echo "<p>Erreur !!!</p>"; echo "<a href='javascript:history.go(-1)'>Retour</a>"; } } else { echo "<p>ERREUR!!!</p>"; echo "<a href='javascript:history.go(-1)'>Retour</a>"; } break; case "modify": $post = Securite::bdd($_GET['id']); if (isset($post)) { if ($post != NULL) { $sql = "SELECT * FROM news WHERE idnews={$post}"; $resultat = mysql_query($sql) or die("Erreur requette SQL"); $info = mysql_fetch_array($resultat); echo "\n\t\t\t\t\t<p class=\"title\">Modifier la news</p>\n\t\t\t\t\t<p><form action=\"index.php?module=news&action=modi\" method=\"POST\">\n\t\t\t\t\t<div align=\"left\" class=\"news\"><form name=\"poste\" action=\"index.php?module=news&action=post\" method=\"POST\">\n\t\t\t\t\t\t<fieldset><legend>ID de la news :</legend>\n\t\t\t\t\t\t\t<input readonly type=\"text\" size=\"10\" name=\"idnews\" value=\"" . Securite::bdd($info["idnews"]) . "\" />\n\t\t\t\t\t\t</fieldset>\n\t\t\t\t\t\t<fieldset><legend>Titre :</legend>\n\t\t\t\t\t\t\t<input type=\"text\" size=\"80\" maxsize=\"100\" name=\"titre\" value=\"" . Securite::html_edit($info["titre"]) . "\" />\n\t\t\t\t\t\t</fieldset>\n\t\t\t\t\t\t<fieldset><legend>Auteur / Correcteur:</legend>\n\t\t\t\t\t\t\t<input readonly type=\"text\" name=\"auteur\" value=\"" . Securite::bdd($info["auteur"]) . "\" size=\"50\" maxsize=\"100\">\n\t\t\t\t\t\t</fieldset>\n\t\t\t\t\t\t<fieldset>\n\t\t\t\t\t\t\t<legend>Message :</legend>\n\t\t\t\t\t\t\t<textarea name=\"message\" rows=\"20\" cols=\"100%\">" . Securite::html_edit($info["news"]) . "</textarea>\n\t\t\t\t\t\t</fieldset>\n\t\t\t\t\t\t<br />\n\t\t\t\t\t\t<input type=\"submit\" value=\"Modifier\" />\n\t\t\t\t\t</form></div>"; } else { echo "<p>Erreur !!!</p>"; echo "<a href='javascript:history.go(-1)'>Retour</a>"; } } else { echo "<p>ERREUR!!!</p>"; echo "<a href='javascript:history.go(-1)'>Retour</a>"; } break; case "modi": $idnews = Securite::bdd($_POST['idnews']); $titre = Securite::bdd($_POST['titre']); $news = Securite::bdd($_POST['message']); $edit = Securite::bdd($_SESSION['username']); $date = date("Y-m-d H:i:s");
echo "<tr><td>Adresse E-Mail: </td>"; echo "<td><input type=\"text\" size=\"50\" name=\"mail\" value=\"" . Securite::bdd($data1['membre_email']) . "\" /></td></tr>"; echo "<tr><td>Afficher votre E-Mail: </td>"; echo "<td><select name=\"cacher_email\">\n\t\t\t\t\t\t\t\t<option value=\"0\">Oui</option>\n\t\t\t\t\t\t\t\t<option SELECTED value=\"1\">Non</option>\n\t\t\t\t\t\t\t</select></td></tr>"; echo "<td>Windows Live Messenger: </td>"; echo "<td><input type=\"text\" size=\"50\" name=\"msn\" value=\"" . Securite::bdd($data1['membre_msn']) . "\" /></td></tr>"; echo '<tr><td>Site Web: </td>'; echo "<td><input type=\"text\" size=\"50\" name=\"siteweb\" value=\"" . Securite::bdd($data1['membre_siteweb']) . "\" /></td></tr>"; echo '<tr><td>Localisation: </td>'; echo "<td><input type=\"text\" size=\"50\" name=\"localisation\" value=\"" . Securite::bdd($data1['membre_localisation']) . "\" /></td></tr>"; echo '<tr><td>Inscrit depuis le: </td>'; echo "<td><input readonly type=\"text\" size=\"10\" name=\"inscrit\" value=\"" . date('d/m/Y', $data1['membre_inscrit']) . "\" /></td></tr>"; echo '<tr><td>Nombres de message: </td>'; echo "<td><input readonly type=\"text\" size=\"4\" name=\"post\" value=\"" . Securite::bdd($data1['membre_post']) . "\" /></td></tr>"; echo "</tr><td>Signature: </td>"; echo "<td><textarea name=\"signature\" rows=\"4\" cols=\"30\" maxsize=\"200\">" . Securite::html_edit($data1['membre_signature']) . "</textarea></td></tr>"; echo "</table><br />"; echo "<input type=\"submit\" value=\"Modifier\" />"; echo "</form>"; } else { echo "<p>Erreur, merci de prevenir le webmaster</p>"; } } else { echo "<p>Vous ne pouvez modifier que votre profil !!!</p>"; echo "<a href=\"../index.php\">Retour</a>"; } break; case "modifier_v": $mail = Securite::bdd($_POST['mail']); $cacher_email = Securite::bdd($_POST['cacher_email']); $msn = Securite::bdd($_POST['msn']);
case "modifier_groupe": $group_id = Securite::bdd($_GET['id']); $sql = "SELECT * FROM forum_groups WHERE group_id=" . $group_id . ""; $resultat = mysql_query($sql) or die("Erreur requette SQL"); $info = mysql_fetch_array($resultat); echo "<p class=\"title\">Modifier un groupe</p>"; echo '<form method="post" action="index.php?module=groupes&action=modifier_groupe_v"> <input type="hidden" name="group_id" value=' . $group_id . '>'; echo '<table> <tr> <td>Nom du groupe:</td> <td><input type="text" name="group_nom" value=' . Securite::html($info["group_nom"]) . '></td> </tr> <tr> <td>Description :</td> <td><textarea cols=45 rows=4 name="group_description">' . Securite::html_edit($info["group_description"]) . '</textarea></td> </tr> <tr> <td>Niveau des droits :</t> <td> <select name="group_droit"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option SELECTED value="' . Securite::html($info["group_droit"]) . '">' . Securite::html($info["group_droit"]) . '</option> </select> </td> </tr> </table> <input type="submit" value="Envoyer"></form>';