Lazarus Guestbook

[carbonize]

OK lets be open from the start. I am the scripter behind Lazarus so of course I am going to recommend it.

Features:

• Guests can upload images with their posts
  
• HTML supported in entries (optional)
  
• AGcode for formatting of entries (optional)
  
• Supports all four major messengers (optional)
  
• Guests can make their entries private (optional)
  
• Graphical smilies in entries (optional)
  
• Encrypted email addresses to prevent spam bots reading them (optional)
  
• Posted URL's are automatically made into links (optional)
  
• Easy integration into your website using the supplied include file
  
• Powerful bad word filtering
  
• IP Banning
  
• Flood control (optional)
  
• Human verification to help prevent spam (optional)
  
• Add/remove smilies via admin
  
• Change the style via admin
  
• Edit the templates in the admin section
  
• Webmaster can review entries before they appear (optional)
  
• Ability to edit every aspect of posted entries
  
• Uses the rel="nofollow" attribute as specified by Google to help cut down on spam
  

http://lazarus.carbonize.co.uk

[Head Guru]

Good News Carbonize.

 

I use your guestbook myself on my personal web site, I really like it.

 

Bill

[TCH-Don]

Webmaster can review entries before they appear (optional)

 

I think you should list this higher up,

it is one of the most important features to me.

 

My Guest book automated spam has stopped completely, thank you!

 

And now I can approve entries to eliminate the rest.

[carbonize]

Just thought I would post that Lazarus 1.5 RC1 is available to download from http://lazarus.carbonize.co.uk and requires you to have 1.4 already installed. A lot of changes (specialy to template system), easier IP banning via easy admin, image uploading should work on servers in safe mode (not TC) and no longer use shell commands (which I was informed are against some hosts terms).

[phatfunkjazz]

Glad to see you posting info about Lazarus Guestbook. I already use it on a couple of my web sites.

 

I got sick and tired of dealing with Advanced Guestbook's vulnerability to spammers, despite all the hacks and fixes that I tried to implement.

 

Thank you for Lazarus, a great little program.

[carbonize]

Revamped the lazarus site and released a release candidate of 1.5.1

[TCH-Don]

Looks nice, very professional

[wampthing]

I use lazarusGB, and like it a lot. Great job.

[TCH-Thomas]

Revamped the lazarus site and released a release candidate of 1.5.1

What happened to v. 1.5.0, final version I mean? I see a post about RC 1, but no final version.

[carbonize]

As I explain in the news I made some changes after releasing 1.5 RC1 and so to avoid confusion I changed the version number for the next release.

[TCH-Thomas]

Ok.

[carbonize]

1.5.1 is out. Update and tell me what I messed up.

[TCH-Thomas]

Can´t tell you if you messed up anything yet, since I messed up and downloaded the wrong update package, which made me delete the whole installation, since you seems to have changed pretty much in this new version.

So basically I will do it from scratch tomorrow.

[TCH-Don]

Sorry to be late, but I installed 1.51 a few weeks ago and it works great!

no problems.

 

And I love the include feature to integrate it into my page.

[carbonize]

Thought I'd keep this thread upto date with new features etc of Lazarus ( although you should all be reading the Lazarus site )

 

Fixed a lot of bugs

Now has pagination for guestbooks that span multiple pages

Can unaccept posts so they only appear in Easy Admin and not in the book

Can now block posts containing words on your censor list

Better IP detection function to prevent logging of local IP addresses

Lots of other things

 

 

Coming in 1.6 (It's in beta but to be released soon)

Ad block code in Admin so you can display adverts etc in the middle of your entries

Can delete/accept/unaccept multiple entries in Easy Admin

Can now choose CAPTCHA as the anti bot test

Can now specify an email address for thank you emails to come from

You can also specify that all notifications to you come from above address

and more stuff

 

 

 

I have noticed a lot of hosts now seem to be offering Lazarus as one of the fre scripts. I believe that is because they are using CPSkins from cpskins.com

CPSkins.com has a goal to bring your company the best products to help improve your company. That is why we have created an amazing addon for cpanel called Auto-Installer. Our Auto-installer will help your customers install some of the most popular scripts out there.

[carbonize]

It has just been brought to my attention that there are two exploits in Lazarus. It would of been nice if the person who had posted them on Secunia had informed me but I guess they are more interested in attention than getting things fixed.

 

Right to patch. First download the attached file, extract the picture.php and replace your existing one with the new one. The second exploit is in your codes-LANG.php file. For me that means code-english.php but it could be what ever language you use such as codes-dutch.php etc found in lang folder. To patch this open it in a text editor such as word pad.

 

replace

 

<title><?php echo($_GET['show']); ?></title>

 

with

 

<title><?php

$_GET['show'] = htmlspecialchars($_GET['show']);

echo( $_GET['show']);

?></title>

 

Save it and upload to your lang file. Delete codes-english.php if you do not use it.

picture.zip

Edited July 14, 2006 by carbonize

[TCH-Bruce]

Thanks carbonize

[TCH-Don]

Thanks carbonize,

done.

[carbonize]

OK I've just released 1.6 although I uploaded the wrong zip file so the full package is still 1.5.5 and I can't change it as I'm at work and they've blocked my domain. Such nice people. Will fix that in the morning (19:50 here at present).