Inurl message expected. How Google works
Recently I was working on my Website, and decided I wanted to implement a guestbook. I started to search the Web to find the best guestbook for my Website, but when nobody turned up, I thought ‘Hey I’m a developer, why not create my own?’
It was very easy to create a guestbook - you can do it too. In this tutorial, I'll show you how. I’ll assume that you have already knowledge about the basics of ASP.NET programming, that you know the techniques involved in codebehind, and that you have some XML/XSL skills.
Overview
What do we need in order to create a guestbook? We need two Web forms: one in which the user can enter their name, email address, and comment, and another that’s used to display these comments as they’re signed into the guestbook. Of course we can build this functionality into one Web form, but to have a clean code, I’ll use two Web forms with several codebehind files (I’ll discuss these in more detail in a moment).
We’ll also need a database to hold the information entered via the form. I used a simple XML file (a database) to store the information entered by the user. For the visualization of the XML we’ll use XSL.
So, in summary, we need the following:
- Two Web forms
- Codebehind
- Database
In a guestbook, it’s usually sufficient to store a user’s name, location, email address, Website address, and comment. Of course, you can store more fields, but for our purposes, these are enough. We'll store this data in the XML file, which will look something like this:
I hope you like it. To learn how to create such a guestbook,
read the whole story on my website.
Signing the Guestbook
We’ll allow the user to ‘sign’ our guestbook by entering some information into a simple Web form - in our example this is the guestbook.aspx file. I use the following fields in the Web form:
- Location
- Website
- Comment
Here's the code:
<% @Page Language="C#" Debug="true" Src="Guestbook.cs"
Inherits="Guestbook" %>
To avoid confusing you with unnecessary code, I have removed the visualization tags — including table, table header etc. — from this example (though, of course, these are all included in the downloadable code that’s provided at the end of this tutorial). As we only display a simple form with a few fields and buttons, you can’t see any real programming code in this file. This is because all the functionality is hidden in the codebehind.
In the first line of the code above, I set the SRC attribute to let the ASP.NET file know that we are using the codebehind file Guestbook.cs I’ve also set the attribute Inherits with the corresponding classname. This attribute lets the file know which class to inherit.
Next, I’ve implemented the required text fields. Remember that if you want to use the same variables in the codebehind, they need to have the same ID in both files, and they must be declared as public.
In the next section of the code, I used the ASP.NET validator controls. These controls check whether the user has entered a value into the text field, without doing a round-trip to the server. The code is executed on the client side.
Finally, I implemented a submit button with an OnClick event called Save_Comment . This event is used to store the information entered into the XML file by the user. The function of this event is available in Guestbook.cs. I also implemented a reset button — and that’s it! Nothing more has to be done to the Web form. Now, if you run the guestbook.aspx, you should see a Web form that looks like this:
Now we know how to display the Web form, but we haven’t seen the code that handles the event in guestbooks.cs. Let's take a look at that now.
Using System;
using System.Web;
using System.Web.UI;
using System.Xml;
Public class Guestbook: Page
{
// Create the required webcontrols with the same name as
in the guestbook.aspx file
public TextBox name;
public TextBox location;
public TextBox email;
public TextBox website;
public TextBox comment;
Public void Save_Comment(object sender, EventArgs e)
{
// Everything is all right, so let us save the data
into the XML file
SaveXMLData();
// Remove the values of the textboxes
name.Text="";
location.Text="";
website.Text="";
email.Text="";
comment.Text="";
}
}
Private void SaveXMLData()
{
// Load the xml file
XmlDocument xmldoc = new XmlDocument();
xmldoc.Load(Server.MapPath("guestbook.xml"));
//Create a new guest element and add it to the root node
XmlElement parentNode = xmldoc.CreateElement("guest");
xmldoc.DocumentElement.PrependChild(parentNode);
// Create the required nodes
XmlElement nameNode = xmldoc.CreateElement("name");
XmlElement locationNode = xmldoc.CreateElement("location");
XmlElement emailNode = xmldoc.CreateElement("email");
XmlElement websiteNode = xmldoc.CreateElement("website");
XmlElement commentNode = xmldoc.CreateElement("comment");
// retrieve the text
XmlText nameText = xmldoc.CreateTextNode(name.Text);
XmlText locationText = xmldoc.CreateTextNode(location.Text);
XmlText emailText = xmldoc.CreateTextNode(email.Text);
XmlText websiteText = xmldoc.CreateTextNode(website.Text);
XmlText commentText = xmldoc.CreateTextNode(comment.Text);
// append the nodes to the parentNode without the value
parentNode.AppendChild(nameNode);
parentNode.AppendChild(locationNode);
parentNode.AppendChild(emailNode);
parentNode.AppendChild(websiteNode);
parentNode.AppendChild(commentNode);
// save the value of the fields into the nodes
nameNode.AppendChild(nameText);
locationNode.AppendChild(locationText);
emailNode.AppendChild(emailText);
websiteNode.AppendChild(websiteText);
commentNode.AppendChild(commentText);
// Save to the XML file
xmldoc.Save(Server.MapPath("guestbook.xml"));
// Display the user the signed guestbook
Response.Redirect("viewguestbook.aspx");
}
}
Wow! That’s our codebehind file… but what really happens here? You won’t believe it, but the answer is: “not much”!
First, we implement the minimal required namespaces which we need in order to access several important functions. Then I create a new class called Guestbook:
public class Guestbook: PageNote that it’s this class that’s inherited by the guestbook.aspx file. Then we declare 5 public variables of type textbox. Remember that here, the names have to be identical to those we used when we created the text boxes in guestbook.aspx. Then, as you can see, we use the Save_Comment event, which is fired by the submit button we included in the guestbookpx file. This event is used to save the data.
The Saving Process
The function SaveXMLData() saves the information for us. As we’re using an XML database to store the information, we use the XmlDocument , XmlElement and XmlText classes, which provide all the functions we need.
Next, we create a new XMLDocument class object and load the guestbook.xml file. The required nodes are created with the function CreateElement , and the information entered by the user is retrieved and stored to an object of XmlText . Next, we store the created nodes without any values, using the function AppendChild in conjunction with the main XmlDocument object.
And finally, the values are stored in the nodes we just created, we save all changes to the guestbook.xml file, and we redirect the page to viewguestbook.aspx, where the stored comment is displayed.
Viewing the Guestbook
To view the guestbook, we must created an another Web form:
<% @Page Language="C#" Debug="true" Src="ViewGuestbook.cs"
Inherits="ViewGuestbook" %>
As you see, this Web form doesn’t really do all that much. It simply calls the codebehind file, ViewGuestbook.cs. Let's take a look at this file.
Using System;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Xml;
using System.Xml.Xsl;
using System.IO;
Public class ViewGuestbook: Page
{
private void Page_Load(object sender, System.EventArgs e)
{
//Load the XML file
XmlDocument doc = new XmlDocument();
doc.Load(Server.MapPath("guestbook.xml"));
//Load the XSL file
XslTransform xslt = new XslTransform();
xslt.Load(Server.MapPath("guestbook.xsl"));
String xmlQuery="//guestbook";
XmlNodeList nodeList=doc.Document
Element.SelectNodes(xmlQuery);
MemoryStream ms=new MemoryStream();
xslt.Transform(doc, null, ms);
ms.Seek(0, SeekOrigin.Begin);
StreamReader sr = new StreamReader(ms);
//Print out the result
Response.Write(sr.ReadToEnd());
}
}
I’ve created this class to display all comments submitted through the guestbook to our users. Again, the first thing we do is implement the required namespaces, and, as we’re using XSL for the visualization, we have to be sure to include the namespace System.Xml.Xsl .
Then we create a new class called ViewGuestbook , with a private inbuilt function called Page_Load . This function is always called when the page loads, or when the user performs a refresh. Here, the function loads the guestbook.xml file, and then the XslTranform class is used to transform the XML elements into HTML before we load the guestbook.xsl with the help of a XslTransform object.
Next, we create a new object of class XmlNodeList , which will allow us to select the required nodes. We then use the class MemoryStream , available via the namespace System.IO , to create a stream that has memory as a backing store, and use the Transform function to assign the xml data to this memory stream. The Seek function sets the current position to zero.
We then create an object of the class StreamReader , which reads the stream, and print the result with the help of the function ReadToEnd() . This function reads the stream from the current position to the end. If you run viewguestbook.aspx, you should see a Web form like this:
The XSL
As I’ve already mentioned, we use XSL for the transformation of the data from XML to HTML. I’ve assumed that you’re already experienced with XSLT, so I’ll only touch on the important aspects here. I have used an XSL for-each loop to iterate through all the guests in the book, which looks something like this:
And in the loop we call the XSL template name, which looks something like this:
Conclusion
As you see, it’s not very difficult to create a guestbook. Good luck! And don't forget to.
Hello readers website)
In this article we will look at Phoca Guestbook - a guest book component for Joomla sites.
What can we say about this component... It is very simple and easy to administer, it has a sufficient number of settings for posting reviews on your website.
Features of Phoca Guestbook:
- selecting access rights for users;
- filtering unwanted words and phrases;
- blocking IP addresses;
- limiting the number of printed characters;
- captcha;
- modernization of messages (checked by a moderator);
- appearance of reviews (color, name display, e-mail display and website address).
So let's look at the component.
After installation, Phoca Guestbook does not need global settings.
Control Panel:
- Posts - all messages left by users;
- Guestbooks - categories (created guest books);
- Info - Information and component update.
As you can see, in the picture on the right there is a "Options" button. If you click on it, you can more extensively configure the guest book and the component itself.
Parameter | Meaning |
Display Subject In Form | (Yes | Yes (required) | No) show or hide the Object field in the form, set if the Subject field is required |
Display Name In Form | (Yes | Yes (required) | No) show or hide the field name in the form, set if the Name field is required |
Display Email In Form | (Yes | Yes (required) | No) show or hide the e-mail field in the form, set the e-mail field if required |
Display Website In Form | (Yes | Yes (required) | No) show or hide the Website field in the form, set the field if a website is required |
Display Content In Form | (Yes | Yes (required) | No) show or hide the contents of the field in the form |
Enable Javascript Editor | (Yes | No) Enable or disable JavaScript Editor |
Display Path In Javascript Editor | (Yes | No) show or hide JavaScript editor path information |
(Hide | Display) Set if the form should be displayed or not. |
|
(Top | Bottom) Select Current Location |
|
Display Required Sign | (Yes | No) Set to display fields that are required |
(Yes | No) Set to display messages. |
|
width (in pixels) |
|
height (in pixels) |
|
Set the width of the table (the table in which the form is displayed, in pixels) |
Parameter | Meaning |
If an unregistered user leaves a message, you can give him a default name. For example: Guest |
|
Username Or Name | (Username | First name) select the name that should be displayed in the Guest Book (Username or real username) |
Disable User Check | (No | Yes) User verification (disabling this option is not recommended) |
Registered Users Only | (Yes | No) If Yes, then only registered users can add new messages |
(Yes | No) If yes, the message will be displayed after admin approval |
|
to send a letter |
Parameter | Meaning |
Display Name In Post | (Yes | No) show or hide name (username) (guestbook) |
Display Email In Post | (Yes | No) show or hide email (guest book) |
Display Website In Post | (Yes | No) show or hide the site in (guest book) |
Set date format |
|
Set font color |
|
Second Font Color | Set second font color (date font color) |
Background Color | Set background color |
Setting the border color |
|
Pagination Default Value | Set default value for pagination |
Set page numbering. Separated by a comma (,) |
|
Pagination Hide All | (Yes | No) all values will be hidden (pagination) |
Parameter | Meaning |
Forbidden Word Filter | Set prohibited words that will not be displayed in the interface. Words are separated from each other by a comma (,) |
Forbidden Whole Word Filter | Set all prohibited words that will not be displayed in the interface. Words are separated from each other by a comma (,) |
Save post with forbidden words | (Yes | No) If yes, then posts that include banned words will be saved in the guestbook (banned words will be hidden if saved) |
Add the IPs you want to block. Separate each IP with a comma (,) |
|
Maximum Characters | Set the maximum number of characters they can be stored in the database |
Set the maximum number of URLs that can be displayed in a post (0: no links will be shown in posts, -1: all URLs will be shown in posts, e.g. 3: only three links from all URLs will be shown in posts) |
|
Not Allowed URL Identification Words | A set of words that will determine whether URLs are allowed in the message. Separate each word with a comma (,). Example:: / /,. HTM,. ASP. JSP,. PHP, WWW.,. COM,. ORG,. |
Enable or disable Captcha protection |
|
Change this parameter only if you will not see the captcha. |
|
Enable Captcha - Users | (All | Not registered) Captcha display option for user groups (whether to show the captcha to registered users) |
Standard Captcha Characters | Numbers, lowercase letters, uppercase characters that will be displayed in the standard Captcha image |
Math Captcha Characters | Numbers, lowercase letters, uppercase characters that will be displayed in Math Captcha images |
TTF Symbols | Numbers, lowercase letters, uppercase characters that will be displayed in TTF Captcha images |
TTF Captcha Characters | To display the re-captcha, enter the public code |
reCAPTCHA Public Key | Install Public Key recaptcha |
Enable Akismet Spam Protection | (No | Yes) Sends all data of the new geustbook entry to Akismet - a spam checking web service |
Block Spam (Akismet) | (No | Yes) Block posts that are not verified by Akismet |
Install the Akismet API key to be used in Akismet-Spam. Get yours at https://akismet.com/signup/ for free |
|
The main URL of your site. (The URL must include the http:// prefix) |
|
Enable HTML Purifier | (No | Yes) Enable or disable HTML Purifier |
Set session suffix (This is a security feature, to change the session name, set a unique suffix, for example: a100b20c3) |
|
Enable Hidden Field | (No | Yes) Enable or disable hidden fields. Some spam bots try to fill in all the fields on the spot; if they fill out this hidden field that a person cannot see, the entry will not be added to the guest book. |
(Yes | No) Enable cache. |
|
Enable Detecting Incoming Page | (Yes | No) Enable or disable incoming page detection. This is a security feature. If you enable it, the page from which the guest book post came will be saved and displayed in the interface. |
Here we start out with a simple "settings" file, named settings.asp. This file will be included on each page, and will contain the basic settings for this guestbook.
Since the password (logincode) is NOT in the database, you can leave the database in the webroot with a mappath statement to make the install easier. However, the best place for the database is outside of your webroot, in which case you would want to change the database_path string to your full path ("C:\inetpub\database\post.mdb" for example)
There is also an important settings to allow html, or not. Many times folks abuse a guestbook by filling it with links, and other junk. It would be a good idea to disallow html, unless you really need it.
The language setting is just a set of variables for text used within the system, for each language there is a different text that is used. Very easy to add a "new" language to the system.
Details
The login is a simple login check page, which checks the login code entered on the form
with the one stored in the settings.asp file.
The login uses session variables to store the login information, so to log off we simply abandon the session. The redirect appends the date to avoid seeing a "cached" login page after being logged out. This is not a security issue, but just for convenience.
<% session.abandon response .redirect(" post.asp?d=" & date ) %>
Now the main code is the post.asp page, this page is the same whether you are logged in as admin or just a guest visiting the page. If you are logeed in you see the same data as a guest, only you have more options available, you can delete posts, or restore deleted posts, or empty the "recycle bin" (where deleted posts are stored until you clear them out) .
As you can see from the code below, we check for the loggedin session right from the start,
then we can use this throughout the rest of the script to display data based on your status as admin or guest.
<% option explicit %>
span > <% LoggedIn = Session(" loginID" )Once you are logged in you see more options available.
The file is split up into "parts" depending on what querystring is passed.
The section below checks to see if you are logged in and then check so see if
you have attempted to empty the "deleted" items from the database.
As you can see from the rest of the main "post" code, different items are displayed or actions performed based on being logged in or not, and if so what querystring value you have passed to the page.
" ============set based on delete or undelete============ If LoggedIn<>" " Then showdeleted = request .querystring(" showdeleted" ) if showdeleted = 1 then active = 2 removetype = 1 delete_text = undelete_text delimage = " undelete.gif" else active = 1 removetype = 2 delete_text = delete_text delimage = " delete.gif " end if else active = 1 end if " ============Delete/Undelete Items from the guestbook display============ remove = request .querystring(" remove" ) if remove = 1 then Set dConn = Server .CreateObject (" ADODB.Connection" ) dConn.Open " PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE="& database_path removetype = request .querystring(" removetype") mySQL = " UPDATE tblPost SET Active = " & removetype & " WHERE ID = " & _ ID & " ;" response .write " updating" dConn.execute(mySQL) dConn.Close set dConn = Nothing response .redirect(" post.asp" ) end if " ============End Delete Section============ Set dataRS = Server .CreateObject ( " ADODB.RecordSet " ) dataSQL = " Select TOP " & show_posts & " message, remote_addr, sysdate, " &_ " systime, id FROM tblPost WHERE active = "&active&_" order by sysdate DESC, systime DESC;""Response.Write dataSQL" response.end Set dConn = Server.CreateObject("ADODB.Connection") dConn.Open" PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE="& database_path dataRS.Open dataSQL, dConn, 1 , 3 recordcount = dataRS.recordcount if recordcount > 0 then data = dataRS.GetRows() " Data is retrieved so close all connections dataRS.Close Set dataRS = Nothing dconn.close set dconn = nothing " Setup for array usage iRecFirst = LBound (data, 2 ) iRecLast = UBound (data, 2 ) end if " ============IF IS A POST BACK============ message = trim (request .form(" message")) if request .form(" ispostback" ) = 1 AND (len (message) > minimum_length) then if allow_html = "no" then message = RemoveHTMLtags(message) else message = PreSubmit2(message) end if strSQL = " tblPost" " Open a recordset Set cRS2 = Server .CreateObject (" ADODB.recordset") Set dConn = Server .CreateObject (" ADODB.Connection" ) dConn.Open " PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE="&_ database_path cRS2.Open strSQL, dConn, 1 ,3 cRS2.AddNew cRS2(" message" ) = message cRS2(" sysdate" ) = date () cRS2(" systime" ) = time () cRS2(" remote_addr" ) = request .ServerVariables(" remote_addr" ) cRS2(" Active" ) = 1 cRS2.Update cRS2.Close Set cRS2 = Nothing dConn.Close Set dConn = Nothing response .redirect(" post.asp" ) end if " ============End POSTBACK Section============ %><%=pagetitle%>