GBook - PHP Guestbook


Copyright and License Notice

© Copyright 2016 by Klemen Stirn. All rights reserved.

License Agreement summary:

The latest full version of the software License Agreement is available at PHPJunkyard License Agreement


» Install GBook

Please take 5 minutes to read the installation instructions carefully and completely! This will ensure a proper and easy installation.


  1. Open file settings.php in a powerful plain text editor, such as the free Notepad++.
  2. Customize the settings to fit your needs. All settings are in this format:
    $settings['DO NOT CHANGE THIS'] = 'CHANGE THIS';
    For example, to change the administration password to myPassword, modify line:
    $settings['apass'] = 'admin';
    To this:
    $settings['apass'] = 'myPassword';
    Don't be discouraged by the number of available options, you only need to modify a handful to get started:
    Variable Description/Setup
    $settings['apass'] This will be your administration password. Change it!
    $settings['website_title'] A short title of your website like "My lovely Website"
    $settings['website_url'] URL address of your website (not your guestbook).
    $settings['gbook_title'] Title of your guestbook, for example "My Guestbook"

    Tip: you can skip all other settings for now and continue with the next step below this table.

    $settings['admin_email'] Your email address.
    $settings['gbook_url'] URL of the gbook.php file on your server. Example:
    $settings['spam_question'] A simple question that people will have to answer correctly in order to submit your guestbook (helps combat SPAM).

    A good question should be unique and have a simple answer everyone understands. For example:
    Type access code ABCDE here:
    Are you a human (yes or no)?
    Is Mars a planet (yes or no)?
    Is water a liquid at 300° Celsius?

    Set to 0 to disable the anti-SPAM question.
    $settings['spam_answer'] The correct answer to your anti-SPAM question.

    Example SPAM question setup:
    $settings['spam_question'] = 'Are you a human (yes or no)?';
    $settings['spam_answer'] = 'yes';
    $settings['notify'] If set to 1 you will receive an email notification at your admin email address every time a new entry is added to your guestbook. Set to 0 if you don't want to be notified.
    $settings['notify_visitor'] If set to 1 visitors will receive an email notification when you reply to their post (only if they entered their email address when signing the Guestbook). Set to 0 to disable sending notifications.
    $settings['man_approval'] Set to 1 to manually approve all new posts before they appear in the Guestbook. When someone submits a new Guestbook entry you will receive an email notification with a link to approve or reject the post. If approved, the post will appear in the Guestbook, otherwise it will be deleted. Set to 0 to disable manual approval.
    $settings['template'] Name of the template you are using. It must match the name of the folder with all required template files inside the templates folder (or your GBook will not work at all!). More information about templates and customizing them can be found further down the page.

    Leave this set to 'default' at first to make sure your GBook works normally!

    On most server folder names (and thus template names) are CaSe SeNSiTiVe! Settings 'default' and 'Default' will not work the same!
    $settings['logfile'] Name of the file where posts will be stored. I strongly recommend that you rename this file from the default name entries.txt to some hard-to-guess name, for example g3isht39a.txt
    $settings['use_url'] As of version 1.4 you can easily enable/disable the "Your Web site:" field of the GBook. Set to 1 to enable people posting their Web site URL and 0 to disable. This option has been added to further minimize the odds of people posting your guestbook just to advertise their Web site. The Your Web site field is DISABLED by default since version 1.4
    $settings['url_blank'] If set to 1 if you want all URLs to be opened in a new window (target="_blank"). GBook will still validate as XHTML Transitional but not as Strict. Set to 0 to disable.
    $settings['use_private'] If set to 1 your visitors will have an option to make their post PRIVATE (not publicly displayed and readable only with admin password). Set to 0 to disable private posts.
    $settings['hide_email'] Setting to 1 will hide email addresses from public and require admin password to view them. Set to 0 to disable.

    RECOMMENDED SETTING: $settings['hide_email']=1;

    If you wish to hide email addresses I also recommend that you change $settings['logfile'] from the default "entries.txt" to some other hard to guess name, like "g3isht39a.txt"
    $settings['smileys'] If set to 1 text like :), ;) etc will be replaced by smileys (image icons). Individual visitors will still be able to disable smileys for their entry. If you don't want to allow smileys set to 0.
    $settings['max_smileys'] Limit the number of smileys (emoticons) that can be used per post. Set to 0 for unlimited smileys.
    $settings['filter'] If set to 1 all new posts will be filtered for bad words and replaced by * * *.
    $settings['filter_lang'] The language of bad words file. For now only English language is supported so you can only use "en" (CaSe SeNSiTiVe). Please read section "Adding / Translating bad words list" further down for info on how to add/translate bad words.
    $settings['autosubmit'] Setting this to 1 or 2 will require entering a "security number" in order to successfully submit a new entry to the guestbook. I have added this to prevent SPAMing the guestbook. Set to 0 if you want to disable the security number check.

    Setting to 1 will display the security number in a generated image. For this to work your server must have GD library installed. You can test if your server supports all the required functions by uploading the gd_test.php file to your server and open it in your browser. If you get a red image with text WORKS your server shouldn't have problems with it. If you get an error when opening gd_test.php try using the text version as explained below or ask your hosting company to install the GD library for PHP.

    Setting to 2 will display the security number in text format. While this is not as effective as an image it will still block the majority of known spam robots.

    RECOMMENDED SETTING: $settings['autosubmit']=1;
    OR if the above doesn't work try
    RECOMMENDED SETTING: $settings['autosubmit']=2;
    $settings['filter_sum'] This variable is used in the preventing automated submissions and is just a little trick that should make it all even more reliable. The idea is to set this to some random sequence of chars and numbers, for example dhjx72js. It doesn't really matter how long it is, but you should use only chars (a-zA-Z) and digits (0-9). Don't leave the default value (as it would loose the whole point), set it to something of your own. Examples would be g3oyf98, p9ak85i, h398dgf and similar. Again, DO NOT USE these examples, just type some chars of your own!

    This is one of the most important anti-SPAM setting so don't forget to set it!
    $settings['junkmark_use'] JunkMarkTM is a filter, designed to catch spammers who actually visit your guestbook and get past the security number check. Setting this variable to 1 will enable JunkMarkTM, setting it to 0 will disable it. JunkMarkTM calculates probability of a message being SPAM and gives it a score between 0 (not SPAM) and 100 (SPAM). The higher the score the more likely the message is SPAM

    RECOMMENDED SETTING: $settings['junkmark_use']=1;
    $settings['junkmark_limit'] Set to the score after which messages are rejected as SPAM. Messages which are given a JunkMarkTM score same or higher to this limit will not be added to the guestbook. Possible values are between 0 and 100. I don't recommend setting it below 50! The optimal value is around 60 to 70.

    RECOMMENDED SETTING: $settings['junkmark_limit']=61;
    $settings['junkmark_ban100'] If set to 1 Gbook will automatically ban IP if the JunkMark score is 100 (meaning 100% SPAM). Set to 0 to disable automatic banning.

    RECOMMENDED SETTING: $settings['junkmark_ban100']=1;
    $settings['ignore_proxies'] Setting to 1 will ignore proxy servers from calculation of JunkMark score. Set to 0 to disable.

    RECOMMENDED SETTING: $settings['ignore_proxies']=0;
    $settings['show_nospam'] If set to 1 a small banner promoting "NO GUESTBOOK SPAM" with a link to my Guestbook SPAM article will be placed at the bottom of your guestbook. Not required, but very welcome and you help notifying people about the guestbook SPAM problem and how to avoid it. Set to 0 to disable the banner.
    $settings['one_per_session'] If set to 1 each person will be able to make only one post per browser session. As of version 1.33 you can officially disable this by setting this variable to 0.

    RECOMMENDED SETTING: $settings['one_per_session']=1;
    $settings['max_comlen'] The maximum leght (number of chars) of comments people can post. Set to 0 for unlimited length.
    $settings['max_word'] The maximum length of each line of comments. This is to prevent long "words" like ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff from stretching your guestbook.
    $settings['language'] Name of the language file (file with the translated text). More information about translating GBook is further down in the readme file.
    $settings['debug'] Set to 1 to turn debug mode (PHP error reporting) ON. Keep it at 0 for normal operation.
  3. Save and close the settings.php file.

    The file needs to be saved in UTF-8 encoding without BOM. If you are using Notepad++ (recommended), go to top menu and select Encoding > Convert to UTF-8 (option without BOM)

  4. Connect with FTP to the public folder of your server where the rest of your Web site is.

    TIP: The public folder is usually called "public_html", "www", "site" or "htdocs".

    TIP: Learn how to FTP files, read my simple FTP and CHMOD tutorial.

  5. Create a new folder where you will install GBook. Name it anything you like, for example "gbook" or "guestbook".
    Example: /public_html/gbook
    Corresponding URL:

  6. Upload all GBook files to your server. PHP files must be transferred in ASCII mode and images in BINARY mode.

    TIP: Most FTP clients will select the proper transfer mode automatically so you needn't worry about this.

  7. Open your guestbook in the browser and test it:

  8. If you run into errors or have a questions, see the Help & Support section below.

  9. Support GBook development by purchasing a license.

  10. Good luck using GBook!

» Upgrading from old versions

Please take 5 minutes to read the upgrade instructions carefully and completely! This will ensure a proper and easy upgrade.

Upgrade steps from previous GBook versions:

    ... or don't blame me if something goes wrong.

  2. Edit the new settings.php file.
  3. Upload all GBook files to your server except:
    - entries.txt
    - header.txt
    - footer.txt
  4. If your existing guestbook entries or files use any non-English characters (like ä, é, š, č, й, 戰 etc...), you will need to convert them to UTF-8: Convert file to UTF-8

    Files that need to be converted in order to work with the latest version are:
    - entries.txt
    - (if translated/modified)
    - any custom non-English badwords file
    - any custom template file that contains non-English characters

    You only need to convert files that use non-English characters.
  5. Test everything. All your current posts should stay intact.
  6. Support GBook development by purchasing a license.

  7. Good luck using GBook!

» Troubleshooting

1. What is CHMOD and FTP?

See my FTP and CHMOD tutorial that will help you transfer files and set correct CHMOD settings.

2. Error: Can't open entries file for writing. Please CHMOD entries file to 666 (rw-rw-rw-)!

See this article: Error: Can't open entries file for writing.

3. The security number image is blank

See this article: The anti-SPAM image (captcha) doesn't show

4. I installed GBook but I still get many SPAM messages?

See this article: My guestbook is full of SPAM

5. Where is the administrator panel.

See this article: Where is the admin panel?

6. How do I ban an IP address?

See this article: How do I ban an IP address?

7. How do I remove an IP address from ban?

See this article: How do I remove an IP address from ban?

8. I am still having problems!

  1. Browse our Knowledgebase.

  2. Search the Support forum.


To quickly and easily modify the header and footer of your guestbook you can edit header.txt and footer.txt files. Simply paste the HTML code you want to appear before GBook (just after <body> tag) in the header.txt and code that should appear after GBook (just before </body>) in the footer.txt file. Use only valid (X)HTML code without any <head> or <body> tags.

You will have to use full image URLs in the code. For example instead of <img src="images/image.jpg" ... > use <img src="" ... >! Same goes for any Javascripts or CSS files if you are calling them from within the header or footer.

» Templates (customize the look and feel)

As of version 1.7 GBook support templates that will allow full control over GBook look and feel, easy switching between templates and sharing custom templates with other users.

Important: before modifying templates make sure your GBook works 100% correctly with the default template!

Templates are located inside the templates folder. Each template is located within a separate folder, for example template default is located inside templates/default folder.

Template files have *.php extensions, you can open the files in any plain text editor. They contain valid XHTML code along with some PHP code (for printing variables). Feel free to modify the HTML code, but do not modify any PHP code (starts with <?php and ends with ?>) unless you are familiar with PHP as this code is used to insert text and data into the templates.

Note: on many servers template names are CaSe SeNSiTiVe!

--» Template folder format and contents

These are the files and folders included in the 'default' template:

/default  (folder with template)
    |- /images  (folder with images used)
    |      |- /emoticons  (folder with smileys used)
    |- admin_reply.php
    |- admin_tasks.php
    |- comments.php
    |- emoticons.php
    |- emoticons_popup.php
    |- error.php
    |- no_comments.php
    |- overall_footer.php
    |- overall_header.php
    |- sign_form.php
    |- style.css


  1. Description on files and folders:

    File/Folder Description/Details
    default This is the folder that contains all template files. This is also the template name because the name of this folder is used in the $settings['template'] variable in the settings.php file. If you want to create template named "Very Dark" you could name the folder for example very_black.
    images Folder with all the images used in the template (and thus GBook).
    emoticons Folder inside the images directory that contains all the emoticons (smileys) used by this template (and thus GBook).
    admin_reply.php Contains the form that GBook owner (administrator) uses to reply to guestbook entries
    admin_tasks.php Contains the form that GBook owner uses for tasks like viewing IP address, deleting posts and viewing email addresses.
    comments.php Contains the code for the box that is used to display comments (guestbook entries).
    emoticons.php Contains a list of emoticons (smileys) used by the template. You can add more smileys to the guestbook (template) like this:

    Step 1: upload the new smiley image to the images/emoticons folder.

    Step 2: add this code to the emoticons.php file:
    ":!code:" => "image.gif",
    :!code: will be the text inserted and later replaced with the image.gif. For example if you want to upload smiley image love.gif you would add something like this to the emoticons.php file:
    ":!love:" => "love.gif",
    emoticons_popup.php Pop-up window that lists all available emoticons (those set in the emoticons.php file) when you click the "More..." link next to sample emoticons in the Sign Guestbook form.
    error.php Page that shows when an error occurs.
    no_comments.php Page that shows when the guestbook is empty (no entries have been submitted yet).
    overall_footer.php Bottom (footer) code that appears in all GBook pages except emoticons_popup.php.
    overall_header.php Top (header) code that appears in all GBook pages except emoticons_popup.php.
    sign_form.php Form used for signing the guestbook.
    style.css Contains all the CSS code used by the template. All the classes and IDs have a gbook_ prefix.

    The code inside is CSS (Cascading Style Sheets); you can learn CSS here (it's quite simple and you can easily edit all colors with it).


--» Create a new template

A few tips for creating a new template.

  1. Before modifying template make sure your GBook works 100% correctly with the default template!
  2. Choose a name for your new template, for example Dark Knight. Create a new directory inside the templates folder that will contain all the files for the new template. Name it to something like dark_knight. I recommend using only lowercase letters (a-z), digits (0-9) and underscores (_).
  3. Copy all the files from the default template to your new folder.
  4. Set the $settings['template'] to the name of your new template, for example:
    $settings['template'] = 'dark_knight';
  5. Make small changes to the template files and test them to make sure GBook is still working as expected.
  6. It is best to start with files style.css, overall_header.php, overall_footer.php and comments.php
  7. If GBook became empty after modifying the template it is probably an error in the code. You should get more information about PHP errors (such as the exact file and line where the error occurred) by deleting this code from the settings.php file:
    ini_set('display_errors', 0);
    ini_set('log_errors', 1);
    Once GBook is working normally you should paste the code back into the settings.php file!


» Translating GBook to your language

To translate GBook to your language follow these steps:

  1. Locate file and open it in a plain text editor like Notepad or Wordpad.
  2. Save the file as (,, ...).
  3. Edit the language file header (first lines that start with *) with your information. Please follow the provided format.
  4. Translate all lines containing language. You may translate only the right side of each line, for example:


    When translating make sure to:

    • keep the line format: single quotes (') around each phrase and lines must end with a semi-colon (;)
    • if you use single quotes in the words escape them with a backslash (\). WRONG: can't CORRECT: can\'t
    • do not change these codes as they are used by GBook: %s %d

  5. Save the file and upload it to your server.
  6. Edit the $settings['language'] setting in your settings.php and upload the modified file to your server.
  7. Test GBook with your language and make sure it works ok.
  8. If possible you should also translate this readme.htm file (please name it readme-yourlanguage.htm, for example readme-fr.htm, readme-de.htm, ...).

If you translate GBook to your language please post it to the PHPJunkyard forum for others to download.

» Adding / Translating bad words list

To add new bad words open the en.php file (located in badwords folder) in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor), find the comment saying INSERT NEW BAD WORDS BELOW THIS LINE and add new bad words in this format:


For example if "asfhkjhfasf" is a bad word you would add this line to the file:

"SomeNastyWord" => "* * *",

Don't forget to add a comma ( , ) after the line!

If you are translating the bad words file I suggest you leave the English words and add new ones in your language as explained above. Then save the file as two letter country code php file. For example, if you are translating the file in French, you should save the file as fr.php (CaSe SeNSiTiVe!). Upload fr.php to your "badwords" folder, go to settings.php again and set $settings['filter_lang'] to "fr" (file name without .php).

Now test the GBook again. If you get an Error or Warning when you try to post a new message this means something is wrong with your language file. It either can't be found (check the name of the file, on most servers names are CaSe SeNsiTiVe!) or something is wrong with PHP syntax in it (make sure all the words are added in
"BADWORD" => "REPLACEMENT", syntax).

Please send me the translated file. If you translate the bad words file to your language please send it to info AT phpjunkyard DOT com (or contact me through contact form) and I will make it available to others for download. You may include your name, Web site URL and email address and I will give you proper credit (translated by John Doe. Visit

» Powered by credits removal

To remove the "Powered by" credit links from the bottom of your guestbook, purchase a Guestbook License

» Stay updated!

Join my FREE newsletter and you will be notified about new scripts, new versions of the existing scripts and other important news from PHPJunkYard.
Click here for more info

» Please rate this script

If you like this script please rate it or even write a review at:

Rate this Script @ Hot Scripts

Rate this Script @ The PHP Resource Index

» Get more useful FREE scripts!

Looking for more PHP scripts? Here is a list of PHPJunkyard FREE scripts:


Changes in 1.8.2
- force UTF-8 content type header on PHP 5.6+ servers with a different default encoding

Changes in 1.8.1
- fixed anti-SPAM function bug

Changes in 1.8.0
- changed encoding to UTF-8
- GBook is now compatible with PHP 7
- fixed several depreciated code errors
- fixed special chars not working on some PHP 5.4+ servers
- fixed bug with customer name in email notifications

Changes in 1.7.2
- fixed missing language tag for "Submit my comments"

Changes in 1.7.1
- fixed false virus alerts in some antivirus software
- fixed disabling smileys
- remove tabs from input
- IPv6 is now always accepted

Changes in 1.7
- New user interface (new tableless design, new style.css file, images have alt and title tags, valid XHTML)
- All HTML code has been moved to templates (easier to modify, share templates, add new emoticons, ...)
- Improved JunkMark anti-SPAM filter
- New anti-SPAM feature: a customized anti-SPAM logical question
- Improved Captcha anti-SPAM image
- You can now manually approve new posts
- You can limit length of Comments
- You can limit the number of Emoticons (Smileys) per post
- Customers can receive an email notification when administrator replies to their post
- Removed go.php file (didn't really serve it's initial purpose)

Changes in 1.6
- added an option to hide email addresses (enabled by default)
- added an option to open links in a new window (if enabled code will validate as XHTML Transitional but not Strict)
- added an option to exclude proxies from JunkMarktm calculation
- IPv6 addresses can now be accepted
- all text used is now in a separate file for easier translating
- some changes to the interface and style file
- fixed wordwrap of HTML entities

Changes in 1.5
- Gbook is now XHTML 1.0 valid (set to Transitional, but validates also as Strict)
- added IP address banning
- added fixes for two most common problems with sessions
- improved anti-SPAM features
- multiple empty lines will now be reduced to only one empty line
- fixed display of special language characters


© Copyright PHP Scripts from PHPJunkyard. All rights reserved.