function comment(array $articleLangs = array())
{
$comment = new Comment();
$comment->setAuthor(author('niko'));
$comment->content = 'Booh.';
$comment->setArticle(article($articleLangs));
return $comment;
}
<?php
// modPersonne.php
// Modification d'une personne dans la table personnes
// Vérification de la connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
// Avec le rang 7 on peut modifier n'importe qui
// Avec un rang user on peut modifier une des ses propres propositions
// Avec le rang 2 on peut modifier une de ses suggestions
if (isset($_POST['ID'])) {
$id = $_POST['ID'];
if (author("modPerson", array('ID' => $id))) {
require_once './conx/connexion.php';
// Dans le cas d'une modification par user ou waiting_user, on veut vérifier
// que le compte est bien propriétaire de l'item à modifier
if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) {
$select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;');
$select->execute(array('id' => $id, 'idA' => $_SESSION['IDtrombi']));
if ($select->fetchColumn() == '0') {
die('({state:"failed",error:"You are not owner of this item"})');
}
}
// Il faut au moins une vérification, sans quoi la modification est inutile
$requete = '';
$params = array('id' => $id, 'date' => date('Y-m-d'), 'heure' => date('H:i:s'));
if (isset($_POST['NOM'])) {
$requete = $requete . " NOM=:nom,";
$params['nom'] = $_POST['NOM'];
}
function process($text, $wiki)
{
global $dataSource;
global $_EXTRAS;
global $_CONFIG;
$text = $text . "\n\n";
if ($_CONFIG['oneWiki']) {
$base = $_CONFIG['base'];
} else {
$base = $_CONFIG['base'] . "/" . $wiki;
}
function stripSpaces($text)
{
return ereg_replace("/[:space:]/", "", $text);
}
/*// Conditional includes
preg_match_all("/\[\[IFEDIT\|(.*?)\]\]/", $text, $matches);
foreach($matches[0] as $index => $match){
$result = $matches[1][$index];
if (checkAuth("edit")){
$text = preg_replace("#".preg_quote($match,"#")."#",$result,$text);
} else {
$text = preg_replace("#".preg_quote($match,"#")."#","Can't Edit",$text);
}
#$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
preg_match_all("/\[\[IfLoggedIn\|(.*?)\|(.*?)\]\]/", $text, $matches);
foreach($matches[0] as $index => $match){
$result = $matches[1][$index];
if (isset($_EXTRAS['me'])){
$text = preg_replace("#".preg_quote($match,"#")."#",$matches[1][$index],$text);
} else {
$text = preg_replace("#".preg_quote($match,"#")."#",$matches[2][$index],$text);
}
#$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
preg_match_all("/\[\[IFEDIT\|(.*?)\|(.*?)\]\]/", $text, $matches);
foreach($matches[0] as $index => $match){
if (checkAuth("edit")){
$text = preg_replace("#".preg_quote($match,"#")."#", $matches[1][$index],$text);
} else {
$text = preg_replace("#".preg_quote($match,"#")."#", $matches[2][$index],$text);
}
#$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}*/
preg_match_all("/\\[\\[INCLUDE\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$include = $dataSource->getContent($matches[1][$index]);
$text = preg_replace("#" . preg_quote($match, "#") . "#", $include, $text);
}
// Set Variables
preg_match_all("/\\[\\[SETVAR\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches);
// [[CALC|var|value]]
foreach ($matches[0] as $index => $match) {
$text = preg_replace("#" . preg_quote($match, "#") . "#", "", $text);
$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
preg_match_all("/\\[\\[CALC\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches);
// [[CALC|var|opp]]
foreach ($matches[0] as $index => $match) {
$text = preg_replace("#" . preg_quote($match, "#") . "#", "<!-- Calculate functions removed -->", $text);
#$eval = "\$_EXTRAS[".$matches[1][$index]."] = \$_EXTRAS[".$matches[1][$index]."] ".$matches[2][$index].";";
#eval($eval);
#$_EXTRAS[$matches[1][$index]] = eval($eval);
}
preg_match_all("/\\[\\[RCALC\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches);
// [[RCALC|ropp|var]]
foreach ($matches[0] as $index => $match) {
$text = preg_replace("#" . preg_quote($match, "#") . "#", "<!-- Calculate functions removed -->", $text);
#$eval = "\$_EXTRAS[".$matches[2][$index]."] = ".$matches[1][$index]." \$_EXTRAS[".$matches[2][$index]."];";
#eval($eval);
#$_EXTRAS[$matches[1][$index]] = eval($eval);
}
preg_match_all("/\\[\\[VAR\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$var = $_EXTRAS[$matches[1][$index]];
$text = preg_replace("#" . preg_quote($match, "#") . "#", $var, $text);
}
#$text = preg_replace("/\[\[SEARCH\|(.*?)\]\]/",searchFor($wiki,'\1'), $text);
#$text = preg_replace("/\[\[ALLBY\|(.*?)\]\]/",searchAuthor($wiki,'\1'), $text);
if (preg_match("#\\[\\[RECENT\\]\\]#", $text)) {
$text = str_replace("[[RECENT]]", recent($wiki), $text);
}
if (preg_match("/\\[\\[INDEX\\]\\]/", $text)) {
$text = str_replace("[[INDEX]]", index(), $text);
}
preg_match_all("/\\[\\[LOCKED\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$users = $matches[1][$index];
doAuth($users, "view this");
$users_array = explode(',', $users);
if (count($users_array) == 1) {
$users_text = $users;
} else {
$last = array_pop($users_array);
$users_text = implode(", ", $users_array) . ' & ' . $last;
}
$text = preg_replace("#" . preg_quote($match, "#") . "#", '<div class="locked">Page is locked to ' . $users_text . ' </div>', $text);
}
// Search for User
preg_match_all("/\\[\\[ALLBY\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$result = author($matches[1][$index]);
$text = preg_replace("#" . preg_quote($match, "#") . "#", $result, $text);
#$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
// Search for Arbitaty
preg_match_all("/\\[\\[SEARCH\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$datum = $matches[1][$index];
$result = $dataSource->search($datum);
$text = preg_replace("#" . preg_quote($match, "#") . "#", $result, $text);
#$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
/*// [[MACRO|macroname|arguments]]
preg_match_all("/\[\[MACRO\|(.*?)\|(.*?)\\]\]/", $text, $matches);
foreach($matches[0] as $index => $match){
#print_r($matches);
if (file_exists("macros/".$matches[1][$index].".inc")){
ob_start();
$var = $matches[2][$index];
include("macros/".$matches[1][$index].".inc");
$return = ob_get_contents();
ob_end_clean();
} else {
$return = "Macro ".$matches[1][$index]." not defined";
}
$text = preg_replace("#".preg_quote($matches[0][$index],"#")."#",$return,$text);
$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
// [[MACRO|macroname]]
preg_match_all("/\[\[MACRO\|(.*?)\\]\]/", $text, $matches);
foreach($matches[0] as $index => $match){
#print_r($matches);
if (file_exists("macros/".$matches[1][$index].".inc")){
ob_start();
include("macros/".$matches[1][$index].".inc");
$return = ob_get_contents();
ob_end_clean();
} else {
$return = "Macro ".$matches[1][$index]." not defined";
}
$text = preg_replace("#".preg_quote($matches[0][$index],"#")."#",$return,$text);
$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
*/
//New Macros code
$macros = array();
// [[MACRO|macroname|arguments]]
preg_match_all("/\\[\\[MACRO\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
#print_r($matches);
$return = "";
$macro = $matches[1][$index];
$command = $matches[2][$index];
$params = false;
if ($pos = strpos($command, '|')) {
$params = explode(',', substr($command, $pos + 1));
$command = substr($command, 0, $pos);
}
debug("Macro: {$macro}: {$command}");
if (!isset($macros[$macro])) {
if (file_exists("macros/" . $matches[1][$index] . ".inc")) {
include "macros/" . $matches[1][$index] . ".inc";
$macros[$macro] = new $macro($dataSource, $_EXTRAS);
}
}
if (!isset($macros[$macro])) {
// Macro load failed.
$return = "*!!Macro " . $matches[1][$index] . " not defined!!*";
} elseif ($command == "INIT") {
// Explicit INIT disabled
//if (file_exists("macros/".$matches[1][$index].".inc")){
// include("macros/".$matches[1][$index].".inc");
// $macros[$macro] = new $macro($dataSource, $_EXTRAS);
//} else {
// $return = "Macro ".$matches[1][$index]." not defined";
//}
} elseif ($command == "LIST") {
$dir = opendir("macros");
while ($line = readdir($dir)) {
if (substr($line, -4) != ".inc") {
continue;
}
$return .= "* {$line}\n";
}
} elseif (!isset($macros[$macro])) {
$return = "Macro {$macro} used before defined!";
} elseif (!in_array($command, get_class_methods($macro))) {
$return = "Macro {$macro} cannot execute {$command}";
} else {
#$return = call_user_func(array($macro, $command));
if ($params) {
$return = $macros[$macro]->{$command}($params);
} else {
$return = $macros[$macro]->{$command}();
}
}
#$text = preg_replace("#".preg_quote($matches[0][$index],"#")."#",$return,$text);
$text = str_replace($matches[0][$index], $return, $text);
$_EXTRAS[$matches[1][$index]] = $matches[2][$index];
}
// [[MACRO|macroname]]
// [[CAL|year-mm-dd|Event]]
preg_match_all("/\\[\\[CAL\\|(....)\\-(..)\\-(..)\\|(.*?)\\]\\]/", $text, $matches);
$i = 0;
$calendar = array();
$caltext = "";
foreach ($matches[0] as $index => $match) {
$link = preg_replace("/(\\W)/", "", $matches[4][$index]);
$text = str_replace($matches[0][$index], "<a name=\"" . $link . "\"></a>", $text);
$calendar[$matches[1][$index]][$matches[2][$index]][$matches[3][$index]] = $matches[4][$index];
}
preg_match_all("/\\[\\[VAR\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
if (isset($_EXTRAS[$matches[1][$index]])) {
$var = $_EXTRAS[$matches[1][$index]];
} else {
$var = '[ERR: ' . $matches[1][$index] . ' Undefined]';
}
#$text = preg_replace("#".preg_quote($match,"#")."#",$var, $text);
$text = str_replace($match, $var, $text);
}
foreach ($calendar as $year => $ydata) {
#ksort($ydata);
$months = array_keys($ydata);
foreach (range(min($months), max($months)) as $month) {
if ($month < 10) {
$month = "0" . $month;
}
#foreach($ydata as $month => $mdata){
$mdata = $ydata[$month];
$caltext .= calendar($mdata, $month, $year);
}
}
$links = array();
/*preg_match_all("/\(\(([.|\|]*?)\)\)/", $text, $matches);
foreach($matches[1] as $index => $title){
$link = preg_replace("/(\W)/", "", ucwords($matches[2][$index]));
$links[] = array($matches[0][$index], $link, $title);
}*/
preg_match_all("/\\(\\((.*?)\\)\\)/", "\n" . $text . "\n", $matches);
foreach ($matches[1] as $index => $title) {
if (!strpos($matches[1][$index], "|")) {
$link = preg_replace("/(\\W)/", "", $title);
#$links[] = array($matches[0][$index],$link, $title);
} else {
$bang = explode("|", $matches[1][$index]);
$link = preg_replace("/(\\W)/", "", $bang[1]);
$title = $bang[0];
}
if ($title[0] == '~') {
$link = '~' . $link;
}
$links[] = array($matches[0][$index], $link, $title);
}
foreach ($links as $index => $matches) {
$replace = preg_quote($matches[0], '/');
$stripped = $matches[1];
$title = $matches[2];
if ($title[0] == '~') {
$title = substr($title, 1);
#$link = "%(uncreated)".$title."\"?\":".$base."/".$stripped."?action=edit%";
#$link = "\"".$title."\":".$base."/".$stripped;
$link = userLink($title);
} elseif (!$dataSource->pageExists($stripped)) {
#$link = "%(uncreated)".$title."\"?\":".$base."/".$stripped."?action=edit%";
#$link = "\"".$title."\":".$base."/".$stripped;
$link = '<a href="' . $base . "/" . $stripped . '" class="uncreated wiki" title="Uncreated article ' . $title . '">' . $title . '</a>';
} else {
#$link = "\"".$title."\":".$base."/".$stripped;
$link = '<a href="' . $base . "/" . $stripped . '" class="wiki" title="Internal link to article ' . $title . '">' . $title . '</a>';
}
#$link = "\"".$match."\":".$base."/".$stripped;
#echo $replace;
$text = preg_replace("/(\\W|^)" . $replace . "(\\W)/", "\$1{$link}\$2", $text);
#$text = preg_replace("/(\W|^)".$replace."(\W)/","$1|$replace|$2", $text);
}
//preg_match_all("/<aqWikiNoProcess>(.*?)<\/aqwikiNoProcess>/m",$text, $matches);
$text = str_replace("\n", '[[BR]]', $text);
$text = str_replace("\r", '', $text);
preg_match_all("/<aqWikiNoProcess>(.*?)<\\/aqWikiNoProcess>/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$id = uniqid();
$EXTRAS['noProcess'][$id] = $matches[1][$index];
#$text = preg_replace("#".preg_quote($match,"#")."#",'[[NOPROCESS|'.$id.']]',$text);
$text = str_replace($match, '[[NOPROCESS|' . $id . ']]', $text);
}
$text = str_replace("[[BR]]", "\n", $text);
$text = textile($text);
#$text = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]\"/]", "<a href=\"\\0\">\\0</a>", $text);
#$text = preg_replace("#<a href=\"<a href=\"(.*)\">(.*)\"</a>>(.*)</a>#","<a href=\"$1\">$3</a>",$text);
$text = preg_replace("/\\[CC\\](.*?)\\[CC\\]/", "((\$1))", $text);
$text = preg_replace("/\\[CMD\\](.*?)\\[CMD\\]/", "[[\$1]]", $text);
$text = str_replace('[[CAL]]', "<div class=\"calendar\">" . $caltext . "</div>", $text);
if (!isset($_EXTRAS['textarea'])) {
$_EXTRAS['textarea'] = "";
}
$text = preg_replace("/\\[\\[TEXTAREA\\]\\]/", $_EXTRAS['textarea'], $text);
$text = str_replace('[[TEXTAREA]]', $_EXTRAS['textarea'], $text);
preg_match_all("/\\[\\[RAWVAR\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
if (isset($_EXTRAS[$matches[1][$index]])) {
$var = $_EXTRAS[$matches[1][$index]];
} else {
$var = '[ERR: ' . $matches[1][$index] . ' Undefined]';
}
$text = str_replace($match, $var, $text);
}
preg_match_all("/\\[\\[NOPROCESS\\|(.*?)\\]\\]/", $text, $matches);
foreach ($matches[0] as $index => $match) {
$id = $matches[1][$index];
$text = str_replace($match, $EXTRAS['noProcess'][$id], $text);
}
$text = str_replace("[[BR]]", "\n", $text);
return $text;
}
<?php
// addLien.php
// Ajout d'un lien entre un évènement et une personne
// Vérification de la connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
// Vérification de la présence de l'id personne et l'id évènement
if (isset($_POST['IDP']) && isset($_POST['IDE'])) {
$IDP = $_POST['IDP'];
$IDE = $_POST['IDE'];
// Droit de modifier la table à partir du rang 7 ou pour un user propriétaire, ou pour un contributeur en cours de session
if (author("addLink", array('IDP' => $IDP))) {
require_once './conx/connexion.php';
// Dans le cas d'une modification par user ou waiting_user, on veut vérifier
// que le compte est bien propriétaire de l'item à modifier
if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) {
$select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;');
$select->execute(array('id' => $IDP, 'idA' => $_SESSION['IDtrombi']));
if ($select->fetchColumn() == '0') {
die('({state:"failed",error:"You are not owner of this item"})');
}
}
// Préparation de la requète
$insertPrepa = $connexion->prepare('INSERT INTO ' . $prefixeDB . 'participations (IDP, IDE) VALUES (:idp , :ide);');
try {
// envoie de la requète
$insert = $insertPrepa->execute(array('idp' => $IDP, 'ide' => $IDE));
die('({state:"success"})');
} catch (Exception $e) {
<?php
// Vérification de l'état de connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
// Il faut spécifier une personne et un évènement à délier
if (isset($_POST['IDP']) && isset($_POST['IDE'])) {
$IDP = $_POST['IDP'];
$IDE = $_POST['IDE'];
// Il faut un rang d'au moins 7 pour modifier la base
// Ou user propriétaire de la personne
// Ou anonyme en cours de session
if (author("removeLink", array('IDP' => $IDP))) {
require_once './conx/connexion.php';
// Dans le cas d'une modification par user ou waiting_user, on veut vérifier
// que le compte est bien propriétaire de l'item à modifier
if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) {
$select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;');
$select->execute(array('id' => $IDP, 'idA' => $_SESSION['IDtrombi']));
if ($select->fetchColumn() == '0') {
die('({state:"failed",error:"You are not owner of this item"})');
}
}
// Préparation de la requète
$delete = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'participations WHERE IDP=:idp AND IDE=:ide;');
try {
// envoie de la requète
$delete->execute(array('idp' => $IDP, 'ide' => $IDE));
die('({state:"success"})');
} catch (Exception $e) {
<?php
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
if (author("delEvent", null)) {
if (isset($_POST['idE'])) {
require_once './conx/connexion.php';
$idE = $_POST['idE'];
$deleteParticipations = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'participations WHERE IDE=:ide;');
$deleteEvenement = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'evenements WHERE ID=:ide;');
try {
$deleteParticipations->execute(array('ide' => $idE));
$deleteEvenement->execute(array('ide' => $idE));
} catch (Exception $e) {
die('({state:"failed",error:"Del evenement : ' . $e->getMessage() . '"})');
}
die('({state:"success"})');
}
die('({state:"failed",error:"missing parameters"})');
}
die('({state:"failed",error:"your rank is too low"})');
<?php
// modEvenement.php
// Ajout ou suppression d'un évènement
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
if (author("modEvent", null)) {
if (isset($_POST['nom'])) {
require_once './conx/connexion.php';
$id = $_POST['id'];
$nom = $_POST['nom'];
if ($id > 0) {
$query = $connexion->prepare('UPDATE ' . $prefixeDB . 'evenements SET NOM=:nom WHERE ID=:id;');
try {
$query->execute(array('nom' => $nom, 'id' => $id));
} catch (Exception $e) {
die('({state:"failed",error:"mod event : ' . $e->getMessage() . '"})');
}
die('({state:"success"})');
} else {
$query = $connexion->prepare('INSERT INTO ' . $prefixeDB . 'evenements (NOM) VALUES (:nom);');
try {
$query->execute(array('nom' => $nom));
$id = $connexion->lastInsertId();
} catch (Exception $e) {
die('({state:"failed",error:"add event : ' . $e->getMessage() . '"})');
}
die('({state:"success", insertedID:' . $id . '})');
}
}
<?php
// delPersonne.php
// Suppression d'une personne dans la table personnes
// Vérification de la connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
if (isset($_POST['id'])) {
$id = $_POST['id'];
} else {
$id = NULL;
}
// Pour supprimer une personne il faut être de rang 7
// Ou de rang 2 s'il s'agit d'une de ses propres suggestions
if ($id != NULL && author("delPerson", array('ID' => $id))) {
require_once './conx/connexion.php';
// Dans le cas d'une modification par user ou waiting_user, on veut vérifier
// que le compte est bien propriétaire de l'item à modifier
if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) {
$select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;');
$select->execute(array('id' => $id, 'idA' => $_SESSION['IDtrombi']));
if ($select->fetchColumn() == '0') {
die('({state:"failed",error:"You are not owner of this item"})');
}
}
// Préparation des requêtes
$selectPersonne = $connexion->prepare('SELECT PHOTO FROM ' . $prefixeDB . 'personnes WHERE ID=:id ;');
// Récupération du nom de la photo pour effacement
$deleteParticipations = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'participations WHERE IDP=:idp;');
$deletePersonne = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'personnes WHERE ID=:idp;');
<?php
echo '<style>@media screen and (min-width: 1024px)
{
#content {margin-left:14em;}
}</style>';
echo "<article class='box post post-excerpt'>\n\t\t\t\t\t\t\t<header><h2>{$result['Title']}</h2>\n\t\t\t\t\t\t\t" . '<a href="#" class="icon fa-book" style="margin-right:1.5em;color:#666"> ' . reading($result['Id']) . '</a>
<a href="#" class="icon fa-check" style="margin-right:1.5em;color:#666"> ' . done($result['Id']) . '</a>
<a href="#" class="icon fa-comment" style="margin-right:1.5em;color:#666"> ' . comment($result['Id']) . '</a>
' . author($result['AUTHOR_ID']) . '
' . cat($result['CATEGORY_ID']) . '
' . "</header>";
echo '<table style="width:100%">
<tr>
<td style="max-width:30%;vertical-align: top;"><a href="' . $home_url . 'books/' . $result['URL'] . '" class="image featured"><img src="' . $home_url . 'images/books/' . $result['Image'] . '" alt="" /></a></td>
<td style="padding-left:1em">' . htmlspecialchars_decode($result['Description']) . '</td>
</tr>
</table>';
if (!empty($_SESSION["user"])) {
if (read($result["Id"], $_SESSION["user"]) == 'N') {
echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-success">ЧИТАТЬ ОНЛАЙН</button></a></p>';
}
if (read($result["Id"], $_SESSION["user"]) == 'D') {
echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-success">ОТКРЫТЬ</button></a></p>';
}
if (read($result["Id"], $_SESSION["user"]) == 'Y') {
echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-primary">ПРОДОЛЖИТЬ ЧТЕНИЕ</button></a></p>';
}
} else {
<?php
$sql_book = mysqli_query($bd, "SELECT * FROM `BOOKS`");
if (mysqli_num_rows($sql_books) > 0) {
$book = mysqli_fetch_array($sql_book);
$k = 1;
echo '<table style="width:100%">
<tr>
<th>#</th>
<th>Название</th>
<th>Автор</th>
<th>Категория</th>
</tr>';
do {
echo '<tr>
<td>' . $k . '</td>
<td>
<form action="' . $admin_page . 'books/edit_book/" method="post" style="display:inline-block;">
<input name="id" value="' . $book["URL"] . '" type="hidden">
<button type="submit" class="btn" style="background:transparent;border-color:transparent;color:#428bca;display:inline-block">' . $book["Title"] . '</button>
</td>
</form>
<td>' . author($book["AUTHOR_ID"]) . '</td>
<td>' . cat($book["CATEGORY_ID"]) . '</td>
</tr>';
$k++;
} while ($book = mysqli_fetch_array($sql_book));
echo '<table>';
}
?>
</div>
</div>
<?php
// addPersonne.php
// ajout d'une personne dans la table personnes
// Vérification de la connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
// Avec le rang 7 on ajoute une personne avec un statut normal (SUG=0)
// Avec le rang 2 on ajoute une personne avec le statut sugestion (SUG=1)
if (author("addNewPerson", null)) {
// Il faut au minimum un nom et un prénom
if (isset($_POST['NOM']) && isset($_POST['PRENOM'])) {
if (isset($_POST['VILLE'])) {
$ville = $_POST['VILLE'];
} else {
$ville = '';
}
if (isset($_POST['HOBBY'])) {
$hobby = $_POST['HOBBY'];
} else {
$hobby = '';
}
if (isset($_POST['IDREGION'])) {
$idr = $_POST['IDREGION'];
} else {
$idr = -1;
}
if (isset($_POST['VL'])) {
$vl = $_POST['VL'];
} else {
;
var noRedirect = <?php
noRedirect();
?>
;
if (!noRedirect) {
window.location.href = './?noRedirect=true&downloadId=' + schematicId;
}
}
</script>
<img src="../images/icons/download-2.png" />
<p>You are downloading <b><?php
fileName();
?>
</b> which was uploaded by <b><?php
author();
?>
</b> using <a href="../">Mordritch's Javascript Redstone Simulator</a>.</p>
<p>If the download does not start automatically, click <a href="./?downloadId=<?php
id();
?>
">here</a>.</p>
<p>You can also view/edit the schematic online <a href="../#<?php
id();
?>
">here</a> from inside your web browser.</p>
</div>
<?php
} else {
?>
<div>
<?php
// delUser.php
// Suppression d'un utilisateur
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
if (author("delUser", null)) {
if (isset($_POST['id'])) {
require_once './conx/connexion.php';
$id = $_POST['id'];
$deleteUser = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'users WHERE ID=:id;');
try {
$deleteUser->execute(array('id' => $id));
} catch (Exception $e) {
die('({state:"failed",error:"Del user : '******'"})');
}
die('({state:"success"})');
}
die('({state:"failed",error:"missing parameters"})');
}
die('({state:"failed",error:"your rank is too low"})');
$last = mysqli_fetch_array($sql_last);
do {
echo '<article class="box post post-excerpt">
<header>
<h2><a href="' . $home_url . 'books/' . $last['URL'] . '">' . $last['Title'] . '</a></h2>
</header>
<div class="info">
<span class="date"><span class="day">' . $last['Yaer'] . '</span></span>
<ul class="stats">
<li><a href="#" class="icon fa-book ">' . reading($last['Id']) . '</a></li>
<li><a href="#" class="icon fa-check">' . done($last['Id']) . '</a></li>
<li><a href="#" class="icon fa-comment">' . comment($last['Id']) . '</a></li>
<li>' . author($last['AUTHOR_ID']) . '</li>
</ul>
</div>
<table style="width:100%">
<tr>
<td style="max-width:30%;vertical-align: top;"><a href="' . $home_url . 'books/' . $last['URL'] . '" class="image featured"><img src="' . $home_url . 'images/books/' . $last['Image'] . '" alt="" /></a></td>
<td style="padding-left:1em">' . $last['Description'] . '</td>
</tr>
</table>
</article>
';
} while ($last = mysqli_fetch_array($sql_last));
}
<?php
// modPersonne.php
// Modification d'une personne dans la table personnes
// Vérification de la connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
// Avec le rang 7 on peut modifier n'importe qui
if (author("validNewPerson", null)) {
if (isset($_POST['ID'])) {
$id = $_POST['ID'];
require_once './conx/connexion.php';
$validPersonne = $connexion->prepare('UPDATE ' . $prefixeDB . 'personnes SET SUG=0 WHERE ID=:id');
try {
$validPersonne->execute(array('id' => $id));
} catch (Exception $e) {
die('({state:"failed",error:"valid personne : ' . $e->getMessage() . '"})');
}
die('({state:"success"})');
}
die('({state:"failed",error:"missing parameters"})');
}
die('({state:"failed",error:"your rank is too low"})');
function makeList($data)
{
while ($val = mysql_fetch_array($data)) {
//编列列表
//传递店面名,name
echo '
<li class="only4">
<a href="items_admin.php?id=' . $val['id'] . '&openid=' . $val['openid'] . '">
<div class="img"><img src="item.jpg" ></div>
<h2>' . $val['name'] . '</h2>
<p class="onlyheight">' . author($val['openid']) . statue($val['status']) . '</p>
<span class="icon"> </span>
<div class="clr"></div>
</a>
</li>
';
}
}
<?php
// getUsersList.php
// Renvoie la liste des utilisateurs
// Vérification de la connexion
include './authcheck.php';
if (!isset($_SESSION['IDtrombi'])) {
die('({state:"failed",error:"logOff"})');
}
// Il faut être administrateur
if (author("getUsersList", null)) {
require_once './conx/connexion.php';
$select = $connexion->prepare('SELECT ID, PSEUDO, EMAIL, NOMPRENOM, DATE, HEURE, RANK FROM ' . $prefixeDB . 'users ORDER BY RANK DESC, PSEUDO ASC;');
$jsonData = '';
$select->execute();
while ($user = $select->fetch(PDO::FETCH_ASSOC)) {
// on récupère la liste des membres
if ($jsonData != '') {
$jsonData = $jsonData . ',';
}
$jsonData = $jsonData . json_encode($user, JSON_FORCE_OBJECT);
}
$select->closeCursor();
// on ferme le curseur des résultats
die('({state:"success",liste:[' . $jsonData . ']})');
}
die('({state:"failed",error:"your rank is too low"})');
