/**
* disables user (if not disabled), removes all licensed content from db and
* replaces every picture with a dummy one
*
* @return string error message, if anything went wrong, true otherwise
*
* old_disabled: the user was disabled already before license transition
* and therefore could not accept/decline the license
*/
function disduelicense($old_disabled = false)
{
// get translation-object
global $translate;
// check if disabled, disable if not
if (!$this->canDisableDueLicense()) {
return 'this user must not be disabled';
}
if (!$old_disabled) {
if ($this->canDisable()) {
if (!$this->disable()) {
return 'disable user failed';
}
}
}
// remember that data license was declined
sql("UPDATE user SET data_license='&2' WHERE user_id='&1'", $this->getUserId(), $old_disabled ? NEW_DATA_LICENSE_PASSIVELY_DECLINED : NEW_DATA_LICENSE_ACTIVELY_DECLINED);
/*
* set all cache_desc and hint to '', save old texts
*/
// check if there are caches
$num_caches = sql_value("SELECT COUNT(*) FROM `caches` WHERE `user_id`='&1'", 0, $this->getUserId());
if ($num_caches > 0) {
$cache_descs = array();
$rs = sql("SELECT `id`, `language`, `desc`, `hint` " . "FROM `cache_desc`,`caches` " . "WHERE `caches`.`cache_id`=`cache_desc`.`cache_id` " . "AND `caches`.`user_id`='&1'", $this->getUserId());
while ($cache_desc = sql_fetch_array($rs, MYSQL_ASSOC)) {
$cache_descs[] = $cache_desc;
}
sql_free_result($rs);
// walk through cache_descs and set message for each language
foreach ($cache_descs as $desc) {
// save text - added 2013/03/18 to be enable restoring data on reactivation
// of accounts that were disabled before license transition
if ($desc['desc'] != "") {
sql("INSERT IGNORE INTO `saved_texts` (`object_type`, `object_id`, `subtype`, `text`)\n\t\t\t\t\t VALUES ('&1', '&2', '&3', '&4')", OBJECT_CACHEDESC, $desc['id'], 1, $desc['desc']);
}
if ($desc['hint'] != "") {
sql("INSERT IGNORE INTO `saved_texts` (`object_type`, `object_id`, `subtype`, `text`)\n\t\t\t\t\t VALUES ('&1', '&2', '&3', '&4')", OBJECT_CACHEDESC, $desc['id'], 2, $desc['hint']);
}
if ($desc['desc'] != "") {
if ($old_disabled) {
$descmsg = $translate->t("cache description was removed because the owner's account was inactive when the <a href='articles.php?page=impressum#datalicense'>new content license</a> was launched", '', basename(__FILE__), __LINE__, '', 1, $desc['language']);
} else {
$descmsg = $translate->t('cache description was removed because owner declined content license', '', basename(__FILE__), __LINE__, '', 1, $desc['language']);
}
} else {
$descmsg = "";
}
sql("UPDATE `cache_desc` " . "SET `desc`='&1',`hint`='&2' " . "WHERE `id`='&3'", "<em>" . $descmsg . "</em>", '', $desc['id']);
}
// replace pictures
$errmesg = $this->replace_pictures(OBJECT_CACHE);
if ($errmesg !== true) {
return "removing cache pictures: {$errmesg}";
}
}
// delete additional waypoint texts
$rs = sql("SELECT `id`, `description` FROM `coordinates`\n\t\t WHERE `type`='&1'\n\t AND `cache_id` IN (SELECT `cache_id` FROM `caches` WHERE `user_id`='&2')", COORDINATE_WAYPOINT, $this->getUserId());
while ($wp = sql_fetch_assoc($rs)) {
if ($wp['description'] != "") {
sql("INSERT IGNORE INTO `saved_texts` (`object_type`, `object_id`, `subtype`, `text`)\n\t\t\t\t VALUES ('&1', '&2', '&3', '&4')", OBJECT_WAYPOINT, $wp['id'], 0, $wp['description']);
}
sql("UPDATE `coordinates` SET `description`=''\n\t\t WHERE `id`='&1'", $wp['id']);
}
sql_free_result($rs);
/*
* set all cache_logs '', save old texts and delete pictures
*/
$rs = sql("SELECT `id`, `text`\n\t\t\t\t\t\t\t FROM `cache_logs`\n\t\t\t\t\t\t\t WHERE `user_id`='&1'", $this->getUserId());
while ($log = sql_fetch_array($rs, MYSQL_ASSOC)) {
// save text - added 2013/03/18 to be enable restoring data on reactivation
// of accounts that were disabled before license transition
sql("INSERT IGNORE INTO `saved_texts` (`object_type`, `object_id`, `subtype`, `text`)\n\t\t\t VALUES ('&1', '&2', '&3', '&4')", OBJECT_CACHELOG, $log['id'], 0, $log['text']);
// set text ''
sql("UPDATE `cache_logs` SET `text`='' WHERE `id`='&1'", $log['id']);
/*
// replace pictures
$errmesg = $this->replace_pictures(OBJECT_CACHELOG);
if ($errmesg !== true)
return "removing log pictures: $errmesg";
*/
// delete log pictures
$rsp = sql("SELECT `id` FROM `pictures`\n\t\t\t WHERE `object_type`='&1' AND `object_id`='&2'", OBJECT_CACHELOG, $log['id']);
while ($pic = sql_fetch_assoc($rsp)) {
$picture = new picture($pic['id']);
$picture->delete();
}
sql_free_result($rsp);
}
sql_free_result($rs);
// discard achived logs' texts
sql("UPDATE `cache_logs_archived` SET `text`='' WHERE `user_id`='&1'", $this->getUserId());
// success
return true;
}
//nom_adh and prenom_adh is not sent when form is used by a simple user
//dblog('Member card updated:',strtoupper($_POST["nom_adh"]).' '.$_POST["prenom_adh"], $requete);
dblog('Member card updated:', strtoupper($_POST["login_adh"]), $requete);
}
// picture upload
if (isset($_FILES['photo'])) {
if ($_FILES['photo']['tmp_name'] != '') {
if (is_uploaded_file($_FILES['photo']['tmp_name'])) {
if (!picture::store($adherent['id_adh'], $_FILES['photo']['tmp_name'], $_FILES['photo']['name'])) {
$error_detected[] = _T("- Only .jpg, .gif and .png files are allowed.");
}
}
}
}
if (isset($_POST['del_photo'])) {
if (!picture::delete($adherent['id_adh'])) {
$error_detected[] = _T("Delete failed");
}
}
if (isset($_POST["mail_confirm"])) {
if ($_POST["mail_confirm"] == "1" && PREF_MAIL_METHOD > 0) {
if (isset($adherent['email_adh']) && $adherent['email_adh'] != "") {
$mail_subject = _T("Your Galette identifiers");
$mail_text = _T("Hello,") . "\n";
$mail_text .= "\n";
$mail_text .= _T("You've just been subscribed on the members management system of the association.") . "\n";
$mail_text .= _T("It is now possible to follow in real time the state of your subscription") . "\n";
$mail_text .= _T("and to update your preferences from the web interface.") . "\n";
$mail_text .= "\n";
$mail_text .= _T("Please login at this address:") . "\n";
$mail_text .= "http://" . $_SERVER["SERVER_NAME"] . dirname($_SERVER["REQUEST_URI"]) . "\n";
function store($id, $tmpfile, $name)
{
// TODO : error codes
// TODO : check file size
global $DB;
$bad_chars = array('\\.', '\\\\', "'", ' ', '\\/', ':', '\\*', '\\?', '"', '<', '>', '|');
$allowed_extensions = array('jpeg', 'jpg', 'png', 'gif');
$allowed_mimes = array('image/jpeg', 'image/png', 'image/gif');
$format_ok = false;
//First, does the file have valid name ?
$reg = "/^(.[^" . implode('', $bad_chars) . "]+)\\.(" . implode('|', $allowed_extensions) . ")\$/i";
if (preg_match($reg, $name, $matches)) {
$format_ok = true;
$extension = $matches[2];
} else {
return false;
}
//Second, let's see if the mime-type is allowed - if gd is aivailable
if (function_exists("gd_info")) {
$current = getimagesize($tmpfile);
if (!in_array($current['mime'], $allowed_mimes)) {
return false;
}
}
$sql = "DELETE FROM " . PREFIX_DB . "pictures\n\t\t\t\tWHERE id_adh='" . $id . "'";
$DB->Execute($sql);
picture::delete($id);
$new_file = dirname(__FILE__) . '/../photos/' . $id . '.' . $extension;
move_uploaded_file($tmpfile, $new_file);
// resize (if gd available)
if (function_exists("gd_info")) {
resizeimage($new_file, $new_file, 200, 200);
}
$f = fopen($new_file, 'r');
$picture = '';
while ($r = fread($f, 8192)) {
$picture .= $r;
}
fclose($f);
$sql = "INSERT INTO " . PREFIX_DB . "pictures\n\t\t\t\t(id_adh, picture, format)\n\t\t\t\tVALUES ('" . $id . "',''," . $DB->Qstr($extension) . ")";
if (!$DB->Execute($sql)) {
return false;
}
if (!$DB->UpdateBlob(PREFIX_DB . 'pictures', 'picture', $picture, 'id_adh=' . $id)) {
return false;
}
return true;
}
function restore_listings($cacheids, $rdate, $roptions, $simulate)
{
global $opt, $login;
sql("SET @restoredby='&1'", $login->userid);
// is evaluated by trigger functions
sql_slave("SET @restoredby='&1'", $login->userid);
$restored = array();
foreach ($cacheids as $cacheid) {
$modified = false;
// get current cache data
$rs = sql("SELECT * FROM `caches` WHERE `cache_id`='&1'", $cacheid);
$cache = sql_fetch_assoc($rs);
sql_free_result($rs);
$wp = $cache['wp_oc'];
$user_id = $cache['user_id'];
// coordinates
if (in_array("coords", $roptions) && sql_value("SELECT `cache_id` FROM `cache_coordinates`\n WHERE `cache_id`='&1' AND `date_created`>='&2'", 0, $cacheid, $rdate)) {
$rs = sql("SELECT `latitude`, `longitude` FROM `cache_coordinates`\n WHERE `cache_id`='&1' AND `date_created` < '&2'\n ORDER BY `date_created` DESC\n LIMIT 1", $cacheid, $rdate);
if ($r = sql_fetch_assoc($rs)) {
// should always be true ...
if (!$simulate) {
sql("UPDATE `caches` SET `latitude`='&1', `longitude`='&2' WHERE `cache_id`='&3'", $r['latitude'], $r['longitude'], $cacheid);
}
$restored[$wp]['coords'] = true;
}
sql_free_result($rs);
}
// country
if (in_array("coords", $roptions) && sql_value("SELECT `cache_id` FROM `cache_countries`\n WHERE `cache_id`='&1' AND `date_created`>='&2'", 0, $cacheid, $rdate)) {
$rs = sql("SELECT `country` FROM `cache_countries`\n WHERE `cache_id`='&1' AND `date_created` < '&2'\n ORDER BY `date_created` DESC\n LIMIT 1", $cacheid, $rdate);
if ($r = sql_fetch_assoc($rs)) {
// should always be true ...
if (!$simulate) {
sql("UPDATE `caches` SET `country`='&1' WHERE `cache_id`='&2'", $r['country'], $cacheid);
}
$restored[$wp]['country'] = true;
}
sql_free_result($rs);
}
// other cache data
$rs = sql("SELECT * FROM `caches_modified`\n WHERE `cache_id`='&1' AND `date_modified` >='&2'\n ORDER BY `date_modified` ASC\n LIMIT 1", $cacheid, $rdate);
$fields = ['name' => 'settings', 'type' => 'settings', 'size' => 'settings', 'date_hidden' => 'settings', 'difficulty' => 'settings', 'terrain' => 'settings', 'search_time' => 'settings', 'way_length' => 'settings', 'wp_gc' => 'waypoints', 'wp_nc' => 'waypoints'];
if ($r = sql_fetch_assoc($rs)) {
// can be false
$setfields = "";
foreach ($fields as $field => $ropt) {
if (in_array($ropt, $roptions) && $r[$field] != $cache[$field]) {
if ($setfields != "") {
$setfields .= ",";
}
$setfields .= "`{$field}`='" . sql_escape($r[$field]) . "'";
$restored[$wp][$field] = true;
}
}
if ($setfields != "" && !$simulate) {
sql("UPDATE `caches` SET " . $setfields . " WHERE `cache_id`='&1'", $cacheid);
}
}
sql_free_result($rs);
// attributes
if (in_array('settings', $roptions)) {
$rs = sql("SELECT * FROM `caches_attributes_modified`\n WHERE `cache_id`='&1' AND `date_modified`>='&2' AND `attrib_id` != 6 /* OConly */\n ORDER BY `date_modified` DESC", $cacheid, $rdate);
// revert all attribute changes in reverse order.
// recording limit of one change per attribute, cache and day ensures that no exponentially
// growing list of recording entries can emerge from multiple reverts.
while ($r = sql_fetch_assoc($rs)) {
if (!$simulate) {
if ($r['was_set']) {
sql("INSERT IGNORE INTO `caches_attributes` (`cache_id`,`attrib_id`)\n VALUES ('&1','&2')", $cacheid, $r['attrib_id']);
} else {
sql("DELETE FROM `caches_attributes` WHERE `cache_id`='&1' AND `attrib_id`='&2'", $cacheid, $r['attrib_id']);
}
}
$restored[$wp]['attributes'] = true;
}
sql_free_result($rs);
}
// descriptions
if (in_array('desc', $roptions)) {
$rs = sql("SELECT * FROM `cache_desc_modified`\n WHERE `cache_id`='&1' AND `date_modified`>='&2'\n ORDER BY `date_modified` DESC", $cacheid, $rdate);
// revert all desc changes in reverse order.
// recording limit of one change per language, cache and day ensures that no exponentially
// growing list of recording entries can emerge from restore-reverts.
while ($r = sql_fetch_assoc($rs)) {
if (!$simulate) {
if ($r['desc'] === null) {
// was newly created -> delete
sql("DELETE FROM `cache_desc` WHERE `cache_id`='&1' AND `language`='&2'", $cacheid, $r['language']);
} else {
// id, uuid, date_created and last_modified are set automatically
sql("INSERT INTO `cache_desc`\n (`node`, `cache_id`, `language`, `desc`, `desc_html`, `desc_htmledit`, `hint`, `short_desc`)\n VALUES ('&1','&2','&3','&4','&5','&6','&7','&8')\n ON DUPLICATE KEY UPDATE\n `desc`='&4', `desc_html`='&5', `desc_htmledit`='&6', `hint`='&7', `short_desc`='&8'", $opt['logic']['node']['id'], $cacheid, $r['language'], $r['desc'], $r['desc_html'], $r['desc_htmledit'], $r['hint'], $r['short_desc']);
}
}
$restored[$wp]['description(s)'] = true;
}
sql_free_result($rs);
}
// logs
// ... before pictures, so that restored logpics have a parent
if (in_array('logs', $roptions)) {
$rs = sql("\n SELECT * FROM (\n SELECT\n `id`,\n -1 AS `node`,\n `date_modified`,\n `cache_id`,\n 0 AS `user_id`,\n 0 AS `type`,\n '0' AS `oc_team_comment`,\n '0' AS `date`,\n '' AS `text`,\n 0 AS `text_html`,\n 0 AS `text_htmledit`,\n 0 AS `needs_maintenance`,\n 0 AS `listing_outdated`,\n `original_id`\n FROM `cache_logs_restored`\n WHERE `cache_id`='&1' AND `date_modified` >= '&2'\n UNION\n SELECT\n `id`,\n `node`,\n `deletion_date`,\n `cache_id`,\n `user_id`,\n `type`,\n `oc_team_comment`,\n `date`,\n `text`,\n `text_html`,\n `text_htmledit`,\n `needs_maintenance`,\n `listing_outdated`,\n 0 AS `original_id`\n FROM `cache_logs_archived`\n WHERE\n `cache_id`='&1'\n AND `deletion_date` >= '&2'\n AND `deleted_by`='&3'\n AND `user_id` != '&3'\n ) `logs`\n ORDER BY `date_modified` ASC", $cacheid, $rdate, $user_id);
// We start with the oldest entry and will touch each log ony once:
// After restoring its state, it is added to $logs_processed (by its last known id),
// and all further operations on the same log are ignored. This prevents unnecessary
// operations and flooding pictures_modified on restore-reverts.
$logs_processed = array();
while ($r = sql_fetch_assoc($rs)) {
$error = "";
$logs_restored = false;
// the log's id may have changed by multiple delete-and-restores
$revert_logid = get_current_logid($r['id']);
if (!in_array($revert_logid, $logs_processed)) {
if ($r['node'] == -1) {
// if it was not already deleted by a later restore operation ...
if (sql_value("SELECT `id` FROM `cache_logs` WHERE `id`='&1'", 0, $revert_logid) != 0) {
if (!$simulate) {
sql("INSERT INTO `cache_logs_archived`\n SELECT *, '0', '&2', '&3' FROM `cache_logs` WHERE `id`='&1'", $revert_logid, $user_id, $login->userid);
sql("DELETE FROM `cache_logs` WHERE `id`='&1'", $revert_logid);
// This triggers an okapi_syncbase update, if OKAPI is installed:
sql("UPDATE `cache_logs_archived` SET `deletion_date`=NOW() WHERE `id`='&1'", $revert_logid);
}
$logs_restored = true;
}
// if it was not already restored by a later restore operation ...
} elseif (sql_value("SELECT `id` FROM `cache_logs` WHERE `id`='&1'", 0, $revert_logid) == 0) {
// id, uuid, date_created and last_modified are set automatically;
// picture will be updated automatically on picture-restore
$log = new cachelog();
$log->setNode($r['node']);
// cachelog class currently does not initialize node field
$log->setCacheId($r['cache_id']);
$log->setUserId($r['user_id']);
$log->setType($r['type'], true);
$log->setOcTeamComment($r['oc_team_comment']);
$log->setDate($r['date']);
$log->setText($r['text']);
$log->setTextHtml($r['text_html']);
$log->setTextHtmlEdit($r['text_htmledit']);
$log->setNeedsMaintenance($r['needs_maintenance']);
$log->setListingOutdated($r['listing_outdated']);
$log->setOwnerNotified(1);
if ($simulate) {
$logs_restored = true;
} else {
if (!$log->save()) {
$error = "restore";
} else {
sql("INSERT IGNORE INTO `cache_logs_restored`\n (`id`, `date_modified`, `cache_id`, `original_id`, `restored_by`)\n VALUES ('&1', NOW(), '&2', '&3', '&4')", $log->getLogId(), $log->getCacheId(), $revert_logid, $login->userid);
sql("DELETE FROM `watches_logqueue` WHERE `log_id`='&1'", $log->getLogId());
// watches_logqueue entry was created by trigger
$logs_processed[] = $log->getLogId();
/* no longer needed after implementing picture deletion in removelog.php
// log pic deleting is not completely implemented, orphan pictures are [*p]
// left over when directly deleting the log. We try to recover them ...
sql("UPDATE `pictures` SET `object_id`='&1' WHERE `object_type`=1 AND `object_id`='&2'",
$log->getLogId(), $revert_logid);
// ... and then update the stats:
$log->updatePictureStat();
*/
$logs_restored = true;
}
}
}
// restore deleted
$logs_processed[] = $revert_logid;
}
// not already processed
if ($error != "") {
$restored[$wp]['internal error - could not $error log ' + $r['id'] + "/" + $logid];
}
if ($logs_restored) {
$restored[$wp]['logs'] = true;
}
}
// while (all relevant log records)
sql_free_result($rs);
}
// if logs enabled per roptions
// pictures
if (in_array("desc", $roptions) || in_array("logs", $roptions)) {
$rs = sql("SELECT * FROM `pictures_modified`\n WHERE ((`object_type`=2 AND '&2' AND `object_id`='&3') OR\n (`object_type`=1 AND '&1'\n AND IFNULL((SELECT `user_id` FROM `cache_logs` WHERE `id`=`object_id`),(SELECT `user_id` FROM `cache_logs_archived` WHERE `id`=`object_id`)) != '&5'\n /* ^^ ignore changes of own log pics (shouldnt be in pictures_modified, anyway) */\n AND IFNULL((SELECT `cache_id` FROM `cache_logs` WHERE `id`=`object_id`),(SELECT `cache_id` FROM `cache_logs_archived` WHERE `id`=`object_id`)) = '&3'))\n AND `date_modified`>='&4'\n ORDER BY `date_modified` ASC", in_array("logs", $roptions) ? 1 : 0, in_array("desc", $roptions) ? 1 : 0, $cacheid, $rdate, $user_id);
// We start with the oldest entry and will touch each picture ony once:
// After restoring its state, it is added to $pics_processed (by its last known id),
// and all further operations on the same pic are ignored. This prevents unnecessary
// operations and flooding the _modified table on restore-reverts.
$pics_processed = array();
while ($r = sql_fetch_assoc($rs)) {
$pics_restored = false;
// the picture id may have changed by multiple delete-and-restores
$revert_picid = get_current_picid($r['id']);
if (!in_array($revert_picid, $pics_processed)) {
// .. as may have its uuid-based url
$revert_url = sql_value("SELECT `url` FROM `pictures_modified` WHERE `id`='&1'", $r['url'], $revert_picid);
$error = "";
switch ($r['operation']) {
case 'I':
if (sql_value("SELECT `id` FROM `pictures` WHERE `id`='&1'", 0, $revert_picid) != 0) {
// if it was not already deleted by a later restore operation:
// delete added (cache) picture
$pic = new picture($revert_picid);
if ($simulate) {
$pics_restored = true;
} else {
if ($pic->delete(true)) {
$pics_restored = true;
} else {
$error = "delete";
}
}
}
break;
case 'U':
if (sql_value("SELECT `id` FROM `pictures` WHERE `id`='&1'", 0, $revert_picid) != 0) {
// if it was not deleted by a later restore operation:
// restore modified (cache) picture properties
$pic = new picture($revert_picid);
$pic->setTitle($r['title']);
$pic->setSpoiler($r['spoiler']);
$pic->setDisplay($r['display']);
// mappreview flag is not restored, because it seems unappropriate to
// advertise for the listing of a vandalizing owner
if ($simulate) {
$pics_restored = true;
} else {
if ($pic->save(true)) {
$pics_restored = true;
} else {
$error = "update";
}
}
}
break;
case 'D':
if (sql_value("SELECT `id` FROM `pictures` WHERE `id`='&1'", 0, $revert_picid) == 0) {
// if it was not already restored by a later restore operation:
// restore deleted picture
// id, uuid, date_created and last_modified are set automatically
// the referring log's id may have changed by [multiple] delete-and-restore
if ($r['object_type'] == 1) {
$r['object_id'] = get_current_logid($r['object_id']);
}
// id, uuid, node, date_created, date_modified are automatically set;
// url will be set on save;
// last_url_check and thumb_last_generated stay at defaults until checked;
// thumb_url will be set on thumb creation (old thumb was deleted)
$pic = new picture();
$pic->setTitle($r['title']);
$pic->setObjectId($r['object_id']);
$pic->setObjectType($r['object_type']);
$pic->setSpoiler($r['spoiler']);
$pic->setLocal(1);
$pic->setUnknownFormat($r['unknown_format']);
$pic->setDisplay($r['display']);
// mappreview flag is not restored, because it seems unappropriate to
// advertise for the listing of a vandalizing owner
if ($simulate) {
$pics_restored = true;
} else {
if ($pic->save(true, $revert_picid, $revert_url)) {
$pics_restored = true;
$pics_processed[] = $pic->getPictureId();
} else {
$error = "restore";
}
}
}
break;
}
// switch
$pics_processed[] = $revert_picid;
}
// not already processed
if ($error != "") {
$restored[$wp]['internal error - could not $error picture ' . $r['id'] + "/" + $picid] = true;
}
if ($pics_restored) {
$restored[$wp]['pictures'] = true;
}
}
// while (all relevant pic records)
sql_free_result($rs);
}
// if pics enabled per roptions
}
// foreach cache(id)
sql("SET @restoredby=0");
sql_slave("SET @restoredby=0");
return $restored;
}
// picture upload
if (isset($_FILES['logo'])) {
if ($_FILES['logo']['tmp_name'] != '') {
$pic =& new picture(0);
if (is_uploaded_file($_FILES['logo']['tmp_name'])) {
if (!$pic->store(0, $_FILES['logo']['tmp_name'], $_FILES['logo']['name'])) {
$error_detected[] = _T("- Only .jpg, .gif and .png files are allowed.");
} else {
$_SESSION["customLogoFormat"] = $pic->FORMAT;
$_SESSION["customLogo"] = true;
}
}
}
}
if (isset($_POST['del_logo'])) {
if (!picture::delete(0)) {
$error_detected[] = _T("Delete failed");
} else {
$_SESSION["customLogo"] = false;
}
}
}
} else {
// collect data
$requete = "SELECT *\n\t\t\t FROM " . PREFIX_DB . "preferences";
$result =& $DB->Execute($requete);
if ($result->EOF) {
header("location: index.php");
} else {
while (!$result->EOF) {
$pref[$result->fields['nom_pref']] = htmlentities(stripslashes(addslashes($result->fields['val_pref'])), ENT_QUOTES);
