<?php session_start(); setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $admin = false; if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getAdminLevel($dev->getId($_SESSION['user']['username'])) > 6) { $admin = true; } } } if (!$admin) { header('Location: ../index.php'); } ?> <!doctype html> <html> <head> <script type="text/javascript" src="./js/jquery-2.1.4.js"></script> <script type="text/javascript" src="./js/codemirror.js"></script> <link rel="stylesheet" href="./css/admin.css" /> <link rel="stylesheet" href="./css/icons.css" /> <link rel="stylesheet" href="./css/codemirror.css" /> <meta charset="utf-8"/>
<?php session_start(); setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $admin = false; if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getAdminLevel($dev->getId($_SESSION['user']['username'])) > 6) { $admin = true; } } } if (!$admin) { header('Location: ../index.php'); } ?> <!doctype html> <html> <head> <meta charset="utf-8" /> <link rel="stylesheet" href="./css/style.css" /> <link rel="stylesheet" href="./css/icons.css" /> <script type="text/javascript" src="./js/jquery-2.1.4.js"></script> <script type="text/javascript" src="./js/main.js"/></script> <script>
$json = new jsonapi($json_hostname, $json_port, $json_username, $json_password, $json_salt); if (isset($_GET['from']) && !isset($_POST['from'])) { $from = $_GET['from']; } else { if (!isset($_GET['from']) && isset($_POST['from'])) { $from = $_POST['from']; } else { echo 'error'; header('Location: ./index.php'); } } if ($from == "add") { if ($_POST['send']) { if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($_POST['forum']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) { $sql = "INSERT INTO `web_threads`(`id`, `forum_id`, `title`, `uuid_author`, `stucked`, `valid`) VALUES ('" . ($dev->getLastThreadID() + 1) . "','" . $_POST['forum'] . "', '" . utf8_decode(addslashes($_POST['title'])) . "', '" . $dev->getId($_SESSION['user']['username']) . "','0','1');"; $sql2 = "INSERT INTO `web_messages`(`uuid_author`, `content`, `thread_id`) VALUES ('" . $dev->getId($_SESSION['user']['username']) . "', '" . addslashes(utf8_decode($_POST['bbcode_field'])) . "','" . ($dev->getLastThreadID() + 1) . "')"; $db2 = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $req2 = $db2->prepare($sql . $sql2); $req2->execute(); //var_dump($req2->errorInfo()); Header(sprintf('Location: ./forum_thread.php?id=%d', $dev->getLastThreadID())); } } else { unset($_SESSION['user']); header('Location: ./index.php'); } } else { header('Location: ./index.php'); }
} else { echo '<div id="forum"> <span class="icon-bubble" id="ico"></span> <span id="title">Aucun sujet épinglé</span></br> <span id="threads">Aucun sujet épinglé</span> </div>'; } ?> </div> </br> <div id="limiter"> Liste des sujets <?php if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($_GET['id']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) { echo '<div style="float:right;height:20px;font-size:12px;width:100px;" id="button" onClick="window.location.href=\'./forum_addthread.php?id=' . $_GET['id'] . '\'">Creer un sujet</div>'; } } else { unset($_SESSION['user']); } } ?> </div> <div id="cat"> <?php $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); if (isset($_GET['start']) && is_numeric($_GET['start']) && $_GET['start'] != '0') { $sql_req = "SELECT * FROM `web_threads` WHERE `forum_id`='" . $_GET['id'] . "' AND `stucked` = '0' ORDER BY `date_modified` ASC LIMIT 30 OFFSET %d;"; $sql_req = sprintf($sql_req, $_GET['start'] - 1); } else {
echo '<span class="number" style="font-weight:1.3em;float:left;width:150px;">Choix de la page: </span>'; $db2 = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql_req2 = "SELECT * FROM `web_news_comments` WHERE `news_id`='" . $_GET['id'] . "' ORDER BY `date`;"; $req2 = $db2->prepare($sql_req2); $req2->execute(); $req2->setFetchMode(PDO::FETCH_ASSOC); for ($i = 0; $i < $req2->rowCount(); $i = $i + 5) { echo '<a href="news.php?start=' . $i . '" class="number" style="float:left;">' . $i / 5 . '</a>'; } echo '<div style="clear:both;"></div>'; } if ($req_comments->rowCount() > 0) { while ($key = $req_comments->fetch()) { echo '<div id="news" style="rgb(250, 250, 250);"> <div style="position:absolute; top:5px; z-index:999;right:5px;">'; if (isset($_SESSION['user']) && ($dev->getAdminLevel($dev->getID($_SESSION['user']['username'])) >= 6 || $key['uuid'] == $dev->getID($_SESSION['user']['username']))) { echo '<a href="news_process.php?type=remove&id=' . $key['id'] . '"><img src="./ressources/icons/delete.png" Alt="Retirer ce post" title="Retirer ce post"/></a>'; } echo '</div> <table style="width:100%; margin:5px; margin-bottom:10px;"> <tr> <td style="width:12%; vertical-align:top;"> <div id="profileholder"> <div id="avatar">'; if (file_exists('./uploads/avatars/' . $key['uuid'] . '.png')) { echo '<img src="./uploads/avatars/' . $key['uuid'] . '.png" style="width:90%; margin:2.5%;"/>'; } else { echo '<img src="./uploads/avatars/default.png" style="width:90%; margin:2.5%;"/>'; } echo ' </div>
$sql_req = "SELECT * FROM `web_messages` WHERE `thread_id`='" . $_GET['id'] . "' ORDER BY `date_written` ASC LIMIT 10;"; } $req = $db->prepare($sql_req); $req->execute(); $req->setFetchMode(PDO::FETCH_ASSOC); $count = 0; if ($req->rowCount() > 0) { while ($key = $req->fetch()) { $count++; if ($count == 1) { echo '<div id="news" style="rgb(250, 250, 250);margin-top:0px;">'; } else { echo '<div id="news" style="rgb(250, 250, 250);">'; } echo '<div style="position:absolute; top:5px; z-index:999;right:5px;">'; if (isset($_SESSION['user']) && ($dev->getAdminLevel($dev->getID($_SESSION['user']['username'])) >= 6 || $key['uuid_author'] == $dev->getID($_SESSION['user']['username']))) { if ($count == 1) { echo '<a href="forum_process.php?from=remove_thread&id=' . $_GET['id'] . '"><img src="../ressources/icons/delete.png" Alt="Retirer ce Sujet" title="Retirer ce Sujet"/></a>'; } else { echo '<a href="forum_process.php?from=remove_msg&id=' . $key['id'] . '&th=' . $_GET['id'] . '"><img src="../ressources/icons/delete.png" Alt="Retirer ce post" title="Retirer ce post"/></a>'; } } echo '</div> <table style="width:100%; margin:5px; margin-bottom:10px;"> <tr> <td style="width:12%; vertical-align:top;"> <div id="profileholder"> <div id="avatar">'; if (file_exists('../uploads/avatars/' . $key['uuid_author'] . '.png')) { echo '<img src="../uploads/avatars/' . $key['uuid_author'] . '.png" style="width:90%; margin:2.5%;"/>'; } else {