include "include/db_connect.php";
#######################################################
#################### PHOTOS ######################
#######################################################
function adminAddPhoto(){
$name = $_POST['photo_get_name'];
$path = $_POST['photo_get_path'];
$tar = $_POST['photo_img_path'];
$size = $_POST['photo_get_size'];
$date = $_POST['photo_get_date'];
$time = get_time();
$type = $_POST['photo_type'];
$comment = $_POST['photo_comment'];
$tendu = $_POST['photo_tendu'];
$id_user = $_SESSION["user_id"];
$query = " INSERT INTO `photos_db` ";
$query .= "( `photo_id`, `photo_name`, `photo_path`, `photo_size`, `photo_date`,
`photo_time`, `photo_type`, `photo_comment`, `photo_tendu`, `photo_img_path`, `photo_user_id`) ";
$query .= "VALUES ( '', '$name', '$path' , '$size', '$date',
'$time', '$type', '$comment', '$tendu', NULL, '$id_user') ";
mysql_query($query)
or die("Add photo Query failed");
$auto_news = $_POST['auto_www_news'];
if ($auto_news)
{
$title = 'Nouvel Album Photo: '.$name;
$query = " INSERT INTO `news_db` ";
$query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
$query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
mysql_query($query)
or die("Query fucked");
}
echo ' '; // automatique redirection
}
function adminModifPhoto(){
$name = $_POST['photo_get_upname'];
$path = $_POST['photo_get_path'];
$tar = $_POST['photo_img_path'];
$size = $_POST['photo_get_size'];
$date = $_POST['photo_get_date'];
$type = $_POST['photo_get_type'];
$comment = $_POST['photo_get_comment'];
$tendu = $_POST['photo_get_tendu'];
$vid_id = $_GET['vid_id'];
$query = " UPDATE `photos_db` ";
$query .= " SET `photo_name` = '$name', `photo_path` = '$path', `photo_date` = '$date', `photo_size` = '$size',
`photo_time` = 'get_time()', `photo_type` = '$type', `photo_comment` = '$comment', `photo_tendu` = '$tendu' ";
$query .= " WHERE `photo_id` = '$vid_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDeletePhoto(){
$name = $_POST['photo_get_upname'];
$path = $_POST['file_serveur'];
$date = $_POST['photo_get_date'];
$up_date = get_time();
$vid_id = $_GET['vid_id'];
$query = " DELETE FROM `photos_db` ";
$query .= " WHERE `photo_id` = '$vid_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### VIDEOS ######################
#######################################################
function adminAddVideo(){
$name = $_POST['video_get_name'];
$path = $_POST['video_get_path'];
$path_daily = $_POST['video_path_daily'];
$size = get_filesize($path);
$date = $_POST['video_get_date'];
$time = get_time();
$type = $_POST['video_type'];
$comment = $_POST['video_comment'];
$tendu = $_POST['video_tendu'];
$id_user = $_SESSION["user_id"];
$query = " INSERT INTO `videos_db` ";
$query .= "( `video_id`, `video_name`, `video_path`, `video_path_daily`, `video_size`, `video_date`,
`video_time`, `video_type`, `video_comment`, `video_tendu`, `video_img_path`, `video_user_id`) ";
$query .= "VALUES ( '', '$name', '$path' , '$path_daily', '$size', '$date',
'$time', '$type', '$comment', '$tendu', NULL, '$id_user') ";
mysql_query($query)
or die("Add Video Query failed");
$auto_news = $_POST['auto_www_news'];
if ($auto_news)
{
$title = 'Nouvelle Video: '.$name;
$query = " INSERT INTO `news_db` ";
$query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
$query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
mysql_query($query)
or die("Query fucked");
}
echo ' '; // automatique redirection
}
function adminModifVideo(){
$name = $_POST['video_get_upname'];
$path = $_POST['video_get_path'];
$path_daily = $_POST['video_path_daily'];
$size = get_filesize($path);
$date = $_POST['video_get_date'];
$type = $_POST['video_get_type'];
$comment = $_POST['video_get_comment'];
$tendu = $_POST['video_get_tendu'];
$vid_id = $_GET['vid_id'];
$query = " UPDATE `videos_db` ";
$query .= " SET `video_name` = '$name', `video_path` = '$path', `video_path_daily` = '$path_daily', `video_date` = '$date', `video_size` = '$size',
`video_time` = 'get_time()', `video_type` = '$type', `video_comment` = '$comment', `video_tendu` = '$tendu' ";
$query .= " WHERE `video_id` = '$vid_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDeleteVideo(){
$name = $_POST['video_get_upname'];
$path = $_POST['file_serveur'];
$date = $_POST['video_get_date'];
$up_date = get_time();
$vid_id = $_GET['vid_id'];
$query = " DELETE FROM `videos_db` ";
$query .= " WHERE `video_id` = '$vid_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### NEWS ######################
#######################################################
function adminAddNews(){
$title = $_POST['news_get_title'];
$date = $_POST['news_get_date'];
$time = get_time();
$comment = $_POST['news_get_comment'];
$id_user = $_SESSION["user_id"];
$tendu = $_POST['news_tendu'];
$query = " INSERT INTO `news_db` ";
$query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
$query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifNews(){
$title = $_POST['news_get_uptitle'];
$date = $_POST['news_get_date'];
$time = get_time();
$comment = $_POST['news_get_comment'];
$news_id = $_GET['news_id'];
$query = " UPDATE `news_db` ";
$query .= " SET `news_title` = '$title', `news_date` = '$date', `news_time` = 'get_time()', `news_comment` = '$comment' ";
$query .= " WHERE `news_id` = '$news_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDeleteNews(){
$news_id = $_GET['news_id'];
$query = " DELETE FROM `news_db` ";
$query .= " WHERE `news_id` = '$news_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### EDITOS ######################
#######################################################
function adminAddEdito(){
$title = $_POST['edito_get_title'];
$date = $_POST['edito_get_date'];
$comment = $_POST['edito_get_comment'];
$id_user = $_SESSION["user_id"];
$query = " INSERT INTO `editos_db` ";
$query .= "( `edito_id`, `edito_title`, `edito_date`, `edito_comment`, `edito_id_user`)";
$query .= "VALUES ( '', '$title', '$date', '$comment', '$id_user') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifEdito(){
$title = $_POST['edito_get_uptitle'];
$date = $_POST['edito_get_update'];
$comment = $_POST['edito_get_upcomment'];
$edito_id = $_GET['edito_id'];
$query = " UPDATE `editos_db` ";
$query .= " SET `edito_title` = '$title', `edito_date` = '$date', `edito_comment` = '$comment' ";
$query .= " WHERE `edito_id` = '$edito_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDelEdito(){
$edito_id = $_GET['edito_id'];
$query = " DELETE FROM `editos_db` ";
$query .= " WHERE `edito_id` = '$edito_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### LINKS ######################
#######################################################
function adminAddLink(){
$link = $_POST['input_get_link'];
$comment = $_POST['input_get_comment'];
$query = " INSERT INTO `links_db` ";
$query .= "( `link_id`, `link_link`, `link_comment`)";
$query .= "VALUES ( '', '$link', '$comment') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifLink(){
$link = $_POST['input_get_link'];
$comment = $_POST['input_get_comment'];
$element_id = $_GET['element_id'];
$query = " UPDATE `links_db` ";
$query .= " SET `link_link` = '$link', `link_comment` = '$comment' ";
$query .= " WHERE `link_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDelLink(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `links_db` ";
$query .= " WHERE `link_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### MEMBERS ######################
#######################################################
function adminAddMember(){
$login = $_POST['member_get_login'];
$pseudo = $_POST['member_get_pseudo'];
$pass = $_POST['member_get_pass'];
$check_pass = $_POST['member_get_checkpass'];
$mail = $_POST['member_get_mail'];
$tel = $_POST['member_get_tel'];
$date = $_POST['member_get_date'];
$statut = $_POST['member_get_statut'];
$right = $_POST['member_get_right'];
$signature = $_POST['member_get_signature'];
$comment = $_POST['member_get_comment'];
$mailing = $_POST['auto_mailing_member'];
if (strcmp($pass,$check_pass) == 1 || $pass == "")
{
echo "Pass non valide mec... Soit c'évide, soit tu n'as pas mis deux fois le meme";
return;
}
else {
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
}
$query = " INSERT INTO `users_db` ";
$query .= "( `user_id`, `user_login`, `user_pseudo`, `user_pass`, `user_mail`,
`user_tel`, `user_date`, `user_statut`, `user_right`,`user_signature`, `user_comment`, `user_mailing`)";
$query .= "VALUES ( '', '$login', '$pseudo', '$pass', '$mail', '$tel', '$date' ,'$statut', '$right', '$signature', '$comment', '$mailing') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifMember(){
$element_id =$_GET['element_id'];
$result = getOneUserById($element_id);
if (mysql_num_rows($result)){
$user = mysql_fetch_array($result);
$login = $_POST['member_get_login'];
$pseudo = $_POST['member_get_pseudo'];
$pass = $_POST['member_get_pass'];
$check_pass = $_POST['member_get_verifpass'];
$mail = $_POST['member_get_mail'];
$tel = $_POST['member_get_tel'];
if ($_SESSION["user_right"] == $GLOBALS["ROOT"]) {
$date = $_POST['member_get_date'];
$statut = $_POST['member_get_statut'];
$right = $_POST['member_get_right'];
$comment = $_POST['member_get_comment'];
}
else {
$date = $user["user_date"];
$statut = $user["user_statut"];
$right = $user["user_right"];
$comment = $user["user_comment"];
}
$signature = $_POST['member_get_signature'];
if ($pass != $check_pass)
{
echo "Pass non valide mec... Soit c'est vide, soit tu n'as pas mis deux fois le meme";
return;
}
else {
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
}
$mailing = $_POST['auto_mailing_member'];
$element_id = $_GET['element_id'];
$query = " UPDATE `users_db` ";
if ($_POST['member_get_pass']){
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_pass` = '$pass', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut', `user_right` = '$right',
`user_signature` = '$signature', `user_comment` = '$comment', `user_mailing` = '$mailing' ";
}
else {
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut', `user_right` = '$right',
`user_signature` = '$signature', `user_comment` = '$comment', `user_mailing` = '$mailing' ";
}
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query fucked");
}
echo ' '; // automatique redirection
}
function adminDelMember(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `users_db` ";
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### USERS ######################
#######################################################
function adminAddUser(){
$login = $_POST['user_get_login'];
$pseudo = $_POST['user_get_pseudo'];
$pass = $_POST['user_get_pass'];
$mail = $_POST['user_get_mail'];
$tel = $_POST['user_get_tel'];
$date = $_POST['user_get_date'];
$statut = 0;
$right = $_POST['user_get_right'];
$signature = $_POST['user_get_signature'];
$comment = $_POST['user_get_comment'];
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
$query = " INSERT INTO `users_db` ";
$query .= "( `user_id`, `user_login`, `user_pseudo`, `user_pass`, `user_mail`,
`user_tel`, `user_date`, `user_statut`, `user_right`,`user_signature`, `user_comment`, `user_mailing`)";
$query .= "VALUES ( '', '$login', '$pseudo', '$pass', '$mail', '$tel', '$date' ,'$statut', '$right', '$signature', '$comment', '') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifUser(){
$login = $_POST['user_get_login'];
$pseudo = $_POST['user_get_pseudo'];
$pass = $_POST['user_get_pass'];
$mail = $_POST['user_get_mail'];
$tel = $_POST['user_get_tel'];
$date = $_POST['user_get_date'];
$statut = 0;
$right = $_POST['user_get_right'];
$signature = $_POST['user_get_signature'];
$comment = $_POST['user_get_comment'];
$element_id = $_GET['element_id'];
if ($pass != $check_pass) {
echo "Pass non valide mec... Soit c'est vide, soit tu n'as pas mis deux fois le meme";
return;
}
else {
$pass = md5($pass);
if (!get_magic_quotes_gpc()) {
$pass = addslashes($pass);
}
}
$query = " UPDATE `users_db` ";
if ($_POST['user_get_pass']){
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_pass` = '$pass', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut',
`user_right` = '$right', `user_signature` = '$signature', `user_comment` = '$comment' ";
}
else {
$query .= " SET `user_login` = '$login', `user_pseudo` = '$pseudo', `user_mail` = '$mail',
`user_tel` = '$tel', `user_date` = '$date', `user_statut` = '$statut',
`user_right` = '$right', `user_signature` = '$signature', `user_comment` = '$comment' ";
}
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDelUser(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `users_db` ";
$query .= " WHERE `user_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
#######################################################
#################### BLACKLIST ######################
#######################################################
function adminAddBlacklist(){
$login = $_POST['blacklist_get_login'];
$pseudo = $_POST['blacklist_get_pseudo'];
$mail = $_POST['blacklist_get_mail'];
$date = $_POST['blacklist_get_date'];
$reason = $_POST['blacklist_get_reason'];
$query = " INSERT INTO `blacklist_db` ";
$query .= "( `blacklist_id`, `blacklist_login`, `blacklist_pseudo`, `blacklist_mail`,
`blacklist_date`, `blacklist_reason`, `blacklist_try`)";
$query .= "VALUES ( '', '$login', '$pseudo', '$mail', '$date', '$reason', '') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifBlacklist(){
$login = $_POST['blacklist_get_login'];
$pseudo = $_POST['blacklist_get_pseudo'];
$mail = $_POST['blacklist_get_mail'];
$date = $_POST['blacklist_get_date'];
$reason = $_POST['blacklist_get_reason'];
$element_id = $_GET['element_id'];
$query = " UPDATE `blacklist_db` ";
$query .= " SET `blacklist_login` = '$login', `blacklist_pseudo` = '$pseudo', `blacklist_mail` = '$mail',
`blacklist_date` = '$date', `blacklist_reason` = '$reason' ";
$query .= " WHERE `blacklist_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDelBlacklist(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `blacklist_db` ";
$query .= " WHERE `blacklist_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminAddBlacksite(){
$adress = $_POST['blacksite_get_adress'];
$query = " INSERT INTO `blacksites_db` ";
$query .= "( `blacksite_id`, `blacksite_adress`)";
$query .= "VALUES ( '', '$adress') ";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminModifBlacksite(){
$adress = $_POST['blacksite_get_adress'];
$element_id = $_GET['element_id'];
$query = " UPDATE `blacksites_db` ";
$query .= " SET `blacksite_adress` = '$adress' ";
$query .= " WHERE `blacksite_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
function adminDelBlacksite(){
$element_id = $_GET['element_id'];
$query = " DELETE FROM `blacksites_db` ";
$query .= " WHERE `blacksite_id` = '$element_id' LIMIT 1";
mysql_query($query)
or die("Query failed");
echo ' '; // automatique redirection
}
?>