function get_form_var($variable, $type = 'string')
{
    // We use some functions from here
    // require_once "functions.inc";
    if ($type == 'array') {
        $value = array();
    } else {
        $value = NULL;
    }
    if (!empty($_POST) && isset($_POST[$variable])) {
        if ($type == 'array') {
            $value = (array) $_POST[$variable];
        } else {
            $value = $_POST[$variable];
        }
    } else {
        if (!empty($HTTP_POST_VARS) && isset($HTTP_POST_VARS[$variable])) {
            if ($type == 'array') {
                $value = (array) $HTTP_POST_VARS[$variable];
            } else {
                $value = $HTTP_POST_VARS[$variable];
            }
        }
    }
    if (!empty($_GET) && isset($_GET[$variable])) {
        if ($type == 'array') {
            $value = (array) $_GET[$variable];
        } else {
            $value = $_GET[$variable];
        }
    } else {
        if (!empty($HTTP_GET_VARS) && isset($HTTP_GET_VARS[$variable])) {
            if ($type == 'array') {
                $value = (array) $HTTP_GET_VARS[$variable];
            } else {
                $value = $HTTP_GET_VARS[$variable];
            }
        }
    }
    if ($value != NULL) {
        if ($type == 'int') {
            $value = intval(unslashes($value));
        } else {
            if ($type == 'string') {
                $value = unslashes($value);
            } else {
                if ($type == 'array') {
                    foreach ($value as $arrkey => $arrvalue) {
                        $value[$arrkey] = unslashes($arrvalue);
                    }
                }
            }
        }
    }
    return $value;
}
示例#2
0
function get_form_var($variable, $type = 'string')
{
    // We use some functions from here
    //require_once "functions.inc";
    global $cli_params, $allow_cli;
    // Set the default value, and make sure it's the right type
    if (func_num_args() > 2) {
        $value = func_get_arg(2);
        $value = $type == 'array' ? (array) $value : $value;
    } else {
        $value = $type == 'array' ? array() : NULL;
    }
    // Get the command line arguments if any (and we're allowed to),
    // otherwise get the POST variables
    if ($allow_cli && (!empty($cli_params) && isset($cli_params[$variable]))) {
        $value = $cli_params[$variable];
    } else {
        if (!empty($_POST) && isset($_POST[$variable])) {
            $value = $_POST[$variable];
        } else {
            if (!empty($HTTP_POST_VARS) && isset($HTTP_POST_VARS[$variable])) {
                $value = $HTTP_POST_VARS[$variable];
            }
        }
    }
    // Then get the GET variables
    if (!empty($_GET) && isset($_GET[$variable])) {
        $value = $_GET[$variable];
    } else {
        if (!empty($HTTP_GET_VARS) && isset($HTTP_GET_VARS[$variable])) {
            $value = $HTTP_GET_VARS[$variable];
        }
    }
    // Cast to an array if necessary
    if ($type == 'array') {
        $value = (array) $value;
    }
    // Clean up the variable
    if ($value != NULL) {
        if ($type == 'int') {
            $value = intval(unslashes($value));
        } else {
            if ($type == 'string') {
                $value = unslashes($value);
            } else {
                if ($type == 'array') {
                    foreach ($value as $arrkey => $arrvalue) {
                        $value[$arrkey] = unslashes($arrvalue);
                    }
                }
            }
        }
    }
    return $value;
}
示例#3
0
文件: login.php 项目: rhertzog/lcs
				if($defaut_gab=="y"){
					$value_gab="selected='selected'";
					$gabarit=$lig_gab->repertoire;
				}else{
					$value_gab="";
				}
			$tbs_dossier_gabarit[]=array("texte"=>$texte_gab, "selection"=>$value_gab, "value"=>$repertoire_gab);	
			}
		}
		
	}else{
		$gabarit="origine";
	}

	if ((isset($_GET['template'])) or (isset($_POST['template'])) or (isset($gabarit))) {
		$gabarit = isset($_POST['template']) ? unslashes($_POST['template']) : (isset($_GET['template']) ? unslashes($_GET['template']) : $gabarit);
	}
	else{
		$gabarit="origine";
	}
	

	
//==================================
// Décommenter la ligne ci-dessous pour afficher les variables $_GET, $_POST, $_SESSION et $_SERVER pour DEBUG:
//debug_var();

// appel des bibliothèques tinyButStrong

		
$_SESSION['tbs_class'] = 'tbs/tbs_class.php';
示例#4
0
// Traitement du nouveau nom de la salle
if (isset($new_name) and $new_name != "") {
    $nettoyage1 = mb_substr($new_name, 0, 30);
    $new_name_propre = traitement_magic_quotes($nettoyage1);
    // cette fonction est dans le traitement_data.inc.php
    $req_modif_nom = mysqli_query($GLOBALS["mysqli"], "UPDATE salle_cours SET nom_salle = '{$new_name_propre}' WHERE id_salle = '{$modif_salle}'") or trigger_error('Echec dans le changement de nom', E_USER_WARNING);
    $req_numero = mysqli_query($GLOBALS["mysqli"], "SELECT numero_salle FROM salle_cours WHERE id_salle = '{$modif_salle}'") or trigger_error('Echec dans le changement du nom', E_USER_WARNING);
    $rep_numero = mysqli_fetch_array($req_numero);
    $num_salle = $rep_numero["numero_salle"];
    echo '		</td>
			</tr>
			<tr>
				<td></td>
				<td>
	<span class="accept">';
    printf(CHANGE_CLASSROOM_NAME, $num_salle, unslashes($new_name_propre));
    echo '</span>
		</form>';
}
?>
				</td>
			</tr>
		</table>
<br />
</fieldset>

<br />

	<form action="ajouter_salle.php" name="effacer_salle" method="post">

<fieldset id="enlever">
示例#5
0
        echo "<hr />\n";
    }
    // Affichage d'un lien pour format imprimable
    if ((!isset($_GET['pview']) || $_GET['pview'] != 1) && ($summarize != 4 && $summarize != 5)) {
        echo '<p style="text-align:center;">
							<a href="' . traite_grr_url("", "y") . "report.php" . '?' . htmlspecialchars($_SERVER['QUERY_STRING']) . '&amp;pview=1" ';
        if (Settings::get("pview_new_windows") == 1) {
            echo ' target="_blank"';
        }
        echo '><span class="glyphicon glyphicon-print"></span></a>
						</p>';
    }
    //S'assurer que ces paramètres ne sont pas cités.
    $k = 0;
    while ($k < count($texte)) {
        $texte[$k] = unslashes($texte[$k]);
        $k++;
    }
    //Les heures de début et de fin sont aussi utilisés pour mettre l'heure dans le rapport.
    $report_start = mktime(0, 0, 0, $From_month, $From_day, $From_year);
    $report_end = mktime(0, 0, 0, $To_month, $To_day + 1, $To_year);
    //   La requête SQL va contenir les colonnes suivantes:
    // Col Index  Description:
    //   1  [0]   Entry ID, Non affiché -> e.id
    //   2  [1]   Date de début (Unix) -> e.start_time
    //   3  [2]   Date de fin (Unix) -> e.end_time
    //   4  [3]   Descrition brêve,(HTML) -> e.name
    //   5  [4]   Descrition,(HTML) -> e.description
    //   6  [5]   Type -> e.type
    //   7  [6]   réservé par (nom ou IP), (HTML) -> e.beneficiaire
    //   8  [7]   Timestamp (création), (Unix) -> e.timestamp
示例#6
0
}
print_header($day, $month, $year, isset($area) ? $area : "");
// If area is set but area name is not known, get the name.
if (isset($area)) {
    if (empty($area_name)) {
        $res = sql_query("select area_name from mrbs_area where id={$area}");
        if (!$res) {
            fatal_error(0, sql_error());
        }
        if (sql_count($res) == 1) {
            $row = sql_row($res, 0);
            $area_name = $row[0];
        }
        sql_free($res);
    } else {
        $area_name = unslashes($area_name);
    }
}
?>

<h2><?php 
echo $vocab['administration'];
?>
</h2>

<table border=1>
<tr>
<th><center><b><?php 
echo $vocab['areas'];
?>
</b></center></th>
示例#7
0
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) {
    $back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
check_access(6, $back);
// Restriction dans le cas d'une démo
VerifyModeDemo();
unset($user_login);
$user_login = isset($_POST["user_login"]) ? $_POST["user_login"] : ($user_login = isset($_GET["user_login"]) ? $_GET["user_login"] : NULL);
$valid = isset($_POST["valid"]) ? $_POST["valid"] : NULL;
$msg = '';
if ($valid == "yes") {
    unset($reg_password1);
    $reg_password1 = unslashes($_POST["reg_password1"]);
    unset($reg_password2);
    $reg_password2 = unslashes($_POST["reg_password2"]);
    $reg_password_c = md5($reg_password1);
    if ($reg_password1 != $reg_password2 || strlen($reg_password1) < $pass_leng) {
        $msg = get_vocab("passwd_error");
    } else {
        $sql = "UPDATE " . TABLE_PREFIX . "_utilisateurs SET password='******' WHERE login='******'";
        if (grr_sql_command($sql) < 0) {
            fatal_error(0, get_vocab('update_pwd_failed') . grr_sql_error());
        } else {
            $msg = get_vocab('update_pwd_succeed');
        }
    }
}
$user_nom = '';
$user_prenom = '';
$user_source = '';
示例#8
0
        $i++;
    } while ($i < $_POST['indice_max_log_eleve']);
}
if (isset($_POST['appreciations'])) {
    check_token();
    $temp = $_POST['appreciations'] . " 1";
    // Sous Linux, on n'envoie que des \n
    if (preg_match("/\\\\r/", $temp)) {
        // Cas Window$ et Mac
        $temp = my_ereg_replace("\\\\r", "`", $temp);
        $temp = my_ereg_replace("\\\\n", "", $temp);
    } elseif (preg_match("/\\\\n/", $temp)) {
        // Cas Linux
        $temp = my_ereg_replace("\\\\n", "`", $temp);
    }
    $temp = unslashes($temp);
    $longueur = mb_strlen($temp);
    $i = 0;
    $fin_app = 'yes';
    $indice = $_POST['debut_import'] - 2;
    $tempo = "";
    while ($i < $longueur and $indice < $_POST['fin_import']) {
        $car = mb_substr($temp, $i, 1);
        if (!my_ereg("^[`]{1}\$", $car)) {
            if ($fin_app == 'yes' or $i == $longueur - 1) {
                $fin_app = 'no';
                $appreciations_import[$indice] = $tempo;
                $indice++;
                $tempo = '';
            }
            $tempo = $tempo . $car;
示例#9
0
文件: add.php 项目: verdurin/mrbs-mcr
}
# This file is for adding new areas/rooms
# we need to do different things depending on if its a room
# or an area
if ($type == "area") {
    $area_name_q = unslashes($name);
    $id = $mdb->nextId("{$tbl_area}_id");
    if (MDB::isError($id)) {
        fatal_error(1, "<p>" . $id->getMessage() . "<br>" . $id->getUserInfo());
    }
    $sql = "INSERT INTO {$tbl_area} (id, area_name) \n            VALUES      ({$id}, " . $mdb->getTextValue($area_name_q) . ")";
    $res = $mdb->query($sql);
    if (MDB::isError($res)) {
        fatal_error(1, "<p>" . $res->getMessage() . "<br>" . $res->getUserInfo());
    }
    $area = $mdb->currId("{$tbl_area}_id");
}
if ($type == "room") {
    $room_name_q = unslashes($name);
    $description_q = unslashes($description);
    if (empty($capacity)) {
        $capacity = 0;
    }
    $id = $mdb->nextId("{$tbl_room}_id");
    $sql = "INSERT INTO {$tbl_room} (id, room_name, area_id, description, capacity)\n            VALUES      ({$id}, " . $mdb->getTextValue($room_name_q) . ", {$area}, " . $mdb->getTextValue($description_q) . ", {$capacity})";
    $res = $mdb->query($sql);
    if (MDB::isError($res)) {
        fatal_error(1, "<p>" . $res->getMessage() . "<br>" . $res->getUserInfo());
    }
}
header("Location: admin.php?area={$area}");
示例#10
0
     $message .= "\n\n";
     $message .= "Bizarrerie: L'identité POSTée est: {$nama}\n            Et l'identité de connexion est: " . $_SESSION['prenom'] . " " . $_SESSION['nom'];
 }
 unslashes($message);
 $gepiPrefixeSujetMail = getSettingValue("gepiPrefixeSujetMail") ? getSettingValue("gepiPrefixeSujetMail") : "";
 if ($gepiPrefixeSujetMail != '') {
     $gepiPrefixeSujetMail .= " ";
 }
 $gepiAdminAdress = getSettingValue("gepiAdminAdress");
 if ($gepiAdminAdress == "") {
     echo "<p><span style='color:red;>ERREUR</span>: L'adresse mail de l'administrateur n'est pas renseignée.</p>\n";
     require "../lib/footer.inc.php";
     die;
 }
 $objet_msg = trim($objet_msg);
 unslashes($objet_msg);
 //echo "\$objet_msg=$objet_msg<br />";
 //stripslashes($objet_msg);
 //if($objet_msg=='') {$objet_msg="Demande d'aide dans GEPI";}
 $subject = $gepiPrefixeSujetMail . $objet_msg;
 $subject = "=?UTF-8?B?" . base64_encode($subject) . "?=\r\n";
 $from = $email_reponse != "" ? "{$nama} <{$email_reponse}>" : $gepiAdminAdress;
 $headers = "X-Mailer: PHP/" . phpversion() . "\r\n";
 $headers .= "MIME-Version: 1.0\r\n";
 $headers .= "Content-type: text/plain; charset=UTF-8\r\n";
 $headers .= "From: {$from}\r\n";
 if ($email_reponse != "") {
     $headers .= "Reply-To: {$from}\r\n";
     if (getSettingValue("gepiAdminAdressFormHidden") != "y") {
         $headers .= "Cc: {$nama} <{$email_reponse}>\r\n";
     }
示例#11
0
 $ht = new htaccess(TRUE);
 $user = array();
 // Get the logins from the password file
 $user = $ht->get_htpasswd();
 // Add an Administrator
 if (empty($_POST['pwd1_backup']) || empty($_POST['pwd2_backup'])) {
     $msg = "Problème : les deux mots de passe ne sont pas identiques ou sont vides.";
     $error = 1;
 } elseif ($_POST['pwd1_backup'] != $_POST['pwd2_backup']) {
     $msg = "Problème : les deux mots de passe ne sont pas identiques.";
     $error = 1;
 } elseif (empty($_POST['login_backup'])) {
     $msg = "Problème : l'identifiant est vide.";
     $error = 1;
 } else {
     $_login = my_strtolower(unslashes($_POST['login_backup']));
     if (is_array($user)) {
         foreach ($user as $key => $value) {
             if ($_login == $key) {
                 $ht->delete_user($_login);
             }
         }
     }
 }
 if (!isset($error)) {
     $ht->set_user($_login, $_POST['pwd1_backup']);
     $ht->set_htpasswd();
     $user = array();
     $user = $ht->get_htpasswd();
     clearstatcache();
     if (!is_file('../backup/' . $dirname . '/.htaccess')) {
示例#12
0
$etiquettex = array();
$k="1";
while ($k < $nb_data) {
 $datay[$k] = array();
 $temp[$k] =  array();
 $temp[$k]=explode("|", $_GET['temp'.$k]);
 $k++;
}

$legendy = array();
$temp3=explode("|", $_GET['etiquette']);
$titre = unslashes($_GET['titre']);
$k = 1;
while ($k < $nb_data) {
    if (isset($_GET['v_legend'.$k])) {
        $legendy[$k] = unslashes(urldecode($_GET['v_legend'.$k]));
    } else {
        $legendy[$k]='' ;
    }
    $k++;
}

$i=0;
while ($i < count($temp[1])) {
    $k="1";
    while ($k < $nb_data) {
        $datay[$k][$i] = $temp[$k][$i];
        $k++;
    }
/*
    // On ne transmet plus l'id_matiere dans 'etiquette', mais le nom_complet.
示例#13
0
$user_mail = '';
$user_statut = '';
$user_source = 'local';
$user_etat = '';
$user_tel = '';
$user_champs_libre = '';
$display = '';
$retry = '';
if ($valid == 'yes') {
    // Restriction dans le cas d'une démo
    VerifyModeDemo();
    $reg_nom = isset($_GET['reg_nom']) ? $_GET['reg_nom'] : null;
    $reg_prenom = isset($_GET['reg_prenom']) ? $_GET['reg_prenom'] : null;
    $new_login = isset($_GET['new_login']) ? $_GET['new_login'] : null;
    $reg_password = isset($_GET['reg_password']) ? unslashes($_GET['reg_password']) : null;
    $reg_password2 = isset($_GET['reg_password2']) ? unslashes($_GET['reg_password2']) : null;
    $reg_statut = isset($_GET['reg_statut']) ? $_GET['reg_statut'] : null;
    $reg_email = isset($_GET['reg_email']) ? $_GET['reg_email'] : null;
    $reg_etat = isset($_GET['reg_etat']) ? $_GET['reg_etat'] : null;
    $reg_source = isset($_GET['reg_source']) ? $_GET['reg_source'] : null;
    $reg_tel = isset($_GET['reg_tel']) ? $_GET['reg_tel'] : null;
    $reg_champs_libre = isset($_GET['reg_champs_libre']) ? $_GET['reg_champs_libre'] : null;
    $reg_type_authentification = isset($_GET['type_authentification']) ? $_GET['type_authentification'] : 'locale';
    if ($reg_type_authentification != 'locale') {
        $reg_password = '';
    }
    if ($reg_nom == '' || $reg_prenom == '') {
        $msg = get_vocab('please_enter_name');
        $retry = 'yes';
    } else {
        //
示例#14
0
  Target of the form with sets the URL argument "Action=SetName".
  Will eventually return to URL argument "TargetURL=whatever".
*/
if (isset($Action) && $Action == "SetName") {
    /* First make sure the password is valid */
    if ($NewUserName == "") {
        // Unset the session variables
        if (isset($_SESSION)) {
            $_SESSION = array();
        } else {
            global $HTTP_SESSION_VARS;
            $HTTP_SESSION_VARS = array();
        }
    } else {
        $NewUserName = unslashes($NewUserName);
        $NewUserPassword = unslashes($NewUserPassword);
        if (!authValidateUser($NewUserName, $NewUserPassword)) {
            print_header_mrbs(0, 0, 0, 0);
            echo "<P>" . get_string('usernamenotfound') . "</P>\n";
            printLoginForm($TargetURL);
            exit;
        }
        if (isset($_SESSION)) {
            $_SESSION["UserName"] = $NewUserName;
        } else {
            global $HTTP_SESSION_VARS;
            $HTTP_SESSION_VARS["UserName"] = $NewUserName;
        }
    }
    header("Location: {$TargetURL}");
    /* Redirect browser to initial page */
示例#15
0
		//chaine_mel += "&body=Bonjour";
		location.href = chaine_mel;
	}


-->
</script>
<?php

switch($action)
{

//envoi du message
case "envoi":
    //N.B. pour peaufiner, mettre un script de vérification de l'adresse email et du contenu du message !
    $message = "Demandeur : ".$nama."\nEtablissement : ".getSettingValue("gepiSchoolName")."\n".unslashes($message);
    if ($email_reponse == '') {
        echo "<br /><br /><br /><P style=\"text-align: center\">Votre message n'a pas été envoyé : vous devez indiquer une adresse e-mail pour la réponse !</p>";
    } else {
		$gepiPrefixeSujetMail=getSettingValue("gepiPrefixeSujetMail") ? getSettingValue("gepiPrefixeSujetMail") : "";
		if($gepiPrefixeSujetMail!='') {$gepiPrefixeSujetMail.=" ";}

        $from = $email_reponse != "" ? "$nama <$email_reponse>" : getSettingValue("gepiAdminAdress");

        $subject = $gepiPrefixeSujetMail."Demande d'aide dans GEPI";
        $subject = "=?UTF-8?B?".base64_encode($subject)."?=\r\n";

        $headers = "X-Mailer: PHP/" . phpversion()."\r\n";
        $headers .= "MIME-Version: 1.0\r\n";
        $headers .= "Content-type: text/plain; charset=UTF-8\r\n";
        $headers .= "From: $from\r\n";
示例#16
0
    $text_classe_matiere .= " - Classe";
    if (count($current_group["classes"]["list"]) > 1) {
        $text_classe_matiere .= "s";
    }
    $text_classe_matiere .= " : " . $current_group["classlist_string"];
    if (isset($_GET['periode_num'])) {
        $text_classe_matiere .= " - Période : " . sql_query1("SELECT nom_periode FROM periodes WHERE\n        (\n        id_classe='" . $current_group["classes"]["list"][0] . "' and\n        num_periode='" . (int) $_GET['periode_num'] . "'\n        )");
    }
}
//if ($text_classe_matiere != '') $pdf->Cell(100, 8, $text_classe_matiere,$bord,0,"L",0);
if ($text_classe_matiere != '') {
    $pdf->Cell(100, 8, $text_classe_matiere, $bord, 0, "L", 0);
}
$pdf->ln();
//isset($_GET['titre']) ? $titre = unslashes($_GET['titre']) : $titre='' ;
isset($_GET['titre']) ? $titre = unslashes($_GET['titre']) : ($titre = '');
if ($titre != '') {
    //Positionnement du titre
    $w = $pdf->GetStringWidth($titre) + 6;
    $pdf->SetX((LargeurPage - $w) / 2);
    //Couleurs du cadre, du fond et du texte
    $pdf->SetDrawColor(0, 0, 0);
    $pdf->SetFillColor(255, 255, 255);
    $pdf->SetTextColor(0, 0, 0);
    //Titre centré
    $pdf->Cell($w, 9, $titre, $bord, 1, 'C', 0);
    //Saut de ligne
}
// tableau des en-têtes
$header1 = array();
$header1 = unserialize($_SESSION['header_pdf']);
 VerifyModeDemo();
 // Phase d'enregistrement des données
 $nb_row = isset($_POST["nb_row"]) ? $_POST["nb_row"] : NULL;
 $reg_stat = isset($_POST["reg_stat"]) ? $_POST["reg_stat"] : NULL;
 $reg_login = isset($_POST["reg_login"]) ? $_POST["reg_login"] : NULL;
 $reg_nom = isset($_POST["reg_nom"]) ? $_POST["reg_nom"] : NULL;
 $reg_prenom = isset($_POST["reg_prenom"]) ? $_POST["reg_prenom"] : NULL;
 $reg_email = isset($_POST["reg_email"]) ? $_POST["reg_email"] : NULL;
 $reg_mdp = isset($_POST["reg_mdp"]) ? $_POST["reg_mdp"] : NULL;
 $reg_type_user = isset($_POST["reg_type_user"]) ? $_POST["reg_type_user"] : NULL;
 $reg_statut = isset($_POST["reg_statut"]) ? $_POST["reg_statut"] : NULL;
 $reg_type_auth = isset($_POST["reg_type_auth"]) ? $_POST["reg_type_auth"] : NULL;
 $nb_row++;
 for ($row = 1; $row < $nb_row; $row++) {
     if ($reg_type_auth[$row] != "ext") {
         $reg_mdp[$row] = md5(unslashes($reg_mdp[$row]));
     }
     // On nettoie les windozeries
     $reg_nom[$row] = protect_data_sql(corriger_caracteres($reg_nom[$row]));
     $reg_prenom[$row] = protect_data_sql(corriger_caracteres($reg_prenom[$row]));
     $reg_email[$row] = protect_data_sql(corriger_caracteres($reg_email[$row]));
     $test_login = grr_sql_count(grr_sql_query("SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login='******'"));
     if ($test_login == 0) {
         $regdata = grr_sql_query("INSERT INTO " . TABLE_PREFIX . "_utilisateurs SET nom='" . $reg_nom[$row] . "',prenom='" . $reg_prenom[$row] . "',login='******',email='" . $reg_email[$row] . "',password='******',statut='" . $reg_type_user[$row] . "',etat='" . $reg_statut[$row] . "',source='" . $reg_type_auth[$row] . "'");
     } else {
         $regdata = grr_sql_query("UPDATE " . TABLE_PREFIX . "_utilisateurs SET nom='" . $reg_nom[$row] . "',prenom='" . $reg_prenom[$row] . "',email='" . $reg_email[$row] . "',password='******',statut='" . $reg_type_user[$row] . "',etat='" . $reg_statut[$row] . "',source='" . $reg_type_auth[$row] . "' WHERE login='******'");
     }
     if (!$regdata) {
         echo "<p><font color=\"red\">" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("message_records_error") . "</font></p>";
     } else {
         if ($reg_stat[$row] == "nouveau") {
示例#18
0
    die('Erreur chargement settings');
}
// Paramètres langage
include 'include/language.inc.php';
// Session related functions
require_once './include/session.inc.php';
// Vérification du numéro de version et renvoi automatique vers la page de mise à jour
if (verif_version()) {
    header('Location: ./admin/admin_maj.php');
    exit;
}
// User wants to be authentified
if (isset($_POST['login']) && isset($_POST['password'])) {
    // Détruit toutes les variables de session au cas où une session existait auparavant
    $_SESSION = array();
    $result = grr_opensession($_POST['login'], unslashes($_POST['password']));
    // On écrit les données de session et ferme la session
    session_write_close();
    if ($result == '2') {
        $message = get_vocab('echec_connexion_GRR');
        $message .= ' ' . get_vocab('wrong_pwd');
    } elseif ($result == '3') {
        $message = get_vocab('echec_connexion_GRR');
        $message .= '<br />' . get_vocab('importation_impossible');
    } elseif ($result == '4') {
        //$message = get_vocab("importation_impossible");
        $message = get_vocab('echec_connexion_GRR');
        $message .= ' ' . get_vocab('causes_possibles');
        $message .= '<br />- ' . get_vocab('wrong_pwd');
        $message .= '<br />- ' . get_vocab('echec_authentification_ldap');
    } elseif ($result == '5') {
示例#19
0
}
$etiquettex = array();
$k="1";
while ($k < $nb_data) {
 $datay[$k] = array();
 $temp1[$k] =  array();
 $temp2[$k] =  array();
 $temp1[$k]=explode("|", $_GET['temp1'.$k]);
 $temp2[$k]=explode("|", $_GET['temp2'.$k]);
 $k++;
}
$temp3=explode("|", $_GET['etiquette']);
$titre = unslashes($_GET['titre']);

isset($_GET['v_legend1']) ? $legendy1 = unslashes($_GET['v_legend1']) : $legendy1='' ;
isset($_GET['v_legend2']) ? $legendy2 = unslashes($_GET['v_legend2']) : $legendy2='' ;

$i=0;
while ($i < count($temp1[1])) {
$k="1";
while ($k < $nb_data) {
    $datay1[$k][$i] = $temp1[$k][$i];
    $datay2[$k][$i] = $temp2[$k][$i];
    $k++;
}
/*
$call_matiere = mysql_query("SELECT nom_complet FROM matieres WHERE matiere = '".$temp3[$i]."'");
$etiquettex[$i] = old_mysql_result($call_matiere, "0", "nom_complet");
*/
$etiquettex[$i]=$temp3[$i];
$i++;
示例#20
0
		}
		$matiere_nom_long[$i]=remplace_accents($matiere_nom_long[$i],'simple');

		writinfo('/tmp/infos_graphe.txt','a+',"\$matiere[$i]=".$matiere[$i]."\n");
		$matiere[$i]=remplace_accents($matiere[$i],'simple');
		writinfo('/tmp/infos_graphe.txt','a+',"\$matiere[$i]=".$matiere[$i]."\n");
	}

	writinfo('/tmp/infos_graphe.txt','a+',"\nAvant les titres...\n");
	$titre = unslashes($_GET['titre']);
	$k = 1;
	//while ($k < $nb_data) {
	//while ($k<=$nb_series) {
	for($k=1;$k<=2;$k++){
		if (isset($_GET['v_legend'.$k])) {
			$legendy[$k] = unslashes($_GET['v_legend'.$k]);
		} else {
			$legendy[$k]='' ;
		}
		// $eleve peut en fait être une moyenne de classe ou même un trimestre...
		$eleve[$k]=$legendy[$k];
		writinfo('/tmp/infos_graphe.txt','a+',"\$eleve[$k]=".$eleve[$k]."\n");
		//$k++;
	}
	//============================================


	$eleve1=$_GET['v_legend1'];
	$sql="SELECT * FROM eleves WHERE login='******'";
	$resultat_infos_eleve1=mysqli_query($GLOBALS["mysqli"], $sql);
	if(mysqli_num_rows($resultat_infos_eleve1)>0) {
示例#21
0
include "functions.inc";
include "{$dbsys}.inc";
#If we dont know the right date then make it up
if (!isset($day) or !isset($month) or !isset($year)) {
    $day = date("d");
    $month = date("m");
    $year = date("Y");
}
if (empty($area)) {
    $area = get_default_area();
}
# Need all these different versions with different escaping.
# search_str must be left as the html-escaped version because this is
# used as the default value for the search box in the header.
if (!empty($search_str)) {
    $search_text = unslashes($search_str);
    $search_url = urlencode($search_text);
    $search_str = htmlspecialchars($search_text);
}
print_header($day, $month, $year, $area);
if (!empty($advanced)) {
    echo "<H3>" . get_vocab("advanced_search") . "</H3>";
    echo "<FORM METHOD=GET ACTION=\"search.php\">";
    echo get_vocab("search_for") . " <INPUT TYPE=TEXT SIZE=25 NAME=\"search_str\"><br>";
    echo get_vocab("from") . " ";
    genDateSelector("", $day, $month, $year);
    echo "<br><INPUT TYPE=SUBMIT VALUE=\"" . get_vocab("search_button") . "\">";
    echo "</FORM>";
    include "trailer.inc";
    exit;
}
示例#22
0
$user_nom = '';
$user_prenom = '';
$user_mail = '';
$user_statut = '';
$user_source = 'local';
$user_etat = '';
$display = "";
$retry = '';
if ($valid == "yes") {
    // Restriction dans le cas d'une démo
    VerifyModeDemo();
    $reg_nom = isset($_GET["reg_nom"]) ? $_GET["reg_nom"] : NULL;
    $reg_prenom = isset($_GET["reg_prenom"]) ? $_GET["reg_prenom"] : NULL;
    $new_login = isset($_GET["new_login"]) ? $_GET["new_login"] : NULL;
    $reg_password = isset($_GET["reg_password"]) ? unslashes($_GET["reg_password"]) : NULL;
    $reg_password2 = isset($_GET["reg_password2"]) ? unslashes($_GET["reg_password2"]) : NULL;
    $reg_statut = isset($_GET["reg_statut"]) ? $_GET["reg_statut"] : NULL;
    $reg_email = isset($_GET["reg_email"]) ? $_GET["reg_email"] : NULL;
    $reg_etat = isset($_GET["reg_etat"]) ? $_GET["reg_etat"] : NULL;
    $reg_source = isset($_GET["reg_source"]) ? $_GET["reg_source"] : NULL;
    $reg_type_authentification = isset($_GET["type_authentification"]) ? $_GET["type_authentification"] : "locale";
    if ($reg_type_authentification != "locale") {
        $reg_password = "";
    }
    if ($reg_nom == '' || $reg_prenom == '') {
        $msg = get_vocab("please_enter_name");
        $retry = 'yes';
    } else {
        //
        // actions si un nouvel utilisateur a été défini
        //
示例#23
0
    echo get_vocab("submitquery");
    ?>
">
</td></tr>
</table>
</form>

<?php 
}
# Lower part: Results, if called with parameters:
if (isset($areamatch)) {
    # Make sure these are not escape-quoted:
    $areamatch = unslashes($areamatch);
    $roommatch = unslashes($roommatch);
    $namematch = unslashes($namematch);
    $descrmatch = unslashes($descrmatch);
    # Start and end times are also used to clip the times for summary info.
    $report_start = mktime(0, 0, 0, $From_month + 0, $From_day + 0, $From_year + 0);
    $report_end = mktime(0, 0, 0, $To_month + 0, $To_day + 1, $To_year + 0);
    #   SQL result will contain the following columns:
    # Col Index  Description:
    #   1  [0]   Entry ID, not displayed -- used for linking to View script.
    #   2  [1]   Start time as Unix time_t
    #   3  [2]   End time as Unix time_t
    #   4  [3]   Entry name or short description, must be HTML escaped
    #   5  [4]   Entry description, must be HTML escaped
    #   6  [5]   Type, single char mapped to a string
    #   7  [6]   Created by (user name or IP addr), must be HTML escaped
    #   8  [7]   Creation timestamp, converted to Unix time_t by the database
    #   9  [8]   Area name, must be HTML escaped
    #  10  [9]   Room name, must be HTML escaped
示例#24
0
function unslashes(&$var)
{
    if (is_array($var)) {
        foreach ($var as $i => $n) {
            $var[$i] = unslashes($n);
        }
    } else {
        $var = stripcslashes($var);
    }
    return $var;
}
示例#25
0
require_once "../include/settings.class.php";
// Session related functions
require_once "../include/session.inc.php";
// Paramètres langage
include "../include/language.inc.php";
//Chargement des valeurs de la table settingS
if (!Settings::load()) {
    die("Erreur chargement settings");
}
$valid = isset($_POST["valid"]) ? $_POST["valid"] : 'no';
$etape = isset($_POST["etape"]) ? $_POST["etape"] : '0';
$adresse = isset($_POST["adresse"]) ? $_POST["adresse"] : NULL;
$port = isset($_POST["port"]) ? $_POST["port"] : NULL;
$login_ldap = isset($_POST["login_ldap"]) ? $_POST["login_ldap"] : NULL;
$pwd_ldap = isset($_POST["pwd_ldap"]) ? $_POST["pwd_ldap"] : NULL;
$pwd_ldap = unslashes($pwd_ldap);
if (isset($_POST["use_tls"])) {
    if ($_POST["use_tls"] == 'y') {
        $use_tls = TRUE;
    } else {
        $use_tls = FALSE;
    }
} else {
    $use_tls = FALSE;
}
$base_ldap = isset($_POST["base_ldap"]) ? $_POST["base_ldap"] : NULL;
$base_ldap_autre = isset($_POST["base_ldap_autre"]) ? $_POST["base_ldap_autre"] : NULL;
$ldap_filter = isset($_POST["ldap_filter"]) ? $_POST["ldap_filter"] : NULL;
$titre_ldap = "Configuration de l'authentification LDAP";
if (isset($_POST['reg_ldap_statut'])) {
    if ($_POST['ldap_statut'] == "no_ldap") {
示例#26
0
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
// On précise de ne pas traiter les données avec la fonction anti_inject
$traite_anti_inject = 'no';
// Initialisations files
require_once "../lib/initialisations.inc.php";
//$texte : le texte à afficher
//$height : la hauteur de l'image
//$width : la largeur de l'image
//$colortxt : la couleur du texte de la forme #xxxxxx ou xxxxxx
unset($height);
$height = isset($_GET["height"]) ? $_GET["height"] : NULL;
unset($width);
$width = isset($_GET["width"]) ? $_GET["width"] : NULL;
unset($texte);
$texte = isset($_GET["texte"]) ? unslashes($_GET["texte"]) : NULL;
unset($colortxt);
$colortxt = isset($_GET["colortxt"]) ? $_GET["colortxt"] : NULL;
$long_chaine = mb_strlen($texte);
if ($height != '') {
    $haut_im = $height;
} else {
    $haut_im = $long_chaine * 8;
}
if ($width != '') {
    $larg_im = $width;
} else {
    $larg_im = 20;
}
Header("Content-Type: image/png");
$texte = urldecode($texte);