Przeglądaj źródła

Modifications de toutes les requêtes mysql_query et mysql_connect vers le modèle PDO. Correction du flux RSS, de l'accueil ne pouvant pas afficher d'article quand fixé sur page d'accueil...

Cebabonet 8 lat temu
rodzic
commit
3e3de792be

+ 2 - 2
administration/edition_article.php Wyświetl plik

@@ -8,8 +8,8 @@ require_once(''.$MainDir.'user/verifications.php');
8 8
 $article_id_edit_page=$_GET['id'];
9 9
 
10 10
 $sql="SELECT * FROM article WHERE id_article='$article_id_edit_page'";
11
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
-$article_data = mysql_fetch_assoc($req);
11
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
+$article_data = $req->fetch(PDO::FETCH_ASSOC);
13 13
 
14 14
 include("".$MainDir."files/navheader.php"); 
15 15
 

+ 2 - 2
administration/edition_page.php Wyświetl plik

@@ -8,8 +8,8 @@ require_once(''.$MainDir.'user/verifications.php');
8 8
 $page_id_edit_page=$_GET['id'];
9 9
 
10 10
 $sql="SELECT * FROM page WHERE id_page='$page_id_edit_page'";
11
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
-$page_data = mysql_fetch_assoc($req);
11
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
+$page_data = $req->fetch(PDO::FETCH_ASSOC);
13 13
 
14 14
 include("".$MainDir."files/navheader.php"); 
15 15
 

Plik diff jest za duży
+ 1 - 1
administration/index.php


+ 3 - 4
files/article_suppression.php Wyświetl plik

@@ -22,11 +22,10 @@ echo"<br><br>Vous ne pouvez pas effectuer cette op
22 22
 
23 23
 $this_article_id=$_GET['id'];
24 24
 
25
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
26 25
 
27 26
 $sql="SELECT * FROM article";
28
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
29
-$data_articles=mysql_fetch_assoc($req);
27
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
28
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
30 29
 
31 30
 $confirmed="0";
32 31
 
@@ -40,7 +39,7 @@ if(isset($_POST['oui'])){
40 39
 	if(($_POST['oui']=="Oui"))
41 40
 	{
42 41
 
43
-mysql_query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
42
+$dbh->query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
44 43
 
45 44
 
46 45
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

+ 2 - 2
files/check_admin.php Wyświetl plik

@@ -4,8 +4,8 @@
4 4
 
5 5
 
6 6
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
7
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
8
-$user_ranking = mysql_fetch_assoc($req);
7
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
8
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
9 9
 $user_rank="$user_ranking[user_rank]";
10 10
 
11 11
 if($user_rank==1){

+ 2 - 2
files/check_status.php Wyświetl plik

@@ -13,8 +13,8 @@ $connected="1";
13 13
 
14 14
 
15 15
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
16
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
-$user_ranking = mysql_fetch_assoc($req);
16
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
18 18
 $user_rank="$user_ranking[user_rank]";
19 19
 if($user_rank==1){
20 20
 	

+ 3 - 4
files/page_suppression.php Wyświetl plik

@@ -21,11 +21,10 @@ echo"<br><br>Vous ne pouvez pas effectuer cette opération si vous n'
21 21
 
22 22
 $this_page_id=$_GET['id'];
23 23
 
24
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
25 24
 
26 25
 $sql="SELECT * FROM page";
27
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
28
-$data_pages=mysql_fetch_assoc($req);
26
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
27
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
29 28
 
30 29
 $confirmed="0";
31 30
 
@@ -39,7 +38,7 @@ if(isset($_POST['oui'])){
39 38
 	if(($_POST['oui']=="Oui"))
40 39
 	{
41 40
 
42
-mysql_query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
41
+$dbh->query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
43 42
 
44 43
 
45 44
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

Plik diff jest za duży
+ 1 - 1
files/submit_blog_config.php


+ 4 - 5
files/submit_edit.php Wyświetl plik

@@ -11,16 +11,15 @@ $this_article_id=$_GET['id'];
11 11
 $date = "42";
12 12
 $titre = $_POST['titre'];
13 13
 $article = $_POST['article'];
14
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
15 14
 
16 15
 $sql="SELECT * FROM article";
17
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
18
-$data_articles=mysql_fetch_assoc($req);
16
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
19 18
 
20 19
 
21
-mysql_query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
20
+$dbh->query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
22 21
 
23
-mysql_query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
22
+$dbh->query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
24 23
 
25 24
 
26 25
 

+ 4 - 14
files/submit_edit_page.php Wyświetl plik

@@ -13,26 +13,16 @@ $page = addslashes($_POST['page']);
13 13
 $bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
14 14
 
15 15
 $sql="SELECT * FROM page";
16
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
-$data_pages=mysql_fetch_assoc($req);
16
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
18 18
 
19 19
 
20
-mysql_query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
20
+$dbh->query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
21 21
 
22
-mysql_query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
22
+$dbh->query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
23 23
 
24 24
 
25
-
26
-
27
-//$req = $bdd->prepare('INSERT INTO page(user,titre,page) VALUES (:user, :titre, :page)');
28
-//$req->execute(array(
29
-//		"user" => $username,
30
-//		"titre" => $titre,
31
-//		"page" => $page,
32
-
33
-//));
34 25
 echo "Votre page a bien été enregistrée ! <a href='".$root_path."'>Retour</a>";
35
-//echo date_default_timezone_set('l jS \of F Y h:i:s A');
36 26
 }
37 27
 else
38 28
 {

+ 8 - 6
files/up_check_admin.php Wyświetl plik

@@ -3,11 +3,13 @@
3 3
 <?php 
4 4
 
5 5
 require '/../user/config.php';
6
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
7
-mysql_select_db(DB_DB);
8
-$sql="SELECT user_rank FROM user WHERE id_user=id_user";
9
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
10
-$user_ranking = mysql_fetch_assoc($req);
6
+$dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
7
+
8
+    $sql="SELECT user_rank FROM user WHERE id_user=id_user";
9
+
10
+    $stmt = $dbh->query($sql);
11
+
12
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
11 13
 
12 14
 
13 15
 $user_rank="$user_ranking[user_rank]";
@@ -31,4 +33,4 @@ echo("Vous n'
31 33
 
32 34
 
33 35
 }
34
-?>
36
+?>

+ 21 - 21
index.php Wyświetl plik

@@ -38,10 +38,8 @@ if(isset($_GET['error']))
38 38
 if(isset($root_path))
39 39
 	{
40 40
 
41
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
42
-mysql_select_db(DB_DB);
43
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());	
44
-$count_user=mysql_num_rows($nombre_utilisateur);
41
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());	
42
+$count_user=$nombre_utilisateur->rowCount();
45 43
 	}
46 44
 if(isset($count_user) && $count_user == 0){
47 45
 
@@ -138,8 +136,10 @@ text-decoration:underline;
138 136
 
139 137
 
140 138
 $sql_page_menu="SELECT * FROM page ORDER BY priority";
141
-$req = mysql_query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
142
-while($data_page_menu=mysql_fetch_assoc($req))
139
+$req = $dbh->query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
140
+
141
+
142
+while($data_page_menu=$req->fetch(PDO::FETCH_ASSOC))
143 143
 {
144 144
 
145 145
 
@@ -173,8 +173,8 @@ $connected="1";
173 173
 
174 174
 
175 175
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
176
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
177
-$user_ranking = mysql_fetch_assoc($req);
176
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
177
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
178 178
 $user_rank="$user_ranking[user_rank]";
179 179
 if($user_rank==1){
180 180
 	
@@ -192,7 +192,7 @@ if($user_rank==1){
192 192
 
193 193
 ////Start check content
194 194
 
195
-if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL){
195
+if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL && !isset($_GET['id'])){
196 196
 
197 197
 if(isset($_GET['id_page'])){
198 198
 	
@@ -203,8 +203,8 @@ if(isset($_GET['id_page'])){
203 203
 	$sql_page="SELECT * FROM page WHERE id_page=".$static_homepage_id."";
204 204
 
205 205
 }
206
-$req_page = mysql_query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
207
-$data_page=mysql_fetch_assoc($req_page);
206
+$req_page = $dbh->query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
207
+$data_page=$req_page->fetch(PDO::FETCH_ASSOC);
208 208
 
209 209
 if($data_page["id_page"]== null && $static_homepage_status!="1"){
210 210
 	
@@ -251,8 +251,8 @@ if($static_homepage_status=="1" && $static_homepage_id != $data_page["id_page"]
251 251
 }elseif(isset($_GET['id'])){
252 252
 	
253 253
 $sql_article="SELECT * FROM article WHERE id_article=".$_GET['id']."";
254
-$req_article = mysql_query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
255
-$data_article=mysql_fetch_assoc($req_article);
254
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
255
+$data_article=$req_article->fetch(PDO::FETCH_ASSOC);
256 256
 
257 257
 if($data_article["id_article"]== null){
258 258
 	
@@ -260,12 +260,12 @@ if($data_article["id_article"]== null){
260 260
 	
261 261
 	
262 262
 }else{
263
-
263
+$article_stripslashtitle = stripslashes($data_article['titre']);
264 264
 $page_name= $data_article["titre"];?>
265 265
 <title><?php echo $website_name.' : '.$page_name; ?></title>
266 266
 <?php
267 267
 $article_stripslash = stripslashes($data_article['article']);
268
-echo"<h2>{$data_article["titre"]}</h2>";
268
+echo"<h2>{$article_stripslashtitle}</h2>";
269 269
 echo"<b>".$article_date_display." :</b> {$data_article["date"]} par : {$data_article['user']}<br />";
270 270
 echo"<b>".$article_article_display." :</b><br />{$article_stripslash}<br><br>";
271 271
 
@@ -302,9 +302,9 @@ $page=$debut.', 7';
302 302
 
303 303
 
304 304
 
305
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
306
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
307
-while($data=mysql_fetch_assoc($req))
305
+$sql_article="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
306
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
307
+while($data=$req_article->fetch(PDO::FETCH_ASSOC))
308 308
 {
309 309
 
310 310
 $article_stripslash = stripslashes($data['article']);
@@ -341,8 +341,8 @@ if($connected==1){
341 341
 
342 342
 
343 343
 $sqlm='SELECT COUNT(*) AS nb_id FROM article';
344
-$reqm = mysql_query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
345
-$donnee = mysql_fetch_array($reqm);
344
+$reqm = $dbh->query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
345
+$donnee = $reqm->fetch(PDO::FETCH_BOTH);
346 346
 $nb_pg=((int)($donnee['nb_id']/7))+1;
347 347
 $nb_pg_r=0;
348 348
 while($nb_pg_r!=$nb_pg AND $nb_pg_r<10){
@@ -365,7 +365,7 @@ $nb_pg_r=$nb_pg_r+1;
365 365
 <?php
366 366
 }
367 367
 
368
-mysql_close();
368
+$dbh= null;
369 369
 ?>
370 370
 <br>
371 371
 <br>

+ 14 - 11
rss.php Wyświetl plik

@@ -6,8 +6,8 @@ $page_name=$meta_description;
6 6
 session_start();
7 7
 
8 8
 $sql1="SELECT * FROM blog_config";
9
-$bloginfo_rss_req = mysql_query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
10
-$bloginfo_rss = mysql_fetch_assoc($bloginfo_rss_req);
9
+$bloginfo_rss_req = $dbh->query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
10
+$bloginfo_rss = $bloginfo_rss_req->fetch(PDO::FETCH_ASSOC);
11 11
 
12 12
 echo "<?xml version='1.0' encoding='ISO-8859-1'?>
13 13
 <rss version='2.0'>
@@ -15,25 +15,28 @@ echo "<?xml version='1.0' encoding='ISO-8859-1'?>
15 15
         <title>".$site_name."</title>
16 16
         <link>http://www.monsite.com</link>
17 17
         <description>{$bloginfo_rss["description"]}</description>";
18
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
19
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
20
-while($data=mysql_fetch_assoc($req))
21
-
18
+$sql_rss="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
19
+$req_rss = $dbh->query($sql_rss) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
20
+while($data_rss=$req_rss->fetch(PDO::FETCH_ASSOC))
22 21
 
23 22
 {
24
-$article_desc = strip_tags($data['article']);
23
+$titre_article_rss=stripslashes($data_rss["titre"]);
24
+$article_desc=strip_tags($data_rss['article']);
25
+$description_rss=stripslashes($article_desc);
26
+
27
+//$article_desc = strip_tags($data_rss['article']);
25 28
 
26 29
 //
27 30
 //echo"{$data["titre"]}<///a><br />";
28 31
 //echo"<b>".$article_date_display." :</b> {$data["date"]}<br />";
29 32
 echo"        
30 33
 	<item>
31
-            <title>{$data["titre"]}</title>
32
-            <link>http://www.blogartisanal.tk/?id={$data["id_article"]}</link>
34
+            <title>{$titre_article_rss}</title>
35
+            <link>{$root_path}?id={$data_rss["id_article"]}</link>
33 36
             <guid isPermaLink='false'>6</guid>
34
-	    <description>{$article_desc}</description>
37
+            <description>{$description_rss}</description>
35 38
             <pubDate>0000-00-00 00:00:00 GMT</pubDate>
36
-        </item>";
39
+    </item>";
37 40
 }
38 41
  echo"
39 42
    </channel>

+ 2 - 2
user/bottom.php Wyświetl plik

@@ -1,5 +1,5 @@
1 1
 <?php
2
-mysql_close();
2
+$dbh = null;
3 3
 ?>
4 4
 </body>
5
-</html>
5
+</html>

+ 7 - 8
user/config.php Wyświetl plik

@@ -39,7 +39,6 @@ $base='Your_db_name';
39 39
 
40 40
 
41 41
 
42
-
43 42
    	define("DB_HOST",$server);
44 43
 	
45 44
 	define("DB_LOGIN",$user);
@@ -51,16 +50,16 @@ $base='Your_db_name';
51 50
 
52 51
 
53 52
 
54
-@$connect=mysql_connect($server, $user, $passwd) or die ('Error : '.mysql_error().' <br><br>Please check if your database settings are correctly set in the config.php file!');
55
-@mysql_select_db($base) or die ('Error : '.mysql_error());
56 53
 require_once('fonctions.php');
57 54
 
58
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
59
-mysql_select_db(DB_DB);
60
-$sql="SELECT * FROM blog_config";
61
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
62
-$blog_info_config_page = mysql_fetch_assoc($req);
63 55
 
56
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
57
+
58
+    $sql = "SELECT * FROM blog_config";
59
+
60
+    $stmt = $dbh->query($sql);
61
+
62
+    $blog_info_config_page = $stmt->fetch(PDO::FETCH_ASSOC);
64 63
 
65 64
 
66 65
 $meta_description=$blog_info_config_page['description'];

+ 9 - 5
user/index.php Wyświetl plik

@@ -97,11 +97,15 @@ else
97 97
 <?php 
98 98
 
99 99
 
100
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
101
-mysql_select_db(DB_DB);
102
-$sql="SELECT user_rank FROM user WHERE id_user=$id_user";
103
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
104
-$user_ranking = mysql_fetch_assoc($req);
100
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
101
+
102
+    $sql = "SELECT user_rank FROM user WHERE id_user=$id_user";
103
+
104
+    $stmt = $dbh->query($sql);
105
+
106
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
107
+
108
+
105 109
 echo "<br>";
106 110
 echo("Votre rang est : ".$user_ranking['user_rank'].". ");
107 111
 

+ 7 - 3
user/login.php Wyświetl plik

@@ -7,6 +7,7 @@ $username = formulaires($_POST['username']);
7 7
 $passwd = formulaires($_POST['passwd']);
8 8
 
9 9
 
10
+
10 11
 $passwd=md5($passwd);
11 12
 
12 13
 if(!$username)
@@ -17,8 +18,11 @@ if(!$passwd)
17 18
 	{
18 19
 	header('Location:'.$root_path.'index.php?error=pass');
19 20
 	}
20
-$reponse_cores=mysql_query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
21
-$count_cores=mysql_num_rows($reponse_cores);
21
+//$sqlcount= "SELECT * FROM user WHERE pass='$passwd' AND username='$username'";
22
+$reponse_cores=$dbh->query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
23
+$count_cores = $reponse_cores->rowCount();
24
+
25
+//$count_cores=mysql_num_rows($reponse_cores);
22 26
 if($count_cores == 0 )
23 27
 	{
24 28
 	header('Location:'.$root_path.'index.php?error=connection');
@@ -31,7 +35,7 @@ else
31 35
 		@$session.=substr('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN',(rand()%(strlen('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN'))),1);
32 36
 		}
33 37
 	
34
-	mysql_query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
38
+	$dbh->query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
35 39
 	$_SESSION['session'] = "$session";		//création de la session
36 40
 	header('Location:'.$root_path.'user/index.php');			//redirection vers l'index
37 41
 	}

+ 7 - 7
user/lost2.php Wyświetl plik

@@ -21,8 +21,8 @@ if(!$username)
21 21
 	return FALSE;
22 22
 	}
23 23
 
24
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	
25
-$count_username=mysql_num_rows($reponse_username);
24
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	
25
+$count_username=$reponse_username->rowCount();
26 26
 if($count_username == 0)
27 27
 	{
28 28
 	echo"Invalid username.<br /><a href='#' onClick='history.back()'>Back</a>";
@@ -30,8 +30,8 @@ if($count_username == 0)
30 30
 	return FALSE;
31 31
 	}
32 32
 
33
-$reponse_email=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	
34
-$count_email=mysql_num_rows($reponse_email);
33
+$reponse_email=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	
34
+$count_email=$reponse_email->rowCount();
35 35
 if($count_email == 0)
36 36
 	{
37 37
 	echo" Invalid E-mail.<br /><a href='#' onClick='history.back()'>Back</a>";
@@ -39,8 +39,8 @@ if($count_email == 0)
39 39
 	return FALSE;
40 40
 	}
41 41
 
42
-$existe=mysql_query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());	
43
-$test=mysql_num_rows($existe);
42
+$existe=$dbh->query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());	
43
+$test=$existe->rowCount();
44 44
 if($test == 0)
45 45
 	{
46 46
 	echo"E-mail and Username don't match.<br /><a href='#' onClick='history.back()'>Back</a>";
@@ -55,6 +55,6 @@ for ($ligne=0;$ligne<10;$ligne++)		//Cr
55 55
 	
56 56
 mail("$email", "".$website_name." - Forgotten password" , "Hello, this is your new password : ".$passwd."", "From: ".$blog_email."");
57 57
 $passwd=md5($passwd);
58
-mysql_query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());	
58
+$dbh->query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());	
59 59
 echo 'An E-mail has been sent to your mailbox with your new password';
60 60
 ?>

+ 5 - 5
user/profile2.php Wyświetl plik

@@ -76,8 +76,8 @@ if($new_pass!=$new_pass2)
76 76
 	return FALSE;
77 77
 	}
78 78
 	$pass_enc=md5($pass_enc);
79
-$reponse_pass=mysql_query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
80
-$count_pass=mysql_num_rows($reponse_pass);
79
+$reponse_pass=$dbh->query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
80
+$count_pass=$reponse_pass->rowCount();
81 81
 if($count_pass == 0)
82 82
 	{
83 83
 	?>
@@ -98,9 +98,9 @@ The old password is not correct.<br /><a href="profile.php" onClick="history.bac
98 98
 	return FALSE;
99 99
 	}
100 100
 	$new_pass=md5($new_pass);
101
-	mysql_query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
101
+	$dbh->query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
102 102
 	}
103
-mysql_query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
103
+$dbh->query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
104 104
 echo"<div align=center>Your profile settings have been saved.<br /><a href='profile.php' onClick='history.back()'>Back</a></div>";
105 105
 include_once('bottom.php');
106 106
 ?>
@@ -112,4 +112,4 @@ include_once('bottom.php');
112 112
 
113 113
 </body>
114 114
 
115
-</html>
115
+</html>

+ 57 - 0
user/style.css Wyświetl plik

@@ -0,0 +1,57 @@
1
+<style type="text/css">
2
+html
3
+{
4
+height:100%;
5
+width:100%;
6
+}
7
+#header
8
+{
9
+width:100%;
10
+height:20%;
11
+font-size:50px;
12
+text-align:center;
13
+border-style:solid;
14
+border-color:black;
15
+border-size:1px;
16
+}
17
+.corps
18
+{
19
+width:80%;
20
+height:5%;
21
+border-bottom-style:solid;
22
+border-bottom-color:black;
23
+border-bottom-size:1px;
24
+//float:left;
25
+z-index:2;
26
+}
27
+#widget
28
+{
29
+margin-left:80%;
30
+width:15%;
31
+z-index:1;
32
+position:absolute;
33
+border-left-style:solid;
34
+border-left-color:black;
35
+border-left-size:2px;
36
+}
37
+a
38
+{
39
+color:black;
40
+text-decoration:none;
41
+}
42
+a:hover
43
+{
44
+color:black;
45
+text-decoration:underline;
46
+}
47
+#contact
48
+{
49
+color:white;
50
+text-decoration:none;
51
+}
52
+#contact:hover
53
+{
54
+color:white;
55
+text-decoration:underline;
56
+}
57
+</style>

+ 1 - 1
user/top.php Wyświetl plik

@@ -11,7 +11,7 @@ if (!isset($index_check)){
11 11
 <meta name="description" content="<?php echo $meta_description; ?>" />
12 12
 <meta name="keywords" content="<?php echo $meta_key_words; ?>" />
13 13
 <meta name="robots" content="all" />
14
-<link href="style.css" rel="stylesheet" type="text/css" />
14
+<link href="<?php echo $root_path; ?>"style.css" rel="stylesheet" type="text/css" />
15 15
 <link rel="alternate" type="application/rss+xml"
16 16
     href="<?php echo $root_path; ?>rss.php" title="Blog Artisanal" />
17 17
 </head>

+ 20 - 7
user/verification.php Wyświetl plik

@@ -38,16 +38,16 @@ return FALSE;
38 38
    	}
39 39
 	
40 40
 //// VERIFICATIONS DES EXISTANCES ////
41
-$reponse_mail=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
42
-$count_mail=mysql_num_rows($reponse_mail);
41
+$reponse_mail=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
42
+$count_mail=$reponse_mail->rowCount();
43 43
 if($count_mail == 1)
44 44
 	{
45 45
 	echo'This e-mail is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
46 46
 	include_once('bottom.php');
47 47
 return FALSE;
48 48
 	}
49
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
50
-$count_username=mysql_num_rows($reponse_username);
49
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
50
+$count_username=$reponse_username->rowCount();
51 51
 if($count_username == 1)
52 52
 	{
53 53
 	echo 'This username is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
@@ -63,8 +63,8 @@ return FALSE;
63 63
 		$passwd=md5($passwd);		//Codage du password
64 64
 		
65 65
 //// DEFINIR LE PREMIER UTILISATEUR COMME ADMINISTRATEUR ////		
66
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());	
67
-$count_user=mysql_num_rows($nombre_utilisateur);
66
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());	
67
+$count_user=$nombre_utilisateur->rowCount();
68 68
 if($count_user == 0){
69 69
 $user_rank = '1';
70 70
 }else{
@@ -77,7 +77,20 @@ $website_name = "Blog Artisanal";
77 77
 }
78 78
 
79 79
 //// INSCRIPTION DANS LA BDD ////
80
-mysql_query("INSERT INTO user VALUES ('', '$session', '$username', '$passwd', '$email','','$user_rank')") or die ('error : '.mysql_error());	//insertion dans la bdd
80
+$sql_register = "INSERT INTO user ( id_user, session, username, pass, email, date, user_rank)
81
+                    VALUES (:id_user, :session, :username, :pass, :email, :date, :user_rank)";
82
+
83
+$query = $dbh->prepare($sql_register) or die ('error : '.mysql_error());      //insertion dans la bdd
84
+$results = $query->execute(array(
85
+    "id_user" => '',
86
+    "session" => $session,
87
+    "username" => $username,
88
+    "pass" => $passwd,
89
+    "email" => $email,
90
+    "date" => '',
91
+    "user_rank" => $user_rank
92
+));
93
+
81 94
 echo'Thank you for registering to '.$website_name.'<br /><a href="index.php">Login !</a>';
82 95
 include_once('bottom.php');
83 96
 ?>

+ 4 - 4
user/verifications.php Wyświetl plik

@@ -9,8 +9,8 @@ if(!@$_SESSION['session'])
9 9
 	return false;
10 10
 	}
11 11
 	
12
-$verif=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
13
-$verif=mysql_num_rows($verif);
12
+$verif=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
13
+$verif=$verif->rowCount();
14 14
 if($verif == 0)
15 15
 	{
16 16
 	header('Location:index.php?error=connection');
@@ -19,8 +19,8 @@ if($verif == 0)
19 19
 	return false;
20 20
 	}
21 21
 
22
-$sql=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
23
-while ($resultat = mysql_fetch_array($sql) )
22
+$sql=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
23
+while ($resultat = $sql->fetch(PDO::FETCH_BOTH) )
24 24
 	{
25 25
 	$email = $resultat['email'];
26 26
 	$username = $resultat['username'];