Modifications de toutes les requêtes mysql_query et mysql_connect vers le modèle PDO. Correction du flux RSS, de l'accueil ne pouvant pas afficher d'article quand fixé sur page d'accueil...

administration/edition_article.php

 $article_id_edit_page=$_GET['id'];
 
 $sql="SELECT * FROM article WHERE id_article='$article_id_edit_page'";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$article_data = mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$article_data = $req->fetch(PDO::FETCH_ASSOC);
 
 include("".$MainDir."files/navheader.php"); 
 

administration/edition_page.php

 $page_id_edit_page=$_GET['id'];
 
 $sql="SELECT * FROM page WHERE id_page='$page_id_edit_page'";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$page_data = mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$page_data = $req->fetch(PDO::FETCH_ASSOC);
 
 include("".$MainDir."files/navheader.php"); 
 

files/article_suppression.php

 
 $this_article_id=$_GET['id'];
 
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
 
 $sql="SELECT * FROM article";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$data_articles=mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
 
 $confirmed="0";
 
 	if(($_POST['oui']=="Oui"))
 	{
 
-mysql_query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
+$dbh->query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
 
 
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

files/check_admin.php

 
 
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$user_ranking = mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
 $user_rank="$user_ranking[user_rank]";
 
 if($user_rank==1){

files/check_status.php

 
 
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$user_ranking = mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
 $user_rank="$user_ranking[user_rank]";
 if($user_rank==1){
 	

files/page_suppression.php

 
 $this_page_id=$_GET['id'];
 
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
 
 $sql="SELECT * FROM page";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$data_pages=mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
 
 $confirmed="0";
 
 	if(($_POST['oui']=="Oui"))
 	{
 
-mysql_query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
+$dbh->query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
 
 
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

files/submit_edit.php

 $date = "42";
 $titre = $_POST['titre'];
 $article = $_POST['article'];
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
 
 $sql="SELECT * FROM article";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$data_articles=mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
 
 
-mysql_query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
+$dbh->query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
 
-mysql_query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
+$dbh->query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
 
 
 

files/submit_edit_page.php

 $bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
 
 $sql="SELECT * FROM page";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$data_pages=mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
 
 
-mysql_query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
+$dbh->query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
 
-mysql_query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
+$dbh->query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
 
 
-
-
-//$req = $bdd->prepare('INSERT INTO page(user,titre,page) VALUES (:user, :titre, :page)');
-//$req->execute(array(
-//		"user" => $username,
-//		"titre" => $titre,
-//		"page" => $page,
-
-//));
 echo "Votre page a bien été enregistrée ! <a href='".$root_path."'>Retour</a>";
-//echo date_default_timezone_set('l jS \of F Y h:i:s A');
 }
 else
 {

files/up_check_admin.php

 <?php 
 
 require '/../user/config.php';
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
-mysql_select_db(DB_DB);
-$sql="SELECT user_rank FROM user WHERE id_user=id_user";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$user_ranking = mysql_fetch_assoc($req);
+$dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
+
+    $sql="SELECT user_rank FROM user WHERE id_user=id_user";
+
+    $stmt = $dbh->query($sql);
+
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
 
 
 $user_rank="$user_ranking[user_rank]";
 
 
 }
-?>
+?>

index.php

 if(isset($root_path))
 	{
 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
-mysql_select_db(DB_DB);
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());	
-$count_user=mysql_num_rows($nombre_utilisateur);
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());	
+$count_user=$nombre_utilisateur->rowCount();
 	}
 if(isset($count_user) && $count_user == 0){
 
 
 
 $sql_page_menu="SELECT * FROM page ORDER BY priority";
-$req = mysql_query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-while($data_page_menu=mysql_fetch_assoc($req))
+$req = $dbh->query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+
+
+while($data_page_menu=$req->fetch(PDO::FETCH_ASSOC))
 {
 
 
 
 
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$user_ranking = mysql_fetch_assoc($req);
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
 $user_rank="$user_ranking[user_rank]";
 if($user_rank==1){
 	
 
 ////Start check content
 
-if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL){
+if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL && !isset($_GET['id'])){
 
 if(isset($_GET['id_page'])){
 	
 	$sql_page="SELECT * FROM page WHERE id_page=".$static_homepage_id."";
 
 }
-$req_page = mysql_query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$data_page=mysql_fetch_assoc($req_page);
+$req_page = $dbh->query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$data_page=$req_page->fetch(PDO::FETCH_ASSOC);
 
 if($data_page["id_page"]== null && $static_homepage_status!="1"){
 	
 }elseif(isset($_GET['id'])){
 	
 $sql_article="SELECT * FROM article WHERE id_article=".$_GET['id']."";
-$req_article = mysql_query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$data_article=mysql_fetch_assoc($req_article);
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+$data_article=$req_article->fetch(PDO::FETCH_ASSOC);
 
 if($data_article["id_article"]== null){
 	
 	
 	
 }else{
-
+$article_stripslashtitle = stripslashes($data_article['titre']);
 $page_name= $data_article["titre"];?>
 <title><?php echo $website_name.' : '.$page_name; ?></title>
 <?php
 $article_stripslash = stripslashes($data_article['article']);
-echo"<h2>{$data_article["titre"]}</h2>";
+echo"<h2>{$article_stripslashtitle}</h2>";
 echo"<b>".$article_date_display." :</b> {$data_article["date"]} par : {$data_article['user']}<br />";
 echo"<b>".$article_article_display." :</b><br />{$article_stripslash}<br><br>";
 
 
 
 
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-while($data=mysql_fetch_assoc($req))
+$sql_article="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+while($data=$req_article->fetch(PDO::FETCH_ASSOC))
 {
 
 $article_stripslash = stripslashes($data['article']);
 
 
 $sqlm='SELECT COUNT(*) AS nb_id FROM article';
-$reqm = mysql_query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
-$donnee = mysql_fetch_array($reqm);
+$reqm = $dbh->query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
+$donnee = $reqm->fetch(PDO::FETCH_BOTH);
 $nb_pg=((int)($donnee['nb_id']/7))+1;
 $nb_pg_r=0;
 while($nb_pg_r!=$nb_pg AND $nb_pg_r<10){
 <?php
 }
 
-mysql_close();
+$dbh= null;
 ?>
 <br>
 <br>

rss.php

 session_start();
 
 $sql1="SELECT * FROM blog_config";
-$bloginfo_rss_req = mysql_query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
-$bloginfo_rss = mysql_fetch_assoc($bloginfo_rss_req);
+$bloginfo_rss_req = $dbh->query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
+$bloginfo_rss = $bloginfo_rss_req->fetch(PDO::FETCH_ASSOC);
 
 echo "<?xml version='1.0' encoding='ISO-8859-1'?>
 <rss version='2.0'>
         <title>".$site_name."</title>
         <link>http://www.monsite.com</link>
         <description>{$bloginfo_rss["description"]}</description>";
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-while($data=mysql_fetch_assoc($req))
-
+$sql_rss="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
+$req_rss = $dbh->query($sql_rss) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
+while($data_rss=$req_rss->fetch(PDO::FETCH_ASSOC))
 
 {
-$article_desc = strip_tags($data['article']);
+$titre_article_rss=stripslashes($data_rss["titre"]);
+$article_desc=strip_tags($data_rss['article']);
+$description_rss=stripslashes($article_desc);
+
+//$article_desc = strip_tags($data_rss['article']);
 
 //
 //echo"{$data["titre"]}<///a><br />";
 //echo"<b>".$article_date_display." :</b> {$data["date"]}<br />";
 echo"        
 	<item>
-            <title>{$data["titre"]}</title>
-            <link>http://www.blogartisanal.tk/?id={$data["id_article"]}</link>
+            <title>{$titre_article_rss}</title>
+            <link>{$root_path}?id={$data_rss["id_article"]}</link>
             <guid isPermaLink='false'>6</guid>
-	    <description>{$article_desc}</description>
+            <description>{$description_rss}</description>
             <pubDate>0000-00-00 00:00:00 GMT</pubDate>
-        </item>";
+    </item>";
 }
  echo"
    </channel>

user/bottom.php

 <?php
-mysql_close();
+$dbh = null;
 ?>
 </body>
-</html>
+</html>

user/config.php

 
 
 
-
    	define("DB_HOST",$server);
 	
 	define("DB_LOGIN",$user);
 
 
 
-@$connect=mysql_connect($server, $user, $passwd) or die ('Error : '.mysql_error().' <br><br>Please check if your database settings are correctly set in the config.php file!');
-@mysql_select_db($base) or die ('Error : '.mysql_error());
 require_once('fonctions.php');
 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
-mysql_select_db(DB_DB);
-$sql="SELECT * FROM blog_config";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$blog_info_config_page = mysql_fetch_assoc($req);
 
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
+
+    $sql = "SELECT * FROM blog_config";
+
+    $stmt = $dbh->query($sql);
+
+    $blog_info_config_page = $stmt->fetch(PDO::FETCH_ASSOC);
 
 
 $meta_description=$blog_info_config_page['description'];

user/index.php

 <?php 
 
 
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
-mysql_select_db(DB_DB);
-$sql="SELECT user_rank FROM user WHERE id_user=$id_user";
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
-$user_ranking = mysql_fetch_assoc($req);
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
+
+    $sql = "SELECT user_rank FROM user WHERE id_user=$id_user";
+
+    $stmt = $dbh->query($sql);
+
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
+
+
 echo "<br>";
 echo("Votre rang est : ".$user_ranking['user_rank'].". ");
 

user/login.php

 $passwd = formulaires($_POST['passwd']);
 
 
+
 $passwd=md5($passwd);
 
 if(!$username)
 	{
 	header('Location:'.$root_path.'index.php?error=pass');
 	}
-$reponse_cores=mysql_query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
-$count_cores=mysql_num_rows($reponse_cores);
+//$sqlcount= "SELECT * FROM user WHERE pass='$passwd' AND username='$username'";
+$reponse_cores=$dbh->query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
+$count_cores = $reponse_cores->rowCount();
+
+//$count_cores=mysql_num_rows($reponse_cores);
 if($count_cores == 0 )
 	{
 	header('Location:'.$root_path.'index.php?error=connection');
 		@$session.=substr('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN',(rand()%(strlen('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN'))),1);
 		}
 	
-	mysql_query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
+	$dbh->query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
 	$_SESSION['session'] = "$session";		//création de la session
 	header('Location:'.$root_path.'user/index.php');			//redirection vers l'index
 	}

user/lost2.php

 	return FALSE;
 	}
 
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	
-$count_username=mysql_num_rows($reponse_username);
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	
+$count_username=$reponse_username->rowCount();
 if($count_username == 0)
 	{
 	echo"Invalid username.<br /><a href='#' onClick='history.back()'>Back</a>";
 	return FALSE;
 	}
 
-$reponse_email=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	
-$count_email=mysql_num_rows($reponse_email);
+$reponse_email=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	
+$count_email=$reponse_email->rowCount();
 if($count_email == 0)
 	{
 	echo" Invalid E-mail.<br /><a href='#' onClick='history.back()'>Back</a>";
 	return FALSE;
 	}
 
-$existe=mysql_query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());	
-$test=mysql_num_rows($existe);
+$existe=$dbh->query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());	
+$test=$existe->rowCount();
 if($test == 0)
 	{
 	echo"E-mail and Username don't match.<br /><a href='#' onClick='history.back()'>Back</a>";
 	
 mail("$email", "".$website_name." - Forgotten password" , "Hello, this is your new password : ".$passwd."", "From: ".$blog_email."");
 $passwd=md5($passwd);
-mysql_query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());	
+$dbh->query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());	
 echo 'An E-mail has been sent to your mailbox with your new password';
 ?>

user/profile2.php

 	return FALSE;
 	}
 	$pass_enc=md5($pass_enc);
-$reponse_pass=mysql_query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
-$count_pass=mysql_num_rows($reponse_pass);
+$reponse_pass=$dbh->query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
+$count_pass=$reponse_pass->rowCount();
 if($count_pass == 0)
 	{
 	?>
 	return FALSE;
 	}
 	$new_pass=md5($new_pass);
-	mysql_query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
+	$dbh->query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
 	}
-mysql_query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
+$dbh->query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
 echo"<div align=center>Your profile settings have been saved.<br /><a href='profile.php' onClick='history.back()'>Back</a></div>";
 include_once('bottom.php');
 ?>
 
 </body>
 
-</html>
+</html>

user/style.css

+<style type="text/css">
+html
+{
+height:100%;
+width:100%;
+}
+#header
+{
+width:100%;
+height:20%;
+font-size:50px;
+text-align:center;
+border-style:solid;
+border-color:black;
+border-size:1px;
+}
+.corps
+{
+width:80%;
+height:5%;
+border-bottom-style:solid;
+border-bottom-color:black;
+border-bottom-size:1px;
+//float:left;
+z-index:2;
+}
+#widget
+{
+margin-left:80%;
+width:15%;
+z-index:1;
+position:absolute;
+border-left-style:solid;
+border-left-color:black;
+border-left-size:2px;
+}
+a
+{
+color:black;
+text-decoration:none;
+}
+a:hover
+{
+color:black;
+text-decoration:underline;
+}
+#contact
+{
+color:white;
+text-decoration:none;
+}
+#contact:hover
+{
+color:white;
+text-decoration:underline;
+}
+</style>

user/top.php

 <meta name="description" content="<?php echo $meta_description; ?>" />
 <meta name="keywords" content="<?php echo $meta_key_words; ?>" />
 <meta name="robots" content="all" />
-<link href="style.css" rel="stylesheet" type="text/css" />
+<link href="<?php echo $root_path; ?>"style.css" rel="stylesheet" type="text/css" />
 <link rel="alternate" type="application/rss+xml"
     href="<?php echo $root_path; ?>rss.php" title="Blog Artisanal" />
 </head>

user/verification.php

    	}
 	
 //// VERIFICATIONS DES EXISTANCES ////
-$reponse_mail=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
-$count_mail=mysql_num_rows($reponse_mail);
+$reponse_mail=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
+$count_mail=$reponse_mail->rowCount();
 if($count_mail == 1)
 	{
 	echo'This e-mail is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
 	include_once('bottom.php');
 return FALSE;
 	}
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
-$count_username=mysql_num_rows($reponse_username);
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
+$count_username=$reponse_username->rowCount();
 if($count_username == 1)
 	{
 	echo 'This username is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
 		$passwd=md5($passwd);		//Codage du password
 		
 //// DEFINIR LE PREMIER UTILISATEUR COMME ADMINISTRATEUR ////		
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());	
-$count_user=mysql_num_rows($nombre_utilisateur);
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());	
+$count_user=$nombre_utilisateur->rowCount();
 if($count_user == 0){
 $user_rank = '1';
 }else{
 }
 
 //// INSCRIPTION DANS LA BDD ////
-mysql_query("INSERT INTO user VALUES ('', '$session', '$username', '$passwd', '$email','','$user_rank')") or die ('error : '.mysql_error());	//insertion dans la bdd
+$sql_register = "INSERT INTO user ( id_user, session, username, pass, email, date, user_rank)
+                    VALUES (:id_user, :session, :username, :pass, :email, :date, :user_rank)";
+
+$query = $dbh->prepare($sql_register) or die ('error : '.mysql_error());      //insertion dans la bdd
+$results = $query->execute(array(
+    "id_user" => '',
+    "session" => $session,
+    "username" => $username,
+    "pass" => $passwd,
+    "email" => $email,
+    "date" => '',
+    "user_rank" => $user_rank
+));
+
 echo'Thank you for registering to '.$website_name.'<br /><a href="index.php">Login !</a>';
 include_once('bottom.php');
 ?>

user/verifications.php

 	return false;
 	}
 	
-$verif=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
-$verif=mysql_num_rows($verif);
+$verif=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
+$verif=$verif->rowCount();
 if($verif == 0)
 	{
 	header('Location:index.php?error=connection');
 	return false;
 	}
 
-$sql=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
-while ($resultat = mysql_fetch_array($sql) )
+$sql=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
+while ($resultat = $sql->fetch(PDO::FETCH_BOTH) )
 	{
 	$email = $resultat['email'];
 	$username = $resultat['username'];