Loading include/functions_sql.php +71 −64 Original line number Diff line number Diff line Loading @@ -5,80 +5,82 @@ ################################ function getOneNews($news_id) { $news_id = mysql_real_escape_string($news_id); $query = "select * from $DB.news_db WHERE news_id = '$news_id'"; return $result = mysql_query($query); return mysql_query($query); } function getLastNews($tendu) { $tendu = mysql_real_escape_string($tendu); $query = "SELECT * FROM $DB.news_db WHERE news_tendu<='$tendu' ORDER BY news_date desc, news_time desc"; return $result = mysql_query($query); return mysql_query($query); } ################################ ########## SQL EDITO ######## ################################ function getOneEdito($edito_id) { $edito_id = mysql_real_escape_string($edito_id); $query = "select * from $DB.editos_db WHERE edito_id = '$edito_id'"; return $result = mysql_query($query); return mysql_query($query); } function getLastEdito() { $query = "select * from $DB.editos_db ORDER BY edito_date DESC"; return $result = mysql_query($query); return mysql_query($query); } function getAllEdito() { $query = "select * from $DB.editos_db ORDER BY edito_date DESC"; return $result = mysql_query($query); return mysql_query($query); } ################################ ########## SQL VIDEOS ######## ################################ function getOneVideo($vid_id){ $vid_id = mysql_real_escape_string($vid_id); $query = "select * from $DB.videos_db WHERE video_id = '$vid_id'"; return mysql_query($query); } function getAllVideos() { $query = "select * from $DB.videos_db ORDER BY video_date desc, video_time desc"; return $result = mysql_query($query); return mysql_query($query); } function getLastVideos() { $query = "select * from $DB.videos_db ORDER BY video_id desc"; return $result = mysql_query($query); return mysql_query($query); } function getVideosByType($type) { $type = mysql_real_escape_string($type); $query = "select * from $DB.videos_db WHERE video_type='$type' ORDER BY video_date desc"; return $result = mysql_query($query); return mysql_query($query); } function getVideosByYearAndTypeAndTendu($year, $type, $tendu) { if ($year == 2000) $year = mysql_real_escape_string($year); $type = mysql_real_escape_string($type); $tendu = mysql_real_escape_string($tendu); if ($year == 0) $query = "select * from $DB.videos_db WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)<='$year' WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)<='2000' ORDER BY video_date desc"; else $query = "select * from $DB.videos_db WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)='$year' ORDER BY video_date desc"; return $result = mysql_query($query); return mysql_query($query); } function getLastVideosByTendu($tendu) { $tendu = mysql_real_escape_string($tendu); $query = "select * from $DB.videos_db WHERE video_tendu<='$tendu' ORDER BY video_id desc"; return $result = mysql_query($query); return mysql_query($query); } ################################## Loading @@ -87,50 +89,52 @@ function getLastVideosByTendu($tendu){ function getAssoInfos() { $query = "select * from $DB.asso_db"; return $result = mysql_query($query); return mysql_query($query); } function getOneLinkById($ID){ $query = "select * from $DB.links_db WHERE link_id='$ID'"; return $result = mysql_query($query); function getOneLinkById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.links_db WHERE link_id='$id'"; return mysql_query($query); } function getAllLinks() { $query = "select * from $DB.links_db"; return $result = mysql_query($query); return mysql_query($query); } ############################### ########## SQL USERS ######## ############################### function getOneUserByName($login) { $login = mysql_real_escape_string($login); $query = "select * from $DB.users_db WHERE user_login='$login'"; return $result = mysql_query($query); return mysql_query($query); } function getOneUserByPseudo($pseudo) { $pseudo = mysql_real_escape_string($pseudo); $query = "select * from $DB.users_db WHERE user_pseudo='$pseudo'"; return $result = mysql_query($query); return mysql_query($query); } function getOneUserById($ID){ $query = "select * from $DB.users_db WHERE user_id='$ID'"; return $result = mysql_query($query); function getOneUserById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.users_db WHERE user_id='$id'"; return mysql_query($query); } function getAllUsers() { $query = "select * from $DB.users_db WHERE user_right < 7 ORDER BY user_right desc"; return $result = mysql_query($query); return mysql_query($query); } function getUsersByStatut($statut) { $statut = mysql_real_escape_string($statut); $query = "SELECT * FROM $DB.users_db WHERE user_statut='$statut' ORDER BY user_right desc"; return $result = mysql_query($query); return mysql_query($query); } ################################ Loading @@ -139,12 +143,13 @@ function getUsersByStatut($statut){ function getAllMembers() { $query = "select * from $DB.users_db WHERE user_right >= 7"; return $result = mysql_query($query); return mysql_query($query); } function getAnExistingStatut($statut) { $statut = mysql_real_escape_string($statut); $query = "select * from $DB.users_db WHERE user_statut = '$statut'"; return $result = mysql_query($query); return mysql_query($query); } #################################### Loading @@ -152,29 +157,31 @@ function getAnExistingStatut($statut){ #################################### function getOneBlacklistById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.blacklist_db WHERE blacklist_id='$id'"; return $result = mysql_query($query); return mysql_query($query); } function getOneBlacklistByLogin($login) { $login = mysql_real_escape_string($login); $query = "select * from $DB.blacklist_db WHERE blacklist_login='$login'"; return $result = mysql_query($query); return mysql_query($query); } function getAllBlacklist() { $query = "select * from $DB.blacklist_db"; return $result = mysql_query($query); return mysql_query($query); } function getAllBlacksite() { $query = "select * from $DB.blacksites_db"; return $result = mysql_query($query); return mysql_query($query); } function getOneBlacksiteById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.blacksites_db WHERE blacksite_id='$id'"; return $result = mysql_query($query); return mysql_query($query); } ?> No newline at end of file include/videos.php +19 −17 Original line number Diff line number Diff line Loading @@ -4,14 +4,18 @@ define('DEFAULT_YEAR', '2010'); function dispVideos() { (isset($_GET['year_page'])) ? ($curyear = " ".$_GET['year_page']) : ($curyear = " ".DEFAULT_YEAR); if (!isset($_GET['year_page'])) $yeartitle = DEFAULT_YEAR; elseif ($_GET['year_page'] == 0) $yeartitle = "2000 et avant"; else $yeartitle = $_GET['year_page']; $str = ' <!-- main body --> <div id="main_body"> <div id="left_side"> <div id="newsbox"> <h1><img alt="" src="images/puce.png" /> <strong>Videos'. $curyear .'</strong></h1> <h1><img alt="" src="images/puce.png" /> <strong>Videos de '. $yeartitle .'</strong></h1> <ul>'; $str .= dispVideosYear(); Loading @@ -31,9 +35,7 @@ $str = ' </div> </div> <div class="clr"> </div> </div> '; </div>'; echo $str; } Loading @@ -50,19 +52,19 @@ function dispVideosMenu(){ $str .= '<li><a href="index.php?section=Videos&year_page=2003" class="texte_link">2003</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=2002" class="texte_link">2002</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=2001" class="texte_link">2001</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=2000" class="texte_link">avant</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=0" class="texte_link">2000 et avant</a></li>'; $str .= '</ul>'; return $str; } function dispVideosYear(){ if ($_GET['year_page']) if (isset($_GET['year_page'])) $year_page = $_GET['year_page']; else $year_page = DEFAULT_YEAR; $str = '';//'<B>'.$year_page.'</B>'; $str = ''; if ($_SESSION["user_right"] >= $GLOBALS["PRIV_GUEST"] ) { $result_prod = getVideosByYearAndTypeAndTendu($year_page, "eptvprod", 2); Loading @@ -87,7 +89,7 @@ function dispVideosYear(){ if (mysql_num_rows($result_adm)) $str .= dispVideosByType($result_adm, " e p t v . a d m"); return ($str); return $str; } Loading Loading
include/functions_sql.php +71 −64 Original line number Diff line number Diff line Loading @@ -5,80 +5,82 @@ ################################ function getOneNews($news_id) { $news_id = mysql_real_escape_string($news_id); $query = "select * from $DB.news_db WHERE news_id = '$news_id'"; return $result = mysql_query($query); return mysql_query($query); } function getLastNews($tendu) { $tendu = mysql_real_escape_string($tendu); $query = "SELECT * FROM $DB.news_db WHERE news_tendu<='$tendu' ORDER BY news_date desc, news_time desc"; return $result = mysql_query($query); return mysql_query($query); } ################################ ########## SQL EDITO ######## ################################ function getOneEdito($edito_id) { $edito_id = mysql_real_escape_string($edito_id); $query = "select * from $DB.editos_db WHERE edito_id = '$edito_id'"; return $result = mysql_query($query); return mysql_query($query); } function getLastEdito() { $query = "select * from $DB.editos_db ORDER BY edito_date DESC"; return $result = mysql_query($query); return mysql_query($query); } function getAllEdito() { $query = "select * from $DB.editos_db ORDER BY edito_date DESC"; return $result = mysql_query($query); return mysql_query($query); } ################################ ########## SQL VIDEOS ######## ################################ function getOneVideo($vid_id){ $vid_id = mysql_real_escape_string($vid_id); $query = "select * from $DB.videos_db WHERE video_id = '$vid_id'"; return mysql_query($query); } function getAllVideos() { $query = "select * from $DB.videos_db ORDER BY video_date desc, video_time desc"; return $result = mysql_query($query); return mysql_query($query); } function getLastVideos() { $query = "select * from $DB.videos_db ORDER BY video_id desc"; return $result = mysql_query($query); return mysql_query($query); } function getVideosByType($type) { $type = mysql_real_escape_string($type); $query = "select * from $DB.videos_db WHERE video_type='$type' ORDER BY video_date desc"; return $result = mysql_query($query); return mysql_query($query); } function getVideosByYearAndTypeAndTendu($year, $type, $tendu) { if ($year == 2000) $year = mysql_real_escape_string($year); $type = mysql_real_escape_string($type); $tendu = mysql_real_escape_string($tendu); if ($year == 0) $query = "select * from $DB.videos_db WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)<='$year' WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)<='2000' ORDER BY video_date desc"; else $query = "select * from $DB.videos_db WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)='$year' ORDER BY video_date desc"; return $result = mysql_query($query); return mysql_query($query); } function getLastVideosByTendu($tendu) { $tendu = mysql_real_escape_string($tendu); $query = "select * from $DB.videos_db WHERE video_tendu<='$tendu' ORDER BY video_id desc"; return $result = mysql_query($query); return mysql_query($query); } ################################## Loading @@ -87,50 +89,52 @@ function getLastVideosByTendu($tendu){ function getAssoInfos() { $query = "select * from $DB.asso_db"; return $result = mysql_query($query); return mysql_query($query); } function getOneLinkById($ID){ $query = "select * from $DB.links_db WHERE link_id='$ID'"; return $result = mysql_query($query); function getOneLinkById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.links_db WHERE link_id='$id'"; return mysql_query($query); } function getAllLinks() { $query = "select * from $DB.links_db"; return $result = mysql_query($query); return mysql_query($query); } ############################### ########## SQL USERS ######## ############################### function getOneUserByName($login) { $login = mysql_real_escape_string($login); $query = "select * from $DB.users_db WHERE user_login='$login'"; return $result = mysql_query($query); return mysql_query($query); } function getOneUserByPseudo($pseudo) { $pseudo = mysql_real_escape_string($pseudo); $query = "select * from $DB.users_db WHERE user_pseudo='$pseudo'"; return $result = mysql_query($query); return mysql_query($query); } function getOneUserById($ID){ $query = "select * from $DB.users_db WHERE user_id='$ID'"; return $result = mysql_query($query); function getOneUserById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.users_db WHERE user_id='$id'"; return mysql_query($query); } function getAllUsers() { $query = "select * from $DB.users_db WHERE user_right < 7 ORDER BY user_right desc"; return $result = mysql_query($query); return mysql_query($query); } function getUsersByStatut($statut) { $statut = mysql_real_escape_string($statut); $query = "SELECT * FROM $DB.users_db WHERE user_statut='$statut' ORDER BY user_right desc"; return $result = mysql_query($query); return mysql_query($query); } ################################ Loading @@ -139,12 +143,13 @@ function getUsersByStatut($statut){ function getAllMembers() { $query = "select * from $DB.users_db WHERE user_right >= 7"; return $result = mysql_query($query); return mysql_query($query); } function getAnExistingStatut($statut) { $statut = mysql_real_escape_string($statut); $query = "select * from $DB.users_db WHERE user_statut = '$statut'"; return $result = mysql_query($query); return mysql_query($query); } #################################### Loading @@ -152,29 +157,31 @@ function getAnExistingStatut($statut){ #################################### function getOneBlacklistById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.blacklist_db WHERE blacklist_id='$id'"; return $result = mysql_query($query); return mysql_query($query); } function getOneBlacklistByLogin($login) { $login = mysql_real_escape_string($login); $query = "select * from $DB.blacklist_db WHERE blacklist_login='$login'"; return $result = mysql_query($query); return mysql_query($query); } function getAllBlacklist() { $query = "select * from $DB.blacklist_db"; return $result = mysql_query($query); return mysql_query($query); } function getAllBlacksite() { $query = "select * from $DB.blacksites_db"; return $result = mysql_query($query); return mysql_query($query); } function getOneBlacksiteById($id) { $id = mysql_real_escape_string($id); $query = "select * from $DB.blacksites_db WHERE blacksite_id='$id'"; return $result = mysql_query($query); return mysql_query($query); } ?> No newline at end of file
include/videos.php +19 −17 Original line number Diff line number Diff line Loading @@ -4,14 +4,18 @@ define('DEFAULT_YEAR', '2010'); function dispVideos() { (isset($_GET['year_page'])) ? ($curyear = " ".$_GET['year_page']) : ($curyear = " ".DEFAULT_YEAR); if (!isset($_GET['year_page'])) $yeartitle = DEFAULT_YEAR; elseif ($_GET['year_page'] == 0) $yeartitle = "2000 et avant"; else $yeartitle = $_GET['year_page']; $str = ' <!-- main body --> <div id="main_body"> <div id="left_side"> <div id="newsbox"> <h1><img alt="" src="images/puce.png" /> <strong>Videos'. $curyear .'</strong></h1> <h1><img alt="" src="images/puce.png" /> <strong>Videos de '. $yeartitle .'</strong></h1> <ul>'; $str .= dispVideosYear(); Loading @@ -31,9 +35,7 @@ $str = ' </div> </div> <div class="clr"> </div> </div> '; </div>'; echo $str; } Loading @@ -50,19 +52,19 @@ function dispVideosMenu(){ $str .= '<li><a href="index.php?section=Videos&year_page=2003" class="texte_link">2003</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=2002" class="texte_link">2002</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=2001" class="texte_link">2001</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=2000" class="texte_link">avant</a></li>'; $str .= '<li><a href="index.php?section=Videos&year_page=0" class="texte_link">2000 et avant</a></li>'; $str .= '</ul>'; return $str; } function dispVideosYear(){ if ($_GET['year_page']) if (isset($_GET['year_page'])) $year_page = $_GET['year_page']; else $year_page = DEFAULT_YEAR; $str = '';//'<B>'.$year_page.'</B>'; $str = ''; if ($_SESSION["user_right"] >= $GLOBALS["PRIV_GUEST"] ) { $result_prod = getVideosByYearAndTypeAndTendu($year_page, "eptvprod", 2); Loading @@ -87,7 +89,7 @@ function dispVideosYear(){ if (mysql_num_rows($result_adm)) $str .= dispVideosByType($result_adm, " e p t v . a d m"); return ($str); return $str; } Loading
