Getting error: Parse error: syntax error, unexpected T_VARIABLE in /www/zymichost.com/m/u/s/musicalmadness/htdocs/guestbook.php on line 1
Here is my code:
<?php
$guestbook = 'guestbook.dat';
$adminPassword = 'glitter';
error_reporting (E_ALL ^ (E_NOTICE | E_WARNING));
$admin = 0;
?>
<?php
$password = "";
if ($_POST['password'] == $adminPassword) {
$admin = 1;
$password = $adminPassword;
}
else if (strlen($_POST['password'])) {
echo("<h5>Login Failed (Bad Password)</h5>\n");
}
?>
<html>
<head>
<title>Musical Madness - A Musical Trading Website</title>
<link rel="stylesheet" href="images/css.css">
<style>body {overflow-x:hidden;}</style>
</head>
<h1>Guestbook</h1>
<div align="center">
Please take a moment to sign my Guestbook and let me know what you this of the site. Thank you!
<p>
<form action="guestbook.php" method="post">
<table border="0" cellpadding="4" cellspacing="0" style="margin-top: -10px;">
<tr>
<td width="30%"><div align="right"><b>Name:</b></div></td>
<td width="70%"><input type="text" style="font-size: 8pt; font-family: Verdana;" name="name" maxlength="20" size="20"></td>
</tr>
<tr>
<td width="30%"><div align="right"><b>Email:</b></div></td>
<td width="70%"><input type="text" style="font-size: 8pt; font-family: Verdana;" name="email" maxlength="35" size="20"></td>
</tr>
<tr>
<td width="30%"><div align="right"><b>Comment:</b></div></td>
<td><textarea style="font-size: 8pt; font-family: Verdana;" name="comment" maxlength="350" cols="30" wrap="virtual" rows="4"></textarea></td>
</tr>
<tr>
<td> </td>
<td>
<input type="submit" style="font-size: 10pt; font-family: Verdana;" name="submit" value="Submit">
<input type="reset" style="font-size: 10pt; font-family: Verdana;" name="reset" value="Reset">
</td></tr>
</table>
<?php
passwordField();
?>
</form>
<p>
<table width="100%" border="0" cellpadding="3" cellspacing="3">
<tr>
<td width="15%" bgcolor="#3E3E3E"><font size="2" color="#898989"><div align="center"><b>DATE</b></div></font></td>
<td width="15%" bgcolor="#3E3E3E"><font size="2" color="#898989"><div align="center"><b>NAME</b></div></font></td>
<td width="20%" bgcolor="#3E3E3E"><font size="2" color="#898989"><div align="center"><b>EMAIL</b></div></font></td>
<td width="50%" bgcolor="#3E3E3E"><font size="2" color="#898989"><div align="center"><b>COMMENT</b></div></font></td>
<?php
if ($admin) {echo "";}
?>
</tr>
<?php
if ($_POST['submit']) {
$file = fopen($guestbook, "a");
if (!$file) {die("Can't write to guestbook file");}
$date = date('m-d-y');
$id = rand();
$name = $_POST['name'];
$email = $_POST['email'];
$comment = $_POST['comment'];
$name = clean($name, 20);
$email = clean($email, 35);
$comment = clean($comment, 350);
fwrite($file,
"$date\t$name\t$email\t$comment\t$id\n");
fclose($file);
}
$file = fopen($guestbook, 'r');
$tfile = null;
$delete = 0;
$deleteId = '';
if ($admin && $_POST['delete']) {
$delete = 1;
$deleteId = $_POST['id'];
$tfile = @fopen("$guestbook.tmp", 'w');
if (!$tfile) {
die("Can't create temporary file for delete operation");
}
}
if ($file) {
while (!feof($file)) {
$line = fgets($file);
$line = trim($line);
list ($date, $name, $email, $comment, $id) =
split("\t", $line, 5);
if (!strlen($date)) {
break;
}
if (!strlen($id)) {
// Support my old version
$id = $date;
}
if ($delete) {
if ($id == $deleteId) {
continue;
} else {
fwrite($tfile,
"$date\t$name\t$email\t$comment\t$id\n");
}
}
echo "<tr><td><center><b>$date</b></center></td><td><center>$name</center></td>";
echo "<td><center>$email</center></td><td>$comment</td>";
if ($admin) {
echo "<td>";
echo "<form action=\"guestbook.php\" " .
"method=\"POST\">";
passwordField();
hiddenField('id', $id);
echo "<input type=\"submit\" " .
"value=\"Delete\" " .
"name=\"delete\">";
echo "</form>";
echo "</td>";
}
echo "</tr>\n";
}
fclose($file);
if ($delete) {
fclose($tfile);
unlink($guestbook);
rename("$guestbook.tmp", $guestbook);
}
}
function clean($name, $max) {
# Turn tabs and CRs into spaces so they can't
# fake other fields or extra entries
$name = ereg_replace("[[:space:]]", ' ', $name);
# Escape < > and and & so they
# can't mess withour HTML markup
$name = ereg_replace('&', '&', $name);
$name = ereg_replace('<', '<', $name);
$name = ereg_replace('>', '>', $name);
# Don't allow excessively long entries
$name = substr($name, 0, $max);
# Undo PHP's "magic quotes" feature, which has
# inserted a \ in front of any " characters.
# We undo this because we're using a file, not a
# database, so we don't want " escaped. Those
# using databases should do the opposite:
# call addslashes if get_magic_quotes_gpc()
# returns false.
return $name;
}
function passwordField() {
global $admin;
global $password;
if (!$admin) {
return;
}
hiddenField('password', $password);
}
function hiddenField($name, $value) {
echo "<input type=\"hidden\" " .
"name=\"$name\" value=\"$value\">";
}
?>
</table>
<?php
if (!$admin) {
?>
<form action="guestbook.php" method="POST">
<h1>Admin Login</h1>
<p>
This section is for my own personal use.<br>
Those IP addresses with multiple attempts to hack will be banned.
<p>
<b>Admin Password:</b> <input style="font-size: 8pt; font-family: Verdana;" type="password" name="password">
<input style="font-size: 8pt; font-family: Verdana;" type="submit" name="login" value="Log In">
</form>
<?php
}
?>
<p>
</div>
</html>