Newer
Older
<?
include "include/db_connect.php";
#######################################################
#################### PHOTOS ######################
#######################################################
function adminAddPhoto(){
$name = $_POST['photo_get_name'];
$path = $_POST['photo_get_path'];
$tar = $_POST['photo_img_path'];
$size = $_POST['photo_get_size'];
$date = $_POST['photo_get_date'];
$time = get_time();
$type = $_POST['photo_type'];
$comment = $_POST['photo_comment'];
$tendu = $_POST['photo_tendu'];
$id_user = $_SESSION["user_id"];
$query = " INSERT INTO `photos_db` ";
$query .= "( `photo_id`, `photo_name`, `photo_path`, `photo_size`, `photo_date`,
`photo_time`, `photo_type`, `photo_comment`, `photo_tendu`, `photo_img_path`, `photo_user_id`) ";
$query .= "VALUES ( '', '$name', '$path' , '$size', '$date',
or die("Add photo Query failed");
$auto_news = $_POST['auto_www_news'];
if ($auto_news)
{
$title = 'Nouvel Album Photo: '.$name;
$query = " INSERT INTO `news_db` ";
$query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
$query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminPhotos"> '; // automatique redirection
}
function adminModifPhoto(){
$name = $_POST['photo_get_upname'];
$path = $_POST['photo_get_path'];
$tar = $_POST['photo_img_path'];
$size = $_POST['photo_get_size'];
$date = $_POST['photo_get_date'];
$type = $_POST['photo_get_type'];
$comment = $_POST['photo_get_comment'];
$vid_id = $_GET['vid_id'];
$query = " UPDATE `photos_db` ";
$query .= " SET `photo_name` = '$name', `photo_path` = '$path', `photo_date` = '$date', `photo_size` = '$size',
`photo_time` = 'get_time()', `photo_type` = '$type', `photo_comment` = '$comment', `photo_tendu` = '$tendu' ";
$query .= " WHERE `photo_id` = '$vid_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminPhotos"> '; // automatique redirection
}
function adminDeletePhoto(){
$name = $_POST['photo_get_upname'];
$path = $_POST['file_serveur'];
$date = $_POST['photo_get_date'];
$up_date = get_time();
$vid_id = $_GET['vid_id'];
$query = " DELETE FROM `photos_db` ";
$query .= " WHERE `photo_id` = '$vid_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminPhotos"> '; // automatique redirection
#######################################################
#################### VIDEOS ######################
#######################################################
function adminAddVideo(){
$name = $_POST['video_get_name'];
$path = $_POST['video_get_path'];
$path_daily = $_POST['video_path_daily'];
$size = get_filesize($path);
$date = $_POST['video_get_date'];
$time = get_time();
$type = $_POST['video_type'];
$comment = $_POST['video_comment'];
$tendu = $_POST['video_tendu'];
$id_user = $_SESSION["user_id"];
$query = " INSERT INTO `videos_db` ";
$query .= "( `video_id`, `video_name`, `video_path`, `video_path_daily`, `video_size`, `video_date`,
`video_time`, `video_type`, `video_comment`, `video_tendu`, `video_img_path`, `video_user_id`) ";
$query .= "VALUES ( '', '$name', '$path' , '$path_daily', '$size', '$date',
or die("Add Video Query failed");
$auto_news = $_POST['auto_www_news'];
if ($auto_news)
{
$title = 'Nouvelle Video: '.$name;
$query = " INSERT INTO `news_db` ";
$query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
$query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminVideos"> '; // automatique redirection
}
function adminModifVideo(){
$name = $_POST['video_get_upname'];
$path = $_POST['video_get_path'];
$path_daily = $_POST['video_path_daily'];
$size = get_filesize($path);
$date = $_POST['video_get_date'];
$type = $_POST['video_get_type'];
$comment = $_POST['video_get_comment'];
$vid_id = $_GET['vid_id'];
$query = " UPDATE `videos_db` ";
$query .= " SET `video_name` = '$name', `video_path` = '$path', `video_path_daily` = '$path_daily', `video_date` = '$date', `video_size` = '$size',
`video_time` = 'get_time()', `video_type` = '$type', `video_comment` = '$comment', `video_tendu` = '$tendu' ";
$query .= " WHERE `video_id` = '$vid_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminVideos"> '; // automatique redirection
}
function adminDeleteVideo(){
$name = $_POST['video_get_upname'];
$path = $_POST['file_serveur'];
$date = $_POST['video_get_date'];
$up_date = get_time();
$vid_id = $_GET['vid_id'];
$query = " DELETE FROM `videos_db` ";
$query .= " WHERE `video_id` = '$vid_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminVideos"> '; // automatique redirection
#######################################################
#################### NEWS ######################
#######################################################
function adminAddNews(){
$title = $_POST['news_get_title'];
$date = $_POST['news_get_date'];
$time = get_time();
$comment = $_POST['news_get_comment'];
$id_user = $_SESSION["user_id"];
$tendu = $_POST['news_tendu'];
$query = " INSERT INTO `news_db` ";
$query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
$query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminNews"> '; // automatique redirection
}
function adminModifNews(){
$title = $_POST['news_get_uptitle'];
$date = $_POST['news_get_date'];
$time = get_time();
$comment = $_POST['news_get_comment'];
$news_id = $_GET['news_id'];
$query = " UPDATE `news_db` ";
$query .= " SET `news_title` = '$title', `news_date` = '$date', `news_time` = 'get_time()', `news_comment` = '$comment' ";
$query .= " WHERE `news_id` = '$news_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminNews"> '; // automatique redirection
}
function adminDeleteNews(){
$news_id = $_GET['news_id'];
$query = " DELETE FROM `news_db` ";
$query .= " WHERE `news_id` = '$news_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminNews"> '; // automatique redirection
}
#######################################################
#################### EDITOS ######################
#######################################################
function adminAddEdito(){
$title = $_POST['edito_get_title'];
$date = $_POST['edito_get_date'];
$comment = $_POST['edito_get_comment'];
$id_user = $_SESSION["user_id"];
$query = " INSERT INTO `editos_db` ";
$query .= "( `edito_id`, `edito_title`, `edito_date`, `edito_comment`, `edito_id_user`)";
$query .= "VALUES ( '', '$title', '$date', '$comment', '$id_user') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminEdito"> '; // automatique redirection
}
function adminModifEdito(){
$title = $_POST['edito_get_uptitle'];
$date = $_POST['edito_get_update'];
$comment = $_POST['edito_get_upcomment'];
$edito_id = $_GET['edito_id'];
$query = " UPDATE `editos_db` ";
$query .= " SET `edito_title` = '$title', `edito_date` = '$date', `edito_comment` = '$comment' ";
$query .= " WHERE `edito_id` = '$edito_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminEdito"> '; // automatique redirection
}
function adminDelEdito(){
$edito_id = $_GET['edito_id'];
$query = " DELETE FROM `editos_db` ";
$query .= " WHERE `edito_id` = '$edito_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminEdito"> '; // automatique redirection
}
#######################################################
#################### LINKS ######################
#######################################################
function adminAddLink(){
$link = $_POST['input_get_link'];
$comment = $_POST['input_get_comment'];
$query = " INSERT INTO `links_db` ";
$query .= "( `link_id`, `link_link`, `link_comment`)";
$query .= "VALUES ( '', '$link', '$comment') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminLinks"> '; // automatique redirection
}
function adminModifLink(){
$link = $_POST['input_get_link'];
$comment = $_POST['input_get_comment'];
$element_id = $_GET['element_id'];
$query = " UPDATE `links_db` ";
$query .= " SET `link_link` = '$link', `link_comment` = '$comment' ";
$query .= " WHERE `link_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminLinks"> '; // automatique redirection
}
function adminDelLink(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `links_db` ";
$query .= " WHERE `link_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminLinks"> '; // automatique redirection
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
}
#######################################################
#################### MEMBERS ######################
#######################################################
function adminAddMember(){
$login = $_POST['member_get_login'];
$pseudo = $_POST['member_get_pseudo'];
$pass = $_POST['member_get_pass'];
$check_pass = $_POST['member_get_checkpass'];
$mail = $_POST['member_get_mail'];
$tel = $_POST['member_get_tel'];
$date = $_POST['member_get_date'];
$statut = $_POST['member_get_statut'];
$right = $_POST['member_get_right'];
$signature = $_POST['member_get_signature'];
$comment = $_POST['member_get_comment'];
$mailing = $_POST['auto_mailing_member'];
if (strcmp($pass,$check_pass) == 1 || $pass == "")
{
echo "Pass non valide mec... Soit c'évide, soit tu n'as pas mis deux fois le meme";
return;
}
else {
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
}
$query = " INSERT INTO `users_db` ";
$query .= "( `user_id`, `user_login`, `user_pseudo`, `user_pass`, `user_mail`,
`user_tel`, `user_date`, `user_statut`, `user_right`,`user_signature`, `user_comment`, `user_mailing`)";
$query .= "VALUES ( '', '$login', '$pseudo', '$pass', '$mail', '$tel', '$date' ,'$statut', '$right', '$signature', '$comment', '$mailing') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminMembers"> '; // automatique redirection
}
function adminModifMember(){
$element_id =$_GET['element_id'];
$result = getOneUserById($element_id);
if (mysql_num_rows($result)){
$login = $_POST['member_get_login'];
$pseudo = $_POST['member_get_pseudo'];
$pass = $_POST['member_get_pass'];
$check_pass = $_POST['member_get_verifpass'];
$mail = $_POST['member_get_mail'];
$tel = $_POST['member_get_tel'];
if ($_SESSION["user_right"] == $GLOBALS["ROOT"]) {
$date = $_POST['member_get_date'];
$statut = $_POST['member_get_statut'];
$right = $_POST['member_get_right'];
$comment = $_POST['member_get_comment'];
}
else {
$date = $user["user_date"];
$statut = $user["user_statut"];
$right = $user["user_right"];
$comment = $user["user_comment"];
}
$signature = $_POST['member_get_signature'];
if ($pass != $check_pass)
echo "Pass non valide mec... Soit c'est vide, soit tu n'as pas mis deux fois le meme";
return;
}
else {
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
}
$mailing = $_POST['auto_mailing_member'];
$element_id = $_GET['element_id'];
$query = " UPDATE `users_db` ";
if ($_POST['member_get_pass']){
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_pass` = '$pass', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut', `user_right` = '$right',
`user_signature` = '$signature', `user_comment` = '$comment', `user_mailing` = '$mailing' ";
}
else {
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut', `user_right` = '$right',
`user_signature` = '$signature', `user_comment` = '$comment', `user_mailing` = '$mailing' ";
}
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query fucked");
}
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminMembers"> '; // automatique redirection
}
function adminDelMember(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `users_db` ";
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminMembers"> '; // automatique redirection
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
}
#######################################################
#################### USERS ######################
#######################################################
function adminAddUser(){
$login = $_POST['user_get_login'];
$pseudo = $_POST['user_get_pseudo'];
$pass = $_POST['user_get_pass'];
$mail = $_POST['user_get_mail'];
$tel = $_POST['user_get_tel'];
$date = $_POST['user_get_date'];
$statut = 0;
$right = $_POST['user_get_right'];
$signature = $_POST['user_get_signature'];
$comment = $_POST['user_get_comment'];
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
$query = " INSERT INTO `users_db` ";
$query .= "( `user_id`, `user_login`, `user_pseudo`, `user_pass`, `user_mail`,
`user_tel`, `user_date`, `user_statut`, `user_right`,`user_signature`, `user_comment`, `user_mailing`)";
$query .= "VALUES ( '', '$login', '$pseudo', '$pass', '$mail', '$tel', '$date' ,'$statut', '$right', '$signature', '$comment', '') ";
mysql_query($query)
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminUsers"> '; // automatique redirection
}
function adminModifUser(){
$login = $_POST['user_get_login'];
$pseudo = $_POST['user_get_pseudo'];
$pass = $_POST['user_get_pass'];
$mail = $_POST['user_get_mail'];
$tel = $_POST['user_get_tel'];
$date = $_POST['user_get_date'];
$statut = 0;
$right = $_POST['user_get_right'];
$signature = $_POST['user_get_signature'];
$comment = $_POST['user_get_comment'];
$element_id = $_GET['element_id'];
echo "Pass non valide mec... Soit c'est vide, soit tu n'as pas mis deux fois le meme";
return;
}
else {
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
}
$query = " UPDATE `users_db` ";
if ($_POST['user_get_pass']){
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_pass` = '$pass', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut',
`user_right` = '$right', `user_signature` = '$signature', `user_comment` = '$comment' ";
}
else {
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut',
`user_right` = '$right', `user_signature` = '$signature', `user_comment` = '$comment' ";
}
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminUsers"> '; // automatique redirection
}
function adminDelUser(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `users_db` ";
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminUsers"> '; // automatique redirection
}
#######################################################
#################### BLACKLIST ######################
#######################################################
function adminAddBlacklist(){
$login = $_POST['blacklist_get_login'];
$pseudo = $_POST['blacklist_get_pseudo'];
$mail = $_POST['blacklist_get_mail'];
$date = $_POST['blacklist_get_date'];
$reason = $_POST['blacklist_get_reason'];
$query = " INSERT INTO `blacklist_db` ";
$query .= "( `blacklist_id`, `blacklist_login`, `blacklist_pseudo`, `blacklist_mail`,
`blacklist_date`, `blacklist_reason`, `blacklist_try`)";
$query .= "VALUES ( '', '$login', '$pseudo', '$mail', '$date', '$reason', '') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminBlacklist"> '; // automatique redirection
}
function adminModifBlacklist(){
$login = $_POST['blacklist_get_login'];
$pseudo = $_POST['blacklist_get_pseudo'];
$mail = $_POST['blacklist_get_mail'];
$date = $_POST['blacklist_get_date'];
$reason = $_POST['blacklist_get_reason'];
$element_id = $_GET['element_id'];
$query = " UPDATE `blacklist_db` ";
$query .= " SET `blacklist_login` = '$login', `blacklist_pseudo` = '$pseudo', `blacklist_mail` = '$mail',
`blacklist_date` = '$date', `blacklist_reason` = '$reason' ";
$query .= " WHERE `blacklist_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminBlacklist"> '; // automatique redirection
}
function adminDelBlacklist(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `blacklist_db` ";
$query .= " WHERE `blacklist_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminBlacklist"> '; // automatique redirection
}
function adminAddBlacksite(){
$adress = $_POST['blacksite_get_adress'];
$query = " INSERT INTO `blacksites_db` ";
$query .= "( `blacksite_id`, `blacksite_adress`)";
$query .= "VALUES ( '', '$adress') ";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminBlacklist"> '; // automatique redirection
}
function adminModifBlacksite(){
$adress = $_POST['blacksite_get_adress'];
$element_id = $_GET['element_id'];
$query = " UPDATE `blacksites_db` ";
$query .= " SET `blacksite_adress` = '$adress' ";
$query .= " WHERE `blacksite_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminBlacklist"> '; // automatique redirection
}
function adminDelBlacksite(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `blacksites_db` ";
$query .= " WHERE `blacksite_id` = '$element_id' LIMIT 1";
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome§ion_admin=AdminBlacklist"> '; // automatique redirection