function editfilm($id, $titre, $desc1, $desc2, $real, $annee, $img)
{
/*$titre = str_replace("'", "\'",$titre);
$desc1 = str_replace("'", "\'",$desc1);
$desc2 = str_replace("'", "\'",$desc2);
$real = str_replace("'", "\'",$real);
$img = str_replace("'", "\'",$img);*/
// Inutile si on fait des requêtes préparées et des escapes !
$req = connectionbd()->prepare("UPDATE movie SET mov_title=?, mov_description_short=?, mov_description_long=?, mov_director=?, mov_year=?, mov_image=? WHERE mov_id=?;");
$req->execute(array($titre, $desc1, $desc2, $real, $annee, $img, $id));
}
function ajoutMembre($login, $mdp)
{
$stmtMembre = connectionbd()->prepare("INSERT INTO membre values ('',?,?);");
$stmtMembre->execute(array($login, $mdp));
}
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="./lib/booststrap/css/bootstrap.min.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<title>My Movies</title>
</head>
<body>
<?php
include './includes/header.php';
include "includes/fonctions.php";
$req = connectionbd()->prepare("SELECT mov_id, mov_title, mov_description_long, mov_image from movie WHERE mov_id=?");
$req->execute(array($_GET["id"]));
$resultat = $req->fetchAll();
foreach ($resultat as $row) {
$row[0] = escape($row[0]);
$row[1] = escape($row[1]);
$row[2] = escape($row[2]);
$row[3] = escape($row[3]);
echo "<div class='jumbotron'>\n <div class='container'>\n <div class='row'>\n <div class='col-md-5'>\n <img src='{$row['3']}' class='img-thumbnail'>\n </div>\n <div class='col-md-7'>\n <h1>{$row['1']}</h1>\n <p>{$row['2']}</p>\n <a class='btn btn-primary btn-lg' href='./modif.php?id={$row['0']}' role='button'><span class='glyphicon glyphicon-edit'></span> Editer</a>\n </div>";
}
include "includes/footer.php";
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script src="./lib/booststrap/js/bootstrap.min.js"></script>
echo "<br/>";
}
} else {
$img = escape($_POST['img']);
}
$titre = escape($_POST['titre']);
$desc1 = escape($_POST['descc']);
$desc2 = escape($_POST['descl']);
$real = escape($_POST['real']);
$annee = escape($_POST['annee']);
editfilm($_GET['film'], $titre, $desc1, $desc2, $real, $annee, $img);
echo "Le film {$titre} a été edité avec succès. ";
echo "<a href='movie.php?film={$_GET['film']}'>Revenir à la fiche du film</a>";
echo "<br/>";
}
$req = connectionbd()->prepare("SELECT * from movie where mov_id=?;");
$req->execute(array($_GET['film']));
$donnees = $req->fetchAll();
foreach ($donnees as $row) {
$row[0] = escape($row[0]);
$row[1] = escape($row[1]);
$row[2] = escape($row[2]);
$row[3] = escape($row[3]);
$row[4] = escape($row[4]);
$row[5] = escape($row[5]);
$row[6] = escape($row[6]);
}
?>
<h3 class="text-center">Edit a movie</h3>
<div class="jumbotron">
</head>
<body>
<?php
include 'includes/fonctions.php';
?>
<?php
include 'includes/en-tete.php';
?>
<div class="container">
<h1>Mes films</h1>
</br>
<?php
foreach (connectionbd()->query('SELECT mov_id, mov_title, mov_description_short from movie order by mov_year DESC') as $row) {
$row[0] = escape($row[0]);
$row[1] = escape($row[1]);
$row[2] = escape($row[2]);
echo "<div class='jumbotron'>";
echo "<div class='container'>";
echo "<h3><a href='movie.php?film={$row['0']}'>{$row['1']}</a></h3>";
echo "<p>{$row['2']}</p>";
echo "</div>";
echo "</div>";
}
?>
<?php
include 'includes/footer.php';
?>
<title>Disney movies</title>
<link rel="shortcut icon" type="image/x-icon" href="images/logo.ico" />
</head>
<body>
<!-- BARRE NAVIGATION !!! -->
<?php
include 'includes/header.php';
?>
<!-- CONTENU -->
<div class="container">
<div class="jumbotron">
<div class="row">
<?php
include 'includes/fonctions.php';
$req = connectionbd()->prepare("SELECT mov_title, mov_description_long, mov_image, mov_director, mov_year from movie where mov_id=?;");
$req->execute(array($_GET['film']));
$donnees = $req->fetchAll();
foreach ($donnees as $row) {
$row[0] = escape($row[0]);
$row[1] = escape($row[1]);
$row[2] = escape($row[2]);
$row[3] = escape($row[3]);
$row[4] = escape($row[4]);
echo "<div class='col-md-4'>";
echo "<div class='thumbnail'>";
echo "<img src='{$row['2']}'>";
echo "</div>";
echo "</div>";
echo "<div class='col-md-8'>";
echo "<h2>{$row['0']}</h2>";
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="./lib/booststrap/css/bootstrap.min.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<title>My Movies</title>
</head>
<body>
<?php
include './includes/header.php';
include './includes/fonctions.php';
$bd = connectionbd();
if (isset($_GET['id'])) {
$bd->query('DELETE from movie WHERE mov_id=' . $_GET['id'] . ';');
}
?>
<div class="admin">
<div class="container">
<h2>Administration</h2>
</br>
<div class="tab-content">
<div class="table-responsive">
<table class="table table-hover">
<thead>
<tr>
<th>Titre</th>
function editArticle($id, $titre, $desc1)
{
$stmtArticleE = connectionbd()->prepare("UPDATE movie SET mov_title=?, mov_description_short=?, mov_description_long=?, mov_director=?, mov_year=?, mov_image=? WHERE mov_id=?;");
$stmtArticleE->execute(array($titre, $desc1));
}
echo "<br/>";
}
} else {
$img = $_POST['img'];
}
$titre = $_POST['titre'];
$desc1 = $_POST['descc'];
$desc2 = $_POST['descl'];
$real = $_POST['real'];
$annee = $_POST['annee'];
editfilm($_GET['film'], $titre, $desc1, $desc2, $real, $annee, $img);
echo "Le film {$titre} a été edité avec succès. ";
echo "<a href='movie.php?film={$_GET['film']}'>Revenir à la fiche du film</a>";
echo "<br/>";
}
foreach (connectionbd()->query('SELECT * from movie where mov_id=' . $_GET['film'] . ';') as $row) {
}
?>
<h1>Modifier un film</h1>
<div class="jumbotron">
<form method="post" action="#" enctype="multipart/form-data" class="form-horizontal">
<div class="form-group">
<label for="titre" class="col-sm-2 control-label">Titre</label>
<div class="col-sm-8">
<input type="text" class="form-control" placeholder="Titre du film" id="titre" required name="titre" value="<?php
echo $row[1];
?>
">
</div>
</div>
<div class="tab-content">
<div id="movies" class="tab-pane fade in active">
<table class="table table-bordered table-hover">
<tr>
<td><h3>Titre</h3></td>
<td><h3>Réalisateur(s)</h3></td>
<td><h3>Année</h3></td>
<td><h3>Actions</h3></td>
</tr>
<?php
include 'includes/fonctions.php';
if (isset($_GET['film'])) {
$req = connectionbd()->prepare("DELETE from movie where mov_id=?;");
$req->execute(array($_GET['film']));
}
foreach (connectionbd()->query('SELECT mov_id, mov_title, mov_director, mov_year from movie order by mov_year DESC') as $row) {
$row[0] = escape($row[0]);
$row[1] = escape($row[1]);
$row[2] = escape($row[2]);
$row[3] = escape($row[3]);
echo "<tr>";
echo "<td><a href='movie.php?film={$row['0']}'>{$row['1']}</a></td>";
echo "<td>{$row['2']}</td>";
echo "<td>{$row['3']}</td>";
echo "<td><a href='edit.php?film={$row['0']}'><span class='glyphicon glyphicon-pencil'></span></a> <a href='#'><span class='glyphicon glyphicon-trash' data-toggle='modal' data-target='#myModal{$row['0']}'></span></a></td>";
echo "</tr>";
echo "<div class='modal fade' id='myModal{$row['0']}' tabindex='-1' role='dialog' aria-labelledby='myModalLabel' aria-hidden='true'>";
echo "<div class='modal-dialog'>";
echo "<div class='modal-content'>";
echo "<div class='modal-header'>";
echo "<button type='button' class='close' data-dismiss='modal' aria-hidden='true'>×</button>";
echo "</div>";
echo "</div>";
}
?>
</table>
</div>
<div id="utilisateurs" class="tab-pane fade">
<table class="table table-bordered table-hover">
<tr>
<td>
<h3>Liste des membres</h3>
</td>
</tr>
<?php
foreach (connectionbd()->query('SELECT login from membre') as $row1) {
echo "<tr>";
echo "<td>{$row1['0']}</td>";
echo "</tr>";
}
?>
</table>
</div>
</div>
</div>
</br>
</div>
<footer>
<?php
include "includes/footer.php";
function modifierFilm($id, $titre, $desc_short, $desc_long, $real, $annee, $img)
{
$req = connectionbd()->prepare("\n UPDATE movie \n SET mov_title=?, mov_description_short=?, mov_description_long=?, mov_director=?, mov_year=?, mov_image=? \n WHERE mov_id=?;");
$req->execute(array($titre, $desc_short, $desc_long, $real, $annee, $img, $id));
}