guestbook
db.php
<?
if(mysql_connect(”localhost”,”wahyu”,”wahyu”))
{
mysql_select_db(”wahyu”);
}
?>
index.php
<?
session_start();
require “db.php”;
?>
<html>
<head>
<title>PHP+MySQL Guestbook</title>
</head>
<body>
<h1>PHP+MySQL Guestbook</h1>
<?
if($_REQUEST[‘nama’]!=”” and $_REQUEST[‘komen’]!=”” and $_SESSION[‘captcha’]==$_REQUEST[‘veri’]) {
$nama=$_REQUEST[‘nama’];
$email=$_REQUEST[’email’];
$komen=$_REQUEST[‘komen’];
mysql_query(”INSERT INTO gesbuk (nama,email,komen) VALUES(’$nama’,’$email’,’$komen’);”);
}
?>
<?
$captcha[0]=”enol”;
$captcha[1]=”siji”;
$captcha[2]=”loro”;
$captcha[3]=”telu”;
$captcha[4]=”papat”;
$captcha[5]=”lima”;
$captcha[6]=”enem”;
$captcha[7]=”pitu”;
$captcha[8]=”wolu”;
$captcha[9]=”songo”;
$captchax[1]=rand(0,9);
$captchax[2]=rand(0,9);
$captchax[3]=rand(0,9);
$captchax[4]=rand(0,9);
$captchax[5]=rand(0,9);
$captchaxstring=$captcha[$captchax[1]].” “.
$captcha[$captchax[2]].” “.
$captcha[$captchax[3]].” “.
$captcha[$captchax[4]].” “.
$captcha[$captchax[5]];
$captchastring=$captchax[1].
$captchax[2].
$captchax[3].
$captchax[4].
$captchax[5];
$_SESSION[‘captcha’]= $captchastring;
$hasilquery=mysql_query(”SELECT id_komen,nama,email,komen FROM gesbuk ORDER BY id_komen;”);
if(mysql_num_rows($hasilquery)!=0) {
?>
<table>
<tr><td><b>Nama</b></td><td><b>E-Mail</b></td><td><b>Komentar</b></td></tr>
<?
while($row=mysql_fetch_array($hasilquery))
{
echo “<tr><td>”.$row[‘nama’].”</td><td>”.$row[’email’].”</td><td>”.$row[‘komen’].”</td></tr>”;
}
} else {
echo “No comments yet.<br>”;
}
?>
</table>
<form action=index.php method=post>
<table>
<tr><td><b>Nama</b></td><td><input type=text size=30 name=nama maxlength=64></td></tr>
<tr><td><b>E-Mail</b></td><td><input type=text size=15 name=email maxlength=64> (optional)</td></tr>
<tr><td><b>Komentar</b></td><td><input type=text size=30 name=komen maxlength=64></td></tr>
<tr><td><b>Verifikasi</b></td><td><input type=text size=8 name=veri maxlength=5> <? echo $captchaxstring; ?> </td></tr>
</table>
<input type=submit value=”Kirim”>
</form>
<a href=”admin/”>Site Login</a>
</html>
adminboard.php
<?
session_start();
require “../db.php”;
?>
<html>
<head>
<title>PHP+MySQL Guestbook – Admin Board</title>
</head>
<body>
<h1>Admin Board</h1>
<?
if($_SESSION[‘loggedin’]==TRUE) {
switch ($_REQUEST[‘action’]) {
case “logout”:
echo “Bye, “.$_SESSION[‘username’].”…<br>”;
session_destroy();
echo “Logged out.”;
echo ‘<meta http-equiv=”REFRESH” content=”1;URL=../index.php”>’;
die;
case “edit”:
$hasilquery=mysql_query(”SELECT id_komen,nama,email,komen FROM gesbuk WHERE id_komen=”.$_REQUEST[‘id_komen’].”;”);
$row=mysql_fetch_array($hasilquery); ?>
<form action=adminboard.php method=post>
<table>
<tr><td><b>ID Komentar</b></td><td><input type=text size=5 name=id_komen maxlength=5 value=”<? echo $row[‘id_komen’] ?>”></td></tr>
<tr><td><b>Nama</b></td><td><input type=text size=30 name=nama maxlength=64 value=”<? echo $row[‘nama’] ?>”></td></tr>
<tr><td><b>E-Mail</b></td><td><input type=text size=15 name=email maxlength=64 value=”<? echo $row[’email’] ?>”> (optional)</td></tr>
<tr><td><b>Komentar</b></td><td><input type=text size=30 name=komen maxlength=64 value=”<? echo $row[‘komen’] ?>”></td></tr>
</table>
<input type=submit value=”Simpan”>
</form> <?
die;
case “del”:
mysql_query(”DELETE FROM gesbuk WHERE id_komen=’”.$_REQUEST[‘id_komen’].”‘;”);
}
if($_REQUEST[‘id_komen’]!=””) {
mysql_query(”UPDATE gesbuk
SET nama=’”.$_REQUEST[‘nama’].”‘,
email=’”.$_REQUEST[’email’].”‘,
komen=’”.$_REQUEST[‘komen’].”‘
WHERE id_komen=”.$_REQUEST[‘id_komen’].”;”);
}
echo “Welcome, <b>”.$_SESSION[‘username’].”</b>!<br><br>”;
$hasilquery=mysql_query(”SELECT id_komen,nama,email,komen FROM gesbuk ORDER BY id_komen;”);
if(mysql_num_rows($hasilquery)!=0) {
?>
<table>
<tr><td><b>Nama</b></td><td><b>E-Mail</b></td><td><b>Komentar</b></td></tr>
<?
while($row=mysql_fetch_array($hasilquery))
{
echo “<tr>
<td>”.$row[‘nama’].”</td>
<td>”.$row[’email’].”</td>
<td>”.$row[‘komen’].”</td>
<td><a href=adminboard.php?action=edit&id_komen=”.$row[‘id_komen’].”>[EDIT]</a></td>
<td><a href=adminboard.php?action=del&id_komen=”.$row[‘id_komen’].”>[DELETE]</a></td>
</tr>”;
}
} else {
echo “No comments yet.<br>”;
}
?>
</table>
<?
echo “<br><a href=adminboard.php?action=logout>Logout</a>”;
}
else {
echo “You are not logged in. Please <a href=index.php>login</a> first.”;
}
?>
</pre>
<br>
</html>
index.php
<?
session_start();
require “../db.php”;
?>
<html>
<head>
<title>PHP+MySQL Guestbook – Login</title>
</head>
<body>
<h1>PHP+MySQL Guestbook – Login</h1>
<?
if($_REQUEST[‘username’]!=””) {
$username= $_REQUEST[‘username’];
$passwd= hash(”md5″,$_REQUEST[‘passwd’]);
$hasilquery= mysql_query(”SELECT username,passwd FROM admin WHERE username=’$username’ AND passwd=’$passwd’;”);
if(mysql_fetch_array($hasilquery)) {
$_SESSION[‘username’]= $username;
$_SESSION[‘loggedin’]= TRUE;
echo “You are being logged in. Please wait.”;
echo ‘<meta http-equiv=”REFRESH” content=”1;URL=adminboard.php”>’;
die;
} else {
echo “Bad login.<br>”;
}
}
if($_SESSION[‘loggedin’]==TRUE) {
echo “You are still logged in as <b>”.$_SESSION[‘username’].”</b>.
Go to the <a href=adminboard.php>Admin Board</a> or
<a href=adminboard.php?action=logout>logout</a>.”;
}
?>
<form action=index.php method=post>
<table>
<tr><td><b>Username</b></td><td><input type=text size=30 name=username maxlength=64></td></tr>
<tr><td><b>Password</b></td><td><input type=password size=15 name=passwd maxlength=64></td></tr>
</table>
<input type=submit value=”Login”>
</form>
</html>
Wahyupati's Weblog 
Leave a comment