Home Explore Help
Sign In
richard
/
blogartisanal
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 7 Releases 0 Wiki
Browse Source

Modifications de toutes les requêtes mysql_query et mysql_connect vers le modèle PDO. Correction du flux RSS, de l'accueil ne pouvant pas afficher d'article quand fixé sur page d'accueil...

Cebabonet 8 years ago
parent
2d64c14c6c
commit
3e3de792be
23 changed files with 186 additions and 117 deletions
Split View Show Diff Stats
  1. 2 2
      administration/edition_article.php
  2. 2 2
      administration/edition_page.php
  3. 1 1
      administration/index.php
  4. 3 4
      files/article_suppression.php
  5. 2 2
      files/check_admin.php
  6. 2 2
      files/check_status.php
  7. 3 4
      files/page_suppression.php
  8. 1 1
      files/submit_blog_config.php
  9. 4 5
      files/submit_edit.php
  10. 4 14
      files/submit_edit_page.php
  11. 8 6
      files/up_check_admin.php
  12. 21 21
      index.php
  13. 14 11
      rss.php
  14. 2 2
      user/bottom.php
  15. 7 8
      user/config.php
  16. 9 5
      user/index.php
  17. 7 3
      user/login.php
  18. 7 7
      user/lost2.php
  19. 5 5
      user/profile2.php
  20. 57 0
      user/style.css
  21. 1 1
      user/top.php
  22. 20 7
      user/verification.php
  23. 4 4
      user/verifications.php

+ 2 - 2
administration/edition_article.php View File 

@@ -8,8 +8,8 @@ require_once(''.$MainDir.'user/verifications.php');
8 8 
 $article_id_edit_page=$_GET['id'];
9 9
10 10 
 $sql="SELECT * FROM article WHERE id_article='$article_id_edit_page'";
11 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12 
-$article_data = mysql_fetch_assoc($req);
11 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12 
+$article_data = $req->fetch(PDO::FETCH_ASSOC);
13 13
14 14 
 include("".$MainDir."files/navheader.php");
15 15

+ 2 - 2
administration/edition_page.php View File 

@@ -8,8 +8,8 @@ require_once(''.$MainDir.'user/verifications.php');
8 8 
 $page_id_edit_page=$_GET['id'];
9 9
10 10 
 $sql="SELECT * FROM page WHERE id_page='$page_id_edit_page'";
11 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12 
-$page_data = mysql_fetch_assoc($req);
11 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12 
+$page_data = $req->fetch(PDO::FETCH_ASSOC);
13 13
14 14 
 include("".$MainDir."files/navheader.php");
15 15

File diff suppressed because it is too large
+ 1 - 1
administration/index.php


+ 3 - 4
files/article_suppression.php View File 

@@ -22,11 +22,10 @@ echo"<br><br>Vous ne pouvez pas effectuer cette op
22 22
23 23 
 $this_article_id=$_GET['id'];
24 24
25 
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
26 25
27 26 
 $sql="SELECT * FROM article";
28 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
29 
-$data_articles=mysql_fetch_assoc($req);
27 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
28 
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
30 29
31 30 
 $confirmed="0";
32 31 
 

@@ -40,7 +39,7 @@ if(isset($_POST['oui'])){
40 39 
 	if(($_POST['oui']=="Oui"))
41 40 
 	{
42 41
43 
-mysql_query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
42 
+$dbh->query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
44 43
45 44
46 45 
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

+ 2 - 2
files/check_admin.php View File 

@@ -4,8 +4,8 @@
4 4
5 5
6 6 
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
7 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
8 
-$user_ranking = mysql_fetch_assoc($req);
7 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
8 
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
9 9 
 $user_rank="$user_ranking[user_rank]";
10 10
11 11 
 if($user_rank==1){

+ 2 - 2
files/check_status.php View File 

@@ -13,8 +13,8 @@ $connected="1";
13 13
14 14
15 15 
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
16 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17 
-$user_ranking = mysql_fetch_assoc($req);
16 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17 
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
18 18 
 $user_rank="$user_ranking[user_rank]";
19 19 
 if($user_rank==1){
20 20

+ 3 - 4
files/page_suppression.php View File 

@@ -21,11 +21,10 @@ echo"<br><br>Vous ne pouvez pas effectuer cette opération si vous n'
21 21
22 22 
 $this_page_id=$_GET['id'];
23 23
24 
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
25 24
26 25 
 $sql="SELECT * FROM page";
27 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
28 
-$data_pages=mysql_fetch_assoc($req);
26 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
27 
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
29 28
30 29 
 $confirmed="0";
31 30 
 

@@ -39,7 +38,7 @@ if(isset($_POST['oui'])){
39 38 
 	if(($_POST['oui']=="Oui"))
40 39 
 	{
41 40
42 
-mysql_query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
41 
+$dbh->query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
43 42
44 43
45 44 
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

File diff suppressed because it is too large
+ 1 - 1
files/submit_blog_config.php


+ 4 - 5
files/submit_edit.php View File 

@@ -11,16 +11,15 @@ $this_article_id=$_GET['id'];
11 11 
 $date = "42";
12 12 
 $titre = $_POST['titre'];
13 13 
 $article = $_POST['article'];
14 
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
15 14
16 15 
 $sql="SELECT * FROM article";
17 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
18 
-$data_articles=mysql_fetch_assoc($req);
16 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17 
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
19 18
20 19
21 
-mysql_query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
20 
+$dbh->query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
22 21
23 
-mysql_query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
22 
+$dbh->query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
24 23
25 24
26 25

+ 4 - 14
files/submit_edit_page.php View File 

@@ -13,26 +13,16 @@ $page = addslashes($_POST['page']);
13 13 
 $bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
14 14
15 15 
 $sql="SELECT * FROM page";
16 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17 
-$data_pages=mysql_fetch_assoc($req);
16 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17 
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
18 18
19 19
20 
-mysql_query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
20 
+$dbh->query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
21 21
22 
-mysql_query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
22 
+$dbh->query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
23 23
24 24
25 
-
26 
-
27 
-//$req = $bdd->prepare('INSERT INTO page(user,titre,page) VALUES (:user, :titre, :page)');
28 
-//$req->execute(array(
29 
-//		"user" => $username,
30 
-//		"titre" => $titre,
31 
-//		"page" => $page,
32 
-
33 
-//));
34 25 
 echo "Votre page a bien été enregistrée ! <a href='".$root_path."'>Retour</a>";
35 
-//echo date_default_timezone_set('l jS \of F Y h:i:s A');
36 26 
 }
37 27 
 else
38 28 
 {

+ 8 - 6
files/up_check_admin.php View File 

@@ -3,11 +3,13 @@
3 3 
 <?php
4 4
5 5 
 require '/../user/config.php';
6 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
7 
-mysql_select_db(DB_DB);
8 
-$sql="SELECT user_rank FROM user WHERE id_user=id_user";
9 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
10 
-$user_ranking = mysql_fetch_assoc($req);
6 
+$dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
7 
+
8 
+    $sql="SELECT user_rank FROM user WHERE id_user=id_user";
9 
+
10 
+    $stmt = $dbh->query($sql);
11 
+
12 
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
11 13
12 14
13 15 
 $user_rank="$user_ranking[user_rank]";

@@ -31,4 +33,4 @@ echo("Vous n'
31 33
32 34
33 35 
 }
34 
-?>
36 
+?>

+ 21 - 21
index.php View File 

@@ -38,10 +38,8 @@ if(isset($_GET['error']))
38 38 
 if(isset($root_path))
39 39 
 	{
40 40
41 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
42 
-mysql_select_db(DB_DB);
43 
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());
44 
-$count_user=mysql_num_rows($nombre_utilisateur);
41 
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());
42 
+$count_user=$nombre_utilisateur->rowCount();
45 43 
 	}
46 44 
 if(isset($count_user) && $count_user == 0){
47 45 
 

@@ -138,8 +136,10 @@ text-decoration:underline;
138 136
139 137
140 138 
 $sql_page_menu="SELECT * FROM page ORDER BY priority";
141 
-$req = mysql_query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
142 
-while($data_page_menu=mysql_fetch_assoc($req))
139 
+$req = $dbh->query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
140 
+
141 
+
142 
+while($data_page_menu=$req->fetch(PDO::FETCH_ASSOC))
143 143 
 {
144 144
145 145 
 

@@ -173,8 +173,8 @@ $connected="1";
173 173
174 174
175 175 
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
176 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
177 
-$user_ranking = mysql_fetch_assoc($req);
176 
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
177 
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
178 178 
 $user_rank="$user_ranking[user_rank]";
179 179 
 if($user_rank==1){
180 180 
 	

@@ -192,7 +192,7 @@ if($user_rank==1){
192 192
193 193 
 ////Start check content
194 194
195 
-if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL){
195 
+if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL && !isset($_GET['id'])){
196 196
197 197 
 if(isset($_GET['id_page'])){
198 198 
 	

@@ -203,8 +203,8 @@ if(isset($_GET['id_page'])){
203 203 
 	$sql_page="SELECT * FROM page WHERE id_page=".$static_homepage_id."";
204 204
205 205 
 }
206 
-$req_page = mysql_query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
207 
-$data_page=mysql_fetch_assoc($req_page);
206 
+$req_page = $dbh->query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
207 
+$data_page=$req_page->fetch(PDO::FETCH_ASSOC);
208 208
209 209 
 if($data_page["id_page"]== null && $static_homepage_status!="1"){
210 210 
 	

@@ -251,8 +251,8 @@ if($static_homepage_status=="1" && $static_homepage_id != $data_page["id_page"]
251 251 
 }elseif(isset($_GET['id'])){
252 252
253 253 
 $sql_article="SELECT * FROM article WHERE id_article=".$_GET['id']."";
254 
-$req_article = mysql_query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
255 
-$data_article=mysql_fetch_assoc($req_article);
254 
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
255 
+$data_article=$req_article->fetch(PDO::FETCH_ASSOC);
256 256
257 257 
 if($data_article["id_article"]== null){
258 258 
 	

@@ -260,12 +260,12 @@ if($data_article["id_article"]== null){
260 260
261 261
262 262 
 }else{
263 
-
263 
+$article_stripslashtitle = stripslashes($data_article['titre']);
264 264 
 $page_name= $data_article["titre"];?>
265 265 
 <title><?php echo $website_name.' : '.$page_name; ?></title>
266 266 
 <?php
267 267 
 $article_stripslash = stripslashes($data_article['article']);
268 
-echo"<h2>{$data_article["titre"]}</h2>";
268 
+echo"<h2>{$article_stripslashtitle}</h2>";
269 269 
 echo"<b>".$article_date_display." :</b> {$data_article["date"]} par : {$data_article['user']}<br />";
270 270 
 echo"<b>".$article_article_display." :</b><br />{$article_stripslash}<br><br>";
271 271 
 

@@ -302,9 +302,9 @@ $page=$debut.', 7';
302 302
303 303
304 304
305 
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
306 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
307 
-while($data=mysql_fetch_assoc($req))
305 
+$sql_article="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
306 
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
307 
+while($data=$req_article->fetch(PDO::FETCH_ASSOC))
308 308 
 {
309 309
310 310 
 $article_stripslash = stripslashes($data['article']);

@@ -341,8 +341,8 @@ if($connected==1){
341 341
342 342
343 343 
 $sqlm='SELECT COUNT(*) AS nb_id FROM article';
344 
-$reqm = mysql_query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
345 
-$donnee = mysql_fetch_array($reqm);
344 
+$reqm = $dbh->query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
345 
+$donnee = $reqm->fetch(PDO::FETCH_BOTH);
346 346 
 $nb_pg=((int)($donnee['nb_id']/7))+1;
347 347 
 $nb_pg_r=0;
348 348 
 while($nb_pg_r!=$nb_pg AND $nb_pg_r<10){

@@ -365,7 +365,7 @@ $nb_pg_r=$nb_pg_r+1;
365 365 
 <?php
366 366 
 }
367 367
368 
-mysql_close();
368 
+$dbh= null;
369 369 
 ?>
370 370 
 <br>
371 371 
 <br>

+ 14 - 11
rss.php View File 

@@ -6,8 +6,8 @@ $page_name=$meta_description;
6 6 
 session_start();
7 7
8 8 
 $sql1="SELECT * FROM blog_config";
9 
-$bloginfo_rss_req = mysql_query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
10 
-$bloginfo_rss = mysql_fetch_assoc($bloginfo_rss_req);
9 
+$bloginfo_rss_req = $dbh->query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
10 
+$bloginfo_rss = $bloginfo_rss_req->fetch(PDO::FETCH_ASSOC);
11 11
12 12 
 echo "<?xml version='1.0' encoding='ISO-8859-1'?>
13 13 
 <rss version='2.0'>
 
@@ -15,25 +15,28 @@ echo "<?xml version='1.0' encoding='ISO-8859-1'?>
15 15 
         <title>".$site_name."</title>
16 16 
         <link>http://www.monsite.com</link>
17 17 
         <description>{$bloginfo_rss["description"]}</description>";
18 
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
19 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
20 
-while($data=mysql_fetch_assoc($req))
21 
-
18 
+$sql_rss="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
19 
+$req_rss = $dbh->query($sql_rss) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
20 
+while($data_rss=$req_rss->fetch(PDO::FETCH_ASSOC))
22 21
23 22 
 {
24 
-$article_desc = strip_tags($data['article']);
23 
+$titre_article_rss=stripslashes($data_rss["titre"]);
24 
+$article_desc=strip_tags($data_rss['article']);
25 
+$description_rss=stripslashes($article_desc);
26 
+
27 
+//$article_desc = strip_tags($data_rss['article']);
25 28
26 29 
 //
27 30 
 //echo"{$data["titre"]}<///a><br />";
28 31 
 //echo"<b>".$article_date_display." :</b> {$data["date"]}<br />";
29 32 
 echo"
30 33 
 	<item>
31 
-            <title>{$data["titre"]}</title>
32 
-            <link>http://www.blogartisanal.tk/?id={$data["id_article"]}</link>
34 
+            <title>{$titre_article_rss}</title>
35 
+            <link>{$root_path}?id={$data_rss["id_article"]}</link>
33 36 
             <guid isPermaLink='false'>6</guid>
34 
-	    <description>{$article_desc}</description>
37 
+            <description>{$description_rss}</description>
35 38 
             <pubDate>0000-00-00 00:00:00 GMT</pubDate>
36 
-        </item>";
39 
+    </item>";
37 40 
 }
38 41 
  echo"
39 42 
    </channel>

+ 2 - 2
user/bottom.php View File 

@@ -1,5 +1,5 @@
1 1 
 <?php
2 
-mysql_close();
2 
+$dbh = null;
3 3 
 ?>
4 4 
 </body>
5 
-</html>
5 
+</html>

+ 7 - 8
user/config.php View File 

@@ -39,7 +39,6 @@ $base='Your_db_name';
39 39
40 40
41 41
42 
-
43 42 
    	define("DB_HOST",$server);
44 43
45 44 
 	define("DB_LOGIN",$user);

@@ -51,16 +50,16 @@ $base='Your_db_name';
51 50
52 51
53 52
54 
-@$connect=mysql_connect($server, $user, $passwd) or die ('Error : '.mysql_error().' <br><br>Please check if your database settings are correctly set in the config.php file!');
55 
-@mysql_select_db($base) or die ('Error : '.mysql_error());
56 53 
 require_once('fonctions.php');
57 54
58 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
59 
-mysql_select_db(DB_DB);
60 
-$sql="SELECT * FROM blog_config";
61 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
62 
-$blog_info_config_page = mysql_fetch_assoc($req);
63 55
56 
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
57 
+
58 
+    $sql = "SELECT * FROM blog_config";
59 
+
60 
+    $stmt = $dbh->query($sql);
61 
+
62 
+    $blog_info_config_page = $stmt->fetch(PDO::FETCH_ASSOC);
64 63
65 64
66 65 
 $meta_description=$blog_info_config_page['description'];

+ 9 - 5
user/index.php View File 

@@ -97,11 +97,15 @@ else
97 97 
 <?php
98 98
99 99
100 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
101 
-mysql_select_db(DB_DB);
102 
-$sql="SELECT user_rank FROM user WHERE id_user=$id_user";
103 
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
104 
-$user_ranking = mysql_fetch_assoc($req);
100 
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
101 
+
102 
+    $sql = "SELECT user_rank FROM user WHERE id_user=$id_user";
103 
+
104 
+    $stmt = $dbh->query($sql);
105 
+
106 
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
107 
+
108 
+
105 109 
 echo "<br>";
106 110 
 echo("Votre rang est : ".$user_ranking['user_rank'].". ");
107 111

+ 7 - 3
user/login.php View File 

@@ -7,6 +7,7 @@ $username = formulaires($_POST['username']);
7 7 
 $passwd = formulaires($_POST['passwd']);
8 8
9 9
10 
+
10 11 
 $passwd=md5($passwd);
11 12
12 13 
 if(!$username)

@@ -17,8 +18,11 @@ if(!$passwd)
17 18 
 	{
18 19 
 	header('Location:'.$root_path.'index.php?error=pass');
19 20 
 	}
20 
-$reponse_cores=mysql_query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
21 
-$count_cores=mysql_num_rows($reponse_cores);
21 
+//$sqlcount= "SELECT * FROM user WHERE pass='$passwd' AND username='$username'";
22 
+$reponse_cores=$dbh->query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
23 
+$count_cores = $reponse_cores->rowCount();
24 
+
25 
+//$count_cores=mysql_num_rows($reponse_cores);
22 26 
 if($count_cores == 0 )
23 27 
 	{
24 28 
 	header('Location:'.$root_path.'index.php?error=connection');

@@ -31,7 +35,7 @@ else
31 35 
 		@$session.=substr('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN',(rand()%(strlen('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN'))),1);
32 36 
 		}
33 37
34 
-	mysql_query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
38 
+	$dbh->query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
35 39 
 	$_SESSION['session'] = "$session";		//création de la session
36 40 
 	header('Location:'.$root_path.'user/index.php');			//redirection vers l'index
37 41 
 	}

+ 7 - 7
user/lost2.php View File 

@@ -21,8 +21,8 @@ if(!$username)
21 21 
 	return FALSE;
22 22 
 	}
23 23
24 
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());
25 
-$count_username=mysql_num_rows($reponse_username);
24 
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());
25 
+$count_username=$reponse_username->rowCount();
26 26 
 if($count_username == 0)
27 27 
 	{
28 28 
 	echo"Invalid username.<br /><a href='#' onClick='history.back()'>Back</a>";

@@ -30,8 +30,8 @@ if($count_username == 0)
30 30 
 	return FALSE;
31 31 
 	}
32 32
33 
-$reponse_email=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());
34 
-$count_email=mysql_num_rows($reponse_email);
33 
+$reponse_email=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());
34 
+$count_email=$reponse_email->rowCount();
35 35 
 if($count_email == 0)
36 36 
 	{
37 37 
 	echo" Invalid E-mail.<br /><a href='#' onClick='history.back()'>Back</a>";

@@ -39,8 +39,8 @@ if($count_email == 0)
39 39 
 	return FALSE;
40 40 
 	}
41 41
42 
-$existe=mysql_query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());
43 
-$test=mysql_num_rows($existe);
42 
+$existe=$dbh->query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());
43 
+$test=$existe->rowCount();
44 44 
 if($test == 0)
45 45 
 	{
46 46 
 	echo"E-mail and Username don't match.<br /><a href='#' onClick='history.back()'>Back</a>";

@@ -55,6 +55,6 @@ for ($ligne=0;$ligne<10;$ligne++)		//Cr
55 55
56 56 
 mail("$email", "".$website_name." - Forgotten password" , "Hello, this is your new password : ".$passwd."", "From: ".$blog_email."");
57 57 
 $passwd=md5($passwd);
58 
-mysql_query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());
58 
+$dbh->query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());
59 59 
 echo 'An E-mail has been sent to your mailbox with your new password';
60 60 
 ?>

+ 5 - 5
user/profile2.php View File 

@@ -76,8 +76,8 @@ if($new_pass!=$new_pass2)
76 76 
 	return FALSE;
77 77 
 	}
78 78 
 	$pass_enc=md5($pass_enc);
79 
-$reponse_pass=mysql_query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
80 
-$count_pass=mysql_num_rows($reponse_pass);
79 
+$reponse_pass=$dbh->query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
80 
+$count_pass=$reponse_pass->rowCount();
81 81 
 if($count_pass == 0)
82 82 
 	{
83 83 
 	?>

@@ -98,9 +98,9 @@ The old password is not correct.<br /><a href="profile.php" onClick="history.bac
98 98 
 	return FALSE;
99 99 
 	}
100 100 
 	$new_pass=md5($new_pass);
101 
-	mysql_query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
101 
+	$dbh->query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
102 102 
 	}
103 
-mysql_query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
103 
+$dbh->query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
104 104 
 echo"<div align=center>Your profile settings have been saved.<br /><a href='profile.php' onClick='history.back()'>Back</a></div>";
105 105 
 include_once('bottom.php');
106 106 
 ?>

@@ -112,4 +112,4 @@ include_once('bottom.php');
112 112
113 113 
 </body>
114 114
115 
-</html>
115 
+</html>

+ 57 - 0
user/style.css View File 

@@ -0,0 +1,57 @@
1 
+<style type="text/css">
2 
+html
3 
+{
4 
+height:100%;
5 
+width:100%;
6 
+}
7 
+#header
8 
+{
9 
+width:100%;
10 
+height:20%;
11 
+font-size:50px;
12 
+text-align:center;
13 
+border-style:solid;
14 
+border-color:black;
15 
+border-size:1px;
16 
+}
17 
+.corps
18 
+{
19 
+width:80%;
20 
+height:5%;
21 
+border-bottom-style:solid;
22 
+border-bottom-color:black;
23 
+border-bottom-size:1px;
24 
+//float:left;
25 
+z-index:2;
26 
+}
27 
+#widget
28 
+{
29 
+margin-left:80%;
30 
+width:15%;
31 
+z-index:1;
32 
+position:absolute;
33 
+border-left-style:solid;
34 
+border-left-color:black;
35 
+border-left-size:2px;
36 
+}
37 
+a
38 
+{
39 
+color:black;
40 
+text-decoration:none;
41 
+}
42 
+a:hover
43 
+{
44 
+color:black;
45 
+text-decoration:underline;
46 
+}
47 
+#contact
48 
+{
49 
+color:white;
50 
+text-decoration:none;
51 
+}
52 
+#contact:hover
53 
+{
54 
+color:white;
55 
+text-decoration:underline;
56 
+}
57 
+</style>

+ 1 - 1
user/top.php View File 

@@ -11,7 +11,7 @@ if (!isset($index_check)){
11 11 
 <meta name="description" content="<?php echo $meta_description; ?>" />
12 12 
 <meta name="keywords" content="<?php echo $meta_key_words; ?>" />
13 13 
 <meta name="robots" content="all" />
14 
-<link href="style.css" rel="stylesheet" type="text/css" />
14 
+<link href="<?php echo $root_path; ?>"style.css" rel="stylesheet" type="text/css" />
15 15 
 <link rel="alternate" type="application/rss+xml"
16 16 
     href="<?php echo $root_path; ?>rss.php" title="Blog Artisanal" />
17 17 
 </head>

+ 20 - 7
user/verification.php View File 

@@ -38,16 +38,16 @@ return FALSE;
38 38 
    	}
39 39
40 40 
 //// VERIFICATIONS DES EXISTANCES ////
41 
-$reponse_mail=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
42 
-$count_mail=mysql_num_rows($reponse_mail);
41 
+$reponse_mail=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
42 
+$count_mail=$reponse_mail->rowCount();
43 43 
 if($count_mail == 1)
44 44 
 	{
45 45 
 	echo'This e-mail is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
46 46 
 	include_once('bottom.php');
47 47 
 return FALSE;
48 48 
 	}
49 
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
50 
-$count_username=mysql_num_rows($reponse_username);
49 
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
50 
+$count_username=$reponse_username->rowCount();
51 51 
 if($count_username == 1)
52 52 
 	{
53 53 
 	echo 'This username is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';

@@ -63,8 +63,8 @@ return FALSE;
63 63 
 		$passwd=md5($passwd);		//Codage du password
64 64
65 65 
 //// DEFINIR LE PREMIER UTILISATEUR COMME ADMINISTRATEUR ////
66 
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());
67 
-$count_user=mysql_num_rows($nombre_utilisateur);
66 
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());
67 
+$count_user=$nombre_utilisateur->rowCount();
68 68 
 if($count_user == 0){
69 69 
 $user_rank = '1';
70 70 
 }else{

@@ -77,7 +77,20 @@ $website_name = "Blog Artisanal";
77 77 
 }
78 78
79 79 
 //// INSCRIPTION DANS LA BDD ////
80 
-mysql_query("INSERT INTO user VALUES ('', '$session', '$username', '$passwd', '$email','','$user_rank')") or die ('error : '.mysql_error());	//insertion dans la bdd
80 
+$sql_register = "INSERT INTO user ( id_user, session, username, pass, email, date, user_rank)
81 
+                    VALUES (:id_user, :session, :username, :pass, :email, :date, :user_rank)";
82 
+
83 
+$query = $dbh->prepare($sql_register) or die ('error : '.mysql_error());      //insertion dans la bdd
84 
+$results = $query->execute(array(
85 
+    "id_user" => '',
86 
+    "session" => $session,
87 
+    "username" => $username,
88 
+    "pass" => $passwd,
89 
+    "email" => $email,
90 
+    "date" => '',
91 
+    "user_rank" => $user_rank
92 
+));
93 
+
81 94 
 echo'Thank you for registering to '.$website_name.'<br /><a href="index.php">Login !</a>';
82 95 
 include_once('bottom.php');
83 96 
 ?>

+ 4 - 4
user/verifications.php View File 

@@ -9,8 +9,8 @@ if(!@$_SESSION['session'])
9 9 
 	return false;
10 10 
 	}
11 11
12 
-$verif=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
13 
-$verif=mysql_num_rows($verif);
12 
+$verif=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
13 
+$verif=$verif->rowCount();
14 14 
 if($verif == 0)
15 15 
 	{
16 16 
 	header('Location:index.php?error=connection');

@@ -19,8 +19,8 @@ if($verif == 0)
19 19 
 	return false;
20 20 
 	}
21 21
22 
-$sql=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
23 
-while ($resultat = mysql_fetch_array($sql) )
22 
+$sql=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
23 
+while ($resultat = $sql->fetch(PDO::FETCH_BOTH) )
24 24 
 	{
25 25 
 	$email = $resultat['email'];
26 26 
 	$username = $resultat['username'];