
<?php

//===================初期設定=====================

$db_user = "komonet"; //データベースのユーザー名（自分の環境に合わせて変更の事）

$db_name = "komodb"; //データベース名（自分の環境に合わせて変更の事）

$date = date("Y/m/d(D) H:i:s"); //時間の取得

$data_max = 1000; //データ最大記録数

$page_view = 10; //1ページの記事表示件数

$homegif = "./home.gif"; //ホームページへのリンク用画像

$passwd = "777"; //管理者用パスワード

$up_dir = '/img/';

$w_max = 200; //画像の横幅の最大値（ピクセル）

$h_max = 200; //画像の縦幅の最大値（ピクセル）

$w_limit = 1000; //画像の横幅の制限値（ピクセル）

$h_limit = 750; //画像の縦幅の制限値（ピクセル）

$hensin_order = "DESC"; //降順。昇順なら「ASC」。

//================================================



//スーパーグローバル変数対策

if(!isset($PATH_TRANSLATED)){

    $path = dirname($_SERVER["PATH_TRANSLATED"]).$up_dir;

}else{

    $path = dirname($PATH_TRANSLATED).$up_dir;

}

if(!isset($PHP_SELF)){ $PHP_SELF = $_SERVER["PHP_SELF"]; }

if(!isset($flags)){ $flags = $_POST['flags']; }

if(!isset($re_sub)){ $re_sub = $_POST['re_sub']; }

if(!isset($code)){ $code = $_POST['code']; }

if(!isset($action)){ $action = $_POST['action']; }

if(!isset($delcode)){ $delcode = $_POST['delcode']; }

if(!isset($password)){ $password = $_POST['password']; }

if(!isset($ress)){ $ress = $_POST['ress']; }

if(!isset($name)){ $name = $_POST['name']; }

if(!isset($email)){ $email = $_POST['email']; }

if(!isset($hp)){ $hp = $_POST['hp']; }

if(!isset($pass)){ $pass = $_POST['pass']; }

if(!isset($subject)){ $subject = $_POST['subject']; }

if(!isset($scolor)){ $scolor = $_POST['scolor']; }

if(!isset($comment)){ $comment = $_POST['comment']; }

if(!isset($upfile)){ $upfile = $_FILES['upfile']['tmp_name']; }

if(!isset($upfile_name)){ $upfile_name = $_FILES['upfile']['name']; }

if(!isset($pline)){ $pline = $_POST['pline']; }

if(!isset($search_str)){ $search_str = $_POST['search_str']; }

?>



<HTML>

<HEAD>

    <META HTTP-EQUIV="Content-Type" CONTENT="text/html;CHARSET=x-sjis">

    <TITLE>DB連携掲示板</TITLE>

    <STYLE TYPE="text/css">

    <!--

    :link     {

            Color : blue ;

            Text-Decoration : None

        }

    :active     {

            Color : blue ;

            Text-Decoration : None

        }

    :visited     {

            Color : blue ;

            Text-Decoration : None

        }

    A:hover     {

            Color : blue ;

            Text-Decoration : Underline

        }

    -->

    </STYLE>

</HEAD>

<BODY BGCOLOR="#FFFFEE">

<CENTER>

<FORM ACTION="<?php echo $PHP_SELF; ?>" METHOD="POST" ENCTYPE="multipart/form-data">

<P><INPUT TYPE="HIDDEN" NAME="action" VALUE="regist"></P>

<P ALIGN="CENTER"><FONT SIZE="6" COLOR="#0033CC">DB連携掲示板</FONT></P>

<P ALIGN="CENTER"><FONT SIZE="2" COLOR="red">お名前とコメントは必ず書き込んで下さい。エラーになります。記事の最大記録数は<?php echo $data_max; ?>件です。</FONT></P>

<P>

<TABLE BORDER="0" WIDTH="90%">

    <TR>

        <TD WIDTH="12%" ALIGN="RIGHT">

            <P ALIGN="RIGHT">お名前：

        </TD>

        <TD><INPUT TYPE="TEXT" NAME="name" SIZE="15"></TD>

    </TR>

    <TR>

        <TD WIDTH="12%" ALIGN="RIGHT">

            <P ALIGN="RIGHT">E-mail：

        </TD>

        <TD COLSPAN="3"><INPUT TYPE="TEXT" NAME="email" SIZE="25"></TD>

    </TR>

    <TR>

        <TD WIDTH="12%" ALIGN="RIGHT">

            <P ALIGN="RIGHT">HomePage：

        </TD>

        <TD><INPUT TYPE="TEXT" NAME="hp" SIZE="40"></TD>

    </TR>

    <TR>

        <TD WIDTH="12%">

            <P ALIGN="RIGHT">削除キー：

        </TD>

        <TD><INPUT TYPE="TEXT" NAME="pass" SIZE="7"><FONT SIZE="2" COLOR="#CC0000"> *半角英数4文字以上推奨。削除キーを設定すると、いつでもご自分の記事を削除できます。</FONT></TD>

    </TR>

    <TR>

        <TD WIDTH="12%" ALIGN="RIGHT">

            <P ALIGN="RIGHT">題目：

        </TD>

        <TD><INPUT TYPE="TEXT" NAME="subject" SIZE="40"> 題目色：<INPUT TYPE="RADIO" NAME="scolor" VALUE="blue" checked><B><FONT COLOR="blue">青</FONT></B>　<INPUT

            TYPE="RADIO" NAME="scolor" VALUE="red"><B><FONT COLOR="red">赤</FONT></B>　<INPUT TYPE="RADIO" NAME="scolor" VALUE="green"><B><FONT

            COLOR="green">緑</FONT></B>　<INPUT TYPE="RADIO" NAME="scolor" VALUE="brown"><B><FONT COLOR="brown">茶</FONT></B>　<INPUT

            TYPE="RADIO" NAME="scolor" VALUE="purple"><B><FONT COLOR="purple">紫</FONT></B></TD>

    </TR>

    <TR>

        <TD WIDTH="12%" ALIGN="RIGHT">

            <P ALIGN="RIGHT">コメント：

        </TD>

        <TD><TEXTAREA NAME="comment" ROWS="4" COLS="60"></TEXTAREA></TD>

    </TR>

    <TR>

        <TD WIDTH="12%" ALIGN="RIGHT">

            <P ALIGN="RIGHT">添付画像：

        </TD>

        <TD><INPUT TYPE="file" NAME="upfile" SIZE="35"><FONT SIZE="2" COLOR="#CC0000"> *GIF、JPG、PNG画像のみ有効。H画像はもちろん禁止！</FONT></TD>

    </TR>

    <TR>

        <TD WIDTH="12%">&nbsp;</TD>

        <TD>

<?php

if($flags == 'return'){

    print "<input type=submit value=［" . $re_sub . "］に返信>\n";

    print "<input type=hidden name=ress value=$code>\n";

} else {

    print "<INPUT TYPE=SUBMIT VALUE=書き込み／更新> <INPUT TYPE=RESET VALUE=リセット>\n";

}

?>

        </TD>

    </TR>

</TABLE>

</FORM>



<?php

//文字列検索用テキストボックスを表示

echo "<form action=$PHP_SELF method=POST>\n";

echo "<input type=hidden name=action value=sort>\n";

echo "<table border=0 bgcolor=#FFEEEE><tr><td>\n";

echo "<B>文字列検索：</B><FONT SIZE=2>題名又はコメントに文字列</FONT><input type=text size=20 name=search_str value=\"$search_str\"><FONT SIZE=2>を含む</FONT> <input type=submit name=submit value=送信></td></form>\n";

echo "<form action=$PHP_SELF method=POST>\n";

echo "<td><input type=submit value=リセット></td></tr>\n";

echo "</table></form>\n";

//===============インライン関数===================

function inline_link($link){

    $link = ereg_replace("(https?|ftp|news)(://[[:alnum:]\+\$\;\?\.%,!#~*/:@&=_-]+)","<a href=\"\\1\\2\" target=\"_blank\">\\1\\2</a>",$link);

    return $link;

}

//================================================



//データベースに接続

$d_base = pg_connect("user=" . $db_user . " dbname=" . $db_name) or die("接続エラー");



//データの書き込み

if($action == "regist"){

    //空白対策

    $name2 = str_replace(" ", "", $name);

    $name2 = str_replace("　", "", $name2);

    $comment2 = str_replace(" ", "", $comment);

    $comment2 = str_replace("　", "", $comment2);

    if($name2 && $comment2){

        if(strlen($comment) < 1000){

            $code = time(); //アクセス時の秒数

            if(!$ress){ $ress = 0; }

            //インラインリンクを実現（URLのみ）

            $comment = inline_link($comment);

            //ホスト名を取得

            $host = getenv("REMOTE_HOST");

            $addr = getenv("REMOTE_ADDR");

            if($host == "" || $host == $addr){

                $host = gethostbyaddr($addr);

            }

            //訪問者のブラウザを取得

            $agent = getenv("HTTP_USER_AGENT");

            //画像のアップロード処理

            if(is_uploaded_file($upfile)){

                //画像の属性を取得

                $imagesize = getimagesize($upfile);

                //大きな画像のアップを制限

                if(($imagesize[0] > $w_limit) || ($imagesize[1] > $h_limit)){ 

                    echo "画像のサイズが大き過ぎて登録できませんでした。";

                    exit;

                }else{

                    switch($imagesize[2]){

                        case 1:

                            $out = $code . ".gif";

                            break;

                        case 2:

                            $out = $code . ".jpg";

                            break;

                        case 3:

                            $out = $code . ".png";

                            break;

                        default:

                            unlink($upfile);

                    }

                    if($out){

                        $sendpath = $path.$out;

                        if(move_uploaded_file($upfile, $sendpath)){

                            chmod($sendpath,0666);

                            $fname = $out;

                        }

                    }

                }

            }

            $sql = "insert into db_bbs values ($code,$ress,'$date','$name','$email','$hp','$pass','$subject','$scolor','$comment','$fname','$host','$agent')";

            pg_query($d_base, $sql) or die("データ登録エラー");

            //データ最大記録数を調整

            $sql = "select * from db_bbs order by code DESC";

            $result = pg_query($d_base, $sql) or die("データ抽出エラー1");

            $row = pg_numrows($result); //検索結果の行数を取得

            if($row > ($data_max * 1.2)){

                $arr = pg_fetch_row($result, $data_max); 

                $max_arr = $arr[0];

                $sql = "delete from db_bbs where code <= $max_arr";

                pg_query($d_base, $sql) or die("データ削除エラー1");

            }

            echo "<META HTTP-EQUIV=refresh CONTENT=0;URL=$PHP_SELF>\n";

        }else{

            echo "コメントの文字数が多すぎます。";

            exit;

        }

    }

}

//データの削除

if($action == "delete"){

    if($delcode && $pass){

        $result = pg_query($d_base, "select * from db_bbs where ress = " . $delcode) or die("データ抽出エラー2");

        if(!pg_numrows($result)){

            $result2 = pg_query($d_base, "select pass from db_bbs where code = " . $delcode) or die("データ抽出エラー3");

            $array = pg_fetch_row($result2, 0); //検索結果の一行分を配列に格納

            $u_pass = $array[0];

            if($pass == $passwd || $pass == $u_pass){

                //画像の削除処理

                $result3 = pg_query($d_base, "select * from db_bbs where code = " . $delcode) or die("データ抽出エラー4");

                $array2 = pg_fetch_row($result3, 0); //検索結果の一行分を配列に格納

                $img_name = $array2[10];

                unlink(".".$up_dir.$img_name);

                //該当データを削除

                pg_query($d_base, "delete from db_bbs where code = " . $delcode) or die("データ削除エラー2");

            }

        }else{

            echo "親記事のみを削除することはできません。";

            exit;

        }

    }

}

//記事を一覧表示

if($search_str){ //検索文字列があれば

    $sql = "select * from db_bbs where subject like '%" . $search_str . "%' or comment like '%" . $search_str . "%'";

    $ress_result = pg_query($d_base, $sql) or die("データ抽出エラー5");

    if(pg_numrows($ress_result) > 0){

        $ress_row = pg_numrows($ress_result);

        for($i=0; $i<$ress_row; $i++){

            $ress_row = pg_fetch_row($ress_result, $i);

            if($ress_row[1]){

                $ress[] = $ress_row[1];

            }elseif($ress_row[0]){

                $ress[] = $ress_row[0];

            }

        }

        $sql2 = "select * from db_bbs where code = " . $ress[0];

        if(count($ress) > 1){

            for($i=1; $i<count($ress); $i++){

                $sql2 .= " or code = " . $ress[$i];

            }

        }

        $sql2 .= " order by code DESC";

        $result = pg_query($d_base, $sql2) or die("データ抽出エラー6");

    }else{

        echo "該当のデータはありません。\n";

        exit;

    }

}else{

    $result = pg_query($d_base, "select * from db_bbs order by code DESC") or die("データ抽出エラー7");

}

$row = pg_numrows($result); //検索結果の行数を取得

if($row){

    if($pline == ""){

        $p_line = 0;

    }else{

        $p_line = $pline;

    }

    $end_data = $row - 1;

    $page_end = $p_line + ($page_view - 1);

    if($page_end >= $end_data){

        $page_end = $end_data;

    }

    for($i=$p_line; $i<=$page_end; $i++){

        $arr = pg_fetch_row($result, $i); //検索結果の一行分を配列に格納

        //親記事の表示

        if(!$arr[1]){

            echo "<form method=POST action=$PHP_SELF>\n";

            echo "<table border=1 cellspacing=0 width=90% bgcolor=#555555>\n";

            echo "<tr><td bgcolor=#FFFFFF><input type=checkbox name=delcode value=$arr[0]> ";

            if($search_str){

                $subject = str_replace("$search_str", "<SPAN STYLE=\"Background-Color : #FFCCFF\">$search_str</SPAN>", $arr[7]);

                echo "<font color='" . $arr2[8] . "'><b>$subject</b></font>\n";

            }else{

                echo"<font size=4 color='" . $arr[8] . "'><b>$arr[7]</b></font>";

            }

            if($arr[4]){

                echo " <a href=mailto:$arr[4] onMouseOver=this.style.color='red' onMouseOut=this.style.color='blue'><strong>$arr[3]</strong></a>";

            }else{

                echo " <strong>$arr[3]</strong>";

            }

            if($arr[5]){

                echo " <a href=$arr[5] target=_blank><img src=$homegif border=0></a>\n";

            }

            echo " <font size=2>$arr[2]</font>\n";

            echo "<input type=hidden name=action value=delete>\n";

            echo "<font size=2> 削除キー：</font><input type=password size=7 name=pass>\n";

            echo "<input type=submit value=削除></form><blockquote>\n";

            echo "<table border=0>\n";

            echo "<tr><td>\n";

            if($arr[10]){

                $img_name = $arr[10];

                if(file_exists("$path$img_name")){

                    $size = getimagesize("$path$img_name");

                    $img_w=$size[0];

                    $img_h=$size[1];

                    if($img_w > $w_max || $img_h > $h_max){

                        $w_ritu = $w_max / $img_w;

                        $h_ritu = $h_max / $img_h;

                        ($w_ritu < $h_ritu) ? $key = $w_ritu : $key = $h_ritu;

                        $width = (int) $img_w * $key;

                        $height = (int) $img_h * $key;

                        echo "<A HREF=.$up_dir$img_name TARGET=_blank><img src=.$up_dir$img_name WIDTH=" . $width . " HEIGHT=" . $height . " BORDER=0 ALIGN=LEFT></A>";

                    }else{

                        echo "<img src=.$up_dir$img_name BORDER=0 ALIGN=LEFT>";

                    }

                }

            }

            $msg = nl2br($arr[9]);

            if($search_str){

                $msg = str_replace("$search_str", "<SPAN STYLE=\"Background-Color : #FFCCFF\">$search_str</SPAN>", $msg);

            }

            echo $msg . "</td></tr></table>\n";

            echo "<form method=POST action=$PHP_SELF>\n";

            echo "<input type=submit value=返信>\n";

            echo "<input type=hidden name=code value=" . $arr[0] . ">\n";

            echo "<input type=hidden name=re_sub value=" . $arr[7] . ">\n";

            echo "<input type=hidden name=flags value=return>\n";

            echo "<font size=2 color='green'>$arr[11] [ $arr[12] ]</font>\n";

            echo "</form>\n";

            //返信記事の表示

            if($result2 = pg_query($d_base, "select * from db_bbs where ress = " . $arr[0] . "order by code " . $hensin_order)){

                $row2 = pg_numrows($result2); //検索結果の行数を取得

                if($row2){

                    for($j=0; $j<$row2; $j++){

                        $arr2 = pg_fetch_row($result2, $j); //検索結果の一行分を配列に格納

                        echo "<hr>\n";

                        echo "<form method=POST action=$PHP_SELF>\n";

                        echo "<input type=checkbox name=delcode value=$arr2[0]>\n";

                        if($search_str){

                            $subject2 = str_replace("$search_str", "<SPAN STYLE=\"Background-Color : #FFCCFF\">$search_str</SPAN>", $arr2[7]);

                            echo "RE:<font color='" . $arr2[8] . "'><b>$subject2</b></font>\n";

                        }else{

                            echo "RE:<font color='" . $arr2[8] . "'><b>$arr2[7]</b></font>\n";

                        }

                        if($arr2[4] != ""){

                            echo " <a href=mailto:$arr2[4] onMouseOver=this.style.color='red' onMouseOut=this.style.color='blue'><strong>$arr2[3]</strong></a>\n";

                        }else{

                            echo " <strong>$arr2[3]</strong>\n";

                        }

                        if($arr2[5]){

                            echo " <a href=$arr2[5] target=_blank><img src=$homegif border=0></a>\n";

                        }

                        echo " <font size=2>$arr2[2]</font>\n";

                        echo "<input type=hidden name=action value=delete>\n";

                        echo "<font size=2> 削除キー：</font><input type=password size=7 name=pass>\n";

                        echo "<input type=submit value=削除></form><blockquote>\n";

                        echo "<table border=0>\n";

                        echo "<tr><td>\n";

                        if($arr2[10]){

                            $img_name = $arr2[10];

                            if(file_exists("$path$img_name")){

                                $size = getimagesize("$path$img_name");

                                $img_w=$size[0];

                                $img_h=$size[1];

                                if($img_w > $w_max || $img_h > $h_max){

                                    $w_ritu = $w_max / $img_w;

                                    $h_ritu = $h_max / $img_h;

                                    ($w_ritu < $h_ritu) ? $key = $w_ritu : $key = $h_ritu;

                                    $width = (int) $img_w * $key;

                                    $height = (int) $img_h * $key;

                                    echo "<A HREF=.$up_dir$img_name TARGET=_blank><img src=.$up_dir$img_name WIDTH=" . $width . " HEIGHT=" . $height . " BORDER=0 ALIGN=LEFT></A>";

                                }else{

                                    echo "<img src=.$up_dir$img_name BORDER=0 ALIGN=LEFT>";

                                }

                            }

                        }

                        $msg2 = nl2br($arr2[9]);

                        if($search_str){

                            $msg2 = str_replace("$search_str", "<SPAN STYLE=\"Background-Color : #FFCCFF\">$search_str</SPAN>", $msg2);

                        }

                        echo $msg2 . "</td></tr></table>\n";

                        echo "<font size=2 color='green'>$arr2[11] [ $arr2[12] ]</font>\n";

                        echo "</form></blockquote>\n";

                    }

                }

            }

            echo "</blockquote></td></tr></table>\n";

        }

    }

}

?>



<P>

<TABLE BORDER="0" WIDTH="90%">

    <TR>

        <TD WIDTH="50%">



<?php

if($page_end >= $page_view){

    $page_count = floor($page_end / $page_view);

    $prev_line = ($page_count - 1) * $page_view;

    echo "<form method=Post action=$PHP_SELF>\n";

    echo "<input type=hidden name=pline value=$prev_line>\n";

    echo "<input type=submit value=前のページ>\n";

    echo "</form>\n";

}else{

    echo "&nbsp;\n";

}

?>



        </TD>

        <TD WIDTH="50%"><P ALIGN="RIGHT">



<?php

$next_line = $page_end + 1;

if($page_end != $end_data){

    echo "<form method=Post action=$PHP_SELF>\n";

    echo "<input type=hidden name=pline value=$next_line>\n";

    echo "<input type=submit value=次のページ>\n";

    echo "</form>\n";

}else{

    echo "&nbsp;\n";

}

?>



        </TD>

    </TR>

</TABLE>

</CENTER>

<div align=right><font size=-1>Powered by <a href="http://www.komonet.ne.jp/" onMouseOver="this.style.color='red'" onMouseOut="this.style.color='blue'">KOMONET</a></font></div>

</BODY>

</HTML>