan 02, 2009 6:35 am
by urshag
Ok I tried that and it resulted in the block being empty. Maybe it would help if you could see the program running. Go to http://www.vettesofcoastalmaine.org

The block is on the left side scroll down the page.

Thanks again for trying to help me with this. One question is of course is why the code:

Code: Select all

function validar() {
if(formulario.nick.value == '' || formulario.nick.value == 'Nickname') { alert('Your nick is empty') ; return false ; }
if(formulario.mensaje.value == '' || formulario.mensaje.value == 'Message') { alert('Your message is empty') ; return false ; }
is not working.

Re: Minichat code problem

Posted: Sun Jan 04, 2009 6:25 pm
by SteveC
Important:

You must add a semi colon at the end of the line, otherwise PHP won't validate the script. IE:

Code: Select all

if ($nick=='') exit('Your nickname was empty!');
You can insert that where the other member told you to insert it.

The JavaScript isn't working because the spam bots ignore it. They pick up on where your script is and they post data to it in an attempt to get as much spam out there as possible. JavaScript usually makes for friendlier websites, but you should always have validation built in to your handling scripts.

urshag wrote:Ok I tried that and it resulted in the block being empty. Maybe it would help if you could see the program running. Go to http://www.vettesofcoastalmaine.org

The block is on the left side scroll down the page.

Thanks again for trying to help me with this. One question is of course is why the code:

Code: Select all

function validar() {
if(formulario.nick.value == '' || formulario.nick.value == 'Nickname') { alert('Your nick is empty') ; return false ; }
if(formulario.mensaje.value == '' || formulario.mensaje.value == 'Message') { alert('Your message is empty') ; return false ; }
is not working.

Re: Minichat code problem

Posted: Sun Jan 04, 2009 8:16 pm
by urshag
Thanks for the help guys! :D