} else {
echo '<div id="forum">
<span class="icon-bubble" id="ico"></span>
<span id="title">Aucun sujet épinglé</span></br>
<span id="threads">Aucun sujet épinglé</span>
</div>';
}
?>
</div>
</br>
<div id="limiter">
Liste des sujets
<?php
if (isset($_SESSION['user'])) {
if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) {
if ($dev->getForumAdminLevel($_GET['id']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) {
echo '<div style="float:right;height:20px;font-size:12px;width:100px;" id="button" onClick="window.location.href=\'./forum_addthread.php?id=' . $_GET['id'] . '\'">Creer un sujet</div>';
}
} else {
unset($_SESSION['user']);
}
}
?>
</div>
<div id="cat">
<?php
$db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password);
if (isset($_GET['start']) && is_numeric($_GET['start']) && $_GET['start'] != '0') {
$sql_req = "SELECT * FROM `web_threads` WHERE `forum_id`='" . $_GET['id'] . "' AND `stucked` = '0' ORDER BY `date_modified` ASC LIMIT 30 OFFSET %d;";
$sql_req = sprintf($sql_req, $_GET['start'] - 1);
} else {
$json = new jsonapi($json_hostname, $json_port, $json_username, $json_password, $json_salt);
if (isset($_GET['from']) && !isset($_POST['from'])) {
$from = $_GET['from'];
} else {
if (!isset($_GET['from']) && isset($_POST['from'])) {
$from = $_POST['from'];
} else {
echo 'error';
header('Location: ./index.php');
}
}
if ($from == "add") {
if ($_POST['send']) {
if (isset($_SESSION['user'])) {
if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) {
if ($dev->getForumAdminLevel($_POST['forum']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) {
$sql = "INSERT INTO `web_threads`(`id`, `forum_id`, `title`, `uuid_author`, `stucked`, `valid`) VALUES ('" . ($dev->getLastThreadID() + 1) . "','" . $_POST['forum'] . "', '" . utf8_decode(addslashes($_POST['title'])) . "', '" . $dev->getId($_SESSION['user']['username']) . "','0','1');";
$sql2 = "INSERT INTO `web_messages`(`uuid_author`, `content`, `thread_id`) VALUES ('" . $dev->getId($_SESSION['user']['username']) . "', '" . addslashes(utf8_decode($_POST['bbcode_field'])) . "','" . ($dev->getLastThreadID() + 1) . "')";
$db2 = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password);
$req2 = $db2->prepare($sql . $sql2);
$req2->execute();
//var_dump($req2->errorInfo());
Header(sprintf('Location: ./forum_thread.php?id=%d', $dev->getLastThreadID()));
}
} else {
unset($_SESSION['user']);
header('Location: ./index.php');
}
} else {
header('Location: ./index.php');
}
<div id="desc">
<div id="row">Posté à ' . getTime($key['date_written']) . ' le ' . getDate2($key['date_written']) . '</div>
</div>
</div>
</td>
<td style="vertical-align:top; padding:10px;padding-top:0;">
' . getHTMLfromBB(utf8_encode(stripslashes($key['content']))) . '
</td>
</tr>
</table>
</div>';
}
}
if (isset($_SESSION['user'])) {
if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) {
if ($dev->getForumAdminLevel($dev->getThreadByIDv2($_GET['id'])['forum_id']) <= $dev->getAdminLevel($dev->getID($_SESSION['user']['username']))) {
echo '<div id="news">
<div style="font-size: 18pt; color: rgb(44, 44, 44); margin: 5px;">Répondre a ce sujet.</div>
<table style="width:100%; margin:5px; margin-bottom:10px;">
<tr>
<td style="width:12%; vertical-align:top;">
<div id="profileholder">
<div id="avatar">';
if (file_exists('../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png')) {
echo '<img src="../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png" style="width:90%; margin:2.5%;"/>';
} else {
echo '<img src="../uploads/avatars/default.png" style="width:90%; margin:2.5%;"/>';
}
echo '
</div>
</div>
