PHP guestbook script

PHP guestbook (GBook)
Version: 1.35 from 30th January 2006
Originally written on 9th July 2004 by Klemen Stirn (info AT phpjunkyard DOT com) - Free PHP scripts
PHP guestbook
Support and developers forum

PLEASE NOTE: I cannot provide free installation support for this free script! Please use the above e-mail address to contact me ONLY about possible bug reports, suggestions or comments! Thank you!


Copyright notice and license
Description & requirements
Upgrade from version 1.34
Adding / Translating bad words list
Troubleshooting and getting help
Copyright removal, newsletter, rating this script and other


Copyright 2004-2006 Klemen Stirn. All Rights Reserved.

The GBook may be used and modified free of charge by anyone so long as this copyright notice and the comments above remain intact. By using this code you agree to indemnify Klemen Stirn from any liability that might arise from it's use.

Selling the code for this program without prior written consent is expressly forbidden. In other words, please ask first before you try and make money off this program.

Obtain permission before redistributing this software over the Internet or in any other medium. In all cases copyright and header must remain intact. This Copyright is in full effect in any country that has International Trade Agreements with the United States of America or with the European Union.

Removing copyright notice ("Powered by" statement)
Removing any of the copyright notices without purchasing a license is illegal! To remove PHPJunkyard copyright notice you must purchase a license for this script. For more information on how to obtain a license please visit the site below:


PHP guestbook where you visitors can post comments about your website.


>> Upgrade from version 1.34

To upgrade from version 1.34 to version 1.35 follow these steps:

  1. BACKUP your old Gbook
  2. Edit the new settings.php file (more info under "Installation") as new variables has been added
  3. Upload these files to your server (all in ASCII mode): gbook.php, settings.php, nospam.gif (in images folder)
  4. Test everything. All your current posts should stay intact.

>> Installation

Open file settings.php in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor) and set these variables:

$settings['system'] Set to 1 if your website is on a server under Linux (most servers are), set to 2 if it is under Windows (your SERVER, not your computer!). If you are not sure which operating system your server runs under try with $settings['system'] set to 1 first or consult your web hosting company. If you are under some other OS (not Linux nor Win) you can try setting it from 1 to 3 and see if it works
$settings['apass'] This will be your password for the admin panel. Change it from the default password admin. Use only letters a-Z, A-Z and numbers 0-9
$settings['website_title'] A short title of your website, eg "My lovely website"
$settings['website_url'] URL of your website. This is the URL your link partners will have to place on their website.
$settings['gbook_title'] Title of your guestbook, eg "John's guestbook"
$settings['smileys'] If set to 1 text like :), ;) etc will be replaced by smileys (image icons). Individual visitors will still be able to disable smileys for their entry. If you don't want to allow smileys set to 0.
$settings['notify'] If set to 1 you will receive an e-mail notification at your admin e-mail address every time a new entry is added to your guestbook. Set to 0 if you don't want to be notified.
$settings['admin_email'] Your e-mail address where new entry notifications will be sent. Only required if $settings['notify'] is set to 1.
$settings['gbook_url'] URL of the gbook.php script. For example
$settings['filter'] If set to 1 all new posts will be filtered for bad words and replaced by ****.
$settings['filter_lang'] The language of bad words file. For now only English language is supported so you can only use "en" (CaSe SeNSiTiVe). Please read section "Adding / Translating bad words list" further down for info on how to add/translate bad words.
$settings['autosubmit'] Setting this to 1(recommended) will require entering a "security number" in order to successfully submit a new entry to the guestbook. I have added this to prevent SPAMing the guestbook. Set to 0 if you want to disable the security number check.

RECOMMENDED SETTING: $settings['autosubmit']=1;
$settings['filter_sum'] This variable is used in the preventing automated submissions and is just a little trick that should make it all even more reliable. The idea is to set this to some random sequence of chars and numbers, for example dhjx72js. It doesn't really matter how long it is, but you should use only chars (a-zA-Z) and digits (0-9). Don't leave the default value (as it would loose the whole point), set it to something of your own. Examples would be g3oyf98, p9ak85i, h398dgf and similar. Again, DO NOT USE these examples, just type some chars of your own!
NEW: $settings['junkmark_use'] Version 1.35 introduces new mechanism for fighting guestbook spam JunkMarkTM, developed by Klemen Stirn (the author). It is designed to catch spammers who actually visit your guestbook and get past the security number check. Setting this variable to 1 will enable JunkMarkTM, setting it to 0 will disable it. JunkMarkTM calculates probability of a message being SPAM and gives it a score between 0 (not SPAM) and 100 (SPAM). The higher the score the more likely the message is SPAM

RECOMMENDED SETTING: $settings['junkmark_use']=1;
NEW: $settings['junkmark_limit'] Set to the score after which messages are rejected as SPAM. Messages which are given a JunkMarkTM score same or higher to this limit will not be added to the guestbook. Possible values are between 0 and 100. I don't recommend setting it below 50! The optimal value is around 60 to 70.

RECOMMENDED SETTING: $settings['junkmark_limit']=60;
NEW: $settings['show_nospam'] If set to 1 a small banner promoting "NO GUESTBOOK SPAM" with a link to my Guestbook SPAM article will be placed at the bottom of your guestbook. Not required, but very welcome and you help notifying people about the guestbook SPAM problem and how to avoid it. Set to 0 to disable the banner.
$settings['one_per_session'] If set to 1 each person will be able to make only one post per browser session. As of version 1.33 you can officially disable this by setting this variable to 0.

RECOMMENDED SETTING: $settings['one_per_session']=1;
$settings['max_word'] The maximum length of each line of comments. This is to prevent long "words" like ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff from stretching your guestbook.
$settings['logfile'] File where all the data (entries) will be stored (advanced users only). You may leave this as it is.

Save and close the settings.php file.

Go to your FTP client and FTP to the public directory on your server (where the rest of your website is; usually "public_html", "www" or "site") and create a folder where you will install GBook.
Example: /public_html/gbook
Corresponding URL:

Upload all GBook files to this folder. The "images" folder (all files in this folder) must be transferred in BINARY mode, other files in ASCII mode (refer to your FTP client instructions for details on how to set transfer mode properly).

Make sure that the PHP scripts have permission to write to file entries.txt - on UNIX (Linux) servers you must CHMOD (set permissions for) this file to 666 (rw-rw-rw).

If you have done all this your guestbook should work now. In your browser open your GBook, for example: and test it. You can delete messages by clicking the red [X] icon and entering your admin password.

You may edit header.txt and footer.txt files to add your own header and footer to the links page. You will have to use full image URLs in the code. For example instead of <IMG SRC="images/image.jpg" ... > use <IMG SRC="" ... >! Same goes for any Javascripts or CSS files if you are calling them from within the header or footer.

Good luck with the script!

>> Adding / Translating bad words list

As of version 1.2 GBook can search for bad words in the comments and replace them with ****. Files with bad words list are stored in folder "badwords" and have two letter names. For now only English version is available (named "en.php").

Before adding new words please install GBook and test it so you are sure it works properly!

To add new bad words open the en.php file in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor), find the comment saying INSERT NEW BAD WORDS BELOW THIS LINE and add new bad words in this format:


For example if "asfhkjhfasf" is a bad word you would add this line to the file:

"asfhkjhfasf" => "a**********",

Don't forget to add a comma ( , ) after the line!

If you are translating the bad words file I suggest you leave the English words and add new ones in your language as explained above. Then save the file as two letter country code php file. For example, if you are translating the file in French, you should save the file as fr.php (CaSe SeNSiTiVe!). Upload fr.php to your "badwords" folder, go to settings.php again and set $settings['filter_lang'] to "fr" (file name without .php).

Now test the GBook again. If you get an Error or Warning when you try to post a new message this means something is wrong with your language file. It either can't be found (check the name of the file, on most servers names are CaSe SeNsiTiVe!) or something is wrong with PHP syntax in it (make sure all the words are added in
"BADWORD" => "REPLACEMENT", syntax).

Please send me the translated file. If you translate the bad words file to your language please send it to info AT phpjunkyard DOT com (or contact me through contact form) and I will make it available to others for download. You may include your name, website URL and e-mail address and I will give you proper credit (translated by John Doe. Visit

>> Troubleshooting

What is CHMOD and FTP?

I have prepared a simple FTP and CHMOD tutorial which will help you FTP files to your server and set correct CHMOD settings.

My guestbook doesn't work, HELP!

Here are a few things to check:

  1. did you upload the images folder in BINARY mode and all other files ASCII mode?
  2. is entries.txt file world writable? CHMOD it to 666 (rw-rw-rw) if you are on a UNIX server
  3. if images don't display correctly check if you uploaded them (the entire "images" folder) correctly. The images folder must be place within the guestbook folder, for example
  4. go through the entire setup process again carefully

Since these scripts are free no support is guaranteed. If you can't get the script to work please go through this readme file again carefully and repeat the installation step-by-step (also delete old files and folders from the server). Also please feel free to post any questions or problems you might have in PHPJunkyard forum!

I installed GBook but I still get many SPAM messages?

Make sure you have variables $settings['autosubmit'] and $settings['junkmark_use'] set to 1. Also make sure the variable $settings['junkmark_limit'] is not set too high or too low (recommended value is 60).

May I use JunkMarkTM SPAM filter in my other scripts?

No, you are not allowed to use JunkMarkTM SPAM filter in any other script (commercial or open source) without my express written permission. It may only be used in GBook and scripts that are direct derivates of GBook (customized/modified versions).

>> Copyright removal

You may NOT edit or remove any copyright or Powered by statements in Gbook code without purchasing a license! For more information please visit

>> Stay updated!

Join my FREE newsletter and you will be notified about new scripts, new versions of the existing scripts and other important news from PHPJunkYard.
Click here for more info

>> Please rate this script

If you like this script please rate it or even write a review at:

Rate this Script @ Hot Scripts

>> What else?

That's it! If you use PHPJunkYard free scripts or any portion of their code please place a link to on your website. I won't sue you if you don't, but I believe it is a fair trade for a free script/code. Think about it. You can find link suggestions here.

Best regards,

Klemen Stirn
PHP JunkYard