function code_video_existant($link_youtube, $bdd) { $req = 'SELECT link FROM cover WHERE link="' . extraire_code_youtube($link_youtube) . '"'; $req = $bdd->query($req); $resultat = $req->fetch(); if ($resultat) { return 1; } return 0; }
<?php header("Content-Type: text/plain"); include '../fonction/fonctions.youtube.php'; $lien = $_POST['link']; $xhtml = ''; if (extraire_code_youtube($lien)) { $xhtml .= ' <iframe width="260" height="180" src="https://www.youtube.com/embed/' . extraire_code_youtube($lien) . '" frameborder="0" allowfullscreen></iframe>'; } echo $xhtml; unset($xhtml);
if (!is_numeric($_POST['category']) || $_POST['category'] < 1) { $nb_erreur++; $raison = "- Invalid category." . $separator; } if (code_video_existant($_POST['youtube_link'], $bdd)) { $nb_erreur++; $raison .= '- The video already exist.' . $separator; } if (!peut_poster($_SESSION['utilisateur']['login'], $bdd)) { $nb_erreur++; $raison .= '- You need 6 point to send a cover.' . $separator; } /** ENVOIE **/ if ($nb_erreur == 0) { $req = $bdd->prepare('INSERT INTO cover (id_utilisateur, title, link, date_cover, date_enregistrement, id_categorie, description) VALUES(:id_utilisateur, :title, :link, NOW(), :date, :category, :description)'); $req->execute(array('id_utilisateur' => $_SESSION['utilisateur']['id_utilisateur'], 'title' => htmlspecialchars($_POST['title']), 'link' => extraire_code_youtube($_POST['youtube_link']), 'date' => $_POST['recording_date'], 'category' => $_POST['category'], 'description' => htmlspecialchars($_POST['description']))); $id_cover = $bdd->lastInsertId(); unset($req); $req = $bdd->prepare('UPDATE utilisateur SET points=points-6 WHERE id_utilisateur=:id_utilisateur'); $req->execute(array('id_utilisateur' => $_SESSION['utilisateur']['id_utilisateur'])); unset($req); mkdir("../profil/" . $_SESSION['utilisateur']['id_utilisateur'] . "/cover/" . $id_cover, 0705); copy("../m/m.views.txt", "../profil/" . $_SESSION['utilisateur']['id_utilisateur'] . "/cover/" . $id_cover . "/views.txt"); $_SESSION['resultat_add']['raison'] = "Your cover has been added successfully."; } else { $tab = array("raison" => $raison, "title" => $_POST['title'], "youtube_link" => $_POST['youtube_link'], "recording_date" => $_POST['recording_date']); $_SESSION['resultat_add'] = $tab; unset($tab); } header('location: ' . $_SERVER[HTTP_REFERER] . '');