Note for users of versions <1.30:
Starting with 1.30 a new userlevel for admins (superadmin) is available. Critical actions (e.g. shutdown of SimpGB) only can be performed by admins with this level. If admin interface or whole script is being shutdown, admins with this level still will be able to login. They also will be able to login, even if max. number of allowed admin logins has been reached.
'Cause of this, you should assign this level to at least one admin after upgrading.
We recommend only to have one admin with this level, so performing critical actions will not result in a "collision".

Installation

Important installation note: the database you define in config.php must still exist. The install script does not create the database for security reasons.

Copy config.php.dist to config.php and edit it to fit your needs (only recommended for people with PHP knowledge) or call admin/mkconfig.php to generate a config.php (if you're using PHP version >= 4.2.0, you have to set $new_global_handling=true; in mkconfig.php).
Note: You can have multiple instances of SimpGB in the same database. Just set tableprefix in config.php to different values for each installation. Do this before calling install.php.
Upload all files (.php, inc. ...) to your webhoster. Please maintain subdirectory structure.
Important: Use binary mode in ftp to transfer files in /applet and /gfx !!!!
1. 1st time installation:
  Now you can call
```
http://your.host.com/installdir/admin/install.php
```
  to create the tables and the 1st admin
2. Upgrade:
  THIS ARCHIVE ONLY CONTAINS DB UPDATE SCRIPTS FOR V1.30+. TO UPDATE OLDER VERSION PLEASE DONWLOAD UPDATE PACKAGE TO 1.30 FROM WEBSITE !!!
  Please replace all files (.php, .inc ...) on your server !!
  This way you determine which script you need:
  - Take the actually installed versionnumber (e.g. 1.10).
  - Remove the point in the versionnumber (in our example this results in 110).
    Now you have the upgrade version.
  - After this you need to sequentially use all upgrade scripts from this version to the actual version.
    For our example the actual version should be 1.22 (short 122). Use upgrade_110_to_111.php than upgrade_111_to_112.php and so on until you reach upgrade_121_to_122.php
    If one script in the sequence does not exists, for this upgrade step no database changes were necessary. In this case just continue with the next one in the sequence.
After installation remove mkconfig.php, install.php, upgrade_* and fill_* and set filemode for config.php to disable PHP from writing to this file (on most server configurations this will be chmod 644).
Now you can enter the admininterface by calling
```
http://your.host.com/installdir/admin/index.php
```
and login using the adminuser created during the installprogress.

Calling user view

http://your.host.com/installdir/guestbook.php?params

URL parameters for scripts

Parametername	Description	default Value¹
language	Language to use for interface (Valid language settings are those, for which a language file is available in language subdir. The value to be used is the part of the filename between '_' and '.' -> for lang_en.php the value is "en")	$default_lang from config.php
layout	Layout to use for interface	Layout for the provided language marked as default in admin interface

¹ default Value used if parameter is not supplied

URL-Parameters have to be provided as follows:

First parameter after URL has to be preceeded by ? (e.g. guestbook.php?language=en)
All succeeding parameters have to be preceeded by & (e.g. guestbook.php?language=en&layout=test)

<12>Authentitication of admin users There are 3 ways to get authentication for admin users.

Using the internal authentication method. This is based on the data in the admin table and uses cookies for session handling.
Using the internal authentication method. Sessionid sent by get and post requests.
Using authentication by webserver via .htaccess

Method #1

You have to set $enable_htaccess and $sessid_url in config.php to false.
In this case please ensure the following settings in config.php are correct:

$url_simpgb
$cookiename
$cookiepath
$cookiesecure
$sesscookiename
$sesscookietime

This method uses username and password stored in the database and because of this you can change the password within the admin interface.

Method #2

You have to set $enable_htaccess to false and $sessid_url to true in config.php.
This method uses no cookie for storing the sessionid, but instead sends the sessionid in every get and post request. Because of this, everybody who can look on your screen also can see your sessionid.
We think this is not really secure and recommend to use method 1 or 3. But you decide yourself.
Please ensure $sesscookiename is set to an value not used in an other way by SimpGB (best would be to let the default name, because this ensures avoiding conflicts with other HTTP-variables SimpGB uses).

This method uses username and password stored in the database and because of this you can change the password within the admin interface.

Method #3

You have to set $enable_htaccess to true in config.php.
For every user set up in the admin interface, you also have to set up an user in .htpasswd. Username in database and .htpasswd must be the same, so the program can do assignment of external and internal userdefinition (Note: usernames are not case sensitiv in SimpGB, but may be in .htaccess).
Because of security reasons the admin interface does not update .htpasswd. So if you use this kind of authentication changes of the password in the admin interface will not have any effects. Also if you generate a new user in the admin interface be sure to also add this user to .htpasswd. You still have to provide a password while creating a new user, so no security whole appears if you change from Method 3 to Method 1 or 2.
Remark: Using this method the internal login and failed login tracking is not available. Also the logout function does not work.

Flashbuttons

For all buttons where you can see the flash icon

behind the filename inputbox in the layout settings, you also can use a .swf file instead of an image. Just enter the name of the swf file (ending has to be .swf). To act as a button these flash animations have to call the fs command "submitform" as reaction on a mouseclick.

Flashavatars

You can also user swf files as avatars, instead of images (only recogniced, if ending is .swf)

Changing storing mode for attachments

Important: Don't just change storing mode for attachments in config.php ($attach_in_fs), if you allready have used attachments in SimpGB. Before you change storing type from database to filesystem (and vice versa), use the function transfer files to database or transfer files to filesystem in manage files in admin interface. This will transfer binary data of attachments from database to filesystem (or vice versa) and update database entries. After this and before uploading new files, you can switch the storing mode in config.php

Tested browsers and systems

For actual list see our website

Licence

This program is Freeware. You are allowed to use this for free in non commercial and commercial environments. You are not allowed to do any changes to the scripts, except of the following files:

language/*
admin/language/*
marked area in config.php
stylesheets (*.css)
index.html
metadata.php
includes/filetypes.inc

If you are using this program on your website, please enter your site as a reference on our homepage.

If you are using this program in a commercial environment, it would be very kind to provide our work with a little donation.

Newest version can be found at http://www.boesch-it.de

Uses:

HTML Mime Mail class by Richard Heyes <richard@phpguru.org>
Coolmenus 4 by Thomas Brattli - www.dhtmlcentral.com