function addwebsite() { $newsite = mysql_real_escape_string($_POST['newsite']); $theme = $_POST['theme']; $pseudo = $_SESSION['username']; $connect = mysql_connect('localhost', 'root', '') or die(mysql_error()); mysql_select_db("chevre_rose") or die(mysqli_error($connect)); $ret = mysql_query("INSERT INTO `chevre_rose`.`listsite` (`site`, `theme`) VALUES ('{$newsite}', '{$theme}');") or die(mysql_error()); mysql_query("UPDATE user SET credit = credit + 10 WHERE pseudo = '{$pseudo}';"); refreshsession($pseudo); echo "<script>alert(\"{$newsite} a ete ajouter a la liste des site, Merci. Vous avez gagner 10 credits\");</script>"; }
function modmail() { $mdp = mysql_real_escape_string($_POST['oldpwd']); $newmail = mysql_real_escape_string($_POST['newmail']); $pseudo = $_SESSION['username']; $mdp = MD5($mdp); $connect = mysql_connect('localhost', 'root', '') or die(mysql_error()); mysql_select_db("chevre_rose") or die(mysqli_error($connect)); $user = mysql_query("SELECT * FROM user WHERE pseudo = '{$pseudo}' && password = '******';") or die(mysql_error() . ' when we select'); $nb = mysql_num_rows($user); if ($nb == 0) { echo '<script>alert("L\'identifiant ou le mot de passe est erroné.");</script>'; return; } $row = mysql_fetch_array($user, MYSQL_ASSOC); $id = $row['id']; mysql_query("UPDATE user SET email = '{$newmail}' WHERE id = {$id};"); mysql_close($connect); refreshsession($pseudo, $mdp); }