heres the code you need (ripped from my old site) too make a shoutbox. after that you'll want to add the following.
create a session (the user only needs to login once)
automatically grab the session data, when they post.
if not logged in show a login.
shoutboxes are great, and ajax is great, therefore ajax+shoutbox= awesome!
lets test that maths;)
heres your basic shoutbox, I'll add more on at the bottom, this includes a captcha, post limiting, smilies and an admin area with smiley adder, ip banner and a bad word filter. Enjoy!
DEMO: http://tutorialninja.com/demos/ajax%20shoutbox/
1. AJAX heres your basic javascript for the ajax connections, plus some unique alterations for this script. (javascript.js)
Code:
var xmlHttp
function submitshout(shout,name)
{
var xmlHttp
function submitshout(shout,name)
{
var url
url='shouts.php?name='+name+'&shout='+shout;
xmlHttp=GetXmlHttpObject()
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);
}
function stateChanged()
{
if (xmlHttp.readyState==4)
{
document.getElementById("shouts").innerHTML=xmlHttp.responseText;
}
}
function GetXmlHttpObject()
{
var xmlHttp=null;
try
{
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
}
catch (e)
{
// Internet Explorer
try
{
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e)
{
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function ban(ip){
var r=confirm("Do you really wish to ban this IP and delete all their comments?")
if (r==true)
{
window.location = "admin.php?ban="+ip
}
}
2. config.php - connect to your mysql and set up admin!
Code:
<?php
$dbh=mysql_connect ("localhost", "root", "");
$dbs=mysql_select_db ("shoutbox");
//connect to the mysql db
$adminuser="admin";
$adminpass="password";
session_start();
?>
3.index - without a form your nowhere. (index.php)
Code:
<html>
<?php
ob_start();
include_once("config.php");
include_once("isbanned.php");
?>
<html>
<head>
<script src="javascript.js"></script>
<!--call our javascript file, its neater to link like this-->
</head>
<body style='margin:0px;'>
<div style='padding:10px;'>
<span id='shouts'>
<?php
include_once("shouts.php");
?>
</span>
</div>
<div style='margin-top:10px;margin-left:10px;margin-right:10px;'>
<form name='shout' id='shout'>
<font style='font-family:verdana;font-size:10px'>name: </font><input type='text' name='user' id='user' maxlength='35' style='width:100%'/><br />
<font style='font-family:verdana;font-size:10px'>shout: </font>
<textarea style='width:100%;' rows='3' cols='40 id='shout' name='shout' maxlength='2'></textarea><br />
<input type='reset' value='reset' name='reset'>
<input type='button' value='shout!' name='submit' onclick="submitshout(shout.value,user.value)">
</form>
</div>
</body>
</html>
3. before we really start, we need a table, heres your code:
Code:
CREATE TABLE `shouts` (
`user` varchar(30) NOT NULL,
`date` date NOT NULL,
`shout` text NOT NULL,
`ip` varchar(20) NOT NULL,
`ID` int(11) NOT NULL auto_increment,
PRIMARY KEY (`ID`)
) ;
4. heres the meat of the tutorial, and the detailed parts. (shouts.php)
Code:
<?php
if(isset($_GET['name']) && isset($_GET['shout'])){
include_once("config.php");
include_once("cleanup.php");
$name = stripslashes(strip_tags(htmlspecialchars($_GET['name'])));
$shout = stripslashes(strip_tags(htmlspecialchars($_GET['shout'])));
$vars = array(
"hi" => "bi"
);
foreach ($vars as $var => $content){
$content = str_replace("{".$var."}", $content, $shout);
$shout =$content;
}
$shout = clean($shout);
$result= MYSQL_QUERY("INSERT INTO `shouts` ( `user` , `date` , `shout` , `ip` , `ID` ) VALUES ('$name', CURDATE( ) , '$shout', '".$_SERVER['REMOTE_ADDR']."', NULL);
");
}
$limit = stripslashes(strip_tags(htmlspecialchars($_GET['page'])));
if($limit == ""){
$limit = "1";
}
$limit = $limit*20;
$limitb = $limit-20;
$query = "SELECT user,shout FROM shouts order by ID DESC LIMIT $limitb, $limit";
$query = mysql_query($query) or die(mysql_error());
$i="0";
While ($row = MySQL_fetch_array($query)){
$i++;
if ( $i%2 ){
echo"<div style='background-color:#A6A3A3'>";
}else{
echo"<div style='background-color:#C1BCBC'>";
}
echo "<div style='padding:5px;font-family:verdana;font-size:10px'><b>".$row['user']."</b><br />".$row['shout']."<br clear='all' /></div></div>";
}
$query = mysql_query("SELECT ID FROM shouts");
$howmany = mysql_num_rows($query);
$howmany = $howmany/20;
$i=0;
echo"<center>";
while($i<$howmany){
$i++;
echo"<a href='./index.php?page=$i'>$i</a> ";
}
echo"</center>";
?>
5. heres is banned.php this determines if a user is banned or not
Code:
<?php
if((isset($_SESSION['banned'])) or (isset($HTTP_COOKIE_VARS['banned']))){
//if there is a banned cookie or session
$query = mysql_query("SELECT ID FROM banned where IP = '".$_SERVER['REMOTE_ADDR']."'");
//see if there are any entries in the banned table for this ip
$howmany = mysql_num_rows($query);
if($howmany == 0){
//if there aren't any entries
$result= MYSQL_QUERY("INSERT INTO `banned` ( `ID` , `IP`) VALUES (NULL, '".$_SERVER['REMOTE_ADDR']."')");
//add their ip to the banned list!
}
if(!isset($_SESSION['banned'])){
//if theres no banned session
$_SESSION['banned'] = $_SERVER['REMOTE_ADDR'];
//start a session that says their banned
}
if(!isset($HTTP_COOKIE_VARS['banned'])){
//if theres no banned cookie
setcookie('banned', $_SERVER['REMOTE_ADDR'], time() + 36000000000000000000000000000000000000000000000000000000);
//set a cookie that says their banned
}
echo"<h1>banned!</h1>";
exit();
mysql_exit();
//close up
}else{
$query = mysql_query("SELECT ID FROM banned where IP = '".$_SERVER['REMOTE_ADDR']."'");
//see if there are any entries in the banned table for this ip
$howmany = mysql_num_rows($query);
if($howmany > 0){
//if theres more than 0 entries
if(!isset($_SESSION['banned'])){
//if theres no banned session
$_SESSION['banned'] = $_SERVER['REMOTE_ADDR'];
//start a session that says their banned
}
if(!isset($HTTP_COOKIE_VARS['banned'])){
//if theres no banned cookie
setcookie('banned', $_SERVER['REMOTE_ADDR'], time() + 36000000000000000000000000000000000000000000000000000000);
//set a cookie that says their banned
}
echo"<h1>banned!</h1>";
exit();
mysql_exit();
//close up
}
}
?>
6. cleanup.php - this adds smileys and censors words
Code:
<?php
function clean($data){
$query = mysql_query("SELECT `key` , `smiley` FROM `smileys`");
While ($row = MySQL_fetch_array($query)){
$data = str_replace($row['key'], $row['smiley'], $data);
}
$query = mysql_query("SELECT word FROM bannedwords");
While ($row = MySQL_fetch_array($query)){
$data = str_replace($row['word'], "****", $data);
}
return $data;
}
?>
7. admin.php this contains many separate bits
Code:
<?php
include_once("config.php");
?>
<html>
<head>
<script src="javascript.js"></script>
</head>
<body>
<center>
<h1>admin area</h1>
<?php
if(!isset($_SESSION['auser']) or !isset($_SESSION['apass'])){
if(!$_POST['submit']){
?>
<form name='login' method='post'>
<table border='0' cellpadding='0'>
<tr>
<td>username:</td><td><input type='text' name='auser'></td>
</tr><tr>
<td>password:</td><td><input type='password' name='apass'></td>
</tr><tr>
<td colspan='2' align='center'><input type='submit' name='submit' value='login'></td>
</tr>
</table>
</form>
<?php
}else{
if(!isset($_POST['auser']) or !isset($_POST['apass'])){
echo"not all the forms were filled in!";
exit();
}
$auser= stripslashes(strip_tags(htmlspecialchars($_POST['auser'])));
$apass= stripslashes(strip_tags(htmlspecialchars($_POST['apass'])));
if(($auser != $adminuser) or ($apass != $adminpass)){
echo"sorry, your admin user or pass was incorrect!";
exit();
}
$_SESSION['auser'] = $adminuser;
$_SESSION['apass'] = $adminpass;
echo"<a href='admin.php'>continue</a>";
exit();
}
}else{
if(($_SESSION['auser'] != $adminuser) or ($_SESSION['apass'] != $adminpass)){
unset($_SESSION['auser']);
unset($_SESSION['apass']);
echo"whats that? hack?!";
exit();
}
echo"<a href='admin.php'>home</a> <a href='admin.php?page=smilieys'>smilies</a> <a href='admin.php?page=banned'>view banned</a> <a href='admin.php?page=filter'>word filter</a>";
if(!isset($_GET['page'])){
if($_POST['submitb']){
foreach ($_POST as $key => $value) {
$result= MYSQL_QUERY("DELETE FROM `shouts` WHERE ID = '$key'");
}
}
if($_GET['ban']){
if($_GET['ban'] != $_SERVER['REMOTE_ADDR']){
$result= MYSQL_QUERY("INSERT INTO `banned` ( `ID` , `IP`) VALUES ('NULL', '".$_SERVER['REMOTE_ADDR']."')");
$result= MYSQL_QUERY("DELETE FROM `shouts` WHERE ip = '".$_GET['ban']."'");
echo$_GET['ban']." has been banned and their comments deleted!";
}else{
echo"<br />don't be daft.";
}
}
$limit = stripslashes(strip_tags(htmlspecialchars($_GET['limit'])));
if($limit == ""){
$limit = "1";
}
$limit = $limit*20;
$limitb = $limit-20;
$query = mysql_query("SELECT * FROM shouts order by ID DESC LIMIT $limitb, $limit");
$i="0";
echo"<form name='delete' method='post'>";
While ($row = MySQL_fetch_array($query)){
$i++;
if ( $i%2 ){
echo"<div style='background-color:#A6A3A3;width:750px;' align='left'>";
}else{
echo"<div style='background-color:#C1BCBC;width:750px;' align='left'>";
}
echo "<INPUT TYPE='checkbox' NAME='".$row['ID']."' style='float:left;'><div style='padding:5px;font-family:verdana;font-size:10px'> <b><a href='#' style='color:#000000' onclick=\"ban('".$row['ip']."')\">".$row['user']."</a></b><br />".$row['shout']."</div></div>";
}
echo"<input type='submit' name='submitb' value='delete'></form>";
$query = mysql_query("SELECT ID FROM shouts");
$howmany = mysql_num_rows($query);
$howmany = $howmany/20;
$i=0;
echo"<center>";
while($i<$howmany){
$i++;
echo"<a href='./admin.php?limit=$i'>$i</a> ";
}
}else if($_GET['page'] == "filter"){
echo"<table border='0' cellpadding='0'>";
if($_POST['submit']){
$result= MYSQL_QUERY("INSERT INTO `bannedwords` ( `ID` , `word`) VALUES ('NULL', '".$_POST['word']."')");
}
if($_GET['unban']){
$result= MYSQL_QUERY("DELETE FROM `bannedwords` WHERE ID = '".$_GET['unban']."'");
}
$query = mysql_query("SELECT * FROM bannedwords order by ID DESC");
While ($row = MySQL_fetch_array($query)){
echo"<tr><td><a href='./admin.php?page=filter&unban=".$row['ID']."'>".$row['word']."</a></td></tr>";
}
echo"<tr><td><form name='filter' method='post'>word:<input type='text' name='word'><input type='submit' name='submit' value='ban'></form></td></tr></table>";
}else if($_GET['page'] == "banned"){
echo"<table border='0' cellpadding='0'>";
if($_GET['unban']){
$result= MYSQL_QUERY("DELETE FROM `banned` WHERE ID = '".$_GET['unban']."'");
}
$query = mysql_query("SELECT * FROM banned order by ID DESC");
While ($row = MySQL_fetch_array($query)){
echo"<tr><td><a href='./admin.php?page=banned&unban=".$row['ID']."'>".$row['IP']."</a></td></tr>";
}
echo"</table>";
}else if($_GET['page'] == "smilieys"){
if($_POST['submit']){
$result= MYSQL_QUERY("INSERT INTO `smileys` ( `ID` , `key` , `smiley`) VALUES ('NULL', '".$_POST['key']."', '".$_POST['smiley']."')");
}
if($_GET['delete']){
$result= MYSQL_QUERY("DELETE FROM `smileys` WHERE ID = '".$_GET['delete']."'");
}
echo"<table border='0' cellpadding='0'>";
$query = mysql_query("SELECT * FROM smileys order by ID DESC");
While ($row = MySQL_fetch_array($query)){
echo"<tr><td><a href='./admin.php?page=smilieys&delete=".$row['ID']."'>".$row['key']."</a></td><td>".stripslashes($row['smiley'])."</td></tr>";
}
echo"<tr><td colspan='2'><form name='smilieys' method='post'>key:<input type='text' name='key'>smiley:<input type='text' name='smiley'><input type='submit' name='submit' value='add'></form></td></tr></table></table>";
}
}
?>
</center>
</body>
</html>
comments and the rest of admin.php coming soon! (end of today)
If you do this and need a hand feel free to pm me, I don't mind helping out.