src/Pages/guestbook/guestbook.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

<?php
// Enable error reporting while debugging
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

$dataFile = __DIR__ . '/guestbook.json';

// Make sure the JSON file exists
if (!file_exists($dataFile)) {
    file_put_contents($dataFile, json_encode([]));
}

// Read existing entries safely
$data = [];
$fileContents = file_get_contents($dataFile);
if ($fileContents !== false) {
    $decoded = json_decode($fileContents, true);
    if (is_array($decoded)) {
        $data = $decoded;
    }
}

// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    // Honeypot spam field
    if (!empty($_POST['website'])) {
        header("Location: guestbook.php");
        exit;
    }

    $name = trim($_POST['name']);
    $message = trim($_POST['message']);

    if ($name && $message) {
        $entry = [
            "id" => time(),
            "name" => substr($name, 0, 50),
            "message" => substr($message, 0, 500),
            "timestamp" => date("c")
        ];

        // Add new entry at the beginning
        array_unshift($data, $entry);

        // Save back to JSON file
        if (file_put_contents($dataFile, json_encode($data, JSON_PRETTY_PRINT)) === false) {
            echo "<p style='color:red'>Error: Could not save guestbook entry. Check file permissions.</p>";
        }

        // Redirect to avoid form resubmission
        header("Location: guestbook");
        exit;
    }
}

// Entries to display
$entries = $data;
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Guestbook</title>
<link rel="stylesheet" href="../style.css">
</head>
<body>

<canvas id="bg"></canvas>
<div class="container">
<h1>256phi Guestbook</h1>

<form method="POST">
    <input type="text" name="name" placeholder="Your name" required>
    <textarea name="message" placeholder="Leave a message..." required></textarea>

    <!-- Honeypot -->
    <input type="text" name="website" style="display:none">

    <button type="submit">Sign</button>
</form>

<hr>

<?php foreach ($entries as $entry): ?>
    <div class="entry">
        <p><?= htmlspecialchars($entry['message']) ?></p>
        <small>
            — <?= htmlspecialchars($entry['name']) ?>
            | <?= date("Y-m-d H:i", strtotime($entry['timestamp'])) ?>
        </small>
    </div>
<?php endforeach; ?>

<footer>
	<p>© 256phi | 2026 | <a href="/home">Home</a></p
</footer>
</div>
<script type="module" src="../main.js"></script>
</body>
</html>