protected function main()
{
$this->set_title(Nw::$site_slogan);
$this->set_tpl('mobile/users/login.html');
$this->load_lang_file('users');
// Si le membre est déjà connecté
if (is_logged_in()) {
redir(Nw::$lang['common']['already_connected'], false, 'mobile-2.html');
}
//Si on a soumis le formulaire
if (!multi_empty(trim($_POST['nw_nickname']), trim($_POST['nw_password']))) {
$array_post = array('pseudo' => $_POST['nw_nickname'], 'remember' => isset($_POST['nw_remember']));
//On vérifie que la paire pseudo/mot de passe existe
inc_lib('users/get_info_account');
if ($dn_info_account = get_info_account($_POST['nw_nickname'], $_POST['nw_password'])) {
//Si le compte est actif
if ($dn_info_account['u_active'] == 1) {
$link_redir = 'mobile-2.html';
$connex_auto = 1;
inc_lib('users/connect_auto_user');
connect_auto_user($dn_info_account['u_id'], $_POST['nw_password'], $connex_auto);
// On redirige le membre
redir(sprintf(Nw::$lang['users']['welcome_user'], $_POST['nw_nickname']), true, $link_redir);
} else {
display_form($array_post, Nw::$lang['users']['not_active']);
}
return;
} else {
display_form($array_post, Nw::$lang['users']['account_no_exist']);
}
return;
}
display_form(array('pseudo' => '', 'remember' => true));
Nw::$tpl->set('INC_HEAD', empty($_SERVER['HTTP_AJAX']));
}
protected function main()
{
// Il y a bien tous les paramètres nécessaires à l'éxécution du script
if (!is_logged_in() && !empty($_GET['idm']) && is_numeric($_GET['idm']) && !empty($_GET['ca'])) {
// Fil ariane
$this->set_filAriane(Nw::$lang['users']['title_redef_pass']);
$this->set_title(Nw::$lang['users']['title_redef_pass']);
$this->set_tpl('membres/redefine_mdp.html');
$this->add_css('forms.css');
// Ce code existe bien avec ce code d'activation
inc_lib('users/mbr_act_exists');
if (!mbr_act_exists($_GET['idm'], $_GET['ca'])) {
redir(Nw::$lang['users']['redef_mdp_echoue'], false, './');
}
//Si on redéfinit
if (isset($_POST['submit']) && !multi_empty(trim($_POST['nw_pass1']), trim($_POST['nw_pass2']))) {
if ($_POST['nw_pass1'] == $_POST['nw_pass2']) {
inc_lib('users/chg_password');
chg_password($_POST['nw_pass1'], $_GET['idm'], $_GET['ca']);
redir(Nw::$lang['users']['new_redef_pwd'], true, './');
} else {
redir(Nw::$lang['users']['sames_password'], false, $_SERVER['REQUEST_URI']);
}
}
} else {
header('Location: ./');
}
}
protected function main()
{
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
$this->set_title(Nw::$lang['users']['item_mdp']);
$this->set_tpl('membres/options_pass.html');
$this->add_css('forms.css');
$this->set_filAriane(array(Nw::$lang['users']['mes_options_title'] => array('users-60.html'), Nw::$lang['users']['item_mdp'] => array('')));
if (isset($_POST['submit']) && !multi_empty(trim($_POST['old']), trim($_POST['nw_pass1']), trim($_POST['nw_pass2']))) {
$bf_token = 'jJ_=éZAç1l';
$ft_token = 'ù%*àè1ç0°dezf';
$pass_membre = insertBD(sha1($bf_token . trim($_POST['old']) . $ft_token));
if ($_POST['nw_pass1'] == $_POST['nw_pass2']) {
if (Nw::$dn_mbr['u_password'] == $pass_membre) {
inc_lib('users/chg_password');
chg_password($_POST['nw_pass1'], Nw::$dn_mbr['u_id']);
if (!empty($_COOKIE['nw_pass'])) {
$time_expire = time() + 10 * 365 * 24 * 3600;
setcookie('nw_ident', Nw::$dn_mbr['u_id'], $time_expire);
setcookie('nw_pass', $pass_membre, $time_expire);
}
redir(Nw::$lang['users']['mdp_change'], true, 'users-60.html');
} else {
redir(Nw::$lang['users']['not_root_password'], false, 'users-63.html');
}
} else {
redir(Nw::$lang['users']['sames_password'], false, 'users-63.html');
}
}
}
protected function main()
{
if (is_logged_in() && check_auth('manage_groups')) {
// Edition d'un groupe
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
// On cherche les infos du groupe
inc_lib('admin/get_info_grp');
$donnees_groupe = get_info_grp($_GET['id']);
$form_id = $_GET['id'];
$form_name = $donnees_groupe['g_nom'];
$form_title = $donnees_groupe['g_titre'];
$form_icone = $donnees_groupe['g_icone'];
$form_color = $donnees_groupe['g_couleur'];
// Fil ariane
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['admin']['fa_grp'] => array('admin-299.html'), $donnees_groupe['g_nom'] => array('admin-300-' . $_GET['id'] . '.html'), Nw::$lang['admin']['fa_edit_grp'] => array('')));
} else {
$form_id = 0;
$form_name = '';
$form_title = '';
$form_icone = 0;
$form_color = 0;
// Fil ariane
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['admin']['fa_grp'] => array('admin-299.html'), Nw::$lang['admin']['fa_new_grp'] => array('')));
}
$this->set_tpl('admin/edit_grp.html');
$this->add_css('forms.css');
$this->set_title(Nw::$lang['admin']['titre_accueil']);
// Formulaire soumis
if (isset($_POST['submit'])) {
$array_post = array('nom' => $_POST['nom'], 'titre' => $_POST['titre'], 'icone' => $_POST['icone'], 'couleur' => isset($_POST['couleur']) ? 1 : 0);
// Les champs titre & contenu ne sont pas vides
if (!multi_empty(trim($_POST['nom']))) {
// Edition d'un groupe
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
inc_lib('admin/edit_grp');
edit_grp($_GET['id']);
redir(Nw::$lang['admin']['confirm_edit_grp'], true, 'admin-300-' . $_GET['id'] . '.html');
} else {
inc_lib('admin/add_grp');
$id_new_grp = add_grp();
redir(Nw::$lang['admin']['confirm_new_grp'], true, 'admin-310-' . $id_new_grp . '.html');
}
} else {
display_form($array_post, Nw::$lang['admin']['nom_grp_obligatoire']);
}
return;
}
// On affiche le template
display_form(array('id' => $form_id, 'nom' => $form_name, 'titre' => $form_title, 'icone' => $form_icone, 'couleur' => $form_color));
} else {
redir(Nw::$lang['admin']['error_cant_see_admin'], false, './');
}
}
/**
* Formulaire de connexion à l'espace membre
* @author Cam
* @return tpl
*/
protected function main()
{
// Si le membre est déjà connecté
if (is_logged_in()) {
redir(Nw::$lang['common']['already_connected'], false, './');
}
// On modifie le titre de la page
$this->set_title(Nw::$lang['users']['title_connexion']);
// Pour rediriger le visiteur d'où il est venu
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'users-10.html') === false) {
$_SESSION['nw_referer_login'] = $_SERVER['HTTP_REFERER'];
}
// Affichage du template
$this->add_css('forms.css');
$this->set_tpl('membres/login.html');
// Fil ariane
$this->set_filAriane(Nw::$lang['users']['fa_connexion']);
//Si on a soumis le formulaire
if (isset($_POST['submit'])) {
$array_post = array('pseudo' => $_POST['nw_nickname'], 'remember' => isset($_POST['nw_remember']));
//On vérifie que les deux champs sont remplis
if (!multi_empty(trim($_POST['nw_nickname']), trim($_POST['nw_password']))) {
//wtf ? =D
//echo 'oook';
//On vérifie que la paire pseudo/mot de passe existe
inc_lib('users/get_info_account');
if ($dn_info_account = get_info_account($_POST['nw_nickname'], $_POST['nw_password'])) {
//Si le compte est actif
if ($dn_info_account['u_active'] == 1) {
$link_redir = !empty($_SESSION['nw_referer_login']) ? $_SESSION['nw_referer_login'] : '******';
$connex_auto = (bool) isset($_POST['nw_remember']);
inc_lib('users/connect_auto_user');
connect_auto_user($dn_info_account['u_id'], $_POST['nw_password'], $connex_auto);
// On redirige le membre
redir(sprintf(Nw::$lang['users']['welcome_user'], $_POST['nw_nickname']), true, $link_redir);
} else {
display_form($array_post, Nw::$lang['users']['not_active']);
}
return;
} else {
display_form($array_post, Nw::$lang['users']['account_no_exist']);
}
return;
} else {
display_form($array_post, Nw::$lang['users']['champ_obligatoire']);
}
return;
}
display_form(array('pseudo' => '', 'remember' => true));
}
protected function main()
{
// Seuls les membres peuvent créer des brouillons
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
if (!Nw::$droits['can_create_brouillon']) {
redir(Nw::$lang['news']['cant_create_brouillon'], false, 'news-70.html');
}
$this->set_title(Nw::$lang['news']['title_create_brouillon']);
$this->set_tpl('news/create_brouillon.html');
$this->add_css('forms.css');
$this->add_css('code.css');
$this->add_js(array('write.js', 'jquery.blockUI.js'));
$this->add_form('contenu');
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['title_create_brouillon'] => array('')));
Nw::$tpl->set(array('BAL_CHAMP' => 'contenu'));
// Formulaire soumis
if (isset($_POST['submit'])) {
$array_post = array('is_breve' => isset($_POST['is_breve']) ? $_POST['is_breve'] : '', 'titre_news' => $_POST['titre_news'], 'cat' => isset($_POST['cat']) ? $_POST['cat'] : 0, 'contenu' => $_POST['contenu'], 'tags' => isset($_POST['tags']) ? $_POST['tags'] : '', 'private_news' => isset($_POST['private_news']), 'source' => isset($_POST['source']) ? $_POST['source'] : '', 'source_nom' => isset($_POST['source_nom']) ? $_POST['source_nom'] : '');
// Les champs titre & contenu ne sont pas vides
if (!multi_empty(trim($_POST['titre_news']), trim($_POST['contenu']))) {
// On créé la news
inc_lib('news/add_news_brouillon');
add_news_brouillon();
redir(Nw::$lang['news']['brouillon_cree'], true, 'news-70.html');
} else {
display_form($array_post, Nw::$lang['news']['title_content_oblig']);
}
return;
}
// Catégories de news
foreach (Nw::$cache_categories as $idcs => $donnees_categorie) {
Nw::$tpl->setBlock('cats_news', array('ID' => $idcs, 'TITRE' => $donnees_categorie[0]));
}
// On affiche le template
display_form(array('is_breve' => '', 'titre_news' => '', 'cat' => 0, 'contenu' => '', 'tags' => '', 'private_news' => 0, 'source' => '', 'source_nom' => ''));
}
protected function main()
{
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
if (!Nw::$droits['can_post_comment']) {
redir(Nw::$lang['news']['acn_droit_comment'], false, './');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: ./');
}
inc_lib('news/news_exists');
$edit = false;
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
$this->set_title(sprintf(Nw::$lang['news']['title_cmt_news'], $donnees_news['n_titre']));
$this->set_tpl('news/post_cmt.html');
$this->add_css('forms.css');
$this->add_css('code.css');
$this->add_js('ajax.js');
$this->add_js('write.js');
$this->add_form('contenu');
inc_lib('bbcode/unparse');
inc_lib('bbcode/parse');
$content_defaut_cmt = '';
$title_last_cmts = '';
$edition_invisible = false;
$last_item_fa = Nw::$lang['news']['nv_cmt_fil_ariane'];
$id2 = 0;
$donnees_antiflood = array();
/**
* Édition de commentaire
**/
if (!empty($_GET['id2']) && is_numeric($_GET['id2'])) {
// Le commentaire existe-t-il ?
inc_lib('news/cmt_news_exists');
if (cmt_news_exists($_GET['id2']) == true) {
inc_lib('news/get_info_cmt_news');
$donnees_cmt = get_info_cmt_news($_GET['id2']);
// Le membre a le droit d'éditer le commentaire?
if (Nw::$droits['can_edit_my_comments'] && $donnees_cmt['c_id_membre'] == Nw::$dn_mbr['u_id'] || Nw::$droits['can_edit_all_comments']) {
if (Nw::$droits['edit_hidden_comments']) {
$edition_invisible = true;
}
$edit = true;
$content_defaut_cmt = unparse($donnees_cmt['c_texte']);
$id2 = $_GET['id2'];
$last_item_fa = Nw::$lang['news']['update_comment'];
} else {
redir(Nw::$lang['news']['no_drt_edit_cmt'], false, 'news-10-' . $_GET['id'] . '-' . $_GET['id2'] . '.html#c' . $_GET['id2']);
}
} else {
redir(Nw::$lang['news']['cmt_no_exist'], false, $donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/');
}
}
/**
* Citation d'un commentaire
**/
if (!empty($_GET['qid']) && is_numeric($_GET['qid'])) {
// Le commentaire existe-t-il ?
inc_lib('news/cmt_news_exists');
if (cmt_news_exists($_GET['qid']) == true) {
inc_lib('news/get_info_cmt_news');
$donnees_cmt = get_info_cmt_news($_GET['qid']);
$content_defaut_cmt = '<citation auteur="' . $donnees_cmt['u_pseudo'] . '">' . unparse($donnees_cmt['c_texte']) . '</citation>';
}
}
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), $last_item_fa => array('')));
// On affiche les x derniers commentaires
if (!$edit) {
inc_lib('news/get_list_cmt_news');
$page = 1;
$list_cmts = get_list_cmt_news($_GET['id'], 'c_date DESC', $page, Nw::$pref['nb_cmts_page']);
$com_cours = 0;
$title_last_cmts = sprintf(Nw::$lang['news']['title_last_cmts'], Nw::$pref['nb_cmts_page']);
// Affichage de tous les commentaires de la page
foreach ($list_cmts as $donnees_cmts) {
if (count($donnees_antiflood) == 0) {
$donnees_antiflood = array('c_id' => $donnees_cmts['c_id'], 'c_id_membre' => $donnees_cmts['u_id'], 'c_texte' => $donnees_cmts['c_texte']);
}
++$com_cours;
$droit_edit = false;
$droit_delete = false;
if (is_logged_in()) {
$droit_edit = (bool) (Nw::$droits['can_edit_my_comments'] && $donnees_cmts['u_id'] == Nw::$dn_mbr['u_id']) || Nw::$droits['can_edit_all_comments'];
$droit_delete = (bool) (Nw::$droits['can_del_my_comments'] && $donnees_cmts['u_id'] == Nw::$dn_mbr['u_id']) || Nw::$droits['can_del_all_comments'];
}
$date_cmt = date_sql($donnees_cmts['date'], $donnees_cmts['heures_date'], $donnees_cmts['jours_date']);
$masque_motif = '';
if ($donnees_cmts['c_masque']) {
$date_cmt = sprintf(Nw::$lang['news']['del_cmt_with_reason'], strtolower(date_sql($donnees_cmts['date'], $donnees_cmts['heures_date'], $donnees_cmts['jours_date'])));
if (!empty($donnees_cmts['c_masque_raison'])) {
$masque_motif = ' (' . sprintf(Nw::$lang['news']['motif_delete_cmt'], $donnees_cmts['c_masque_raison']) . ')';
}
}
Nw::$tpl->setBlock('cmt', array('ID' => $donnees_cmts['c_id'], 'NUM' => ($page - 1) * Nw::$pref['nb_cmts_page'] + $com_cours, 'DATE' => $date_cmt, 'AVATAR' => $donnees_cmts['u_avatar'], 'LANG_AVATAR' => sprintf(Nw::$lang['news']['lang_avatar'], $donnees_cmts['u_pseudo']), 'AUTEUR' => $donnees_cmts['u_pseudo'], 'AUTEUR_ID' => $donnees_cmts['u_id'], 'AUTEUR_ALIAS' => $donnees_cmts['u_alias'], 'TEXTE' => $donnees_cmts['c_texte'], 'PLUSSOIE' => $donnees_cmts['c_plussoie'], 'GRP_TITRE' => $donnees_cmts['g_titre'], 'GRP_ICON' => $donnees_cmts['g_icone'], 'IP' => long2ip($donnees_cmts['c_ip']), 'MASQUE' => $donnees_cmts['c_masque'], 'MASQUE_MOTIF' => $masque_motif, 'EDIT' => $droit_edit, 'DELETE' => $droit_delete));
}
}
// Formulaire soumis
if (isset($_POST['submit'])) {
$array_post = array('contenu' => $_POST['contenu']);
// Les champs titre & contenu ne sont pas vides
if (!multi_empty(trim($_POST['contenu']))) {
/**
* Edition d'un commentaire
**/
if ($edit) {
inc_lib('news/edit_cmt_news');
edit_cmt_news($_GET['id'], $_GET['id2']);
redir(Nw::$lang['news']['msg_edit_cmt'], true, 'news-10-' . $_GET['id'] . '-' . $_GET['id2'] . '.html#c' . $_GET['id2']);
} else {
$contenu_cmt = Nw::$DB->real_escape_string(parse(htmlspecialchars(trim($_POST['contenu']))));
// Si le dernier commentaire est exactement le même que celui que le membre est en train de poster : on affiche un message d'erreur
if (count($donnees_antiflood) > 0 && $donnees_antiflood['c_texte'] == $contenu_cmt && $donnees_antiflood['c_id_membre'] == Nw::$dn_mbr['u_id']) {
redir(Nw::$lang['news']['antispam_post_cmt'], false, $donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/comment/' . $donnees_antiflood['c_id'] . '/#c' . $donnees_antiflood['c_id']);
}
// On édite la news
inc_lib('news/add_cmt_news');
$id_new_comment = add_cmt_news($_GET['id']);
redir(Nw::$lang['news']['msg_new_cmt'], true, $donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/comment/' . $id_new_comment . '/#c' . $id_new_comment);
}
}
}
Nw::$tpl->set(array('ID' => $_GET['id'], 'ID2' => $id2, 'TITRE' => $donnees_news['n_titre'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'CAT_REWRITE' => $donnees_news['c_rewrite'], 'ID_CAT' => $donnees_news['n_id_cat'], 'NB_COMS' => $donnees_news['n_nbr_coms'], 'LST_CMTS' => $title_last_cmts, 'BAL_CHAMP' => 'contenu', 'EDIT' => $edit, 'EDIT_HIDDEN' => $edition_invisible));
// On affiche le template
display_form(array('contenu' => $content_defaut_cmt));
}
function edit_news($id, $author = false)
{
inc_lib('bbcode/parse');
inc_lib('bbcode/clearer');
$add_champs_sql = array();
$content_news = $_POST['contenu'];
$requete_news = Nw::$DB->query('SELECT n_etat, n_titre FROM ' . Nw::$prefix_table . 'news WHERE n_id = ' . intval($id)) or Nw::$DB->trigger(__LINE__, __FILE__);
$donnees_news = $requete_news->fetch_assoc();
/**
* Le membre peut-il changer l'état de la news et mettre à jour sa date ?
**/
if (Nw::$droits['mod_news_status']) {
if (isset($_POST['maj_dat'])) {
$add_champs_sql[] = 'n_date = NOW()';
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_logs (l_id_news, l_id_membre, l_action, l_date, l_ip) VALUES(' . intval($id) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 3, NOW(), \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
}
// Si on change l'état
if ($_POST['etat'] != $donnees_news['n_etat']) {
$texte_log = sprintf(Nw::$lang['news']['log_chg_etat'], Nw::$lang['news']['log_etat_' . $donnees_news['n_etat']], Nw::$lang['news']['log_etat_' . $_POST['etat']]);
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_logs (l_id_news, l_id_membre, l_action, l_texte, l_date, l_ip) VALUES(' . intval($id) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 1' . intval($_POST['etat']) . ', \'' . $texte_log . '\', NOW(), \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
$add_champs_sql[] = 'n_etat = ' . intval($_POST['etat']);
}
if (isset($_POST['maj_dat']) && $_POST['etat'] != $donnees_news['n_etat'] && $_POST['etat'] == 3) {
inc_lib('admin/post_twitt_news');
$return_alias = post_twitt_news($id);
if (!empty($return_alias) && strlen(trim($return_alias)) > 0) {
$add_champs_sql[] = 'n_miniurl = \'' . insertBD($return_alias) . '\'';
}
}
// Suppression des commentaires
if (isset($_POST['delete_comments'])) {
inc_lib('news/delete_all_cmt');
delete_all_cmt($id);
}
}
/**
* Si c'est l'auteur, le membre peut modifier le titre, la catégorie et
* les tags
**/
if ($author) {
$news_private = isset($_POST['private_news']) ? 1 : 0;
// Si on change le titre
if ($_POST['titre_news'] != $donnees_news['n_titre']) {
$texte_log = Nw::$DB->real_escape_string(sprintf(Nw::$lang['news']['log_chg_titre'], $donnees_news['n_titre'], $_POST['titre_news']));
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_logs (l_id_news, l_id_membre, l_action, l_texte, l_date, l_ip) VALUES(' . intval($id) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 4, \'' . $texte_log . '\', NOW(), \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
$add_champs_sql[] = 'n_titre = \'' . insertBD(trim($_POST['titre_news'])) . '\'';
}
$add_champs_sql[] = 'n_id_cat = ' . intval($_POST['cat']);
$add_champs_sql[] = 'n_private = ' . $news_private;
/**
* Sources
**/
$nbr_sources = 0;
Nw::$DB->query('DELETE FROM ' . Nw::$prefix_table . 'news_src WHERE src_id_news = ' . intval($id)) or Nw::$DB->trigger(__LINE__, __FILE__);
if (count($_POST['sources']) > 0) {
foreach ($_POST['sources'] as $id_src => $value) {
if (!multi_empty(trim($_POST['sources_nom'][$id_src]), trim($_POST['sources'][$id_src]))) {
++$nbr_sources;
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_src (src_id_news, src_media, src_url, src_order) VALUES(' . intval($id) . ', \'' . insertBD(trim($_POST['sources_nom'][$id_src])) . '\', \'' . insertBD(trim($_POST['sources'][$id_src])) . '\', ' . $nbr_sources . ')') or Nw::$DB->trigger(__LINE__, __FILE__);
}
}
}
$add_champs_sql[] = 'n_nb_src = ' . $nbr_sources;
// Tags
if (!empty($_POST['tags']) && strlen(trim($_POST['tags'])) > 0) {
Nw::$DB->query('DELETE FROM ' . Nw::$prefix_table . 'tags
WHERE t_id_news = ' . intval($id)) or Nw::$DB->trigger(__LINE__, __FILE__);
$tags_news = explode(',', $_POST['tags']);
$num_tag = 0;
inc_lib('news/add_tag_news');
foreach ($tags_news as $tag) {
if (!empty($tag) && strlen(trim($tag)) > 0) {
++$num_tag;
add_tag_news($id, $tag, $num_tag);
}
}
}
/**
* Associer une image à la news (si celle -ci est remplie)
**/
if (!empty($_FILES['file']['name'])) {
inc_lib('news/add_img_news');
$id_last_image = add_img_news($id);
if ($id_last_image) {
$add_champs_sql[] = 'n_id_image = ' . intval($id_last_image);
}
}
}
$count_flag = Nw::$DB->query('SELECT f_type
FROM ' . Nw::$prefix_table . 'news_flags
WHERE f_id_news = ' . intval($id) . ' AND f_id_membre = ' . intval(Nw::$dn_mbr['u_id'])) or Nw::$DB->trigger(__LINE__, __FILE__);
$donnees_count = $count_flag->fetch_assoc();
// Si le membre n'a pas déjà contribé à la news, on lui met le flag
if ($donnees_count['f_type'] != 3 && $donnees_count['f_type'] != 2) {
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_flags (f_id_news, f_id_membre, f_type)
VALUES(' . intval($id) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 2)') or Nw::$DB->trigger(__LINE__, __FILE__);
}
$contenu_version = Nw::$DB->real_escape_string(parse(htmlspecialchars(trim($content_news))));
/**
* On recherche la dernière version de la news
**/
$donnees_version = Nw::$DB->query('SELECT v_texte, v_nb_mots, v_number
FROM ' . Nw::$prefix_table . 'news_versions
WHERE v_id_news = ' . intval($id) . '
ORDER BY v_date DESC
LIMIT 1') or Nw::$DB->trigger(__LINE__, __FILE__);
$last_version = $donnees_version->fetch_assoc();
// Si le texte de l'ancienne version n'est pas le même que celui proposé
if ($last_version['v_texte'] != parse(htmlspecialchars(trim($content_news)))) {
$raison_edition = Nw::$DB->real_escape_string(htmlspecialchars($_POST['raison']));
$version_mineure = isset($_POST['mini_contrib']) ? 1 : 0;
$nb_mots = strlen(htmlspecialchars(trim($content_news)));
$diff_mots = $nb_mots - $last_version['v_nb_mots'];
// On créé une entrée dans la table des versions
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_versions (v_id_news,
v_id_membre, v_texte, v_date, v_ip, v_raison, v_nb_mots, v_diff_mots, v_number, v_mineure)
VALUES(' . intval($id) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', \'' . $contenu_version . '\',
NOW(), \'' . get_ip() . '\', \'' . $raison_edition . '\', \'' . $nb_mots . '\', \'' . $diff_mots . '\', ' . ($last_version['v_number'] + 1) . ', ' . $version_mineure . ')') or Nw::$DB->trigger(__LINE__, __FILE__);
$id_version_news = Nw::$DB->insert_id;
Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'members_stats
SET s_nb_contrib = s_nb_contrib + 1
WHERE s_id_membre = ' . intval(Nw::$dn_mbr['u_id'])) or Nw::$DB->trigger(__LINE__, __FILE__);
$contenu_extrait = Nw::$DB->real_escape_string(CoupeChar(clearer(parse(htmlspecialchars(trim($content_news)))), '...', Nw::$pref['long_intro_news']));
//die('<br />'.$contenu_extrait);
$add_champs_sql[] = 'n_resume = \'' . $contenu_extrait . '\'';
$add_champs_sql[] = 'n_last_version = ' . intval($id_version_news);
$add_champs_sql[] = 'n_last_mod = NOW()';
$add_champs_sql[] = 'n_nb_versions = n_nb_versions + 1';
}
if (count($add_champs_sql) > 0) {
// On met à jour l'entrée de la news avec l'id de la version
Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'news SET ' . implode(', ', $add_champs_sql) . ' WHERE n_id = ' . intval($id)) or Nw::$DB->trigger(__LINE__, __FILE__);
if ($donnees_news['n_etat'] == 3 || $_POST['etat'] == 3) {
generate_news_sitemap();
generate_categories_sitemap();
}
}
}
protected function main()
{
// Seuls les membres peuvent créer des brouillons
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: news-70.html');
}
inc_lib('news/news_exists');
$count_news_existe = news_exists($_GET['id']);
if ($count_news_existe == 0) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
// Ce membre a le droit d'éditer la news ?
inc_lib('news/can_edit_news');
if (!can_edit_news($donnees_news['n_id_auteur'], $donnees_news['n_etat'])) {
redir(Nw::$lang['news']['not_edit_news_perm'], false, 'news-70.html');
}
// Est-ce que le membre peut éditer le titre, la catégorie et les tags de la news ?
inc_lib('news/can_edit_news_related');
$edit_related = can_edit_news_related($donnees_news['n_id_auteur'], $donnees_news['n_etat']);
$edition_grilled = false;
$this->set_title(sprintf(Nw::$lang['news']['title_edit_news'], $donnees_news['n_titre']));
$this->set_tpl('news/edit_news.html');
$this->add_css('forms.css');
$this->add_css('code.css');
$this->add_js('write.js');
$this->add_form('contenu');
// Pour rediriger le visiteur d'où il est venu
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'news-60-' . $_GET['id'] . '.html') === false) {
$_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER'];
}
$link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : 'news-60-' . intval($_GET['id']) . '.html';
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['edit_fil_ariane'] => array('')));
$array_status = array(3 => Nw::$lang['news']['etat_news_3'], 2 => Nw::$lang['news']['etat_news_2'], 1 => Nw::$lang['news']['etat_news_1'], 0 => Nw::$lang['news']['etat_news_0']);
$list_src = array();
$list_src_url = array();
$position = 0;
if ($donnees_news['n_nb_src'] > 0) {
inc_lib('news/get_list_src');
$donnees_src = get_list_src($_GET['id']);
foreach ($donnees_src as $donnees) {
++$position;
$list_src[$position] = $donnees['src_media'];
$list_src_url[$position] = $donnees['src_url'];
Nw::$tpl->setBlock('src', array('ID' => $position));
}
}
Nw::$tpl->set(array('ID' => $_GET['id'], 'TITRE' => $donnees_news['n_titre'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'CAT_REWRITE' => $donnees_news['c_rewrite'], 'ID_CAT' => $donnees_news['n_id_cat'], 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'LINK_NB_CONTRIB' => sprintf(Nw::$lang['news']['edit_nb_contrib'], $donnees_news['n_nb_versions']), 'LAST_VERSION' => $donnees_news['n_last_version'], 'BAL_CHAMP' => 'contenu', 'ETAT_ACTUEL' => $donnees_news['n_etat'], 'ETATS_NEWS' => $array_status, 'EDIT_RELATED' => $edit_related, 'MOD_STATUS' => Nw::$droits['mod_news_status'], 'GRILLED' => false, 'MAX_SRC' => $position == 0 ? $position + 1 : $position));
// Formulaire soumis
if (isset($_POST['submit'])) {
$array_post = array('titre_news' => $_POST['titre_news'], 'cat' => isset($_POST['cat']) ? $_POST['cat'] : 0, 'contenu' => $_POST['contenu'], 'tags' => isset($_POST['tags']) ? $_POST['tags'] : '', 'private_news' => isset($_POST['private_news']), 'sources' => isset($_POST['sources']) ? $_POST['sources'] : '', 'sources_nom' => isset($_POST['sources_nom']) ? $_POST['sources_nom'] : '');
$var_titre = trim($_POST['titre_news']);
$var_content = trim($_POST['contenu']);
// Les champs titre & contenu & source ne sont pas vides
if ($edit_related && !multi_empty($var_titre, $var_content) || !$edit_related && !empty($var_content)) {
// On édite la news
inc_lib('news/count_anti_grille');
inc_lib('news/edit_news');
$anti_grille = count_anti_grille($_GET['id'], $_POST['last_version']);
if ($anti_grille['count']) {
inc_lib('bbcode/parse');
inc_lib('bbcode/unparse');
inc_lib('news/get_info_vrs');
$output_compare = '';
$dn_vrs_grilled = get_info_vrs($donnees_news['n_last_version']);
$news_vrs1 = $dn_vrs_grilled['v_texte'];
$news_vrs2 = parse($_POST['contenu']);
function clean_cache_file($content)
{
$content = explode("\r", trim($content));
$array_return = array();
foreach ($content as $texte_trim) {
if (strlen(trim($texte_trim)) > 0) {
$array_return[] = trim($texte_trim);
}
}
return $array_return;
}
include_once 'Text/Diff.php';
include_once 'Text/Diff/Renderer/unified.php';
$lines1 = clean_cache_file(unparse($news_vrs1, 0));
$lines2 = clean_cache_file(unparse($news_vrs2, 0));
$diff = new Text_Diff($lines1, $lines2);
$renderer = new Text_Diff_Renderer_unified();
$array_compare = explode("\n", $renderer->render($diff));
foreach ($array_compare as $donnees) {
$first_cararacter = '';
$style_line = '';
if (isset($donnees[0]) && in_array($donnees[0], array('-', '+'))) {
if ($donnees[0] == '-') {
$style_line = ' style="background-color: #ffcccc;"';
} elseif ($donnees[0] == '+') {
$style_line = ' style="background-color: #ccffcc;"';
}
$first_cararacter = $donnees[0];
$ligne_changee = substr($donnees, 1);
} else {
$ligne_changee = $donnees;
}
if (!in_array(substr($donnees, 0, 2), array('@@')) && strlen(trim($ligne_changee)) > 0) {
$output_compare .= '<tr>
<td class="line_statut">' . $first_cararacter . '</td>
<td' . $style_line . '>' . trim($ligne_changee) . '</td>
</tr>';
}
}
display_form($array_post);
Nw::$tpl->set(array('GRILLED' => true, 'COMPARAISON' => $output_compare, 'TEXTE_GRILLED' => sprintf(Nw::$lang['news']['mbr_grilled_edit'], $dn_vrs_grilled['u_alias'], $dn_vrs_grilled['u_pseudo'])));
} else {
edit_news($_GET['id'], $edit_related);
redir(Nw::$lang['news']['msg_news_edit'], true, $link_redir);
}
} else {
display_form($array_post, Nw::$lang['news']['title_content_oblig']);
}
return;
}
// Si l'auteur veut supprimer la news
if (isset($_GET['imgdel']) && is_numeric($_GET['imgdel']) && $edit_related) {
inc_lib('news/delete_img_news');
delete_img_news($_GET['imgdel'], $_GET['id']);
redir(Nw::$lang['news']['msg_image_delete'], true, 'news-60-' . $_GET['id'] . '.html');
}
// Catégories de news
foreach (Nw::$cache_categories as $idcs => $donnees_categorie) {
Nw::$tpl->setBlock('cats_news', array('ID' => $idcs, 'TITRE' => $donnees_categorie[0]));
}
inc_lib('news/get_list_tags_news');
$list_tags = get_list_tags_news(0, $_GET['id']);
$list_tags_html = '';
foreach ($list_tags as $dn_tags) {
$list_tags_html .= $dn_tags['t_tag'] . ', ';
}
// On affiche le template
inc_lib('bbcode/unparse');
display_form(array('titre_news' => $donnees_news['n_titre'], 'cat' => 0, 'contenu' => unparse($donnees_news['v_texte']), 'tags' => substr($list_tags_html, 0, -2), 'private_news' => $donnees_news['n_private'], 'sources' => $list_src_url, 'sources_nom' => $list_src));
}
/**
* Formulaire d'inscription au site
* @author Cam
* @return tpl
*/
protected function main()
{
// Si le membre est déjà connecté
if (is_logged_in()) {
redir(Nw::$lang['common']['already_connected'], false, './');
}
// On modifie le titre de la page
$this->set_title(Nw::$lang['users']['title_inscription']);
$this->add_css('forms.css');
$this->set_tpl('membres/register.html');
// Fil ariane
$this->set_filAriane(Nw::$lang['users']['fa_inscription']);
Nw::$tpl->set(array('ACCEPT_RULES' => sprintf(Nw::$lang['users']['accept_rules'], Nw::$site_name)));
//Si on a soumis le formulaire
if (isset($_POST['submit'])) {
$array_post = array('nw_nickname' => $_POST['nw_nickname'], 'nw_pass1' => $_POST['nw_pass1'], 'nw_pass2' => $_POST['nw_pass2'], 'nw_email' => $_POST['nw_email'], 'code_cap' => $_POST['code_cap'], 'ac_rules' => isset($_POST['ac_rules']));
//On vérifie que les deux champs sont remplis
if (multi_empty(trim($_POST['nw_nickname']), trim($_POST['nw_pass1']), trim($_POST['nw_pass2']), trim($_POST['nw_email']), trim($_POST['code_cap']))) {
display_form($array_post, Nw::$lang['users']['champ_obligatoire']);
return;
}
// Les mots de passe doivent être identiques
if ($_POST['nw_pass1'] != $_POST['nw_pass2']) {
display_form($array_post, Nw::$lang['users']['sames_password']);
return;
}
// Le code anti-spam est mauvais
if (trim($_POST['code_cap']) != $_SESSION['cap_nw']) {
display_form($array_post, Nw::$lang['users']['wrong_antispam']);
return;
}
// L'email est bien sous la bonne forme (name@domain.tld)
if (!filter_var($_POST['nw_email'], FILTER_VALIDATE_EMAIL)) {
display_form($array_post, Nw::$lang['users']['format_email_false']);
return;
}
// On vérifie bien que cet email n'a jamais utilisé lors de l'inscription (doubles comptes)
inc_lib('users/email_exists');
if (email_exists($_POST['nw_email']) == true) {
display_form($array_post, Nw::$lang['users']['email_already_used']);
return;
}
// On vérifie que le pseudo demandé est disponible
inc_lib('users/pseudo_exists');
if (pseudo_exists($_POST['nw_nickname']) == true) {
display_form($array_post, Nw::$lang['users']['nickname_used']);
return;
}
// L'internaute a bien accepté les règles
if (!isset($_POST['ac_rules'])) {
display_form($array_post, Nw::$lang['users']['accept_rules_msg']);
return;
}
// Si on est arrivé jusque là, on inscrit le nouvel utilisateur
inc_lib('users/add_mbr');
add_mbr($_POST['nw_nickname'], $_POST['nw_pass1'], $_POST['nw_email']);
redir(Nw::$lang['users']['success_register'], true, './');
}
// On affiche le template
display_form(array('nw_nickname' => '', 'nw_pass1' => '', 'nw_pass2' => '', 'nw_email' => '', 'code_cap' => '', 'ac_rules' => false));
}
function add_news_brouillon($etat = 1)
{
inc_lib('bbcode/clearer');
inc_lib('bbcode/parse');
$news_private = isset($_POST['private_news']) ? 1 : 0;
$categorie_news = isset($_POST['cat']) ? $_POST['cat'] : 0;
$mod_news_sql = '';
$contenu_version = Nw::$DB->real_escape_string(parse(htmlspecialchars(trim($_POST['contenu']))));
$contenu_extrait = Nw::$DB->real_escape_string(CoupeChar(clearer(parse(htmlspecialchars(trim($_POST['contenu'])))), '...', Nw::$pref['long_intro_news']));
/**
* Enregistrement de la news
**/
$is_breve = isset($_POST['is_breve']) ? $_POST['is_breve'] : 0;
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news (n_id_auteur, n_id_cat, n_titre, n_date, n_last_mod, n_etat, n_private, n_nb_versions, n_resume, n_breve) VALUES(' . intval(Nw::$dn_mbr['u_id']) . ',
' . intval($categorie_news) . ', \'' . insertBD(trim($_POST['titre_news'])) . '\', NOW(), NOW(), ' . $etat . ', ' . $news_private . ', 1, \'' . $contenu_extrait . '\', ' . $is_breve . ')') or Nw::$DB->trigger(__LINE__, __FILE__);
$id_last_news = Nw::$DB->insert_id;
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_flags (f_id_news, f_id_membre, f_type) VALUES(' . intval($id_last_news) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 3)') or Nw::$DB->trigger(__LINE__, __FILE__);
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_logs (l_id_news, l_id_membre, l_titre, l_action, l_date, l_ip) VALUES(' . intval($id_last_news) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', \'' . insertBD(trim($_POST['titre_news'])) . '\', 1, NOW(), \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
/**
* Sources
**/
if (count($_POST['sources']) > 0) {
$nbr_sources = 0;
foreach ($_POST['sources'] as $id => $value) {
if (!multi_empty(trim($_POST['sources_nom'][$id]), trim($_POST['sources'][$id]))) {
++$nbr_sources;
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_src (src_id_news, src_media, src_url, src_order) VALUES(' . intval($id_last_news) . ', \'' . insertBD(trim($_POST['sources_nom'][$id])) . '\', \'' . insertBD(trim($_POST['sources'][$id])) . '\', ' . $nbr_sources . ')') or Nw::$DB->trigger(__LINE__, __FILE__);
}
}
$mod_news_sql .= 'n_nb_src = ' . $nbr_sources . ', ';
}
/**
* On créé une entée dans la table des versions
**/
$nb_mots = strlen(htmlspecialchars(trim($_POST['contenu'])));
Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_versions (v_id_news, v_id_membre, v_texte, v_date, v_ip, v_nb_mots, v_number, v_raison) VALUES(' . intval($id_last_news) . ',
' . intval(Nw::$dn_mbr['u_id']) . ', \'' . $contenu_version . '\', NOW(), \'' . get_ip() . '\', \'' . $nb_mots . '\', 1, \'' . Nw::$lang['news']['motif_debut'] . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
$id_version_news = Nw::$DB->insert_id;
/**
* Associer une image à la news (si celle -ci est remplie)
**/
if (!empty($_FILES['file']['name'])) {
inc_lib('news/add_img_news');
$id_last_image = add_img_news($id_last_news);
if ($id_last_image) {
$mod_news_sql .= 'n_id_image = ' . intval($id_last_image) . ', ';
}
}
Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'news
SET ' . $mod_news_sql . 'n_last_version = ' . intval($id_version_news) . '
WHERE n_id = ' . intval($id_last_news)) or Nw::$DB->trigger(__LINE__, __FILE__);
Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'members_stats
SET s_nb_news = s_nb_news + 1
WHERE s_id_membre = ' . intval(Nw::$dn_mbr['u_id'])) or Nw::$DB->trigger(__LINE__, __FILE__);
/**
* Tags
**/
if (!empty($_POST['tags']) && strlen(trim($_POST['tags'])) > 0) {
$tags_news = explode(',', $_POST['tags']);
$position_tag = 0;
inc_lib('news/add_tag_news');
foreach ($tags_news as $tag) {
if (!empty($tag) && strlen(trim($tag)) > 0) {
++$position_tag;
add_tag_news($id_last_news, $tag, $position_tag);
}
}
}
}
