} if (file_exists("sources/images/" . $id . ".png")) { unlink("sources/images/" . $id . ".png"); } move_uploaded_file($img['tmp_name'], "sources/images/" . $id . "." . $ext); if (file_exists("sources/images/min/" . $id . "." . $ext)) { unlink("sources/images/min/" . $id . "." . $ext); } Img::creerMin("sources/images/" . $id . "." . $ext, "sources/images/min/", $id . "." . $ext, 200, 200); } } if (!empty($_POST['neele'])) { $neeleb = Reversedecoupedatetime(htmlspecialchars(trim(addslashes($_POST['neele'])))); } if (!empty($_POST['mortle'])) { $mortleb = Reversedecoupedatetime(htmlspecialchars(trim(addslashes($_POST['mortle'])))); } include 'bdd.php'; $nom = htmlspecialchars(trim(addslashes($_POST['nom']))); $realnom = htmlspecialchars(trim(addslashes($_POST['realnom']))); $neea = htmlspecialchars(trim(addslashes($_POST['neea']))); $morta = htmlspecialchars(trim(addslashes($_POST['morta']))); $typeartist = htmlspecialchars(trim(addslashes($_POST['typeartist']))); $biography = addslashes($_POST['biography']); if (isset($_SESSION['username'])) { // inutile c de la securite $username = $_SESSION['username']; } else { $username = "******"; } if ($realnom && $nom) {
<?php if (!isset($_SESSION['username'])) { //redirection echo '<SCRIPT LANGUAGE="JavaScript"> document.location.href="admin" </SCRIPT>'; } if (isset($_POST['submit'])) { if (!empty($_POST['interpretele'])) { $dateb = Reversedecoupedatetime(htmlspecialchars(trim(addslashes($_POST['interpretele'])))); } include 'bdd.php'; $titre = htmlspecialchars(trim(addslashes($_POST['titre']))); $nom = htmlspecialchars(trim(addslashes($_POST['nom']))); $interpretepar = htmlspecialchars(trim(addslashes($_POST['interpretepar']))); $opus = htmlspecialchars(trim(addslashes($_POST['opus']))); $duree = htmlspecialchars(trim(addslashes($_POST['duree']))); $type = htmlspecialchars(trim(addslashes($_POST['type']))); $instruments = htmlspecialchars(trim(addslashes($_POST['instruments']))); $biography = addslashes($_POST['biography']); if (isset($_SESSION['username'])) { // inutile c de la securite $username = $_SESSION['username']; } else { $username = "******"; } if ($titre && $nom) { $sql = "INSERT INTO enregistrement Values('','{$nom}','{$interpretepar}','{$duree}','{$dateb}','{$type}','{$instruments}','{$titre}','{$opus}','{$biography}','{$username}','" . date("Y-m-d H:i:s") . "')"; mysql_query($sql) or die('<span style="color:red;">L\'enregistrement et déjà dans la base de donnée!</span>'); //redirection