public function connexionFB($fid, $m = NULL) { sleep(1); $fid = safe($fid, 'SQL'); $this->_db->query('SELECT * FROM habbophp_users_facebook WHERE fid=' . safe($fid, 'SQL')); if ($this->_db->NumRowsC() == 1) { $data = $this->_db->getQuery(true); $dataUser = $this->_db->query('SELECT username,id,rank FROM users WHERE id="' . safe($data['uid'], 'SQL') . '"', true, false); if ($m == true && $dataUser['rank'] < 6) { $this->logout(); redirection($config->url_site . '/maintenance.php'); } $this->isBan($dataUser['username']); //$this->checkIPStaff($dataUser['username'],$dataUser['rank']); $this->setSaltUsers($data['uid']); @setcookie('Auth', $this->getSaltUsers($dataUser['id']), time() + 12 * 3600); $_SESSION['uid'] = $data['uid']; $_SESSION['Rank'] = $dataUser['rank']; $_SESSION['FB'] = true; $_SESSION['Auth'] = true; $_SESSION['Timeout'] = time() + 3 * 3600; $d = date('Y-m-d'); $this->_db->query('UPDATE habbophp_stats SET connexions=connexions+1 WHERE date="' . $d . '"'); $this->setLast_online($data['uid']); $this->setIP_last($data['uid']); return true; } else { return false; } }
function microshell() { $fd = fopen('php://stdin', 'r'); if ($fd !== false) { echo "\$> "; $params[0] = ""; while ($params[0] != "exit" && ($line = fgets($fd))) { $params = commande_to_tab($line); if (isset($params[0])) { $ptr = 'func_' . $params[0]; if (is_redirection($params) == 1) { redirection($params); } else { if (function_exists($ptr)) { $ptr($params); } else { if ($params[0] == "exit") { } else { echo "{$params[0]}: Command not found\nUse \"help\""; echo " for a list of commands\n"; } } } if ($params[0] != "exit") { echo "\$> "; } } } fclose($fd); } }
public function checkMaintenance() { if (isset($this->maintenance)) { $m = $this->maintenance; if ($m == 'true' && $_SESSION['Rank'] < 5) { session_destroy(); redirection($this->url_site . '/maintenance.php'); } else { return false; } } }
function func_redir($line) { $tabtest = array(); preg_match("/([^>]*) >+ (.*)/", $line, $tabtest); if (count($tabtest) != 3) { echo "Syntax is wrong\n"; } else { if (is_dir($tabtest[2]) || $tabtest[2][len($tabtest[2]) - 1] == '/') { echo "content.php: {$tabtest[2]}: Is a directory\n"; } else { if (file_exists($tabtest[2]) && !is_writable($tabtest[2])) { echo "content.php: {$tabtest[2]}: Permission denied\n"; } else { redirection($tabtest); } } } }
public function checkVIP() { if ($this->_parent->vip == 1 && $this->_parent->rank == 2 && !empty($this->_parent->id)) { $query = $this->_db->query("SELECT * FROM habbophp_users_vip WHERE uid=" . $this->_parent->id . "", true); if ($query) { foreach ($query as $row) { $expire = $row['expire']; if (time() > $row['expire']) { $this->_parent->updateUser('rank', 1); $this->_parent->updateUser('vip', 0); } } } if (!isset($expire)) { $vipDB = new Db('habbophp_users_vip'); $data = array('uid' => $this->_parent->id, 'expire' => time() + 3600 * 24 * 1 * 7); $vipDB->save($data); redirection('me.php'); } } }
function traiter_form_rssconf() { $msg_param_to_trim = isset($_GET['msg']) ? '&msg=' . $_GET['msg'] : ''; $query_string = str_replace($msg_param_to_trim, '', $_SERVER['QUERY_STRING']); // traitement $GLOBALS['db_handle']->beginTransaction(); foreach ($GLOBALS['liste_flux'] as $i => $feed) { if (isset($_POST['i_' . $feed['checksum']])) { // feed marked to be removed if ($_POST['k_' . $feed['checksum']] == 0) { unset($GLOBALS['liste_flux'][$i]); try { $req = $GLOBALS['db_handle']->prepare('DELETE FROM rss WHERE bt_feed=?'); $req->execute(array($feed['link'])); } catch (Exception $e) { die('Error : Rss?conf RM-from db: ' . $e->getMessage()); } } else { // title has change $GLOBALS['liste_flux'][$i]['title'] = $_POST['i_' . $feed['checksum']]; // folder has changed : update & change folder where it must be changed if ($GLOBALS['liste_flux'][$i]['folder'] != $_POST['l_' . $feed['checksum']]) { $GLOBALS['liste_flux'][$i]['folder'] = $_POST['l_' . $feed['checksum']]; try { $req = $GLOBALS['db_handle']->prepare('UPDATE rss SET bt_folder=? WHERE bt_feed=?'); $req->execute(array($_POST['l_' . $feed['checksum']], $feed['link'])); } catch (Exception $e) { die('Error : Rss?conf Update-feed db: ' . $e->getMessage()); } } // URL has change if ($_POST['j_' . $feed['checksum']] != $GLOBALS['liste_flux'][$i]['link']) { $a = $GLOBALS['liste_flux'][$i]; $a['link'] = $_POST['j_' . $feed['checksum']]; unset($GLOBALS['liste_flux'][$i]); $GLOBALS['liste_flux'][$a['link']] = $a; try { $req = $GLOBALS['db_handle']->prepare('UPDATE rss SET bt_feed=? WHERE bt_feed=?'); $req->execute(array($_POST['j_' . $feed['checksum']], $feed['link'])); } catch (Exception $e) { die('Error : Rss?conf Update-feed db: ' . $e->getMessage()); } } } } } $GLOBALS['db_handle']->commit(); // sort list with title $GLOBALS['liste_flux'] = array_reverse(tri_selon_sous_cle($GLOBALS['liste_flux'], 'title')); file_put_contents($GLOBALS['fichier_liste_fluxrss'], '<?php /* ' . chunk_split(base64_encode(serialize($GLOBALS['liste_flux']))) . ' */'); $redir = basename($_SERVER['PHP_SELF']) . '?' . $query_string . '&msg=confirm_feeds_edit'; redirection($redir); }
<li> <a class="regular_btn" href="#" onclick="javascript:top.location='<?php echo $cancelUrl; ?> ';"> <span style="width: 110px;"><?php echo get_string('validationElement_cancel', 'voiceboard'); ?> </span> </a> </li> <li> <input type="submit" class="regular_btn-submit" onclick="javascript:submitGradeForm('manageAction.php','submitGrade','<?php echo $urlParams; ?> ')" value="<?php echo get_string('validationElement_saveAll', 'voiceboard'); ?> "/> </li> </ul> </div> </form> </div> <?php } else { redirection($redirectionUrl . '&error=session'); } ?>
</div> </div> <div class="clear"></div> </div> </div> </div> </div> <!--end of friends-->'; $i++; $tpl->assign('widgets', $widgets); $tpl->assign('homeid', $roww['id']); } if (isset($_GET['username']) == $user->username) { $req = mysql_query('SELECT id FROM habbophp_home_widget WHERE userid="' . safe($user->id, 'SQL') . '"'); $num = mysql_num_rows($req); if ($num == 0 && $i == 0) { mysql_query("INSERT INTO habbophp_home_widget VALUES (''," . $idhome . ",'','w_skin_goldenskin',10,10,1,1,'w_skin_goldenskin',350,100,1,1,'','w_skin_goldenskin',10,500,1,1,'w_skin_goldenskin',350,420,1,1,'w_skin_goldenskin',10,600,1,1,'w_skin_goldenskin',400,600,1,1,'w_skin_goldenskin',400,800,1)"); $tpl->assign('widgets', ""); redirection('home.php?username='******'username'], 'HTML')); } if ($i == 0 and isset($_GET['username']) or isset($_GET['id'])) { $tpl->assign('widgets', ""); } } $tpl->display('header.tpl'); $tpl->display('home.tpl'); $tpl->display('footer.tpl');
<?php session_start(); define('CORE', 'CORE'); $admin = true; include "../../includes/core.php"; if (!$Auth->isConnected()) { redirection('/logout.php'); } if ($user->rank < 7) { exit; } $ii = 0; $query = $db->quert("SELECT * FROM habbophp_shop_stats ORDER BY id DESC LIMIT 15", true); foreach ($query as $row) { echo '' . date("Y, m, d", strtotime($row['date'])) . ';' . $row['value'] . '\\n'; }
$txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; if ($receiver_email == $config->paypalemail && $config->paypalprice == $payment_amount) { if (!$fp) { // HTTP ERROR } else { fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { if ($payment_status == "Completed") { $Jetons_authorized = array($config->starpassamount, $config->allopassamount, $config->paypalamount); $user->addJetons('paypal'); addLogsPaiement($user->username, 'paypal'); redirection($config->url_site . '/shop.php?success'); } } else { if (strcmp($res, "INVALID") == 0) { redirection($config->url_site . '/shop.php?error'); } } } fclose($fp); } } else { redirection($config->url_site . '/shop.php?error'); } } else { redirection($config->url_site . '/shop.php?error'); }
<?php #|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#| #| #| #| HABBOPHP - http://habbophp.com #| #| Copyright © 2012 Valentin & Robin. All rights reserved. #| #| #| #|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#| require 'init.php'; if (!isset($_GET['amoutMethod'])) { redirection($config->url_site . '/shop.php?errorPaiement'); } $amoutMethod = array('starpass', 'paypal', 'allopass'); if (!in_array($_GET['amoutMethod'], $amoutMethod)) { redirection($config->url_site . '/shop.php?errorPaiement'); } //La méthode de paiement n'exsite pas $am = $_GET['amoutMethod']; switch ($am) { case "paypal": $tpl->assign('MethodPrice', array('amout' => $config->paypalamount, 'price' => $config->paypalprice, 'type' => $am)); break; case "starpass": $tpl->assign('MethodPrice', array('amout' => $config->starpassamount, 'price' => '1 Code', 'type' => $am)); break; case "allopass": $tpl->assign('MethodPrice', array('amout' => $config->allopassamount, 'price' => '1 Code', 'type' => $am)); $allopassData = explode("/", $config->allopassauth); $tpl->assign('allopass', $allopassData); break; }
#| #| #|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#| session_start(); define('CORE', 'CORE'); require 'includes/core.php'; $Error = new Error(); if (isset($_POST['username'])) { if (isset($_POST['username']) && empty($_POST['username'])) { $Error->set('pseudo', $tpl->assign('error_login_pseudo', 'true')); } if (isset($_POST['password']) && empty($_POST['password'])) { $Error->set('password', $tpl->assign('error_login_password', 'true')); } if (!$Error->ErrorPresent()) { if ($Auth->connexion($_POST, true)) { redirection($config->url_site . '/me.php'); } else { $Error->set('AuthFalse', 'Connexion impossible'); } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr" xmlns:fb="https://www.facebook.com/2008/fbml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title><?php echo $config->name; ?> - Maintenance Break</title>
} // On va chercher en BD les infos sur un éventuel exemplaire qui porterait déjà ce code barre $bypassVerifCB = false; if ($postCodeBarre) { $sql = 'SELECT * FROM ludo_exemplaires WHERE code_barre = :cb AND code_barre IS NOT NULL;'; $requete = $bd->prepare($sql); $requete->execute(array(':cb' => $postCodeBarre)); $infosEx = $requete->fetchAll(PDO::FETCH_ASSOC); } else { $bypassVerifCB = true; } if ($bypassVerifCB || count($infosEx) == 0) { // Ok, pas d'exemplaire qui porte ce code barre en BD ! On ajoute ... $sql = 'INSERT INTO ludo_exemplaires (idJeu, code_barre, commentaire) VALUES (:jeu, :cb, :comment);'; $requete = $bd->prepare($sql); $requete->execute(array(':jeu' => $jeuDemande, ':cb' => $postCodeBarre, ':comment' => $postComment)); $codeMessage = "formCreerExOK"; redirection("exemplaires-{$infosJeu['id']}"); } else { // Eeeh ... zut. Exemplaire déjà existant. $codeMessage = "formCreerExCBDejaPris"; } } } else { $infosJeu = null; $codeMessage = "jeuInvalide"; } } else { $jeuDemande = -1; $codeMessage = "pasDeParametre"; }
if (!in_array($nouveau, $liste)) { bdd_renommer($db, $page, $nouveau); } else { echo message('Impossible de renommer : ce nom est déjà utilisé'); } } else { if (isset($_POST['deplacer']) and !empty($_POST['deplacer'])) { # Déplacer if (!strcmp($_POST['deplacer'], JOCKER_NVPERE)) { $nvpere = ""; } else { $nvpere = urldecode($_POST['deplacer']); } $ordre = $_POST['ordre']; $ret = bdd_deplacer($db, $page, $nvpere, $ordre); redirection($page); } else { if (isset($_POST['supprimer']) and !empty($_POST['supprimer'])) { # Supprimer $ret = bdd_supprimer($db, urldecode($_POST['supprimer'])); } else { if (isset($_POST['archiver']) and isset($_POST['annee']) and !empty($_POST['archiver'])) { # Archiver $nom = urldecode($_POST['archiver']); $annee = intval($_POST['annee']); if ($annee < 2000 || $annee > 2100) { $_SESSION['maintenance'] = 'Année "' . $annee . '" non valide'; } else { $ret = bdd_archiver($db, $nom, $annee); } }
$texte_title = $element_title->appendChild($texte_title); $element_link = $fichier->createElement("link"); $element_link = $element_item->appendChild($element_link); $texte_link = $fichier->createTextNode('index.php?page=' . $cible); $texte_link = $element_link->appendChild($texte_link); $element_date = $fichier->createElement("pubDate"); $element_date = $element_item->appendChild($element_date); $texte_date = $fichier->createTextNode(date("d/m")); $texte_date = $element_date->appendChild($texte_date); } if (isset($_POST['titre']) and isset($_POST['cible']) and !empty($_POST['cible'])) { $rss = new DOMDocument(); $rss->load(FICHIER_RSS); ajouter_news($rss, $_POST['titre'], $_POST['cible']); $rss->save(FICHIER_RSS); redirection('', 1); } ?> <h1>Publier une news</h1> <form id="news" method="post" action=""> <fieldset><legend>Flux RSS</legend> <table class="form_table"><tr> <td><label for="titre">Titre de la news : </label></td> <td><input type="text" id="titre" name="titre" size="45" /></td> </tr><tr> <td><label for="cible">Page ciblée : </label></td> <td><?php #PHP echo '<select name="cible" size="1">'; echo '<option selected="selected" value="">...</option>' . "\n"; option_parente('', '', array(1, 2, 3));
if (!($voicetool = get_record("voiceemail", "id", $id))) { error("Course module is incorrect"); } if (!($course = get_record("course", "id", $voicetool->course))) { error("Course is misconfigured"); } if (!($cm = get_coursemodule_from_instance("voiceemail", $voicetool->id, $course->id))) { error("Course Module ID was incorrect"); } } require_login($course->id); if ($voicetool->isfirst == 0) { $voicetool->isfirst = 1; $voicetool->name = addslashes($voicetool->name); update_record("voiceemail", $voicetool); redirection("{$CFG->wwwroot}/course/view.php?id={$course->id}"); } $servername = $CFG->voicetools_servername; $strvoicetools = get_string("modulenameplural", "voiceemail"); $strvoicetool = get_string("modulename", "voiceemail"); $sentence1 = get_string('vtpopupshouldappear.1', 'voiceemail'); $sentence2 = "<a href='javascript:startVoiceTools()';>" . get_string('vtpopupshouldappear.2', 'voiceemail') . "</a>"; $sentence3 = get_string('vtpopupshouldappear.3', 'voiceemail'); $strLaunchComment = $sentence1 . $sentence2 . $sentence3; //get the informations related to the Vt resource $vtAction = new vtAction($USER->email); $dbResource = get_record("voiceemail_resources", "id", $voicetool->rid); $resource = $vtAction->getResource($dbResource->rid); //check the availability of the resource $roleSwitch = isSwitch(); //the user have switched his role?
<?php if (isset($_SESSION['reponseCaptcha'])) { //il faudra générer un nouveau captcha, celui la n'est plus utile. unset($_SESSION['reponseCaptcha']); } } else { $captcha = true; // captcha correct if ($connexionOK == false) { // mauvais mot de passe/identifiant afficherMessageErreur("Erreur d'identifiant/mot de passe"); ?> <a href="index.php?page=<?php echo CONNEXION; ?> "><b>Reessayer ?</b></a> <?php if (isset($_SESSION['reponseCaptcha'])) { //il faudra générer un nouveau captcha, celui la n'est plus utile. unset($_SESSION['reponseCaptcha']); } } if ($connexionOK == true && $captcha == true) { $personneConnecte = $personneManager->getPersonneByLogin($_POST['per_login']); $_SESSION['personneConnectee'] = serialize($personneConnecte); unset($_SESSION['reponseCaptcha']); afficherMessageSucces("Vous avez été connecté."); redirection(1, ACCUEIL); } } }
} } if (isset($_POST['addChance'])) { $chance = (int) $_POST['addChance']; $spendedChance = (int) $_POST['addChance']; if ($chance > 0) { if ($chance <= $donnees_perso->ptsCaracteristiques) { switch ($donnees_perso->choixArme) { case 6: $boost_chance = $chance * 125 / 100; $chance = $chance + (int) $boost_chance; break; } $connexion->query('UPDATE personnages SET chance = (chance + ' . $chance . ') WHERE idPseudo = ' . $_SESSION['id']); $connexion->query('UPDATE personnages SET ptsCaracteristiques = (ptsCaracteristiques - ' . $spendedChance . ') WHERE idPseudo = ' . $_SESSION['id']); redirection('stats.php'); } else { avert('Vous voulez dépenser plus de points que vous en avez.'); } } else { avert('Impossible de donner une valeur nulle ou incorrecte.'); } } switch ($donnees_perso->choixArme) { case 1: $specialisation = ', <b>épéiste</b>'; $bonus = '<span style="color: #4f0082; font-size: 16pt;">VITALITÉ : <b>+50%</b><br /> PUISSANCE : <b>+125%</b></span>'; break; case 2: $specialisation = ', <b>voleur</b>'; $bonus = '<span style="color: #4f0082; font-size: 16pt;">VITALITÉ : <b>+20%</b><br /> AGILITÉ : <b>+150%</b></span>';
# # BlogoText is free software. # You can redistribute it under the terms of the MIT / X11 Licence. # # *** LICENSE *** $begin = microtime(TRUE); $GLOBALS['BT_ROOT_PATH'] = '../'; require_once '../inc/inc.php'; error_reporting($GLOBALS['show_errors']); operate_session(); if (isset($_POST['_verif_envoi'])) { if ($erreurs_form = valider_form_preferences()) { afficher_form_prefs($erreurs_form); } else { if (fichier_user() === TRUE and fichier_prefs() === TRUE) { redirection($_SERVER['PHP_SELF'] . '?msg=confirm_prefs_maj'); exit; } } } else { if (isset($_GET['test_captcha'])) { afficher_form_captcha(); } else { afficher_form_prefs(); } } /* FORMULAIRE NORMAL DES PRÉFÉRENCES */ function afficher_form_prefs($erreurs = '') {
<script> changerTitre("Supprimer une citation"); </script> <?php if (!isConnected() || !getPersonneConnectee()->isPerAdmin()) { throw new ExceptionPerso("Vous n'avez pas les droits pour afficher cette page !", ExceptionPerso::ERR_DROITS); } ?> <h1>Supprimer une citation </h1> <?php $pdo = new Mypdo(); $citationManager = new CitationManager($pdo); $voteManager = new VoteManager($pdo); if (empty($_GET['id'])) { throw new ExceptionPerso("Merci de ne pas modifier l'URL", ExceptionPerso::ERR_URL); } else { $cit_num = $_GET['id']; if (empty($cit_num) || !is_numeric($cit_num)) { throw new ExceptionPerso("Merci de ne pas modifier l'URL !", ExceptionPerso::ERR_URL); } $retour = $citationManager->deleteByCitNum($cit_num); if ($retour === true) { afficherMessageSucces("Citation supprimée !"); redirection(1, LISTER_CITATIONS); } else { afficherMessageErreur("La citation n'a pas pu être supprimée."); redirection(5, LISTER_CITATIONS); } }
case 'labule': $to = '*****@*****.**'; break; case 'admin': $to = '*****@*****.**'; break; default: unset($to); } if (isset($to)) { $headers = "From: <{$from}>" . "\r\n"; #$headers .= "Reply-To: <$from>"."\r\n"; $headers .= 'Date: ' . date("r") . "\r\n"; $headers .= 'Content-Type: text/plain; charset="iso-8859-1"' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion() . "\r\n"; if (mail($to, $subject, $mess, $headers)) { echo "<p>Votre email a bien été envoyé.</p>"; } else { echo "<p>Une erreur s'est produite.</p>"; } } else { echo "<p>Adresse d'expédition non reconnue.</p>"; } echo "<p>Redirection en cours...</p>"; redirection('', 4000); } else { echo "<h1>Contactez-nous</h1> \n<form name='contact' method='post' action=''> \n <div class=\"contact\" id=form>\n <ul>\n\t\t<li>À qui est destiné votre mail :<ul>\n <li><input type='radio' name='to' value='admin' id='webmaster' />\n <label for='to'>Le webmaster</label></li>\n <li><input type='radio' name='to' value='labule' id='asso' checked=\"checked\" />\n <label for='asso'>Les membres de L´A.B.U.L.E.</label></li>\n </ul>\n\t\t<li><label for='from'>Votre e-mail</label> : \n\t\t<input type='text' name='from' id='from' size='30'></input></li>\n\t\t<li><label for='subject'>Objet</label> : \n\t\t<input type='text' name='subject' id='subject' size='60'></input></li>\n\t\t<li><label for='mess'>Message</label> : \n\t\t <div id='text' style='text-align:right'>\n<textarea name='mess' id='mess' rows='13' style='width:100%; border:3px double brown;' onfocus='efface()'>Votre message ici.</textarea><br/>\n<input type='button' value='Envoyer' onClick='verif_mail()' style=\"font-weight:600;\"></input>\n \t\t</div></li>\n </ul></div>\n</form>"; } ?>
<tr> <th>Numero</th> <th>Mot</th> <th>Modifier</th> <th>Supprimer</th> </tr> <?php foreach ($mots as $mot) { include "include/pages/tab/afficherUnMotInterdit.tab.inc.php"; } ?> </table> <div class="bottomDocument"></div> <?php } } else { $id = $_GET["mot_id"]; if (!is_numeric($id)) { throw new ExceptionPerso("Merci de ne pas modifier l'URL ! ", ExceptionPerso::ERR_URL); } $retour = $motManager->deleteById($id); if ($retour === true) { afficherMessageSucces("Mot supprimé !"); redirection(1, LISTER_MOTS_INTERDITS); } else { afficherMessageErreur("Le mot n'a pas pu être supprimé.."); redirection(5, LISTER_MOTS_INTERDITS); } }
<?php header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0'); header('Pragma: no-cache'); header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); @session_start(); $path2 = dirname(__FILE__); $pathCore = str_replace("admin", "", $path2); $pathLang = str_replace("includes", "", $path2); define('CORE', 'CORE'); require $pathCore . "/core.php"; require $path2 . "/acl.php"; require $pathLang . "/lang/fr.php"; ini_set('display_errors', 1); ini_set('log_errors', 1); error_reporting(E_ALL); if (!$Auth->isConnected()) { redirection($config->url_site . '/logout.php'); } if ($user->rank < 6) { redirection($config->url_site . '/logout.php'); }
<?php require 'init.php'; $tpl->assign('groups', 'index'); $Groups = new Groups(array('groupid' => intval($_GET['id']))); $Rooms = new Rooms(); if (!$Groups->Exist()) { redirection($config->url_site); } $GroupsInfo = $Groups->getInfo(); $tpl->assign('Groups', $GroupsInfo); $tpl->assign('Rooms_groups', $Rooms->getRoomsUser($GroupsInfo['username'])); $tpl->assign('Membres', $Groups->getGroupsMemberships()); //print_r($Groups->getGroupsMemberships()); $tpl->display('header.tpl'); $tpl->display('groups_discussions.tpl'); $tpl->display('footer.tpl');
$postNom = false; } if ($postNom) { // Le formulaire ne semble pas incomplet if ($postNom === $nomJeu) { // On va vérifier que le jeu n'a plus d'extensions filles if (!extensionsDunJeu($idJeuSuppr)) { // Le jeu n'a plus d'extension ! On va vérifier les exemplaires (il en faut 0 également) if (!exemplairesDunJeu($idJeuSuppr)) { // Le jeu n'a plus d'exemplaires ! On peut supprimer !! $sql = 'DELETE FROM ludo_jeux WHERE id=:param;'; $requete = $bd->prepare($sql); $requete->bindValue(':param', $idJeuSuppr, PDO::PARAM_INT); $requete->execute(); $codeMessage = "supprJeuOK"; redirection("catalogue"); } else { $codeMessage = "supprJeuEncoreExemplaires"; } } else { $codeMessage = "supprJeuEncoreExtensions"; } } else { $codeMessage = "supprJeuSecuriteInvalide"; } } else { $codeMessage = "formIncomplet"; } } } else { $nomJeu = false;
require "copyright.html"; break; case 'contacter': require "actions/contacter.php"; break; } } else { # Pas d'action : simple chargement du contenu if (isset($_SESSION['login'])) { echo lien_modifier($page); } $c = bdd_charger($db, $page); if ($c && is_string($c)) { echo $c; $index_bd = 1; if (!strcmp($page, 'Passés')) { echo lien_archives(); } if (bdd_get($db, 'niveau', $page) == 2) { $filles = menu_les_fils($db, $page); if (count($filles) > 0) { # Ajouter aussi les pages filles echo pages_filles($filles); } } } else { echo message("Impossible de charger la page « {$page} ». Redirection en cours...", 2); redirection('Accueil', 1000); } } }
} else { afficher_form_2(); } } elseif ($GLOBALS['step'] == '3') { // CHOIX DB if (isset($_POST['verif_envoi_3'])) { if ($err_3 = valid_install_3()) { afficher_form_3($err_3); } else { if (isset($_POST['sgdb']) and $_POST['sgdb'] == 'mysql') { fichier_mysql('mysql'); } else { fichier_mysql('sqlite'); } traiter_install_3(); redirection('auth.php'); } } else { afficher_form_3(); } } // affiche le form de choix de langue function afficher_form_1($erreurs = '') { afficher_html_head('Install'); echo '<div id="axe">' . "\n"; echo '<div id="pageauth">' . "\n"; echo '<h1>' . $GLOBALS['nom_application'] . '</h1>' . "\n"; echo '<h1 id="step">Bienvenue / Welcome</h1>' . "\n"; echo erreurs($erreurs); $conferrors = array();
<script> changerTitre("Supprimer une personne"); </script> <h1> Supprimer une personne </h1> <?php if (!isConnected() || !getPersonneConnectee()->isPerAdmin()) { throw new ExceptionPerso("Vous n'avez pas les droits nécessaires pour afficher cette page !", ExceptionPerso::ERR_DROITS); } if (empty($_GET['id'])) { throw new ExceptionPerso("Merci de ne pas modifier l'url !", ExceptionPerso::ERR_URL); } else { $pdo = new Mypdo(); $personneManager = new PersonneManager($pdo); $pernum = $_GET['id']; if (!is_numeric($pernum)) { throw new ExceptionPerso("Merci de ne pas modifier volontairement les données envoyées !", ExceptionPerso::ERR_URL); } $retour = $personneManager->deleteByPerNum($pernum); if ($retour === true) { afficherMessageSucces("Personne supprimée !"); redirection(1, LISTER_PERSONNES); } else { afficherMessageErreur("La personne n'a pas pu être supprimée."); redirection(20, LISTER_PERSONNES); } if ($pernum === getPersonneConnectee()->getPerNum()) { afficherMessageSucces("Votre compte a été supprimé, vous allez etre déconnecté.."); redirection(1, DECONNEXION); } }
# # BlogoText is free software. # You can redistribute it under the terms of the MIT / X11 Licence. # # *** LICENSE *** $begin = microtime(TRUE); $GLOBALS['BT_ROOT_PATH'] = '../'; require_once '../inc/inc.php'; error_reporting($GLOBALS['show_errors']); operate_session(); if (isset($_POST['_verif_envoi'])) { if ($erreurs_form = valider_form_preferences()) { afficher_form_prefs($erreurs_form); } else { if (fichier_user() === TRUE and fichier_prefs() === TRUE) { redirection(basename($_SERVER['PHP_SELF']) . '?msg=confirm_prefs_maj'); exit; } } } else { if (isset($_GET['test_captcha'])) { afficher_form_captcha(); } else { afficher_form_prefs(); } } /* FORMULAIRE NORMAL DES PRÉFÉRENCES */ function afficher_form_prefs($erreurs = '') {
<?php // *** INFOS SUR LE MODULE *** $titrePage = "Ajouter un membre"; include_once "content/fonctions/membres.php"; if ($actionPost == "create") { // On arrive depuis le formulaire : on va sécuriser quelques données ... if (isset($_POST["pseudo"])) { $postPseudo = strtolower(trim(htmlentities($_POST["pseudo"]))); } else { $postPseudo = false; } if ($postPseudo) { if (!infosMembreDepuisPseudo($postPseudo)) { // Ok, pas de membre qui porte ce pseudo ! On va l'ajouter, ok ? $sql = 'INSERT INTO ludo_utilisateurs (pseudo, password, estAdmin, membre_depuis) VALUES (:pseudo, :passwrd, :admin, :maintenant);'; $requete = $bd->prepare($sql); $requete->execute(array(':pseudo' => $postPseudo, ':passwrd' => password_hash("HomoLudens", PASSWORD_DEFAULT), ':admin' => false, ':maintenant' => time())); $nouveauMembre = infosMembreDepuisPseudo($postPseudo); redirection("profil-{$nouveauMembre['id']}"); $codeMessage = "formCreerUserOK"; } else { // Eeeh ... zut. Pseudo déjà pris. $codeMessage = "formCreerUserPseudoDejaPris"; } } else { $codeMessage = "formIncomplet"; } }