/* $requete = $bdd->prepare('SELECT COUNT(*) AS nb_mail FROM membres WHERE mail = :mail');
$requete->bindParam(':mail', $formulaire['mail'], PDO::PARAM_STR);
$requete->execute();
$nombre = $requete->fetch(); */
if (false) {
$page['erreur'] = "Cette adresse mail est déjà prise !";
} else {
/* Explications : Si on arrive à ce Else, on a :
* - Toutes les cases remplies et la charte cochée
* - Un mail valide
* - Un pseudo inutilisé
* - Traité les données pour qu'elle ne soient pas une faille */
$requete = $bdd->prepare('INSERT INTO Administrateurs(login_admin, mdp_admin, nom_admin) VALUES(:pseudo, :passe, :nom)');
$requete->execute($formulaire);
$page['info'] = "Inscription effectuée.";
}
}
}
}
}
}
}
}
}
}
$page['value Pseudo'] = isset($_POST['pseudo']) ? Securite::html($_POST['pseudo']) : '';
$page['value Nom'] = isset($_POST['nom']) ? Securite::html($_POST['nom']) : '';
$page['value Passe'] = isset($_POST['passe']) ? Securite::html($_POST['passe']) : '';
$page['value Confirmation'] = isset($_POST['confirmation']) ? Securite::html($_POST['confirmation']) : '';
$page['value Mail'] = isset($_POST['mail']) ? Securite::html($_POST['mail']) : '';
//On récupère les infos du membre
$requete1 = mysql_query('SELECT account_name, pseudo, membre_avatar,
membre_email, membre_msn, membre_signature, membre_siteweb, membre_post,
membre_inscrit, membre_localisation, cacher_email
FROM membres WHERE id=' . $membre . '');
if ($data1 = mysql_fetch_assoc($requete1)) {
//On affiche les infos sur le membre
echo '<p class="title">Mon Profil</p><br />';
echo '<p><img src="images/avatars/' . $data1['membre_avatar'] . '" alt="Aucun avatar" /></p>';
echo "<table>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Adresse E-Mail: </strong></td>\n\t\t\t\t\t\t\t<td>";
if ($data1['cacher_email'] == 1) {
echo "Email masqué";
} else {
echo "<a href=\"mailto:" . Securite::bdd($data1['membre_email']) . "\">" . Securite::bdd($data1['membre_email']) . "</a></td>";
}
echo "</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Windows Live Messenger: </strong></td>\n\t\t\t\t\t\t\t<td>" . Securite::bdd($data1['membre_msn']) . "</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Site Web: </strong></td>\n\t\t\t\t\t\t\t<td><a href=\"" . Securite::bdd($data1['membre_siteweb']) . "\">" . Securite::bdd($data1['membre_siteweb']) . "</a></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Inscrit depuis le: </strong></td>\n\t\t\t\t\t\t\t<td>" . date('d/m/Y', $data1['membre_inscrit']) . "</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Messages postés: </strong></td>\n\t\t\t\t\t\t\t<td>" . Securite::bdd($data1['membre_post']) . " messages</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Localisation: </strong></td>\n\t\t\t\t\t\t\t<td>" . Securite::bdd($data1['membre_localisation']) . "</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td><strong>Signature: </strong></td>\n\t\t\t\t\t\t\t<td>" . Securite::html($data1['membre_signature']) . "</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t\t<br />";
if ($membre == $test) {
echo "<a href=\"index.php?module=profil&action=modifier&id=" . Securite::bdd($_SESSION['id']) . "\">Modifier mon profil</a>";
} else {
echo "";
}
} else {
echo "<p>Ce membre n'exister pas !</p>";
}
}
break;
}
} else {
echo "<p>Page réservée aux membres !<br />";
echo "connectez-vous ou inscrivez-vous !</p>";
echo "<a href=\"index.php\">Retour</a>";
$page['erreur'] = 'Problème !';
}
}
if (isset($_POST['titre'])) {
$titre_media = $_POST["titre"];
$reqRecupIDMedia = $bdd->prepare('SELECT id_media FROM medias WHERE titre_media= :media');
$reqRecupIDMedia->execute(array('media' => $titre_media));
$donnees = $reqRecupIDMedia->fetch(PDO::FETCH_ASSOC);
$IDMedia = $donnees['id_media'];
// Contient l'ID
if ($IDMedia != '') {
$reqRecupDelMedia = $bdd->prepare('SELECT * FROM medias WHERE titre_media= :media');
$reqRecupDelMedia->execute(array('media' => $titre_media)) or die(print_r($reqRecupDelMedia->errorInfo()));
$page['medias'] = array();
while ($donnees = $reqRecupDelMedia->fetch()) {
$nouveau = array();
$nouveau['titre'] = Securite::html($donnees['titre_media']);
$nouveau['isbn'] = Securite::html($donnees['isbn_media']);
$nouveau['resume'] = Securite::html($donnees['resume_media']);
$nouveau['emprunt'] = Securite::html($donnees['empruntable_media']);
$nouveau['image'] = Securite::html($donnees['nom_image']);
$nouveau['id_type'] = Securite::html($donnees['id_type']);
$nouveau['id_categorie'] = Securite::html($donnees['id_categorie']);
$nouveau['id_admin'] = Securite::html($donnees['id_admin']);
$nouveau['id'] = Securite::html($donnees['id_media']);
array_push($page['medias'], $nouveau);
}
} else {
$page['erreur'] = "Ce media n'existe pas !";
}
}
FROM forum_categorie
LEFT JOIN forum_forum ON forum_categorie.cat_id = forum_forum.forum_cat_id
LEFT JOIN forum_post ON forum_post.post_id = forum_forum.forum_last_post_id
LEFT JOIN forum_topic ON forum_topic.topic_id = forum_post.topic_id
LEFT JOIN membres ON membres.id = forum_post.post_createur
ORDER BY cat_ordre, forum_ordre DESC');
//mysql_result($requete2,0);
while ($data2 = mysql_fetch_assoc($requete2)) {
if ($data2['cat_id'] == $data['cat_id']) {
if ($categorie != $data2['cat_id']) {
$categorie = $data2['cat_id'];
?>
<tr>
<th class='rankingHeader'></th>
<th class='rankingHeader' class="titre2"><strong><?php
echo Securite::html($data2['cat_nom']);
?>
</strong></th>
<th class='rankingHeader' class="nombremessages"><strong>Sujets</strong></th>
<th class='rankingHeader' class="nombresujets"><strong>Messages</strong></th>
<th class='rankingHeader' class="derniermessage"><strong>Dernier message</strong></th>
</tr>
<?php
}
echo '<tr><td><center><img src="themes/' . $theme . '/images/forums/message.gif" alt="message" /></center></td>
<td class="titre2"><strong><a href="index.php?module=forums&action=voirforum&f=' . $data2['forum_id'] . '">
' . $data2['forum_name'] . '</a></strong>
<br />' . $data2['forum_desc'] . '</td>
<td class="nombresujets">' . $data2['forum_topic'] . '</td>
<td class="nombremessages">' . $data2['forum_post'] . '</td>';
if (!empty($data2['forum_post'])) {
</div>
';
include 'identification.php';
include 'footer.php';
}
} else {
/*
* Si utilisateur est inconnu
*/
$error_unknown = ' Combinaison utilisateur/mot de passe incorrect. Veuillez rééssayer.';
echo '
<div class="container">
<div class="row">
<div class="alert alert-warning alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<strong>' . Securite::html($error_unknown) . '</strong></p>
</div>
</div>
</div>
';
include 'identification.php';
include 'footer.php';
}
} else {
if (!Auth::islog()) {
include 'identification.php';
include 'footer.php';
} else {
include 'footer.php';
}
}
} else {
if (empty($sujet)) {
echo "<p>Merci d'entrer un sujet.</p>";
echo "<br /><a href='javascript:history.go(-1)'>Retour</a>";
} else {
if (empty($message)) {
echo "<p>Merci d'entrer un message.</p>";
echo "<br /><a href='javascript:history.go(-1)'>Retour</a>";
} else {
if (ereg("[]%~#`\$&|}{^[><]", $message)) {
echo "Certains caractères utilisés sont interdits";
echo "<br /><a href='javascript:history.go(-1)'>Retour</a>";
} else {
$provenance = Securite::html($_SERVER['HTTP_REFERER']);
$adressip = Securite::html($_SERVER['REMOTE_ADDR']);
$navigateur = Securite::html($_SERVER['HTTP_USER_AGENT']);
$message2 = "Provenance : {$provenance}\n";
$message2 .= "Adresse IP : {$adressip}\n";
$message2 .= "Navigateur : {$navigateur}\n";
$message2 .= "Nom : {$nom}\n";
$message2 .= "E-mail : {$email}\n";
$message2 .= "Sujet : {$sujet}\n";
$message2 .= "Message : {$message}\n";
require "kernel/mailer/class.phpmailer.php";
require "kernel/config.php";
if ($type_envoi == "smtp") {
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPAuth = true;
$mail->CharSet = "UTF-8";
$mail->Priority = 1;
if ($erreur != 0 && $cas == 1) {
header('Location: ?login&connexion=' . $erreur);
} else {
if ($erreur != 0 and ($cas == 2 or $cas == 3)) {
setcookie('pseudo', '0', time());
setcookie('passe', '0', time());
session_destroy();
header('Location: ?login&connexion=' . $erreur);
} else {
//!\\ Très important : c'est cette instruction qui rend les infos sur le visiteur accessible !
// Autrement, il n'est pas vraiment connecté...
$protection = array('nom_admin');
foreach ($tmembre as $cle => $element) {
$visiteur[$cle] = $element;
}
$visiteur['nom'] = Securite::html($visiteur['nom']);
$data['session'] = true;
}
}
}
}
// Gestion des messages info/erreur du système de connexion --
if (isset($_GET['connexion']) && !is_int($_GET['connexion'])) {
switch ($_GET['connexion']) {
case 0:
$data['info'] = "Vous êtes bien connecté. Bonne visite !";
break;
case 1:
$data['erreur'] = "Pseudo inconnu";
break;
case 2:
<?php
if (empty($securite) or !isset($securite) or $securite != "ok") {
header("location: erreur.php?err=access_denied");
}
require "kernel/config.php";
mysql_connect($coolwow['host'], $coolwow['user'], $coolwow['password']) or die(mysql_error());
mysql_select_db($coolwow['db']) or die(mysql_error());
$date_now = date("Y-m-d H:i:s");
if ($_SESSION['auth'] == "yes") {
switch ($_GET['action']) {
case "valide":
verify_xsrf_token();
$username = $_SESSION['username'];
$vote = Securite::html($_POST['vote']);
$reponse = mysql_query("SELECT * FROM vote WHERE account_name='" . $username . "'") or die(mysql_error());
if (!empty($vote) or isset($vote)) {
if ($vote == 1) {
if (mysql_num_rows($reponse) == 0) {
mysql_query("INSERT INTO vote (account_name) VALUES ('" . $username . "')");
}
mysql_query("UPDATE membres SET nb_point_vote = nb_point_vote + {$nb_point_par_vote}, total_vote = total_vote + {$nb_point_par_vote} WHERE account_name='" . $username . "'") or die(mysql_error());
mysql_query("UPDATE vote SET date_vote1 = '" . $date_now . "' WHERE account_name='" . $username . "'") or die(mysql_error());
echo "<p>Merci pour se vote.<br />Il vous a rapporté " . $nb_point_par_vote . " point(s) !</p>";
echo "<a href=\"index.php\">Retour</a>";
} elseif ($vote == 2) {
if (mysql_num_rows($reponse) == 0) {
mysql_query("INSERT INTO vote (account_name) VALUES ('" . $username . "')");
}
mysql_query("UPDATE membres SET nb_point_vote = nb_point_vote + {$nb_point_par_vote}, total_vote = total_vote + {$nb_point_par_vote} WHERE account_name='" . $username . "'") or die(mysql_error());
mysql_query("UPDATE vote SET date_vote2 = '" . $date_now . "' WHERE account_name='" . $username . "'") or die(mysql_error());
echo "<p>Merci pour se vote.<br />Il vous a rapporté " . $nb_point_par_vote . " point(s) !</p>";
static function getEmprunts($id)
{
global $bdd;
// -- Récupération --
$requete = $bdd->prepare('SELECT m.id_media AS id, m.titre_media AS titre FROM Reservations r' . ' INNER JOIN Concerner c ON c.id_reservation = r.id_reservation' . ' INNER JOIN Exemplaires e ON e.num_exemplaire = c.num_exemplaire' . ' INNER JOIN Medias m ON e.id_media = m.id_media' . ' WHERE r.id_admin = :id');
$requete->bindParam(':id', $id, PDO::PARAM_INT);
$requete->execute();
$retour = array();
$i = 0;
while ($element = $requete->fetch(PDO::FETCH_ASSOC)) {
$emprunt = array();
$emprunt['id'] = intval($element['id']);
$emprunt['titre'] = Securite::html($element['titre']);
$retour[$id] = $emprunt;
$i++;
}
return $retour;
}
<th class="th">Etat</th>
<th class="th">Sujet</th>
<th class="th">Destinataire</th>
<th class="th">Date</th>
<th></th>
</thead>
<tbody>
<?php
if (mysql_num_rows($retour) <= 0) {
echo "<tr><td colspan=\"4\">Aucuns messages !!!</td></tr>";
} else {
while ($donnees = mysql_fetch_assoc($retour)) {
$etat = Securite::html($donnees['vu']);
$sujet = Securite::html($donnees['sujet']);
$destinataire = Securite::html($donnees['mp_destinataire']);
$date = Securite::html($donnees['timestamp']);
echo '
<tr>
<td class="td">';
if ($etat == 0) {
echo "<img src=\"themes/" . $theme . "/messages/msg_new.gif\" alt=\"Non Lu\" />";
} else {
echo "<img src=\"themes/" . $theme . "/messages/msg_receive.gif\" alt=\"Lu\" />";
}
echo '</td>
<td class="td"><a href="index.php?module=messagerie&action=lire&mp=' . $donnees['id'] . '">' . $sujet . '</a></td>
<td class="td">' . $destinataire . '</td>
<td class="td">Le ' . date('d/m/Y \\à H\\hi', $date) . '</td><td class="td"><a href="index.php?module=messagerie&action=supprimer&suppr=2&id=' . $donnees['id'] . '"><img src="themes/' . $theme . '/messages/delete.gif" alt="Supprimer ce message" /></a></td>
</tr>';
}
}
echo "\" onmouseover=\"ddrivetip('<span class=\\'tooltip-whitetext\\'>race - classe</span>')\" onmouseout=\"hideddrivetip()\">\n\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t\t<td class=\"profile-header-title\" valign=\"top\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"profile-header-title-name\">" . Securite::html($donnees['name']) . "</span><br>\n\t\t\t\t\t\t\t\t\t\t<span class=\"profile-header-title-guild\"><a href=\"index.php?module=guildes&action=membres&id=" . Securite::html($donnees['GNAME']) . "\">" . Securite::bdd($guild_name[0]) . "</a></span><br>";
?>
<span class="profile-header-title-info">Level <?php
echo $donnees['level'];
?>
<?php
nomrace(Securite::html($donnees['race']));
?>
<?php
nomclass(Securite::html($donnees['class']));
?>
</span><br>
<?php
echo "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td class=\"profile-header-";
echo nomside(Securite::html($donnees['race']));
echo "-right\" width=\"50%\" valign=\"top\">\n\t\t\t\t\t\t\t<span onmouseover=\"ddrivetip('<span class=\\'profile-tooltip-header\\'>Guild - name\\</span><br><span class=\\'profile-tooltip-description\\'>Guild Rank: membre<br>Members: 100</span>')\" onmouseout=\"hideddrivetip()\">Guild: " . Securite::html($guild_name[0]) . "</span><br><br>Realm: Royaume<br>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t</table>\n\t\t\t\t<br />\n\t\t\t\t<center>";
?>
<br /><br />
<table cellpadding="0" cellspacing="0" class="lined" style="width: 560px;">
<tr>
<td width="6%">
<?php
if (!empty($equiped_items[1][1])) {
echo maketooltip("<img src=\"{$equiped_items[1][1]}\" class=\"{$equiped_items[1][2]}\" alt=\"\" />", "{$item_datasite}{$EQU_HEAD}", $equiped_items[1][0], "item_tooltip", "target=\"_blank\"");
} else {
echo "<img src=\"images/armurerie/{$template_icons}/head.gif\" class=\"icon_border_0\" alt=\"\" />";
}
?>
</td>
<td class="half_line" colspan="4"><?php
echo $lang_armurerie['honor_rang'];
<td colspan="<?php
$page['colonnes'];
?>
"><?php
echo $page['pagination'];
?>
</td>
</tr>
</tfoot>
<tbody>
<?php
foreach ($page['liste'] as $element) {
?>
<tr>
<td><?php
echo Securite::html($element['nom']);
?>
</td>
<?php
if ($page['cible']) {
?>
<!-- Base renseignée -->
<td><a href="<?php
echo $page['url'] . '&delier=' . $element['id'];
?>
">délier</a></td>
<?php
}
?>
<td><a href="<?php
echo $page['url'] . '&editer=' . $element['id'];
//Nous récupérons le contenu de la requête dans $retour_total
$donnees_total = mysql_fetch_assoc($retour_total);
//On range retour sous la forme d'un tableau.
$total = Securite::html($donnees_total['total']);
//On récupère le total pour le placer dans la variable $total.
$sql = "SELECT * FROM chatbox ORDER BY id_msg DESC";
$resultat = mysql_query($sql) or die("Erreur requette SQL");
echo "\n\t\t\t\t\t<p class=\"title\">Gestion de la chatbox</p>";
//Aperçu
echo "<table class=\"lined\" width=\"99%\" style='border-collapse: collapse'; align='center' width='90%' border='1' cellspacing='1' cellpadding='1'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<th width=\"30\"></th><th width=\"30\"></th>\n\t\t\t\t\t\t\t<th width=\"30\">id</th><th>Messages</th>\n\t\t\t\t\t\t</tr>";
if ($total == 0) {
echo "<tr><td colspan=\"4\">Il n'y a pour le moment aucuns messages dans la chatbox !</td></tr>";
} else {
while ($ligne = mysql_fetch_array($resultat)) {
extract($ligne);
echo "<tr><td class='milieu'><a href=\"index.php?module=chatbox&action=delete&id=" . Securite::html($id_msg) . "\"><img src='../images/delete.gif' /></a></td><td class='milieu'><a href=\"index.php?module=chatbox&action=modify&id=" . Securite::html($id_msg) . "\"><img src='../images/edit.png' /></a></td><td class='milieu'>" . Securite::html($id_msg) . "</td><td>" . Securite::html($msg) . "</td></tr>";
}
}
echo "</table>";
break;
}
} else {
echo "<p>Ce module est désactivé, merci de voir avec l'administrateur !</p>";
echo "<a href=\"../index.php\">Retour</a>";
}
} elseif (Securite::bdd($_SESSION['auth']) != "yes") {
header("location: ../index.php");
exit;
} elseif (Securite::bdd($_SESSION['gmlevel']) <= $rep['config_value2']) {
echo "<p>" . Securite::bdd($_SESSION['username']) . " vous n'êtes pas autorisé à accéder à cette partie !</p>";
echo "<a href=\"../index.php\">Retour</a>";
echo "Wrath of the Lich King";
}
echo "</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t\t<br />\n\t\t\t\t\t<p class=\"title\">Liste des personnages :</p><p>";
mysql_connect($characters[1]['host'], $characters[1]['user'], $characters[1]['password']) or die(mysql_error());
mysql_select_db($characters[1]['db']) or die(mysql_error());
$test = mysql_query("SELECT * FROM characters WHERE account={$id} ORDER BY name ") or die(mysql_error());
while ($donnees = mysql_fetch_array($test, MYSQL_ASSOC)) {
$perso = Securite::bdd($donnees['name']);
$level = explode(' ', $donnees['data']);
$niveau = $level[53];
$race = Securite::bdd($donnees['race']);
$class = Securite::bdd($donnees['class']);
echo "<a href=\"../armurerie-select.php?perso={$perso}\">{$perso} - ";
nomrace($race);
echo " ";
nomclass($class);
echo " | lvl {$niveau}</a><br />";
}
echo "</p><br />\n\t\t\t\t\t<table>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td align=\"left\"><a href='javascript:history.go(-1)'>Retour</a></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t</p>";
break;
default:
mysql_connect($coolwow['host'], $coolwow['user'], $coolwow['password']) or die(mysql_error());
mysql_select_db($coolwow['db']) or die(mysql_error());
$test = mysql_query("SELECT nb_point_vote FROM membres WHERE id = " . $membre_id . "") or die(mysql_error());
$donnees = mysql_fetch_array($test, MYSQL_ASSOC);
echo "<p class=\"title\">Gestion du compte {$post}</p><br />";
echo "Vous avez actuellement " . Securite::html($donnees['nb_point_vote']) . " points de vote.<br />\n\t\t\t<br />\n\t\t\tVotre compte :<br />\n\t\t\t<a href='index.php?module=mon_compte&action=info'>Information sur le compte</a><br />\n\t\t\t<a href='index.php?module=mon_compte&action=modifier'>Modifier le compte</a><br /><br />\n\t\t\tVotre profil :<br />\n\t\t\t<a href='index.php?module=profil&id=" . $membre_id . "'>Voir son profil</a><br />\n\t\t\t<a href='index.php?module=profil&action=modifier&id=" . $membre_id . "'>Modifier son profil</a><br /><br />";
echo "<p><a href='index.php'>Retour</a></p>";
break;
}
}
echo "<tr><td align=\"center\">";
echo "<a href=\"http://fr.wowhead.com/?item=" . $guid . "\"><img src=\"" . get_icon($guid) . "\" /></a>";
echo "<br><a href=\"" . $item_datasite . "" . $guid . "\" target=\"_blank\">";
echo "" . Securite::html($donnees[2]) . " (" . Securite::html($donnees[8]) . ")";
echo "</a>";
echo "</td><td align=\"center\">";
prix(Securite::html($donnees[7]));
echo "</td><td align=\"center\">";
prix(Securite::html($donnees[3]));
echo "</td><td align=\"center\">";
echo "<a href=\"armurerie-select.php?perso={$uname}\">{$uname}</a>";
echo "</td><td align=\"center\">";
prix(Securite::html($donnees[6]));
echo "</td><td align=\"center\">";
if (Securite::html($donnees[5]) != NULL) {
echo "<a href=\"armurerie-select.php?perso=" . Securite::html($donnees[5]) . "\">" . Securite::html($donnees[5]) . "</a>";
} else {
echo "Aucun";
}
echo "</td><td align=\"center\">";
echo $guid;
echo "</td></tr>";
}
}
echo "</TABLE>\n\t\t\t<p class=\"center\">" . $lang_hotel_vente['there_is'] . " " . $donnees_total['total'] . " " . $lang_hotel_vente['item_sale'] . "</p>";
pagination($ParPage, $total, $truc, $adresse);
} else {
echo "<p>" . $lang_erreur['page_notexist'] . "</p>";
echo "<a href=\"index.php?module=guildes\">" . $lang_site['return'] . "</a>";
}
break;
// Génération des petites étiquettes (des divs)
while ($donnees = $req->fetch(PDO::FETCH_ASSOC)) {
echo '<div class="blocR">';
// div qui contient l'ensemble de l'étiquete
echo '<form class="form" method=POST action="?admin=reservation&action=valider">';
echo " <div class='titreR' > Réservation N° : " . $donnees['id_reservation'] . ' </div> <br />';
// Div Titre
echo '<input type="hidden" name="IDR" value="' . $donnees["id_reservation"] . '" />';
// Avec l'ID admin, on récupère son nom pour l'afficher
$ID_Uti = $donnees['id_admin'];
$reqUti = $bdd->prepare('SELECT nom_admin FROM administrateurs WHERE id_admin = :IDU');
$reqUti->execute(array('IDU' => $ID_Uti));
$nomUtiTB = $reqUti->fetch(PDO::FETCH_ASSOC);
$nom_Uti = $nomUtiTB['nom_admin'];
// Ouverture d'une div qui contient les éléments généraux de la table réservations
echo '<div class="divR" >Utilisateur : ' . Securite::html($nom_Uti) . '<br />';
echo ' Date de début : ' . $donnees['debut_reservation'] . '<br />';
echo 'Date de fin : ' . $donnees['fin_reservation'] . '</div><br />';
$reqEx = $bdd->prepare('SELECT num_exemplaire FROM concerner WHERE id_reservation=:IDR');
$reqEx->execute(array('IDR' => $donnees['id_reservation']));
$compt = 0;
// Ensuite, on va générer une mise en forme pour chaque exemplaire. On aura la div gauche qui contient
// les infos sur le media (juste le titre) et a droite les infos de l'exemplaire précis.
// On utilise un compteur pour les input cachés
echo ' <div class="Liste"><div class= "titreListe"> Liste des emprunts </div> ';
while ($donnees2 = $reqEx->fetch(PDO::FETCH_ASSOC)) {
$compt++;
//echo ' Exemplaire '.$compt.': '.$donnees2['num_exemplaire'];
echo '<br />';
echo '<input type="hidden" name ="Ex' . $compt . '" value="' . $donnees2["num_exemplaire"] . '"/>';
$reqEx2 = $bdd->prepare('SELECT id_media, prix_exemplaire, rmq_exemplaire FROM exemplaires WHERE num_exemplaire=:IDE');
echo "<table class=\"lined\" width=\"99%\" style='border-collapse: collapse'; width='90%' border='1' cellspacing='1' cellpadding='1'>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<th class='milieu' width=\"30\"><a href='index.php?module=groupes&action=creer_groupe'><img src='../images/add.png' /></a></th>\n\t\t\t\t\t\t\t\t<th width=\"30\"></th>\n\t\t\t\t\t\t\t\t<th width=\"30\">id</th>\n\t\t\t\t\t\t\t\t<th>Nom du groupe</th>\n\t\t\t\t\t\t\t\t<th>Description du groupe</th>\n\t\t\t\t\t\t\t\t<th>Droits du groupe</th>\n\t\t\t\t\t\t\t</tr>";
while ($donnees = mysql_fetch_assoc($retour)) {
$id = Securite::html($donnees['group_id']);
$nom_groupe = Securite::html($donnees['group_nom']);
echo "<tr><td align=\"center\">";
echo "<a href=\"index.php?module=groupes&action=supprimer_groupe&id={$id}\"><img src='../images/delete.gif' /></a>";
echo "</td><td align=\"center\">";
echo "<a href=\"index.php?module=groupes&action=modifier_groupe&id={$id}\"><img src='../images/edit.png' /></a>";
echo "</td><td align=\"center\">";
echo Securite::html($donnees['group_id']);
echo "</td><td align=\"center\">";
echo "<a href=\"index.php?module=groupes&action=membres_groupe&id={$id}\">" . $nom_groupe . "</a>";
echo "</td><td align=\"center\">";
echo Securite::html($donnees['group_description']);
echo "</td><td align=\"center\">";
echo Securite::html($donnees['group_droit']);
echo "</td>";
echo "</tr>";
}
echo "<tr><td class='milieu'><a href='index.php?module=groupes&action=creer_groupe'><img src='../images/add.png' /></a></td>\n\t\t\t\t\t<td></td><td></td><td></td><td></td></tr>";
echo "</table><br />";
break;
}
} else {
echo "<p>Ce module est désactivé, merci de voir avec l'administrateur !</p>";
echo "<a href=\"../index.php\">Retour</a>";
}
} elseif (Securite::bdd($_SESSION['auth']) != "yes") {
header("location: ../index.php");
exit;
} elseif (Securite::bdd($_SESSION['gmlevel']) <= $rep['config_value2']) {
function setMessage($mail)
{
$this->message = Securite::html($mail);
}
<?php
session_start();
include 'header.php';
?>
<?php
if (Auth::islog()) {
if (!empty($_POST)) {
$description = Securite::bdd($_POST['choix_code']);
$q = array('description' => $description, 'user_id' => $user_id);
$sql = 'DELETE FROM codes_analytiques WHERE user_id = :user_id AND description = :description';
$req = $cnx->prepare($sql);
try {
$req->execute($q);
echo "\t<div class=\"alert span12 alert-success\">\n \t\t\t\t<strong><i class=\"glyphicon glyphicon-ok\"></i> La suppression s'est déroulé correctement.</strong>\n\t\t\t\t\t</div>";
} catch (Exception $e) {
echo "\n\t\t\t\t\t<div class=\"alert span12 alert-error\">\n\t\t\t\t\t<strong><i class=\"icon-ban-circle icon-white\"></i> Un problème est survenu pendant la suppresion. " . Securite::html($e->getMessage()) . "</strong>\n\t\t\t\t\t</div>";
}
} else {
echo "\n\t\t\t\t\t<div class=\"alert span12 alert-error\">\n\t\t\t\t\t<strong><i class=\"icon-ban-circle icon-white\"></i> Erreur, aucun formulaire de suppression de code analytique n'a été reçu...</strong>\n\t\t\t\t\t</div>";
}
} else {
echo "\n\t\t\t\t\t<div class=\"container\">\n\t\t\t\t\t\t<div class=\"alert span9 alert-error\">\n \t\t\t\t\t\t<strong><i class=\"icon-ban-circle icon-white\"></i> Vous devez vous connecter pour afficher cette page.</strong>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>";
}
?>
<?php
include 'footer.php';
public static function membres()
{
if (Auth::islog()) {
global $cnx, $user_id;
$sql = 'SELECT prenom, nom, email, naissance, cotisation, fonction FROM membres WHERE users_on = :user_id';
$req = $cnx->prepare($sql);
$req->bindParam(':user_id', $user_id, PDO::PARAM_STR, 100);
$req->execute($q);
while ($row = $req->fetch(PDO::FETCH_ASSOC)) {
echo "<option>" . Securite::html($row['prenom']) . "</option>";
}
}
}
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="alert alert-warning alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<p>La suppression de l\'écriture s\'est déroulé correctement. <span class="glyphicon glyphicon-ok"></span></p>
</div>
</div>
</div>
';
} catch (Exception $e) {
echo '
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="alert alert-warning alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<p>Un problème est survenu pendant la suppresion. ' . Securite::html($e->getMessage()) . ' <span class="glyphicon glyphicon-remove"></span></p>
</div>
</div>
</div>
';
}
}
$q = array('user_id' => $user_id);
$sql = 'SELECT id, intitule, date_creation, journal_id, compte_id, mode, code_analt_id, credit, debit, c.description AS descriptionCompte, j.description AS descriptionJournal, ca.description AS descriptionCodeAnalt
FROM ecritures e
INNER JOIN comptes c ON c.id_compte = e.compte_id
INNER JOIN journaux j ON j.id_journal = e.journal_id
INNER JOIN codes_analytiques ca ON ca.id_code_analt = e.code_analt_id
WHERE e.user_id = :user_id';
$req = $cnx->prepare($sql);
$req->execute($q);
$req = mysql_query('SELECT * FROM site_config_admin WHERE config_name = "module_adm_additem"');
$rep = mysql_fetch_array($req);
if ($_SESSION['auth'] == "yes" and Securite::bdd($_SESSION['gmlevel']) >= $rep['config_value2']) {
if ($rep['config_value'] == 1) {
mysql_connect($characters[1]['host'], $characters[1]['user'], $characters[1]['password']) or die(mysql_error());
mysql_select_db($characters[1]['db']) or die(mysql_error());
switch ($_GET['action']) {
case "ajouter":
require_once "../kernel/fonctions_armurerie.php";
//iditem = l'id de l'objet a ajouter.
$character = Securite::bdd($_POST['character']);
$iditem = Securite::bdd($_POST['iditem']);
$nombre = Securite::bdd($_POST['nombre']);
$reponse = mysql_query("SELECT name FROM `characters` WHERE `guid`='{$character}' OR `name`='{$character}'") or die(mysql_error());
$donnees = mysql_fetch_array($reponse, MYSQL_ASSOC);
$name = Securite::html($donnees['name']);
echo "<h3>Êtes-vous sûr de vouloir rajouter dans l'inventaire du personnage : {$name}</h3>";
echo "<h3>L'objet ";
echo "<a href=\"http://fr.wowhead.com/?item=" . $iditem . "\"><img src=\"" . get_icon2($iditem) . "\" /></a>";
echo "</h3>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t<form action=\"index.php?module=additem&action=add\" method=\"POST\">\n\t\t\t\t\t\t\t<input type=\"hidden\" name=\"character\" value=\"{$character}\">\n\t\t\t\t\t\t\t<input type=\"hidden\" name=\"iditem\" value=\"{$iditem}\">\n\t\t\t\t\t\t\t<input type=\"hidden\" name=\"nombre\" value=\"{$nombre}\">\n\t\t\t\t\t\t\t<input type=\"submit\" value=\"Oui je suis sûr !!!\">\n\t\t\t\t\t\t</form>\n\t\t\t\t\t</p>";
break;
case "add":
$db = $characters[1]['db'];
$character = Securite::bdd($_POST['character']);
$iditem = Securite::bdd($_POST['iditem']);
$nombre = Securite::bdd($_POST['nombre']);
$itemid = rand(1, 600000);
mysql_query("INSERT INTO " . $db . ".item_instance (guid,owner_guid,data) VALUES ('" . $itemid . "','" . $character . "','" . $itemid . " 1073741936 3 " . $iditem . " 1065353216 0 " . $character . " 0 " . $character . " 0 0 0 0 0 " . $nombre . " 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0')");
mysql_query("REPLACE INTO " . $db . ".character_inventory (guid, bag, slot, item, item_template) VALUES ('" . $character . "', '0', '23', '" . $itemid . "', '" . $iditem . "')");
echo "Objet bien ajouté !!!";
break;
while ($donnees = mysql_fetch_array($reponse, MYSQL_ASSOC)) {
$level = explode(' ', Securite::html($donnees['data']));
$niveau = $level[53];
$name = Securite::html($donnees['name']);
$sex = explode(' ', Securite::html($donnees['data']));
$sex = dechex($sex[36]);
$sex = str_pad($sex, 8, 0, STR_PAD_LEFT);
$sex = $sex[3];
echo "<tr><td align=\"center\">";
echo "<a href=\"armurerie-select.php?perso=" . $name . "\">" . $name . "</a>";
echo "</td><td align=\"center\">";
echo $niveau;
echo "</td><td align=\"center\">";
imgrace(Securite::html($donnees['race']));
echo "</td><td align=\"center\">";
imgclass(Securite::html($donnees['class']));
echo "</td><td align=\"center\">";
sex($sex);
echo "</td><td align=\"center\">";
side(Securite::html($donnees['race']));
echo "</td></tr>";
}
}
echo "</TABLE>";
pagination($ParPage, $total, $truc, $adresse);
} else {
echo "<p>Cette page n'existe pas !</p>";
echo "<a href=\"index.php?module=guildes\">Retour</a>";
}
break;
}
} catch (Exception $e) {
echo "\n\t\t\t\t<h3>Un problème est survenu pendant la suppresion. " . Securite::html($e->getMessage()) . "</h3>";
}
} elseif (isset($_POST['majInfosAdresse'])) {
$adresse_postale = $_POST['adresse'];
$code_postal = $_POST['codepostal'];
$commune = $_POST['commune'];
$q = array('adresse_postale' => $adresse_postale, 'code_postal' => $code_postal, 'commune' => $commune, 'user_id' => $user_id);
$sql = 'UPDATE infos SET adresse_postale = :adresse_postale, code_postal = :code_postal, commune = :commune WHERE id_user = :user_id';
$req = $cnx->prepare($sql);
try {
$req->execute($q);
echo "\n\t\t\t\t<div class=\"alert alert-success\">\n\t\t\t\t\t<h4><span class=\"glyphicon glyphicon-ok\"</span> La mise à jour de votre adresse s'est déroulée avec succés.</h4>\n\t\t\t\t</div>\n\t\t\t";
} catch (Exception $e) {
echo "\n\t\t\t\t<h3>Un problème est survenu pendant la suppresion. " . Securite::html($e->getMessage()) . "</h3>";
}
} elseif (isset($_POST['majInfosAdmin'])) {
$num_siret = $_POST['num_siret'];
$num_registre = $_POST['num_registre'];
$interet_gen = $_POST['interet_gen'];
$num_ape = $_POST['num_ape'];
$q = array('num_siret' => $num_siret, 'num_registre' => $num_registre, 'interet_gen' => $interet_gen, 'num_ape' => $num_ape, 'user_id' => $user_id);
$sql = 'UPDATE infos SET ape = :num_ape, registre = :num_registre, siret = :num_siret, interet_gen = :interet_gen WHERE id_user = :user_id';
$req = $cnx->prepare($sql);
try {
$req->execute($q);
echo "\n\t\t\t\t<div class=\"alert alert-success\">\n\t\t\t\t\t<h4><span class=\"glyphicon glyphicon-ok\"</span> La mise à jour de vos renseignements administratifs s'est déroulée avec succés.</h4>\n\t\t\t\t</div>\n\t\t\t";
} catch (Exception $e) {
echo "\n\t\t\t\t<h3>Un problème est survenu pendant la suppresion. " . Securite::html($e->getMessage()) . "</h3>";
}
}
//Nous récupérons le contenu de la requête dans $retour_total
$donnees_total = mysql_fetch_assoc($retour_total);
//On range retour sous la forme d'un tableau.
$total = Securite::bdd($donnees_total['total']);
//On récupère le total pour le placer dans la variable $total.
$sql = "SELECT * FROM news ORDER BY idnews DESC";
$resultat = mysql_query($sql) or die(mysql_error());
echo "\n\t\t\t\t\t<p class=\"title\">Gestion des news</p>";
//Aperçu
echo "<table class=\"lined\" width=\"99%\" style='border-collapse: collapse'; align='center' width='90%' border='1' cellspacing='1' cellpadding='1'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<th width=\"30\"><a href='index.php?module=news&action=poster'><img src='../images/add.png' /></a></th>\n\t\t\t\t\t\t\t<th width=\"30\"></th>\n\t\t\t\t\t\t\t<th width=\"30\">id</th>\n\t\t\t\t\t\t\t<th>Message</th>\n\t\t\t\t\t\t</tr>";
if ($total == 0) {
echo "<tr><td colspan=\"4\">Il n'y a pour le moment aucunes news !</td></tr>";
} else {
while ($ligne = mysql_fetch_array($resultat)) {
extract($ligne);
echo "<tr>\n\t\t\t\t\t\t\t<td class='milieu'><a href=\"index.php?module=news&action=delete&id={$idnews}\"><img src='../images/delete.gif' /></a></td>\n\t\t\t\t\t\t\t<td class='milieu'><a href='index.php?module=news&action=modify&id={$idnews}'><img src=\"../images/edit.png\" /></form></td>\n\t\t\t\t\t\t\t<td class='milieu'>" . Securite::bdd($idnews) . "</td>\n\t\t\t\t\t\t\t<td>" . Securite::html($news) . "</td></tr>";
}
}
echo "<tr><td class='milieu'><a href='index.php?module=news&action=poster'><img src='../images/add.png' /></a></td><td></td><td></td><td></td></tr>";
echo "</table>";
break;
}
} else {
echo "<p>Ce module est désactivé, merci de voir avec l'administrateur !</p>";
echo "<a href=\"../index.php\">Retour</a>";
}
} elseif (Securite::bdd($_SESSION['auth']) != "yes") {
header("location: ../index.php");
exit;
} elseif (Securite::bdd($_SESSION['gmlevel']) <= $rep['config_value2']) {
echo "<p>" . Securite::bdd($_SESSION['username']) . " vous n'êtes pas autorisé à accéder à cette partie !</p>";
*/
$imagine->open('' . $urlLogo . '')->thumbnail($size, 'inset')->save('img/assos/users/' . $user_id . '_100x100.png');
/*
* Chemin vers l'image redimensionnée
*/
$urlLogoThumb = "img/assos/users/" . $user_id . "_100x100.png";
echo "\r\n\t\t\t\t\t\t\t\t\t\t\t<img src=\"" . $urlLogoThumb . "\"\r\n\t\t\t\t\t\t\t\t\t\t\talt=\"Logo User Thumb\" class=\"img-responsive img-circle\"/>";
}
?>
</div>
<div class="col-lg-7">
<span>
<?php
if (Auth::islog()) {
$val = $_SESSION['Auth']['email'];
echo "" . Securite::html($val) . "";
} else {
echo "Non connecté.";
}
?>
</span>
<p class="text-muted small">
© <a href="http://dsu-crab.fr/" target="_blank">dsu-crab.fr</a> - <a href="infos.txt" target="_blank">À propos (Version Bêta 2)</a>
</p>
<div class="divider">
</div>
<?php
if (Auth::islog()) {
echo "<a href=\"#\" class=\"btn btn-default btn-sm\" disabled=\"disabled\"><span class=\"glyphicon glyphicon-cog\"></span> Paramètres</a><small>Prochainement</small><br />";
}
?>
} elseif (Securite::html($donnees['gmlevel']) == 4) {
echo "<span style=\"color:red;\"><b>A " . $date . ", " . Securite::html($donnees['auteur_msg']) . " - MJ :</b> " . Securite::html($donnees['msg']) . "</span><br />";
} else {
echo "<span style=\"color:red;\"><b>A " . $date . ", " . Securite::html($donnees['auteur_msg']) . " - ADMIN :</b> " . Securite::html($donnees['msg']) . "</span><br />";
}
}
}
echo "</div>\n\t\t</div>\n\t\t<div class=\"center\">Message limité à 500 caractères.<br /><br />\n\t\t<a href=\"index.php?module=chatbox&action=historique\">Voir l'historique</a></div>\n\t\t<br />\n\t\t<div class=\"center\">";
if ($_SESSION['auth'] == "yes") {
echo "<div class=\"center\">\n\t\t\t\t\t\t\t<form name=\"poste\" action=\"index.php?module=chatbox&action=envoyer\" method=\"POST\">\n\t\t\t\t\t\t\tMessage: <input type=\"text\" name=\"msg\" size=\"100\" maxsize=\"500\" /><input type=\"submit\" value=\"Envoyer\" />\n\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t</div>";
} else {
echo "Merci de vous connectez pour écrire un message.";
}
echo "<div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t<td class=\"md\" width=\"21px\"></td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td width=\"21px\"><img src=\"themes/{$theme}/bg.png\" width=\"21px\" height=\"21px\" alt=\"bg\"></td>\n\t\t\t\t\t\t\t\t<td class=\"bm\" width=\"100%\"></td>\n\t\t\t\t\t\t\t\t<td width=\"21px\"><img src=\"themes/{$theme}/bd.png\" width=\"21px\" height=\"21px\" alt=\"bd\"></td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t\t<br />\n\t\t\t\t\t\t<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td width=\"21px\"><img src=\"themes/{$theme}/hg.png\" width=\"21px\" height=\"21px\" alt=\"hg\" /></td>\n\t\t\t\t\t\t\t\t<td class=\"hm\" width=\"100%\"></td>\n\t\t\t\t\t\t\t\t<td width=\"21px\"><img src=\"themes/{$theme}/hd.png\" width=\"21px\" height=\"21px\" alt=\"hd\" /></td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td class=\"mg\" width=\"21px\"></td>\n\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"10\">\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td class=\"fond\" align=\"center\" height=\"100%\" width=\"100%\">\n\t\t";
echo "<p class=\"title\">Les 5 Derniers messages du forum</p><br />";
echo "\n\t\t<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n\t\t\t<tr>\n\t\t\t\t<td> \n\t\t\t\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t\t\t<table width=\"100%\" border=\"1\" cellpadding=\"0\" cellspacing=\"0\" >\n\t\t\t\t\t\t\t\t\t\t\t\t<tr height=\"32\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<th height=\"31\" colspan=\"2\" align=\"center\" background=\"themes/" . $theme . "/forums/cellpic1.gif\" nowrap><font color=\"#FFFFFF\"><strong>Forum</strong></font></th>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<th width=\"100\" align=\"center\" background=\"themes/" . $theme . "/forums/images/cellpic1.gif\" nowrap><font color=\"#FFFFFF\"><strong>Réponse</strong></font></th>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<th width=\"120\" align=\"center\" background=\"themes/" . $theme . "/forums/images/cellpic1.gif\" nowrap><font color=\"#FFFFF\"><strong>Auteur</strong></font></th>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<th width=\"50\" align=\"center\" background=\"themes/" . $theme . "/forums/images/cellpic1.gif\" nowrap><font color=\"#FFFFFF\"><strong>Vus</strong></font></th>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<th align=\"center\" background=\"themes/" . $theme . "/forums/images/cellpic1.gif\" nowrap><font color=\"#FFFFFF\"><strong>Derniers Messages</strong></font></th>\n\t\t\t\t\t\t\t\t\t\t\t\t</tr>";
mysql_connect($coolwow['host'], $coolwow['user'], $coolwow['password']) or die(mysql_error());
mysql_select_db($coolwow['db']) or die(mysql_error());
$reponse2 = mysql_query('SELECT forum_forum.forum_name, forum_topic.topic_id, topic_titre, topic_createur, topic_vu, topic_post, topic_time, topic_last_post, Mb.pseudo AS membre_pseudo_createur, post_createur, post_time, Ma.pseudo AS membre_pseudo_last_posteur FROM forum_topic
LEFT JOIN membres Mb ON Mb.id = forum_topic.topic_createur
LEFT JOIN forum_post ON forum_topic.topic_last_post = forum_post.post_id
LEFT JOIN membres Ma ON Ma.id = forum_post.post_createur
LEFT JOIN forum_forum ON forum_forum.forum_id = forum_post.post_forum_id
WHERE forum_forum.forum_cat_id != 8
ORDER BY forum_post.post_time DESC LIMIT 0,5') or die(mysql_error());
while ($data = mysql_fetch_assoc($reponse2)) {
echo "<tr> \n\t\t\t\t\t\t\t\t\t\t\t\t\t <td height=\"54\" nowrap bgcolor=\"#202020\" class=\"row1\"><img src=\"themes/" . $theme . "/images/forums/message.gif\" border=\"0\" /></td>\n\t\t\t\t\t\t\t\t\t\t\t\t\t <td width=\"100%\" bgcolor=\"#202020\" class=\"row1\"> " . Securite::html($data['forum_name']) . "<a href=\"\" class=\"forum\"><b></b></a><br> <a href=\"index.php?module=forums&action=voirtopic&t=" . $data['topic_id'] . "\" class=\"forum\">" . $data['topic_titre'] . "</a></td>\n\t\t\t\t\t\t\t\t\t\t\t\t\t <td align=\"center\" bgcolor=\"#353535\"><font color=\"#FFFFFF\">" . Securite::html($data['topic_post']) . "</font></td>\n\t\t\t\t\t\t\t\t\t\t\t\t\t <td align=\"center\" bgcolor=\"#353535\" class=\"row3\"><a href=\"index.php?module=profil&id=" . Securite::html($data['topic_createur']) . "\" class=\"forum\">" . Securite::html($data['membre_pseudo_createur']) . "</a></td>\n\t\t\t\t\t\t\t\t\t\t\t\t\t <td align=\"center\" bgcolor=\"#353535\"><font color=\"#FFFFFF\">" . Securite::html($data['topic_vu']) . "</font></td>\n\t\t\t\t\t\t\t\t\t\t\t\t\t <td align=\"center\" nowrap bgcolor=\"#353535\"><font size=\"-2\" color=\"#FFFFFF\"> " . date('d-m-y à H\\hi', $data['post_time']) . "</font><br>\n\t\t\t\t\t\t\t\t\t\t\t\t\t <a href=\"index.php?module=profil&id=" . Securite::html($data['post_createur']) . "\" class=\"forum\">" . Securite::html($data['membre_pseudo_last_posteur']) . "</a> <a href=\"index.php?module=forums&action=voirtopic&t=" . Securite::html($data['topic_id']) . "\" class=\"forum\"><img src=\"themes/" . $theme . "/images/forums/go.gif\" alt=\"Last Post\" border=\"0\"></a></td>\n\t\t\t\t\t\t\t\t\t\t\t\t\t</tr>";
}
echo "</table>\n\t\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>";
break;
}
$model->ajouter($nom);
}
}
}
$fini = true;
$page['formInput'] = false;
$page['formInfo'] = "Element enregistré";
} else {
$page['formErreur'] = "Le nom est trop long.";
}
}
if ($page['formInput'] && $page['keyAction'] == 'editer') {
$element = $model->getById($page['id_ext'], $exception);
$page['formElement'] = array("id" => Securite::html($element['id']), "nom" => Securite::html($element['nom']));
if ($exception != -1) {
$page['formElement']['duree'] = Securite::html($element['duree']);
}
} else {
if ($page['formInput']) {
$page['formElement'] = array("nom" => '');
}
}
}
// -- Liste --
if (!isset($_GET['nolist'])) {
if (isset($page['id'])) {
$page['liste'] = $model->getAll($page['id']);
$page['nbElement'] = $model->countAll($page['id']);
$page['cible'] = true;
$page['colonnes'] += 2;
} else {
break;
case "compteur":
if ($_SESSION['auth'] == "yes") {
$id = Securite::get($_GET['id']);
if (!empty($id)) {
$membre_id = Securite::bdd($_SESSION['id']);
$retour = mysql_query("SELECT * FROM bug_signalant WHERE id_bug = '{$id}' AND membre_id = '{$membre_id}'") or die(mysql_error());
$donnees = mysql_fetch_array($retour);
if (mysql_num_rows($retour) == 0) {
generate_xsrf_token();
$token = Securite::bdd($_SESSION['token_xsrf']);
$sql = "SELECT *FROM bugreport WHERE id_bug={$id}";
$resultat = mysql_query($sql) or die(mysql_error());
$data = mysql_fetch_array($resultat);
echo "<p class=\"title\">Je confirme avec le même bug que selui decrit ci-dessous:</p>";
echo "<p>" . Securite::html($data['description_bug']) . "</p>";
echo "<form action=\"index.php?module=bugs&action=compteur_v\" method=\"POST\">\n\t\t\t\t\t<input type=\"hidden\" name=\"token_xsrf\" value=\"" . $token . "\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"id\" value='{$id}'>\n\t\t\t\t\t<input type=\"hidden\" name=\"membre\" value='{$membre_id}'>\n\t\t\t\t\t<input type=\"submit\" value=\"Oui je confirme !\">";
} else {
echo "<p>Vous avez déjà signaler ce bug !</p>";
echo "<a href=\"index.php\">Retour</a>";
}
} else {
echo "<p>Erreur de lien !</p>";
echo "<a href=\"index.php\">Retour</a>";
}
} else {
echo "<p>Vous devez étre membre du site pour accèder à cette partie !</p>";
echo "<a href=\"index.php\">Retour</a>";
}
break;
case "compteur_v":
// On calcul la première entrée à lire
if ($truc <= $nombreDePages) {
$reponse = mysql_query("SELECT * FROM news ORDER BY idnews DESC LIMIT {$premiereEntree}, {$ParPage}") or die(mysql_error());
while ($donnees = mysql_fetch_array($reponse)) {
$date = $donnees['date_news'];
$date1 = substr($date, 8, 2) . "/";
// jour
$date2 = $date1 . substr($date, 5, 2) . "/";
// mois
$date3 = $date2 . substr($date, 0, 4) . " ";
// année
$date4 = $date3 . substr($date, 11, 5);
//heur
echo "<p class=\"title\">" . $donnees['titre'] . "";
echo "<br /><p>";
echo bbcode(nl2br(Securite::html($donnees['news'])));
echo "</p><br />";
if (empty($donnees['maj_par'])) {
echo "";
} else {
echo "<p class=\"modif_news\">Edité par " . $donnees['maj_par'] . "</p>";
}
echo "<p class=\"foot_news\">Posté par " . $donnees['auteur'] . " le " . $date4 . "";
if ($_SESSION['auth'] == "yes" and $_SESSION['gmlevel'] >= $news) {
echo " - <a href='admin/index.php?module=news&action=delete&id=" . $donnees['idnews'] . "'><img src='images/delete.gif' /></a> <a href='admin/index.php?module=news&action=modify&id=" . $donnees['idnews'] . "'><img src='images/edit.png' /></a>";
} else {
echo "";
}
echo "</p>";
if ($total != 1) {
echo "</td>\n\t\t\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t\t\t</td>\t\n\t\t\t\t\t\t\t\t\t\t<td class=\"md\" width=\"11\"></td>\n\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t <td width=\"21\"><img src=\"themes/{$theme}/bg.png\" width=\"21\" height=\"21\" ALT=\"bg\" /></td>\n\t\t\t\t\t\t\t\t\t <td class=\"bm\"></td>\n\t\t\t\t\t\t\t\t\t <td width=\"21\"><img src=\"themes/{$theme}/bd.png\" width=\"21\" height=\"21\" ALT=\"bd\" /></td>\n\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t\t<table width=\"100%\" align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"10\">\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" >\n\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t <td width=\"21\"><img src=\"themes/{$theme}/hg.png\" width=\"21\" height=\"21\" ALT=\"hg\" /></td>\n\t\t\t\t\t\t\t\t\t <td class=\"hm\" width=\"100%\"></td>\n\t\t\t\t\t\t\t\t\t <td width=\"21\"><img src=\"themes/{$theme}/hd.png\" width=\"21\" height=\"21\" ALT=\"hd\" /></td>\n\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t<td class=\"mg\" width=\"12\"></td>\n\t\t\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"10\">\n\t\t\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<td class=\"fond\" align=\"left\">";
