Browse Source

Modifications de toutes les requêtes mysql_query et mysql_connect vers le modèle PDO. Correction du flux RSS, de l'accueil ne pouvant pas afficher d'article quand fixé sur page d'accueil...

Cebabonet 8 years ago
parent
commit
3e3de792be

+ 2 - 2
administration/edition_article.php View File

8
 $article_id_edit_page=$_GET['id'];
8
 $article_id_edit_page=$_GET['id'];
9
 
9
 
10
 $sql="SELECT * FROM article WHERE id_article='$article_id_edit_page'";
10
 $sql="SELECT * FROM article WHERE id_article='$article_id_edit_page'";
11
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
-$article_data = mysql_fetch_assoc($req);
11
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
+$article_data = $req->fetch(PDO::FETCH_ASSOC);
13
 
13
 
14
 include("".$MainDir."files/navheader.php"); 
14
 include("".$MainDir."files/navheader.php"); 
15
 
15
 

+ 2 - 2
administration/edition_page.php View File

8
 $page_id_edit_page=$_GET['id'];
8
 $page_id_edit_page=$_GET['id'];
9
 
9
 
10
 $sql="SELECT * FROM page WHERE id_page='$page_id_edit_page'";
10
 $sql="SELECT * FROM page WHERE id_page='$page_id_edit_page'";
11
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
-$page_data = mysql_fetch_assoc($req);
11
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
12
+$page_data = $req->fetch(PDO::FETCH_ASSOC);
13
 
13
 
14
 include("".$MainDir."files/navheader.php"); 
14
 include("".$MainDir."files/navheader.php"); 
15
 
15
 

File diff suppressed because it is too large
+ 1 - 1
administration/index.php


+ 3 - 4
files/article_suppression.php View File

22
 
22
 
23
 $this_article_id=$_GET['id'];
23
 $this_article_id=$_GET['id'];
24
 
24
 
25
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
26
 
25
 
27
 $sql="SELECT * FROM article";
26
 $sql="SELECT * FROM article";
28
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
29
-$data_articles=mysql_fetch_assoc($req);
27
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
28
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
30
 
29
 
31
 $confirmed="0";
30
 $confirmed="0";
32
 
31
 
40
 	if(($_POST['oui']=="Oui"))
39
 	if(($_POST['oui']=="Oui"))
41
 	{
40
 	{
42
 
41
 
43
-mysql_query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
42
+$dbh->query("DELETE FROM article WHERE id_article='$this_article_id'") or die ('error : '.mysql_error());
44
 
43
 
45
 
44
 
46
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";
45
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

+ 2 - 2
files/check_admin.php View File

4
 
4
 
5
 
5
 
6
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
6
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
7
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
8
-$user_ranking = mysql_fetch_assoc($req);
7
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
8
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
9
 $user_rank="$user_ranking[user_rank]";
9
 $user_rank="$user_ranking[user_rank]";
10
 
10
 
11
 if($user_rank==1){
11
 if($user_rank==1){

+ 2 - 2
files/check_status.php View File

13
 
13
 
14
 
14
 
15
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
15
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
16
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
-$user_ranking = mysql_fetch_assoc($req);
16
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
18
 $user_rank="$user_ranking[user_rank]";
18
 $user_rank="$user_ranking[user_rank]";
19
 if($user_rank==1){
19
 if($user_rank==1){
20
 	
20
 	

+ 3 - 4
files/page_suppression.php View File

21
 
21
 
22
 $this_page_id=$_GET['id'];
22
 $this_page_id=$_GET['id'];
23
 
23
 
24
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
25
 
24
 
26
 $sql="SELECT * FROM page";
25
 $sql="SELECT * FROM page";
27
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
28
-$data_pages=mysql_fetch_assoc($req);
26
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
27
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
29
 
28
 
30
 $confirmed="0";
29
 $confirmed="0";
31
 
30
 
39
 	if(($_POST['oui']=="Oui"))
38
 	if(($_POST['oui']=="Oui"))
40
 	{
39
 	{
41
 
40
 
42
-mysql_query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
41
+$dbh->query("DELETE FROM page WHERE id_page='$this_page_id'") or die ('error : '.mysql_error());
43
 
42
 
44
 
43
 
45
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";
44
 echo "<br><br>Opération effectuée ! <a href='".$root_path."'>Retour</a>";

File diff suppressed because it is too large
+ 1 - 1
files/submit_blog_config.php


+ 4 - 5
files/submit_edit.php View File

11
 $date = "42";
11
 $date = "42";
12
 $titre = $_POST['titre'];
12
 $titre = $_POST['titre'];
13
 $article = $_POST['article'];
13
 $article = $_POST['article'];
14
-$bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
15
 
14
 
16
 $sql="SELECT * FROM article";
15
 $sql="SELECT * FROM article";
17
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
18
-$data_articles=mysql_fetch_assoc($req);
16
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
+$data_articles=$req->fetch(PDO::FETCH_ASSOC);
19
 
18
 
20
 
19
 
21
-mysql_query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
20
+$dbh->query('UPDATE article SET titre=("'.$titre.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
22
 
21
 
23
-mysql_query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
22
+$dbh->query('UPDATE article SET article=("'.$article.'") WHERE id_article="'.$this_article_id.'"') or die ('error : '.mysql_error());
24
 
23
 
25
 
24
 
26
 
25
 

+ 4 - 14
files/submit_edit_page.php View File

13
 $bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
13
 $bdd = new PDO("mysql:dbname=$base;host=$server", "$user", "$passwd");
14
 
14
 
15
 $sql="SELECT * FROM page";
15
 $sql="SELECT * FROM page";
16
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
-$data_pages=mysql_fetch_assoc($req);
16
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
17
+$data_pages=$req->fetch(PDO::FETCH_ASSOC);
18
 
18
 
19
 
19
 
20
-mysql_query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
20
+$dbh->query('UPDATE page SET titre="'.$titre.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
21
 
21
 
22
-mysql_query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
22
+$dbh->query('UPDATE page SET page="'.$page.'" WHERE id_page="'.$this_page_id.'"') or die ('error : '.mysql_error());
23
 
23
 
24
 
24
 
25
-
26
-
27
-//$req = $bdd->prepare('INSERT INTO page(user,titre,page) VALUES (:user, :titre, :page)');
28
-//$req->execute(array(
29
-//		"user" => $username,
30
-//		"titre" => $titre,
31
-//		"page" => $page,
32
-
33
-//));
34
 echo "Votre page a bien été enregistrée ! <a href='".$root_path."'>Retour</a>";
25
 echo "Votre page a bien été enregistrée ! <a href='".$root_path."'>Retour</a>";
35
-//echo date_default_timezone_set('l jS \of F Y h:i:s A');
36
 }
26
 }
37
 else
27
 else
38
 {
28
 {

+ 8 - 6
files/up_check_admin.php View File

3
 <?php 
3
 <?php 
4
 
4
 
5
 require '/../user/config.php';
5
 require '/../user/config.php';
6
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
7
-mysql_select_db(DB_DB);
8
-$sql="SELECT user_rank FROM user WHERE id_user=id_user";
9
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
10
-$user_ranking = mysql_fetch_assoc($req);
6
+$dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
7
+
8
+    $sql="SELECT user_rank FROM user WHERE id_user=id_user";
9
+
10
+    $stmt = $dbh->query($sql);
11
+
12
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
11
 
13
 
12
 
14
 
13
 $user_rank="$user_ranking[user_rank]";
15
 $user_rank="$user_ranking[user_rank]";
31
 
33
 
32
 
34
 
33
 }
35
 }
34
-?>
36
+?>

+ 21 - 21
index.php View File

38
 if(isset($root_path))
38
 if(isset($root_path))
39
 	{
39
 	{
40
 
40
 
41
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
42
-mysql_select_db(DB_DB);
43
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());	
44
-$count_user=mysql_num_rows($nombre_utilisateur);
41
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());	
42
+$count_user=$nombre_utilisateur->rowCount();
45
 	}
43
 	}
46
 if(isset($count_user) && $count_user == 0){
44
 if(isset($count_user) && $count_user == 0){
47
 
45
 
138
 
136
 
139
 
137
 
140
 $sql_page_menu="SELECT * FROM page ORDER BY priority";
138
 $sql_page_menu="SELECT * FROM page ORDER BY priority";
141
-$req = mysql_query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
142
-while($data_page_menu=mysql_fetch_assoc($req))
139
+$req = $dbh->query($sql_page_menu) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
140
+
141
+
142
+while($data_page_menu=$req->fetch(PDO::FETCH_ASSOC))
143
 {
143
 {
144
 
144
 
145
 
145
 
173
 
173
 
174
 
174
 
175
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
175
 $sql="SELECT user_rank FROM user WHERE id_user=$id_user";
176
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
177
-$user_ranking = mysql_fetch_assoc($req);
176
+$req = $dbh->query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
177
+$user_ranking = $req->fetch(PDO::FETCH_ASSOC);
178
 $user_rank="$user_ranking[user_rank]";
178
 $user_rank="$user_ranking[user_rank]";
179
 if($user_rank==1){
179
 if($user_rank==1){
180
 	
180
 	
192
 
192
 
193
 ////Start check content
193
 ////Start check content
194
 
194
 
195
-if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL){
195
+if(isset($_GET['id_page']) || $static_homepage_status=="1" && $static_homepage_id!=NULL && !isset($_GET['id'])){
196
 
196
 
197
 if(isset($_GET['id_page'])){
197
 if(isset($_GET['id_page'])){
198
 	
198
 	
203
 	$sql_page="SELECT * FROM page WHERE id_page=".$static_homepage_id."";
203
 	$sql_page="SELECT * FROM page WHERE id_page=".$static_homepage_id."";
204
 
204
 
205
 }
205
 }
206
-$req_page = mysql_query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
207
-$data_page=mysql_fetch_assoc($req_page);
206
+$req_page = $dbh->query($sql_page) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
207
+$data_page=$req_page->fetch(PDO::FETCH_ASSOC);
208
 
208
 
209
 if($data_page["id_page"]== null && $static_homepage_status!="1"){
209
 if($data_page["id_page"]== null && $static_homepage_status!="1"){
210
 	
210
 	
251
 }elseif(isset($_GET['id'])){
251
 }elseif(isset($_GET['id'])){
252
 	
252
 	
253
 $sql_article="SELECT * FROM article WHERE id_article=".$_GET['id']."";
253
 $sql_article="SELECT * FROM article WHERE id_article=".$_GET['id']."";
254
-$req_article = mysql_query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
255
-$data_article=mysql_fetch_assoc($req_article);
254
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
255
+$data_article=$req_article->fetch(PDO::FETCH_ASSOC);
256
 
256
 
257
 if($data_article["id_article"]== null){
257
 if($data_article["id_article"]== null){
258
 	
258
 	
260
 	
260
 	
261
 	
261
 	
262
 }else{
262
 }else{
263
-
263
+$article_stripslashtitle = stripslashes($data_article['titre']);
264
 $page_name= $data_article["titre"];?>
264
 $page_name= $data_article["titre"];?>
265
 <title><?php echo $website_name.' : '.$page_name; ?></title>
265
 <title><?php echo $website_name.' : '.$page_name; ?></title>
266
 <?php
266
 <?php
267
 $article_stripslash = stripslashes($data_article['article']);
267
 $article_stripslash = stripslashes($data_article['article']);
268
-echo"<h2>{$data_article["titre"]}</h2>";
268
+echo"<h2>{$article_stripslashtitle}</h2>";
269
 echo"<b>".$article_date_display." :</b> {$data_article["date"]} par : {$data_article['user']}<br />";
269
 echo"<b>".$article_date_display." :</b> {$data_article["date"]} par : {$data_article['user']}<br />";
270
 echo"<b>".$article_article_display." :</b><br />{$article_stripslash}<br><br>";
270
 echo"<b>".$article_article_display." :</b><br />{$article_stripslash}<br><br>";
271
 
271
 
302
 
302
 
303
 
303
 
304
 
304
 
305
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
306
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
307
-while($data=mysql_fetch_assoc($req))
305
+$sql_article="SELECT * FROM article ORDER BY id_article DESC LIMIT ".$page."";
306
+$req_article = $dbh->query($sql_article) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
307
+while($data=$req_article->fetch(PDO::FETCH_ASSOC))
308
 {
308
 {
309
 
309
 
310
 $article_stripslash = stripslashes($data['article']);
310
 $article_stripslash = stripslashes($data['article']);
341
 
341
 
342
 
342
 
343
 $sqlm='SELECT COUNT(*) AS nb_id FROM article';
343
 $sqlm='SELECT COUNT(*) AS nb_id FROM article';
344
-$reqm = mysql_query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
345
-$donnee = mysql_fetch_array($reqm);
344
+$reqm = $dbh->query($sqlm) or die('Erreur SQL !<br />'.$sqlm.'<br />'.mysql_error());
345
+$donnee = $reqm->fetch(PDO::FETCH_BOTH);
346
 $nb_pg=((int)($donnee['nb_id']/7))+1;
346
 $nb_pg=((int)($donnee['nb_id']/7))+1;
347
 $nb_pg_r=0;
347
 $nb_pg_r=0;
348
 while($nb_pg_r!=$nb_pg AND $nb_pg_r<10){
348
 while($nb_pg_r!=$nb_pg AND $nb_pg_r<10){
365
 <?php
365
 <?php
366
 }
366
 }
367
 
367
 
368
-mysql_close();
368
+$dbh= null;
369
 ?>
369
 ?>
370
 <br>
370
 <br>
371
 <br>
371
 <br>

+ 14 - 11
rss.php View File

6
 session_start();
6
 session_start();
7
 
7
 
8
 $sql1="SELECT * FROM blog_config";
8
 $sql1="SELECT * FROM blog_config";
9
-$bloginfo_rss_req = mysql_query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
10
-$bloginfo_rss = mysql_fetch_assoc($bloginfo_rss_req);
9
+$bloginfo_rss_req = $dbh->query($sql1) or die('Erreur SQL !<br />'.$sql1.'<br />'.mysql_error());
10
+$bloginfo_rss = $bloginfo_rss_req->fetch(PDO::FETCH_ASSOC);
11
 
11
 
12
 echo "<?xml version='1.0' encoding='ISO-8859-1'?>
12
 echo "<?xml version='1.0' encoding='ISO-8859-1'?>
13
 <rss version='2.0'>
13
 <rss version='2.0'>
15
         <title>".$site_name."</title>
15
         <title>".$site_name."</title>
16
         <link>http://www.monsite.com</link>
16
         <link>http://www.monsite.com</link>
17
         <description>{$bloginfo_rss["description"]}</description>";
17
         <description>{$bloginfo_rss["description"]}</description>";
18
-$sql="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
19
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
20
-while($data=mysql_fetch_assoc($req))
21
-
18
+$sql_rss="SELECT * FROM article ORDER BY id_article DESC LIMIT 20";
19
+$req_rss = $dbh->query($sql_rss) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
20
+while($data_rss=$req_rss->fetch(PDO::FETCH_ASSOC))
22
 
21
 
23
 {
22
 {
24
-$article_desc = strip_tags($data['article']);
23
+$titre_article_rss=stripslashes($data_rss["titre"]);
24
+$article_desc=strip_tags($data_rss['article']);
25
+$description_rss=stripslashes($article_desc);
26
+
27
+//$article_desc = strip_tags($data_rss['article']);
25
 
28
 
26
 //
29
 //
27
 //echo"{$data["titre"]}<///a><br />";
30
 //echo"{$data["titre"]}<///a><br />";
28
 //echo"<b>".$article_date_display." :</b> {$data["date"]}<br />";
31
 //echo"<b>".$article_date_display." :</b> {$data["date"]}<br />";
29
 echo"        
32
 echo"        
30
 	<item>
33
 	<item>
31
-            <title>{$data["titre"]}</title>
32
-            <link>http://www.blogartisanal.tk/?id={$data["id_article"]}</link>
34
+            <title>{$titre_article_rss}</title>
35
+            <link>{$root_path}?id={$data_rss["id_article"]}</link>
33
             <guid isPermaLink='false'>6</guid>
36
             <guid isPermaLink='false'>6</guid>
34
-	    <description>{$article_desc}</description>
37
+            <description>{$description_rss}</description>
35
             <pubDate>0000-00-00 00:00:00 GMT</pubDate>
38
             <pubDate>0000-00-00 00:00:00 GMT</pubDate>
36
-        </item>";
39
+    </item>";
37
 }
40
 }
38
  echo"
41
  echo"
39
    </channel>
42
    </channel>

+ 2 - 2
user/bottom.php View File

1
 <?php
1
 <?php
2
-mysql_close();
2
+$dbh = null;
3
 ?>
3
 ?>
4
 </body>
4
 </body>
5
-</html>
5
+</html>

+ 7 - 8
user/config.php View File

39
 
39
 
40
 
40
 
41
 
41
 
42
-
43
    	define("DB_HOST",$server);
42
    	define("DB_HOST",$server);
44
 	
43
 	
45
 	define("DB_LOGIN",$user);
44
 	define("DB_LOGIN",$user);
51
 
50
 
52
 
51
 
53
 
52
 
54
-@$connect=mysql_connect($server, $user, $passwd) or die ('Error : '.mysql_error().' <br><br>Please check if your database settings are correctly set in the config.php file!');
55
-@mysql_select_db($base) or die ('Error : '.mysql_error());
56
 require_once('fonctions.php');
53
 require_once('fonctions.php');
57
 
54
 
58
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
59
-mysql_select_db(DB_DB);
60
-$sql="SELECT * FROM blog_config";
61
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
62
-$blog_info_config_page = mysql_fetch_assoc($req);
63
 
55
 
56
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
57
+
58
+    $sql = "SELECT * FROM blog_config";
59
+
60
+    $stmt = $dbh->query($sql);
61
+
62
+    $blog_info_config_page = $stmt->fetch(PDO::FETCH_ASSOC);
64
 
63
 
65
 
64
 
66
 $meta_description=$blog_info_config_page['description'];
65
 $meta_description=$blog_info_config_page['description'];

+ 9 - 5
user/index.php View File

97
 <?php 
97
 <?php 
98
 
98
 
99
 
99
 
100
-mysql_connect(DB_HOST,DB_LOGIN,DB_PASS);
101
-mysql_select_db(DB_DB);
102
-$sql="SELECT user_rank FROM user WHERE id_user=$id_user";
103
-$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
104
-$user_ranking = mysql_fetch_assoc($req);
100
+    $dbh = new PDO("mysql:host=$server;dbname=$base", $user, $passwd);
101
+
102
+    $sql = "SELECT user_rank FROM user WHERE id_user=$id_user";
103
+
104
+    $stmt = $dbh->query($sql);
105
+
106
+    $user_ranking = $stmt->fetch(PDO::FETCH_ASSOC);
107
+
108
+
105
 echo "<br>";
109
 echo "<br>";
106
 echo("Votre rang est : ".$user_ranking['user_rank'].". ");
110
 echo("Votre rang est : ".$user_ranking['user_rank'].". ");
107
 
111
 

+ 7 - 3
user/login.php View File

7
 $passwd = formulaires($_POST['passwd']);
7
 $passwd = formulaires($_POST['passwd']);
8
 
8
 
9
 
9
 
10
+
10
 $passwd=md5($passwd);
11
 $passwd=md5($passwd);
11
 
12
 
12
 if(!$username)
13
 if(!$username)
17
 	{
18
 	{
18
 	header('Location:'.$root_path.'index.php?error=pass');
19
 	header('Location:'.$root_path.'index.php?error=pass');
19
 	}
20
 	}
20
-$reponse_cores=mysql_query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
21
-$count_cores=mysql_num_rows($reponse_cores);
21
+//$sqlcount= "SELECT * FROM user WHERE pass='$passwd' AND username='$username'";
22
+$reponse_cores=$dbh->query("SELECT * FROM user WHERE pass='$passwd' AND username='$username'") or die ('error : '.mysql_error());
23
+$count_cores = $reponse_cores->rowCount();
24
+
25
+//$count_cores=mysql_num_rows($reponse_cores);
22
 if($count_cores == 0 )
26
 if($count_cores == 0 )
23
 	{
27
 	{
24
 	header('Location:'.$root_path.'index.php?error=connection');
28
 	header('Location:'.$root_path.'index.php?error=connection');
31
 		@$session.=substr('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN',(rand()%(strlen('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN'))),1);
35
 		@$session.=substr('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN',(rand()%(strlen('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN'))),1);
32
 		}
36
 		}
33
 	
37
 	
34
-	mysql_query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
38
+	$dbh->query("UPDATE user SET session='$session' WHERE username='$username'") or die ('error : '.mysql_error());
35
 	$_SESSION['session'] = "$session";		//création de la session
39
 	$_SESSION['session'] = "$session";		//création de la session
36
 	header('Location:'.$root_path.'user/index.php');			//redirection vers l'index
40
 	header('Location:'.$root_path.'user/index.php');			//redirection vers l'index
37
 	}
41
 	}

+ 7 - 7
user/lost2.php View File

21
 	return FALSE;
21
 	return FALSE;
22
 	}
22
 	}
23
 
23
 
24
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	
25
-$count_username=mysql_num_rows($reponse_username);
24
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	
25
+$count_username=$reponse_username->rowCount();
26
 if($count_username == 0)
26
 if($count_username == 0)
27
 	{
27
 	{
28
 	echo"Invalid username.<br /><a href='#' onClick='history.back()'>Back</a>";
28
 	echo"Invalid username.<br /><a href='#' onClick='history.back()'>Back</a>";
30
 	return FALSE;
30
 	return FALSE;
31
 	}
31
 	}
32
 
32
 
33
-$reponse_email=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	
34
-$count_email=mysql_num_rows($reponse_email);
33
+$reponse_email=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	
34
+$count_email=$reponse_email->rowCount();
35
 if($count_email == 0)
35
 if($count_email == 0)
36
 	{
36
 	{
37
 	echo" Invalid E-mail.<br /><a href='#' onClick='history.back()'>Back</a>";
37
 	echo" Invalid E-mail.<br /><a href='#' onClick='history.back()'>Back</a>";
39
 	return FALSE;
39
 	return FALSE;
40
 	}
40
 	}
41
 
41
 
42
-$existe=mysql_query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());	
43
-$test=mysql_num_rows($existe);
42
+$existe=$dbh->query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());	
43
+$test=$existe->rowCount();
44
 if($test == 0)
44
 if($test == 0)
45
 	{
45
 	{
46
 	echo"E-mail and Username don't match.<br /><a href='#' onClick='history.back()'>Back</a>";
46
 	echo"E-mail and Username don't match.<br /><a href='#' onClick='history.back()'>Back</a>";
55
 	
55
 	
56
 mail("$email", "".$website_name." - Forgotten password" , "Hello, this is your new password : ".$passwd."", "From: ".$blog_email."");
56
 mail("$email", "".$website_name." - Forgotten password" , "Hello, this is your new password : ".$passwd."", "From: ".$blog_email."");
57
 $passwd=md5($passwd);
57
 $passwd=md5($passwd);
58
-mysql_query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());	
58
+$dbh->query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());	
59
 echo 'An E-mail has been sent to your mailbox with your new password';
59
 echo 'An E-mail has been sent to your mailbox with your new password';
60
 ?>
60
 ?>

+ 5 - 5
user/profile2.php View File

76
 	return FALSE;
76
 	return FALSE;
77
 	}
77
 	}
78
 	$pass_enc=md5($pass_enc);
78
 	$pass_enc=md5($pass_enc);
79
-$reponse_pass=mysql_query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
80
-$count_pass=mysql_num_rows($reponse_pass);
79
+$reponse_pass=$dbh->query("SELECT pass FROM user WHERE pass='$pass_enc' AND session='$session'") or die ('error : '.mysql_error());	//verification si mot de passe valide
80
+$count_pass=$reponse_pass->rowCount();
81
 if($count_pass == 0)
81
 if($count_pass == 0)
82
 	{
82
 	{
83
 	?>
83
 	?>
98
 	return FALSE;
98
 	return FALSE;
99
 	}
99
 	}
100
 	$new_pass=md5($new_pass);
100
 	$new_pass=md5($new_pass);
101
-	mysql_query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
101
+	$dbh->query("UPDATE user SET pass='$new_pass' WHERE session='$session'") or die ('error : '.mysql_error());
102
 	}
102
 	}
103
-mysql_query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
103
+$dbh->query("UPDATE user SET email='$email' WHERE session='$session'") or die ('error : '.mysql_error());
104
 echo"<div align=center>Your profile settings have been saved.<br /><a href='profile.php' onClick='history.back()'>Back</a></div>";
104
 echo"<div align=center>Your profile settings have been saved.<br /><a href='profile.php' onClick='history.back()'>Back</a></div>";
105
 include_once('bottom.php');
105
 include_once('bottom.php');
106
 ?>
106
 ?>
112
 
112
 
113
 </body>
113
 </body>
114
 
114
 
115
-</html>
115
+</html>

+ 57 - 0
user/style.css View File

1
+<style type="text/css">
2
+html
3
+{
4
+height:100%;
5
+width:100%;
6
+}
7
+#header
8
+{
9
+width:100%;
10
+height:20%;
11
+font-size:50px;
12
+text-align:center;
13
+border-style:solid;
14
+border-color:black;
15
+border-size:1px;
16
+}
17
+.corps
18
+{
19
+width:80%;
20
+height:5%;
21
+border-bottom-style:solid;
22
+border-bottom-color:black;
23
+border-bottom-size:1px;
24
+//float:left;
25
+z-index:2;
26
+}
27
+#widget
28
+{
29
+margin-left:80%;
30
+width:15%;
31
+z-index:1;
32
+position:absolute;
33
+border-left-style:solid;
34
+border-left-color:black;
35
+border-left-size:2px;
36
+}
37
+a
38
+{
39
+color:black;
40
+text-decoration:none;
41
+}
42
+a:hover
43
+{
44
+color:black;
45
+text-decoration:underline;
46
+}
47
+#contact
48
+{
49
+color:white;
50
+text-decoration:none;
51
+}
52
+#contact:hover
53
+{
54
+color:white;
55
+text-decoration:underline;
56
+}
57
+</style>

+ 1 - 1
user/top.php View File

11
 <meta name="description" content="<?php echo $meta_description; ?>" />
11
 <meta name="description" content="<?php echo $meta_description; ?>" />
12
 <meta name="keywords" content="<?php echo $meta_key_words; ?>" />
12
 <meta name="keywords" content="<?php echo $meta_key_words; ?>" />
13
 <meta name="robots" content="all" />
13
 <meta name="robots" content="all" />
14
-<link href="style.css" rel="stylesheet" type="text/css" />
14
+<link href="<?php echo $root_path; ?>"style.css" rel="stylesheet" type="text/css" />
15
 <link rel="alternate" type="application/rss+xml"
15
 <link rel="alternate" type="application/rss+xml"
16
     href="<?php echo $root_path; ?>rss.php" title="Blog Artisanal" />
16
     href="<?php echo $root_path; ?>rss.php" title="Blog Artisanal" />
17
 </head>
17
 </head>

+ 20 - 7
user/verification.php View File

38
    	}
38
    	}
39
 	
39
 	
40
 //// VERIFICATIONS DES EXISTANCES ////
40
 //// VERIFICATIONS DES EXISTANCES ////
41
-$reponse_mail=mysql_query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
42
-$count_mail=mysql_num_rows($reponse_mail);
41
+$reponse_mail=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());	//verification si e-mail existe déjà
42
+$count_mail=$reponse_mail->rowCount();
43
 if($count_mail == 1)
43
 if($count_mail == 1)
44
 	{
44
 	{
45
 	echo'This e-mail is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
45
 	echo'This e-mail is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
46
 	include_once('bottom.php');
46
 	include_once('bottom.php');
47
 return FALSE;
47
 return FALSE;
48
 	}
48
 	}
49
-$reponse_username=mysql_query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
50
-$count_username=mysql_num_rows($reponse_username);
49
+$reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());	//verification si username existe déjà
50
+$count_username=$reponse_username->rowCount();
51
 if($count_username == 1)
51
 if($count_username == 1)
52
 	{
52
 	{
53
 	echo 'This username is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
53
 	echo 'This username is already taken.<br /><a href="register.php" onClick="history.Back()">Back</a>';
63
 		$passwd=md5($passwd);		//Codage du password
63
 		$passwd=md5($passwd);		//Codage du password
64
 		
64
 		
65
 //// DEFINIR LE PREMIER UTILISATEUR COMME ADMINISTRATEUR ////		
65
 //// DEFINIR LE PREMIER UTILISATEUR COMME ADMINISTRATEUR ////		
66
-$nombre_utilisateur=mysql_query("SELECT * FROM user") or die ('error : '.mysql_error());	
67
-$count_user=mysql_num_rows($nombre_utilisateur);
66
+$nombre_utilisateur=$dbh->query("SELECT * FROM user") or die ('error : '.mysql_error());	
67
+$count_user=$nombre_utilisateur->rowCount();
68
 if($count_user == 0){
68
 if($count_user == 0){
69
 $user_rank = '1';
69
 $user_rank = '1';
70
 }else{
70
 }else{
77
 }
77
 }
78
 
78
 
79
 //// INSCRIPTION DANS LA BDD ////
79
 //// INSCRIPTION DANS LA BDD ////
80
-mysql_query("INSERT INTO user VALUES ('', '$session', '$username', '$passwd', '$email','','$user_rank')") or die ('error : '.mysql_error());	//insertion dans la bdd
80
+$sql_register = "INSERT INTO user ( id_user, session, username, pass, email, date, user_rank)
81
+                    VALUES (:id_user, :session, :username, :pass, :email, :date, :user_rank)";
82
+
83
+$query = $dbh->prepare($sql_register) or die ('error : '.mysql_error());      //insertion dans la bdd
84
+$results = $query->execute(array(
85
+    "id_user" => '',
86
+    "session" => $session,
87
+    "username" => $username,
88
+    "pass" => $passwd,
89
+    "email" => $email,
90
+    "date" => '',
91
+    "user_rank" => $user_rank
92
+));
93
+
81
 echo'Thank you for registering to '.$website_name.'<br /><a href="index.php">Login !</a>';
94
 echo'Thank you for registering to '.$website_name.'<br /><a href="index.php">Login !</a>';
82
 include_once('bottom.php');
95
 include_once('bottom.php');
83
 ?>
96
 ?>

+ 4 - 4
user/verifications.php View File

9
 	return false;
9
 	return false;
10
 	}
10
 	}
11
 	
11
 	
12
-$verif=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
13
-$verif=mysql_num_rows($verif);
12
+$verif=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
13
+$verif=$verif->rowCount();
14
 if($verif == 0)
14
 if($verif == 0)
15
 	{
15
 	{
16
 	header('Location:index.php?error=connection');
16
 	header('Location:index.php?error=connection');
19
 	return false;
19
 	return false;
20
 	}
20
 	}
21
 
21
 
22
-$sql=mysql_query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
23
-while ($resultat = mysql_fetch_array($sql) )
22
+$sql=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
23
+while ($resultat = $sql->fetch(PDO::FETCH_BOTH) )
24
 	{
24
 	{
25
 	$email = $resultat['email'];
25
 	$email = $resultat['email'];
26
 	$username = $resultat['username'];
26
 	$username = $resultat['username'];