function unHTMLentities ($string) {
$trans_tbl1 = get_html_translation_table(HTML_ENTITIES);
foreach ($trans_tbl1 as $ascii => $htmlentity) {
$trans_tbl2[$ascii] = \'&#\' . ord($ascii) . \';\';
}
$trans_tbl1 = array_flip($trans_tbl1);
$trans_tbl2 = array_flip($trans_tbl2);
return strtr(strtr($string, $trans_tbl1), $trans_tbl2);
}
function takeNotes () {
if($_POST[\'action\'] == \'addNote\') {
$data = array();
foreach($_POST as $name => $value) {
$data[$name] = (function_exists(\'mysql_real_escape_string\')) ? mysql_real_escape_string($value) : addslashes($value);
}
$sql = \"INSERT INTO `notes` (`title`, `author`, `timestamp`, `note`, `private`, `ip`) VALUES (\'{$data[\'title\']}\', \'{$data[\'author\']}\', \'\" . time() . \"\', \'{$data[\'notes\']}\', \'{$data[\'private\']}\', \'{$_SERVER[\'REMOTE_ADDR\']}\')\";
if(@mysql_query($sql)) {
$id = mysql_insert_id();
header(\"Location: ./view/$id/\");
} else {
echo \'<span class=\"error\">Oops! We couldn\\\'t post it to the site! Sorry!</span>\';
}
} else {
$html = \'<form method=\"post\" enctype=\"multipart/form-data\" action=\"\" name=\"post\">
Note Name
<input type=\"text\" name=\"title\" size=\"40\" value=\"Untitled\" />
Your Name
<input type=\"text\" name=\"author\" size=\"40\" value=\"Anonymous\" />
Make This Note Private? Only you will be able to access it.
<select name=\"private\">
<option value=\"0\" selected=\"selected\">No</option>
<option value=\"1\">Yes</option>
</select>
Notes
<textarea rows=\"5\" cols=\"35\" name=\"notes\"></textarea>
<input type=\"hidden\" name=\"action\" value=\"addNote\" />
<input type=\"submit\" name=\"submit\" id=\"button\" value=\"Submit\" />
<input type=\"reset\" name=\"reset\" id=\"button\" value=\"Reset\" />
</form>\';
echo $html;
}
}
function recentNotes ($i = 10) {
$sql = \"SELECT * FROM `notes` ORDER BY `id` DESC LIMIT $i\";
$q = mysql_query($sql);
$html = \'<ul>\';
if(mysql_num_rows($q) == 0) {
$html .= \"<li><h3 class=\\\"error\\\">No notes.</h3></li>\";
} else {
while($r = mysql_fetch_assoc($q)) {
$html .= \"<li><h3><a href=\\\"/view/{$r[\'id\']}/\\\">{$r[\'title\']}</a></h3></li>\";
}
}
$html .= \'</ul>\';
echo $html;
}
function viewNotes ($i) {
if($i) {
$sql = \"SELECT * FROM `notes` WHERE `id` = \'$i\'\";
$q = mysql_query($sql);
if(mysql_num_rows($q) == 0) {
$html = \'<span class=\"error\">Please select a valid Note!</span>\';
} else {
$r = mysql_fetch_assoc($q);
if($r[\'private\'] == 1 && $_SERVER[\'REMOTE_ADDR\'] !== $r[\'ip\']) {
echo \'<span class=\"error\">Sorry, you are not allowed to view this Note.</span>\';
} else {
$notes = stripslashes($r[\'note\']);
$notes = split(\"\\n\", $notes);
// The bug is somewhere here:
//
// for($i = 1; $i <= count($notes); $i++) {
// $numbers .= \"$i.
\\n\";
// }
// use this:
$size=count($notes);
for($i=1;$i<$size+1;$i++)
{
$numbers .= \"$i.
\\n\";
}
//its even better for performence
$note = $this->unHTMLentities($note);
$note = highlight_string($r[\'note\'], true);
$date = date(\'F jS\\, Y\', $r[\'timestamp\']);
$html = \"<strong>{$r[\'title\']}</strong> by {$r[\'author\']} on $date
<div class=\\\"notes\\\">
<div class=\\\"numbers\\\">
$numbers
</div>
<div class=\\\"note\\\">
$note
</div>
<div class=\\\"clear\\\"></div>
</div>\";
}
}
echo $html;
} else {
echo \'<span class=\"error\">Please select a note to view!</span>\';
}
}
}
$notes = new notes;
?>