<?php
error_reporting(E_ALL);
ini_set("display_errors", true);

session_start();
if(isset($_SESSION['captcha_spam']) && isset($_POST["sicherheitscode"]) && $_POST["sicherheitscode"] == $_SESSION['captcha_spam']){
unset($_SESSION['captcha_spam']); 


// *************************************************************** //
// *                                                             * //
// *    BIG SAM   :   Built-In Guestbook / Stand-Alone Module    * //
// *             Version 1.2.02 November, 27th 2004              * //
// *                                                             * //
// * Copyleft 2004 Georges Zadrozynski & Remi Lecoupe-Grainville * //
// *                                                             * //
// *           Homepage : http://bigsam.gezzed.net/              * //
// *    Contact : http://groups.yahoo.com/group/bigsam-users/    * //
// *                                                             * //
// *     This source is under GNU/GPL General Public License     * //
// *                                                             * //
// *************************************************************** //


/*
	BIG SAM - Built-In Guestbook / Stand-Alone Module - PHP Guestbook
	Copyright (C) Georges Zadrozynski & Remi Lecoupe-Grainville
	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.
	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*/

$version = "1.2.02";

	/**********************************
	* Configuration Step 1 : Language *
	**********************************/

// Please remove all the unwanted language blocks

// GERMAN
// By Klaus-Peter Walter & Gvtz Waschk (waschk at informatik dot uni-rostock dot de)
$langAdminError         = "Administrator Fehler";        
$langBsGuestbook        = "Gästebuch";        
$langChPassword         = "Ändere Passwort";
$langEmail              = "eMail :";
$langEntry              = "Eintrag";
$langGbAdmin            = "Gästebuch Administration";
$langMessage            = "Ihre Nachricht :";
$langName               = "Name :";
$langnewPassword        = "Neues Passwort :";        
$langOpenError          = "Fehler beim öffnen der Datei !<br>Sind Sie sicher, dass Sie die richtigen Rechte für dieses Verzeichnis besitzen ?";
$langPassChanged        = "Neues Passwort OK.";        
$langPassError          = "Das neue Password funktioniert nicht !";
$langPassword           = "Ändere <i>Gästebuch</i> Passwort";
$langRetype             = "Wiederholen Sie das neue Passwort :";
$langSubmit             = "Nachricht abschicken";
$langSubmitModif        = "Änderungen abschicken";        
$langSystemError        = "System Fehler";        
$langSystemMessage      = "System Nachricht";        
$langWrongPassword      = "Falsches Administrator-Passwort";        

	/*******************************************
	* Configuration Step 2 : Carbon Copy Email *
	*******************************************/
	
	
// carbonCopy = 1 enables mail sending to mailRecipient. 
// mailRecipient receives a mail each times an entry is entered (if carbonCopy = 1)
// mailSubject is the subject of the mail which is sent.
$carbonCopy = 		0;
$mailRecipient = 	"info@seite.de";
$mailSubject =		"Neuer Gästebucheintrag";


	/********************************
	* Configuration Step 3 : Colors *
	********************************/


// Choosing colors (Remove the unwanted color-model)

/*
// Standard (Greys, bright background)
$colorWhite	= "\"#FFFFFF\"";
$colorBlack	= "\"#000000\"";
$colorHeads	= "\"#666666\"";
$colorBody1	= "\"#EEEEEE\"";
$colorBody2	= "\"#DDDDDD\"";
*/

/*
// The Following is the BIG SAM standard
$colorWhite	= "\"#ffffff\"";
$colorBlack	= "\"#000000\"";
$colorHeads	= "\"#EFE8CC\"";
$colorBody1	= "\"#FFF8DC\"";
$colorBody2	= "\"#EFE8CC\"";

// Data submission form colors
$formHeadColor    = $colorHeads;
$formBodyColor    = $colorBody1;
$formTailColor    = $colorBody2;
$formHeadText     = $colorWhite;
$formBodyText     = $colorBlack;
// Guestbook entries colors
$entryHeadColor   = $colorHeads;
$entryBodyColor1  = $colorBody2;
$entryBodyColor2  = $colorBody1;
$entryHeadText    = $colorWhite;
$entryBodyText1   = $colorBlack;
$entryBodyText2   = $colorHeads;
// Messages colors
$adminHeadColor   = $colorHeads;
$adminHeadText    = $colorWhite;
$adminBodyColor1  = $colorBody2;
$adminBodyText1   = $colorBlack;
$adminBodyColor2  = $colorBody1;
$adminBodyText2   = $colorHeads;
*/

// The Following is the BIG SAM changed
$colorWhite	= "\"#000000\"";
$colorBlack	= "\"#000000\"";
$colorHeads	= "\"#EFE8CC\"";
$colorBody1	= "\"#FFF8DC\"";
$colorBody2	= "\"#EFE8CC\"";

// Data submission form colors
$formHeadColor    = $colorHeads;
$formBodyColor    = $colorBody1;
$formTailColor    = $colorBody2;
$formHeadText     = $colorWhite;
$formBodyText     = $colorBlack;
// Guestbook entries colors
$entryHeadColor   = $colorHeads;
$entryBodyColor1  = $colorBody2;
$entryBodyColor2  = $colorBody1;
$entryHeadText    = $colorWhite;
$entryBodyText1   = $colorBlack;
$entryBodyText2   = $colorBlack;
// Messages colors
$adminHeadColor   = $colorHeads;
$adminHeadText    = $colorWhite;
$adminBodyColor1  = $colorBody2;
$adminBodyText1   = $colorBlack;
$adminBodyColor2  = $colorBody1;
$adminBodyText2   = $colorBlack;


	/********************************
	* Configuration Step 4 : Header *
	********************************/
	
	
function displayHeader()
	{
	global $version;
	header ("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
	
?><!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<!-- BIG SAM v.<?php echo $version; ?> * Built_In Guestbook / Stand_Alone Module * http://bigsam.gezzed.net/ -->
<?php
	// You migh use an "include" (or a "require") instead of all this :
	// include ("head.inc");
	include("header.php");}

	/********************************
	* Configuration Step 5 : Footer *
	********************************/
	
	
function displayFooter()
	{include("footer.php");
?>

<?php
	}


	/******************************************************
	* Configuration Step 6 : Number of messages displayed *
	******************************************************/
	

// Number of fields to be displayed simultaneously.
// To display everything, set $displayStep to 0.
$displayStep = 20;


	/***********************************************
	* Configuration Step 7 : Allow AutoLink System *
	***********************************************/
	
// Allows URLs ans E-Mails in Guestbook text to be replaced by HTTP links.
$allowAutoLink=1;
// Replaces every "@" in text by "at". (to avoid Spam)
$at_replace=true;


	/******************************************
	* Configuration Step 8 : Register_Globals *
	******************************************/

// Register_Globals improvements (since version 1.2.0)
// By Hubert Hanghofer (webmaster at BierIG dot org)

// $absoluteScriptPath is the name of the current script (this file) and which
// is going to be modified by itself. This means that (theoretically) this file
// can be  placed anywhere on the system, with any fileName.

// Choose one of the following sections to be used. (These are environment
// variables, which could be different with the PHP version you're using)

$displayBegin 		= $_GET['displayBegin']; // We definitely missed this, thanks Shimona !

// Environment Variables for PHP, older versions
$absoluteScriptPath 	= $PATH_TRANSLATED; // $SCRIPT_FILENAME might be used instead
$relativeScriptPath 	= $PHP_SELF;
$refererpage			= $HTTP_REFERER;

/*
// Environment Variables for PHP, newer versions
$absoluteScriptPath 	= $_SERVER["PATH_TRANSLATED"]; // "SCRIPT_FILENAME" might be used instead
$relativeScriptPath 	= $_SERVER["PHP_SELF"];
$refererpage			= $_SERVER["HTTP_REFERER"];
*/


	/************************
	* End of Configuration  *
	************************/
	
// When the php preprocessor is installed as an independant binary (as CGI).
if ($PATH_INFO!="")
	{
	$relativeScriptPath 	= $PATH_INFO;
	}

// To be used when $PHP_SELF contains virtual directory reference
// (for multi-users servers, eg : free.fr, online.fr ...)
if (($SERVER_NAME=="php.proxad.net")||(($SERVER_NAME=="php3.pro.proxad.net")))
	{
	$relativeScriptPath 	= substr($relativeScriptPath, strpos(substr($relativeScriptPath, 1), "/")+1);
	}


$theName=substr($absoluteScriptPath, 0, strrpos($absoluteScriptPath, "."));
$extension=substr($absoluteScriptPath, strrpos($absoluteScriptPath, ".")+1);


// The dataFile contains all the guestbook entries, and $adminpassword .
// $adminpassword is the password which will be asked for any administration
// actions. This password could be changed only if in admin mode (old 
// $adminpassword matches $admin).

// Defines the name of the database file where the entries are stored.
$dataFile = "${theName}.dat.${extension}";


//******************************************************************************
// function displayForm : Display the form which enables the client to type a
// message.

function displayForm()
	{
	global $relativeScriptPath;
	$borderThickness = 3;

	global $formHeadColor;
	global $formBodyColor;
	global $formTailColor;
	global $formHeadText;
	global $formBodyText;
	
	global $langName;
	global $langEmail;
	global $langMessage;
	global $langSubmit;
	
	// Writing HTML Code
?>
<center>
<h1>Gästebuch</h1>
<form method="POST" action="<?php echo $relativeScriptPath; ?>">
<table border="0" cellspacing="0" cellpadding="3">
<tr bgcolor=<?php echo $formHeadColor; ?>>
<td><font color=<?php echo $formHeadText; ?>><b><?php echo $langName; ?></b></font><input name="name" size="20" maxlength="50"></td>
<td> </td>
<td align=right><font color=<?php echo $formHeadText; ?>><b><?php echo $langEmail; ?></b></font><input name="email" size="20" maxlength="50"></td>
</tr>
<tr bgcolor=<?php echo $formBodyColor; ?>><td colspan="3">
<font color=<?php echo $formBodyText; ?>><b><?php echo $langMessage; ?></b></font><br>
<center><textarea name="message" cols="60" rows="7"></textarea></center>
</td></tr>
<tr>
<td><img src="captcha/captcha.php" border="0" title="Sicherheitscode"></td>
<td><input type="text" name="sicherheitscode" size="5"></td>
</tr>
<tr bgcolor=<?php echo $formTailColor; ?>><td colspan="3" align="right">
<input type="submit" value="<?php echo $langSubmit; ?>">
</td></tr>
</table>
</form>
</center>
<?php
	}

//******************************************************************************
// function displayMessage displays the $errorMessage error message.

function displayMessage($errorMessage,$msgType)
	{
	global $adminHeadColor;
	global $adminHeadText;
	global $adminBodyColor1;
	global $adminBodyText1;
	global $adminBodyColor2;
	global $adminBodyText2;
	global $langAdminError;
	global $langSystemError;
	global $langSystemMessage;
	global $langBsGuestbook;

	displayHeader();
	
	if ($msgType=="1") $messageTitle = $langAdminError; // Admin Message
	if ($msgType=="2") $messageTitle = $langSystemError; // System Error
	if ($msgType=="3") $messageTitle = $langSystemMessage; // System Message
	?>
	<table width="100%" height="100%"><tr><td width="100%" valign="middle" align="center">
	<table cellspacing="0" border="0" width="250"><tr><td bgcolor=<?php echo $adminHeadColor;?>>
	<font Color=<?php echo $adminHeadText;?> size="-3">  <?php echo $langBsGuestbook;?></font><br>
	</td></tr><tr><td bgcolor=<?php echo $adminBodyColor1;?>><font color=<?php echo $adminBodyText1;?>>
	<?php echo $messageTitle;?>
	</font>
	</td></tr><tr><td bgcolor=<?php echo $adminBodyColor2;?> align="center">
	<font color=<?php echo $adminBodyText2;?>>
	<br><b><?php echo $errorMessage;?></b><br><br>
	</font></td></tr></table><p> </p>
	</td></tr></table>
	<?php
	displayFooter();
	exit;
	}


//******************************************************************************
// function standardizeText filters ambiguous chains in $str

function standardizeStoredText($str)
	{
	$str = str_replace("\\'", "'", $str);
	$str = str_replace("\\\"", "\"", $str);
	$str = htmlspecialchars($str);
	$str = str_replace("\n", "<br>", $str);
	$str = str_replace("$", "$", $str);
	return $str;
	}
	

function standardizeDisplayedText($str)
	{
	return $str;
	}
	
function standardizeAdminText($str)
	{
	return $str;
	}
	
	
function seekHttp($rawText)
{	
	global $at_replace;
	$pattern = array(
		"/http:\/\/((\w|\.|\?|\%|=|\/|-|~|#)*)/",
		"/mailto:((\w|\.|@|-)*)/");	
	$replacement = array(
		"<a href=\"http://\\1\" target=\"_blank\">http://\\1</a>",
		"<a href=\"mailto:\\1\">\\1</a>");
	$hyperLinkedText=preg_replace($pattern, $replacement, $rawText);
	if (at_replace) $hyperLinkedText = str_replace("@", " at ", $hyperLinkedText);
	return $hyperLinkedText;
}


//******************************************************************************
// function Xfopen : opens a file $fileName and locks it
function Xfopen($fileName, $openMode, $sharing)
	{
	global $langOpenError;
	$fp=@fopen($fileName, $openMode);
	if (!$fp) 
		{
		displayMessage($langOpenError,2);
		}
	if ($sharing==true)
		{
		$op=1;
		}
	else
		{
		$op=2;
		}
	if (!@flock($fp,$op))
		{
		@flock($fp,3);
		displayMessage("<i>flock</i> timeout",2);
		}
	return $fp;
	}

//******************************************************************************
// function Xfclose : unlocks the file $fp and closes it
function Xfclose($fp)
	{
	@flock($fp,3);
	@fclose($fp);
	}


//******************************************************************************
// function fullDisplay
function fullDisplay()
{
		global $displayStep,$displayBegin, $maxDisplay ;
		global $entryHeadColor,$entryHeadText, $entryBodyColor1,$entryBodyText1, $entryBodyColor2,$entryBodyText2 ;
		global $relativeScriptPath;
		global $index;
		global $archive_mail, $archive_name, $archive_text, $archive_date;
		global $allowAutoLink;

		// Checks if $displayBegin is not too large (Thanks to Ahmet Sabri ALPER <salper at olympos dot org>)
		if ($displayBegin>$maxDisplay)
			{
			$displayBegin=$maxDisplay-$displayStep+1;
			}
			
		displayHeader();
		
		// Displays the entry form to enable the client to type a message.
		displayForm();

		if ($index==0)
			{
			displayFooter();
			return;
			}

		echo ("<p> </p>\n");

		// Message arrays are displayed here :
		
		echo "<center>\n";
		
		// Displaying all the entries.
		
		if ($displayStep==0)
			{
			$displayBegin=1;
			$displayStep=$index;
			}
		
		if ($displayBegin==1)
			{
			$startAt=$index % $displayStep;
			if ($startAt==0) $startAt=$displayStep;
			}
		else 
			{
			$startAt=$displayBegin+$displayStep-1;
			}
		
		
		for ($msgNumber=$startAt ; $msgNumber>=$displayBegin ; $msgNumber--)
			{
			?>
			<table cellspacing="0" border="0" width="600"><tr><td bgcolor=<?php echo $entryHeadColor;?>>
			<font color=<?php echo $entryHeadText; ?> size="-3">    <?php echo $archive_date[$msgNumber]; ?>    </font>
			</td></tr><tr><td bgcolor=<?php echo $entryBodyColor1; ?>>
			<font Color=<?php echo $entryBodyText1; ?>><b>
			<?php
			if ($archive_mail[$msgNumber]!="")
				{?>
				<?php echo $msgNumber; ?> :
				<a title="<?php echo standardizeDisplayedText($archive_mail[$msgNumber]); ?>"
				href="mailto:<?php echo standardizeDisplayedText($archive_mail[$msgNumber]); ?>">
				<?php echo standardizeDisplayedText($archive_name[$msgNumber]); ?></a>
				<?php }
			else 
				{?>
				<?php echo $msgNumber; ?> :
				<?php echo standardizeDisplayedText($archive_name[$msgNumber]); ?>
				<?php } ?>
			</b></font>
			</td></tr><tr><td bgcolor=<?php echo $entryBodyColor2; ?>>
			<font color=<?php echo $entryBodyText2; ?>>
			<b><?php
			if ($allowAutoLink==1) echo (seekHttp(standardizeDisplayedText($archive_text[$msgNumber])));
			else echo (standardizeDisplayedText($archive_text[$msgNumber]));
			?></b>
			</font></td></tr></table><br><br>
			<?php
			}
		
		echo ("<p> </p>\n");
		
		for($i=1;$i<=$index;$i=$nextEnd+1)
			{
			$nextBegin = $i;
			
			if ($i==1)
				{
				$nextEnd=$index % $displayStep;
				if ($nextEnd==0) $nextEnd=$displayStep;
				}
			else $nextEnd   = $i+$displayStep-1;
			
			if ($displayBegin==$nextBegin && $nextEnd!=$nextBegin) echo ("<tt></tt>$nextBegin-$nextEnd<tt></tt>\n");
			else if ($displayBegin==$nextBegin && $nextEnd==$nextBegin) echo ("<tt></tt>$nextBegin<tt></tt>\n");
			else if ($nextEnd==$nextBegin) echo ("<a href=\"$relativeScriptPath?displayBegin=$nextBegin\"><tt></tt>$nextBegin<tt></tt></a>\n");
			else echo ("<a href=\"$relativeScriptPath?displayBegin=$nextBegin\"><tt></tt>$nextBegin-$nextEnd<tt></tt></a>\n");	
			}
		
		echo "</center>\n";
		displayFooter();
}

//******************************************************************************

function readData($resetBegin)
{
	global $adminpassword;
	global $index;
	global $dataFile;
	global $archive_mail, $archive_name, $archive_text, $archive_date;
	global $displayBegin, $displayStep, $maxDisplay;

	// Includes automatically filled data arrays :
	$index = 0;
	$fout=Xfopen($dataFile, "r", true);
	include($dataFile);
	Xfclose($fout);
	// From now, $index will indicate the number of data entries.
	
	// Beginning of the data to be displayed, default = 1
     	if (!isset($displayBegin)) $displayBegin="";
	if ($displayBegin=="" || $resetBegin==1) 
		{
		$displayBegin = $index-$displayStep+1;
		if ($displayBegin<=0) $displayBegin=1;
		}
		
	// Sets the maximum that $displayBegin can reach
	$maxDisplay = $index;
}
//******************************************************************************




// If the Datafile does not exist, creates it.
if (!file_exists(${dataFile})) 
	{
	$fout = Xfopen($dataFile, "w+", false);
	fputs($fout, "<?php\n");
	fputs($fout, "\$adminpassword = \"".md5("bigsam")."\";\n");
	fputs($fout, "\$archive_mail[  \$index] = \"\";\n");

	fputs($fout, "?>");
	Xfclose ($fout);
	}

// $admin could be set via Admin-Form by POST or via URL by GET
$admin=$HTTP_POST_VARS["admin"];
if (!isset($admin))
        $admin=$HTTP_GET_VARS["admin"];
else    // assign POST-variables from Admin-Form
        {
        $newPassword1=$HTTP_POST_VARS["newPassword1"];
        $newPassword2=$HTTP_POST_VARS["newPassword2"];
        $command=$HTTP_POST_VARS["command"];
        $index=$HTTP_POST_VARS["index"];
        }

if (!isset($admin))
	{
        // assing variables from Guestbook-From
        $name=$HTTP_POST_VARS["name"];
        $email=$HTTP_POST_VARS["email"];
        $message=$HTTP_POST_VARS["message"];
	if (!isset($name)) { $name=""; $message=""; }
	if ($name=="" || $message=="")
		{

		/************************************************************************************
		* Use Case no 1-A
		*
		* This case is encountered when a client simply wants to add a message to the
		* guestbook. (Every variable is empty);
		************************************************************************************/
		readData(0);
		fullDisplay();
		exit;
		}
	else 
		{
		
		/********************************************************************************
		* Use Case no 1-B								*
		*										*
		* Case is encountered when a client has just filled in the appropriate fields	*
		* (name, mail, message).							*
		*	$name    = "Some Name"							*
		*	$email   = "Some@Email"							*
		*	$message = "Some Message"						*
		*		Simply add message in the top of all previous messages.		*
		********************************************************************************/
		
		$position = filesize($dataFile);
		
		$fout = Xfopen($dataFile, "r+", false);
		fseek($fout,$position-2);
		$insert_msgdate = date( "dS F Y - h:i:s A" );
		$name=standardizeStoredText($name);
		$email=standardizeStoredText($email);
		$message=standardizeStoredText($message);
		fputs ($fout,"\$archive_name[++\$index] = \"$name\";\n");
		fputs ($fout,"\$archive_mail[  \$index] = \"$email\";\n");
		fputs ($fout,"\$archive_date[  \$index] = \"$insert_msgdate\";\n");
		fputs ($fout,"\$archive_text[  \$index] = \"$message\";\n");
		fputs ($fout,"\n?>");
		Xfclose($fout);
		
		// Sending a mail to $mailRecipient if $carbonCopy=1, with the subject $mailSubject.
		if ($carbonCopy==1)
			{
			$message = str_replace("<br>", "\n", $message);
			$mailBody = "From: $name <$email>\n$insert_msgdate\n\n$message";
			mail($mailRecipient,$mailSubject,$mailBody,"From: $email\nReply-to: $name <$email>");
			}
		if (strpos($refererpage, "?")==false) $page=$refererpage;
		else $page=substr($refererpage, 0, strpos($refererpage, "?"));
		header("Location: $page?");
		exit;
		}
	}
else
	{
	readData(0);
	if (md5($admin)==$adminpassword) 
		{
		if ($command=="") 
			{
	
			displayHeader();
			
			/************************************************************************
			* Use Case no 2-A							*
			*									*
			* Admin mode (The administrator can modify password, fields, or remove	*
			* messages).								*
			*	$admin   = $adminpassword					*
			*		Shows a password modification form.			*
			*		Shows all messages and enables to modify/delete them.	*
			************************************************************************/
			
			?>
			<center><h4><?php echo $langGbAdmin; ?></h4></center>
			<br>
			<?php 
			// Display the form which enables the admin to change his password 
			?>
			
			<center><form method="POST" action="<?php echo $relativeScriptPath; ?>">
			<table cellspacing="0" border="0">
			<tr><td bgcolor=<?php echo $adminHeadColor; ?> colspan="2"><font color=<?php echo $adminHeadText; ?>>
			 <b><?php echo $langPassword; ?></b>.</font></td></tr>
			<tr><td align=right bgcolor=<?php echo $adminBodyColor2; ?>>
			<font color=<?php echo $adminBodyText2; ?>>  <?php echo $langnewPassword; ?></font></td>
			<td align=left bgcolor=<?php echo $adminBodyColor2; ?>>
			<input type="password" name="newPassword1"> </td></tr>
			<tr><td align="right" bgcolor=<?php echo $adminBodyColor2; ?>>
			<font color=<?php echo $adminBodyText2; ?>>  <?php echo $langRetype; ?></font></td>
			<td align=left bgcolor=<?php echo $adminBodyColor2; ?>>
			<input type="password" name="newPassword2"> </td></tr>
			<tr><td bgcolor=<?php echo $adminBodyColor1; ?> colspan=2 align="center">
			<input type="hidden" name="admin" value="<?php echo $admin; ?>">
			<input type="hidden" name="command" value="passwd">
			<input type="submit" value="<?php echo $langChPassword; ?>"></td></tr>
			</table>
			</form></center>
			<br><hr><br>
			<?php
			// Message arrays are displayed here in forms in order to modify them :
			?>
			<center><form method="POST" action="<?php echo $relativeScriptPath; ?>">
			<?php
			for ($i=1 ; $i<=$index ; $i++)
				{
				$msgNumber = $index - $i + 1;
				$str = str_replace("<br>", "\n", $archive_text[$msgNumber]); ?>
				<table cellspacing="0" cellpadding="3"><tr><td colspan="4" bgcolor=<?php echo $adminHeadColor; ?>>
				<font color=<?php echo $adminHeadText; ?>><b> 
				<?php echo $langEntry; ?> #<?php echo $msgNumber; ?></b>.</font> </td></tr>
				<tr bgcolor=<?php echo $adminBodyColor2; ?>>
			        <td> <input type="checkbox" name="keep<?php echo $msgNumber; ?>" checked> </td>
				<td><input name="name<?php echo $msgNumber; ?>" value="<?php echo standardizeAdminText($archive_name[$msgNumber]);?>"></td>
				<td><input name="email<?php echo $msgNumber; ?>" value="<?php echo standardizeAdminText($archive_mail[$msgNumber]);?>"></td>
				<td><input name="date<?php echo $msgNumber; ?>" value="<?php echo standardizeAdminText($archive_date[$msgNumber]);?>"></td>
				<tr bgcolor=<?php echo $adminBodyColor1; ?>>
				<td colspan="4" align="center"><textarea cols="60" rows="2" name="message<?php echo $msgNumber; ?>"><?php echo standardizeAdminText($str);?></textarea>
				</td></tr></table>
				<br>
				<?php
				} ?>
			<input type="hidden" name="admin" value="<?php echo $admin;?>">
			<input type="hidden" name="index" value="<?php echo $index;?>">
			<input type="hidden" name="command" value="modify">
			<input type="submit" value="<?php echo $langSubmitModif;?>">
			</form></center>
			<?php
			displayFooter();
			exit;
			
			} 
		else if ($command=="passwd")
			{
			// Use Case no 2-B
			// Admin mode (The administrator is modifying his password.).
			//	$admin        = $adminpassword
			//	$newPassword1 = "New Password 1"
			//	$newPassword2 = "New Password 2"
			// 		Check if $newPassword1 matches $newPassword2
			// 		Set the $adminpassword line to :
			// 		$adminpassword = "$newPassword1" in the dataFile
			
			if($newPassword1!=$newPassword2)
				{
				// The passwords doesn't match
				displayMessage("$langPassError",1);
				}
			else
				{
				// Rewrites the whole Datafile with the new password, and all the entries.
				$fout = Xfopen($dataFile, "w", false);
				fputs ($fout,"<?php\n");
				fputs ($fout,"\$adminpassword = \"".md5($newPassword1)."\";\n");
				for ($i=1 ; $i<=$index ; ++$i)
					{
					fputs ($fout,"\$archive_name[++\$index] = \"${archive_name[$i]}\";\n");
					fputs ($fout,"\$archive_mail[  \$index] = \"${archive_mail[$i]}\";\n");
					fputs ($fout,"\$archive_date[  \$index] = \"${archive_date[$i]}\";\n");
					fputs ($fout,"\$archive_text[  \$index] = \"${archive_text[$i]}\";\n");
					}
				fputs ($fout,"?>");
				Xfclose($fout);
				displayMessage("$langPassChanged",3);
				exit;
				}
			}
		else if ($command=="modify") 
			{

			/********************************************************************************
			* Use Case no 2-C								*
			*										*
			* Admin mode (The administrator is updating entries).				*
			*	$admin      = $adminpassword						*
			*	$nameXXX    = "Modified name (no XXX)"					*
			*	$emailXXX   = "Modified email (no XXX)"					*
			*	$messageXXX = "Modified message (no XXX)"				*
			*	$keep       = "on" or ""						*
			* 	Check if $admin matches $adminpassword.					*
			* 	Rewrites ALL the fields except when $keepXXX = ""			*
			*	Rewrites the whole Datafile with the new password, and all the entries.	*
			********************************************************************************/

			$fout = Xfopen($dataFile, "w", false);
			fputs ($fout,"<?php\n");
			fputs ($fout,"\$adminpassword = \"$adminpassword\";\n");	
				for ($i=1 ; $i<=$index ; $i++)
				{
				// Get values from the form, and standardize them
				$variable=$HTTP_POST_VARS["name$i"];
				$name=standardizeStoredText("$variable");
				$variable=$HTTP_POST_VARS["email$i"];
				$email=standardizeStoredText("$variable");
				$variable=$HTTP_POST_VARS["date$i"];
				$insert_msgdate=standardizeStoredText("$variable");
				$variable=$HTTP_POST_VARS["message$i"];
				$message=standardizeStoredText("$variable");

				$variable=$HTTP_POST_VARS["keep$i"];
				if (${variable}!="")
					{
					fputs ($fout,"\$archive_name[++\$index] = \"$name\";\n");
					fputs ($fout,"\$archive_mail[  \$index] = \"$email\";\n");
					fputs ($fout,"\$archive_date[  \$index] = \"$insert_msgdate\";\n");
					fputs ($fout,"\$archive_text[  \$index] = \"$message\";\n");
					}
				}	
			fputs ($fout,"?>");
			Xfclose($fout);
			
			if (strpos($refererpage, "?")==false) $page=$refererpage;
			else $page=substr($refererpage, 0, strpos($refererpage, "?"));
			header("Location: $page?");
			exit;
			}
		} 
	else 
		{
		
		/************************************************
		* Use Case no 2-Z				*
		*						*
		* If $admin does NOT match $adminpassword.	*
		*	$admin   != $adminpassword		*
		*	Error message : "Wrong Admin Password"	*
		************************************************/

		displayMessage("$langWrongPassword",1);
		}
	}
	
/* End of File */
}
?>