} else { echo '<div id="forum"> <span class="icon-bubble" id="ico"></span> <span id="title">Aucun sujet épinglé</span></br> <span id="threads">Aucun sujet épinglé</span> </div>'; } ?> </div> </br> <div id="limiter"> Liste des sujets <?php if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($_GET['id']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) { echo '<div style="float:right;height:20px;font-size:12px;width:100px;" id="button" onClick="window.location.href=\'./forum_addthread.php?id=' . $_GET['id'] . '\'">Creer un sujet</div>'; } } else { unset($_SESSION['user']); } } ?> </div> <div id="cat"> <?php $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); if (isset($_GET['start']) && is_numeric($_GET['start']) && $_GET['start'] != '0') { $sql_req = "SELECT * FROM `web_threads` WHERE `forum_id`='" . $_GET['id'] . "' AND `stucked` = '0' ORDER BY `date_modified` ASC LIMIT 30 OFFSET %d;"; $sql_req = sprintf($sql_req, $_GET['start'] - 1); } else {
$json = new jsonapi($json_hostname, $json_port, $json_username, $json_password, $json_salt); if (isset($_GET['from']) && !isset($_POST['from'])) { $from = $_GET['from']; } else { if (!isset($_GET['from']) && isset($_POST['from'])) { $from = $_POST['from']; } else { echo 'error'; header('Location: ./index.php'); } } if ($from == "add") { if ($_POST['send']) { if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($_POST['forum']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) { $sql = "INSERT INTO `web_threads`(`id`, `forum_id`, `title`, `uuid_author`, `stucked`, `valid`) VALUES ('" . ($dev->getLastThreadID() + 1) . "','" . $_POST['forum'] . "', '" . utf8_decode(addslashes($_POST['title'])) . "', '" . $dev->getId($_SESSION['user']['username']) . "','0','1');"; $sql2 = "INSERT INTO `web_messages`(`uuid_author`, `content`, `thread_id`) VALUES ('" . $dev->getId($_SESSION['user']['username']) . "', '" . addslashes(utf8_decode($_POST['bbcode_field'])) . "','" . ($dev->getLastThreadID() + 1) . "')"; $db2 = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $req2 = $db2->prepare($sql . $sql2); $req2->execute(); //var_dump($req2->errorInfo()); Header(sprintf('Location: ./forum_thread.php?id=%d', $dev->getLastThreadID())); } } else { unset($_SESSION['user']); header('Location: ./index.php'); } } else { header('Location: ./index.php'); }
<div id="desc"> <div id="row">Posté à ' . getTime($key['date_written']) . ' le ' . getDate2($key['date_written']) . '</div> </div> </div> </td> <td style="vertical-align:top; padding:10px;padding-top:0;"> ' . getHTMLfromBB(utf8_encode(stripslashes($key['content']))) . ' </td> </tr> </table> </div>'; } } if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($dev->getThreadByIDv2($_GET['id'])['forum_id']) <= $dev->getAdminLevel($dev->getID($_SESSION['user']['username']))) { echo '<div id="news"> <div style="font-size: 18pt; color: rgb(44, 44, 44); margin: 5px;">Répondre a ce sujet.</div> <table style="width:100%; margin:5px; margin-bottom:10px;"> <tr> <td style="width:12%; vertical-align:top;"> <div id="profileholder"> <div id="avatar">'; if (file_exists('../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png')) { echo '<img src="../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png" style="width:90%; margin:2.5%;"/>'; } else { echo '<img src="../uploads/avatars/default.png" style="width:90%; margin:2.5%;"/>'; } echo ' </div> </div>