diff --git a/css/default.css b/css/default.css
index df50a36557851fd69bf627aec4cbd8aceb4ddde1..acfb2f27fcc058dc8498b4e7400be58a074cc291 100644
--- a/css/default.css
+++ b/css/default.css
@@ -38,6 +38,8 @@ li a {
 img {
     margin: 0 auto;
     padding: 0px;
+    border: 0px;
+    text-align: right;
 }
 
 .clr {
diff --git a/images/rss.png b/images/rss.png
new file mode 100644
index 0000000000000000000000000000000000000000..010edc23c32219d6c0485459adfa78eae6788e16
Binary files /dev/null and b/images/rss.png differ
diff --git a/include/admin_home.php b/include/admin_home.php
index ae1d12b8d824c8ff81f4cd1498716abc6cd55557..c27d23467336512b9c0ae6ea0a99389d5147452e 100644
--- a/include/admin_home.php
+++ b/include/admin_home.php
@@ -3,7 +3,6 @@
 function dispAdminHome() {
 
 include_once "include/admin_tables.php";
-include_once "include/functions_sql_admin.php";
 include_once "include/admin_menu.php";
 include_once "include/admin_videos.php";
 include_once "include/admin_news.php";
@@ -352,8 +351,7 @@ $str .= '
 }
 else
 {
-$str = '
-
+$str = '<div id="all_side">
 	<table width="100%">
 		<tr>
 
@@ -367,7 +365,7 @@ $str = '
 				</td>
 				</tr>
 		</tr>
-	</table>
+	</table></div>
 ';
 }
 
diff --git a/include/admin_menu.php b/include/admin_menu.php
index 73fc7275886be2221fa89757b2911d6fb5483bed..a0f1a326fbf7ab908db2345c801ae8bf00f08b74 100644
--- a/include/admin_menu.php
+++ b/include/admin_menu.php
@@ -1,54 +1,18 @@
 <?
-
 function dispAdminMenu() {
-
-$str = '
-
-	</TR>
-
-	';
-	if ($_SESSION["user_right"] >= $GLOBALS["PRIV_GUEST"]) {
-		$str .= '
-			<div>
-				<a href="index.php?html=AdminHome&section_admin=AdminVideos" class="texte_link">Videos</a>
-			</div>
-		';
-	}
-
-	$str .= '
-<div>
-			<a href="index.php?html=AdminHome&section_admin=AdminNews" class="texte_link">News</a>
-</div>
-		';
-
-    if ($_SESSION["user_right"] >= $GLOBALS["EPTV"]) {
-	$str .= '
-<div>
-	<a href="index.php?html=AdminHome&section_admin=AdminEdito" class="texte_link">Edito</a>
-</div>
-<div>
-			<a href="index.php?html=AdminHome&section_admin=AdminLinks" class="texte_link">Links</a>
-</div>
-<div>
-			<a href="index.php?html=AdminHome&section_admin=AdminMembers" class="texte_link">EPTV Members</a>
-</div>
-<div>
-			<a href="index.php?html=AdminHome&section_admin=AdminUsers" class="texte_link">Users</a>
-</div>
-<div>
-			<a href="index.php?html=AdminHome&section_admin=AdminBlacklist" class="texte_link">Blacklist</a>
-</div>
-<div>
-			<a href="munin/" target="_blank" class="texte_link">Munin</a>
-</div>
-<div>
-			<a href="phpmyadmin/" target="_blank" class="texte_link">PHPMyAdmin</a>
-</div>
-
-	';
-	}
-
-
-return $str;
-
+  $str = '</tr>';
+  if ($_SESSION["user_right"] >= $GLOBALS["PRIV_GUEST"])
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminVideos" class="texte_link">Videos</a></div>';
+
+  if ($_SESSION["user_right"] >= $GLOBALS["EPTV"]) {
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminNews" class="texte_link">News</a></div>';
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminEdito" class="texte_link">Edito</a></div>';
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminLinks" class="texte_link">Links</a></div>';
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminMembers" class="texte_link">EPTV Members</a></div>';
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminUsers" class="texte_link">EPTV Fans</a></div>';
+    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminBlacklist" class="texte_link">Blacklist</a></div>';
+    $str .= '<div><a href="munin/" target="_blank" class="texte_link">Munin</a></div>';
+    $str .= '<div><a href="phpmyadmin/" target="_blank" class="texte_link">PHPMyAdmin</a></div>';
+  }
+  return $str;
 }
\ No newline at end of file
diff --git a/include/auth.php b/include/auth.php
new file mode 100644
index 0000000000000000000000000000000000000000..98b6018c4082a1779b5b6c52d8636bfd166b7331
--- /dev/null
+++ b/include/auth.php
@@ -0,0 +1,52 @@
+<?php
+
+function auth_init() {
+  // define user right and id if new session
+  if (!$_SESSION["user_id"] or !$_SESSION["user_right"]) {
+    $_SESSION["user_id"] = 0;
+    $_SESSION["user_right"] = 0;
+  }
+
+  // No logged user is allowed without https!
+  if ($_SERVER['HTTPS'] != "on" && $_SESSION["user_id"] > 0)
+    auth_disconnect();
+
+  // Process auth if asked
+
+  if ($_POST['connect']) {
+    if (!auth_connect(stripslashes($_POST['user_login']),
+		     stripslashes($_POST['user_pass'])))
+      redirect('/?html=Connection&fail='.stripslashes($_POST['user_login']));
+  }
+  //Process disconnect if asked
+  if ($_POST['disconnect'])
+    auth_disconnect();
+}
+
+function auth_connect($login, $pass) {
+  $md5_pass = md5($pass);
+  $result = getOneUserByLogin($login);
+  if (mysql_num_rows($result) > 0) {
+    $user = mysql_fetch_array($result);
+    if ($user["user_login"] == $login && $user["user_pass"] == $md5_pass)
+      if (!auth_blacklisted($login)) {
+	$_SESSION["user_right"] = $user["user_right"];
+	$_SESSION["user_id"] = $user["user_id"];
+	return true;
+      }
+  }
+  return false;
+}
+
+function auth_disconnect() {
+  $_SESSION["user_id"] = 0;
+  $_SESSION["user_right"] = 0;
+}
+
+function auth_blacklisted($login) {
+  $result = getOneBlacklistByLogin($login);
+
+  return mysql_num_rows($result) > 0;
+}
+
+?>
\ No newline at end of file
diff --git a/include/connection.php b/include/connection.php
index 8733095a2cf5326660782873d891cf8b406ec7b9..45a40afd8ce0d8ab098a69ffb5b568ea2765d05b 100644
--- a/include/connection.php
+++ b/include/connection.php
@@ -1,178 +1,60 @@
 <?
 
 function dispConnection(){
-  if ($_SESSION["user_right"] == 0)
-    $str .= dispConnectionLogin();
+  if ($_SERVER['HTTPS'] != "on") {
+    echo '<div id="all_side">';
+    echo '<p>Pour vous connecter au site, <strong>vous devez utiliser une connexion SSL</strong>!</p>';
+    echo '</div>';
+    return;
+  }
+
+  if ($_GET["fail"])
+    dispConnectionFailure();
+  elseif ($_SESSION["user_id"] == 0)
+    dispConnectionLogin();
   else
-    $str .= dispConnectionDisconnect();
-  echo $str;
+    dispConnectionDisconnect();
 }
 
-function dispConnectionLogin() { /////// CONNECTION LOGIN ///////
+function dispConnectionLogin() {
   $str = '<div id="all_side">';
-  $str .= dispTableBegin("c o n n e x i o n", "30", 1);
-  if ($_SERVER['HTTPS'] == "on") {
-    $str .= '<form name="saisie" method="post" action="index.php?connect=1&html=Home">';
-    $str .= '<tr><td width="40%" class="small" align="center">Login</td></tr>';
-    $str .= '<tr><td width="60%" align="center"><input type="login" name="user_login" size="15" maxlength="15"></td></tr>';
-    $str .= '<tr><td width="40%" class="small" align="center">Pass</td></tr>';
-    $str .= '<tr><td width="60%" align="center"><input type="password" name="user_pass" size="15" maxlength="15"></td></tr>';
-    $str .= '<tr><td colspan="2" align="center"><input type="submit" value="Donne tout"><br></td></tr>';
-    $str .= '</form>';
-  }
-  else
-    $str .= "<p>Pour vous connecter au site, <strong>vous devez utiliser une connexion SSL</strong>!</p>";
-
-  $str .= dispTableEnd();
+  $str .= '<form id="connect" method="post" action="/">';
+  $str .= '<ul>';
+  $str .= '<h1>Connexion</h1>';
+  $str .= '<li>Login : <input type="login" name="user_login" size="20" size="15" maxlength="20"></li>';
+  $str .= '<li>Password : <input type="password" name="user_pass" size="15" maxlength="42"></li>';
+  $str .= '<li><input type="submit" name="connect" value="Donne tout"></li>';
+  $str .= '</ul>';
+  $str .= '</form>';
   $str .= '</div>';
-  return $str;
-}
-
-function dispConnectionDisconnect() {  /////// CONNECTION PROFIL ///////
-
-	$ID = $_SESSION["user_id"];
-
-	$result = getOneUserById($ID);
-
-
-	$user = mysql_fetch_array($result);
-
-	$str = '<div id="all_side">';
-	$str .= dispTableBegin("d &eacute; c o n n e c t e r", "30", 1);
-
-	$str .='
-		<form name="saisie" method="post" action="index.php?connect=-1&html=Home">
-       		<tr><td width="40%" class="small" align="center"> <b>Salut &#224 toi
-		'.$user["user_pseudo"].'
-		</b></td></tr>
-
-		<!--
-		<tr><td width="40%" class="small" align="center">Status: <b>
-		'.get_right_name($user["user_right"]).'
-		</b></td></tr>
-		<tr><td width="40%" class="small" align="center">Rights: <b>
-		'.get_right_name($_SESSION["user_right"]).'
-		</b></td></tr>
-		-->
-		<tr><td width="40%" class="small" align="center">
-		'.$user["user_comment"].'
-		</td></tr>
-		<tr><td></td></tr>
-		<tr><td colspan="2" align="center"><input type="submit" value="D&eacute;connecter"><br></td></tr>
-		</form>
-	';
-
-	$str .= dispTableEnd();
-	$str .= '</div>';
-
-return ($str);
-}
-
-// Disconnect user
-function userDisconnect(){
-  $_SESSION["user_right"] = 0;
-  $_SESSION["user_id"] = 0;
-}
-
-function checkUser($Check_Login, $Check_Pass){
-
-	$result_login = getOneUserByName($Check_Login);
-	$result_pseudo = getOneUserByPseudo($Check_Login);
-
-	// MD5
-	$md5_Pass = stripslashes($Check_Pass);
-	$md5_Pass = md5($md5_Pass);
-
-	if (mysql_num_rows($result_login)){
-		$user = mysql_fetch_array($result_login);
-
-		if ($user["user_login"] == $Check_Login && $user["user_pass"] == $md5_Pass ) {
-
-			$_SESSION["user_right"] = $user["user_right"];
-			$_SESSION["user_id"] = $user["user_id"];
-			return;
-		}
-	}
-	else if (mysql_num_rows($result_pseudo)){
-		$user = mysql_fetch_array($result_pseudo);
-		if ($user["user_pseudo"] == $Check_Login && $user["user_pass"] == $md5_Pass ) {
-			$_SESSION["user_right"] = $user["user_right"];
-			$_SESSION["user_id"] = $user["user_id"];
-			return;
-		}
-	}
-
-	if (yp_check($Check_Login, $Check_Pass)) {
-		if ($user["user_login"] == $Check_Login){
-			$_SESSION["user_right"] = $user["user_right"];
-			$_SESSION["user_id"] = $user["user_id"];
-		}
-		else {
-			if (!check_blacklist($Check_Login)) {
-				$_SESSION["user_right"] = 3;
-				$_SESSION["user_id"] = 0;
-			}
-			else {
-				$_SESSION["user_right"] = -1;
-			}
-		}
-
-		return;
-	}
+  echo $str;
 }
 
-function check_blacklist($Check_Login) {  ////// CHECK IF BLACKLISTED //////
-
-	$result = getOneBlacklistByLogin($Check_Login);
-
-	if (mysql_num_rows($result)){
-		$blacklist = mysql_fetch_array($result);
-
-		$try =  $blacklist["blacklist_try"] + 1;
-
-		$query = " UPDATE `blacklist_db` ";
-		$query .= " SET `blacklist_try` = '$try' ";
-		$query .=  " WHERE `blacklist_login` = '$Check_Login' LIMIT 1";
-		mysql_query($query)
-		    or die("Query failed");
-
-		$result = getAllBlacksite();
-		// random un peu porc pour les fake sites.
-			$cpt = 0;
-			while ($blacksite = mysql_fetch_array($result)) {
-				$cpt++;
-				$tabsite[$cpt] = $blacksite["blacksite_id"];
-			}
-
-			$randsite = rand (1, $cpt);
-
-		$result = getOneBlacksiteById($tabsite[$randsite]);
-		$blacksite = mysql_fetch_array($result);
-
-		echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL='.$blacksite["blacksite_adress"].'"> '; // automatique redirection
-		return (1);
-	}
-
-	return (0);
+function dispConnectionDisconnect() {
+  $result = getOneUserById($_SESSION["user_id"]);
+  if (mysql_num_rows($result) > 0) {
+    $user = mysql_fetch_array($result);
+    $str = '<div id="all_side">';
+    $str .= '<form id="connect" method="post" action="/">';
+    $str .= '<ul>';
+    $str .= '<h1>D&eacute;connexion</h1>';
+    $str .= '<li>Vous allez d&eacute;connect&eacute; l\'utilisateur <strong>'.$user["user_pseudo"].'</strong> (<em>'.$user["user_login"].'</em>) !</li>';
+    $str .= '<li><input type="submit" name="disconnect" value="C\'est mon dernier mot"></li>';
+    $str .= '</ul>';
+    $str .= '</form>';
+    $str .= '</div>';
+  }
+  echo $str;
 }
 
-function go_random_blacksite() {
-
-		$result = getAllBlacksite();
-		// random un peu porc pour les fake sites.
-			$cpt = 0;
-			while ($blacksite = mysql_fetch_array($result)) {
-				$cpt++;
-				$tabsite[$cpt] = $blacksite["blacksite_id"];
-			}
-
-			$randsite = rand (1, $cpt);
-
-		$result = getOneBlacksiteById($tabsite[$randsite]);
-		$blacksite = mysql_fetch_array($result);
-
-		echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL='.$blacksite["blacksite_adress"].'"> '; // automatique redirection
-
+function dispConnectionFailure() {
+  $str = '<div id="all_side">';
+  $str .= '<p>';
+  $str .= '<strong>L\'authentification</strong> en tant que <em>'.$_GET["fail"].'</em> <strong>&agrave; &eacute;chou&eacute;e</strong>';
+  $str .= '<br/><small><em>Pour vous connecter au site, vous devez utiliser une connexion SSL!</em></small>';
+  $str .= '</p>';
+  $str .= '</div>';
+  echo $str;
 }
 
 ?>
diff --git a/include/db.php.template b/include/db.php.template
new file mode 100644
index 0000000000000000000000000000000000000000..21afd21040d147bda16357afbe4c7605bfa8034f
--- /dev/null
+++ b/include/db.php.template
@@ -0,0 +1,12 @@
+<?php
+// This file must be copied in db.php and set correct values
+$db_host = "";
+$db_user = "";
+$db_pass = "";
+$db_name = ";
+
+$db = mysql_connect($db_host, $db_user, $db_pass)
+  or die("<font color=red>can't connect</font>");
+mysql_select_db($db_name, $db)
+or die("<font color=red>can't find database</font>");
+?>
diff --git a/include/db_connect.php.template b/include/db_connect.php.template
deleted file mode 100644
index 6029af7b25e4e9ca5ac4919a74b0649570be1fb4..0000000000000000000000000000000000000000
--- a/include/db_connect.php.template
+++ /dev/null
@@ -1,17 +0,0 @@
-<?
-// This file must be copied in db_connect.php and set correct values
-
-$localhost = "localhost";
-$user = "eptv";
-$password = "Moovu6chi3";
-
-$bdd_name = "eptv_fr";
-
-
-$db = mysql_connect($localhost, $user, $password)
-	or DIE("<font color=red>can't connect</font>");
-mysql_select_db($bdd_name, $db)
-	or DIE("<font color=red>can't find database</font>");
-
-
-?>
diff --git a/include/functions_sql.php b/include/functions_sql.php
deleted file mode 100644
index a7e0654c5180e2d4f3970a147127dd87c01029ab..0000000000000000000000000000000000000000
--- a/include/functions_sql.php
+++ /dev/null
@@ -1,187 +0,0 @@
-<?php
-
-################################
-##########   SQL NEWS   ########
-################################
-
-function getOneNews($news_id) {
-  $news_id = mysql_real_escape_string($news_id);
-  $query = "select * from $DB.news_db WHERE news_id = '$news_id'";
-  return mysql_query($query);
-}
-
-function getLastNews($tendu) {
-  $tendu = mysql_real_escape_string($tendu);
-  $query = "SELECT * FROM $DB.news_db INNER JOIN $DB.users_db ON news_db.news_user_id = users_db.user_id WHERE news_tendu<='$tendu' ORDER BY news_date desc, news_time desc";
-  return mysql_query($query);
-}
-
-################################
-##########  SQL EDITO   ########
-################################
-
-function getOneEdito($edito_id) {
-  $edito_id = mysql_real_escape_string($edito_id);
-  $query = "select * from $DB.editos_db WHERE edito_id = '$edito_id'";
-  return mysql_query($query);
-}
-
-function getLastEdito() {
-  $query = "select * from $DB.editos_db ORDER BY edito_date DESC";
-  return mysql_query($query);
-}
-
-function getAllEdito() {
-  $query = "select * from $DB.editos_db ORDER BY edito_date DESC";
-  return mysql_query($query);
-}
-
-################################
-##########  SQL VIDEOS  ########
-################################
-
-function getOneVideo($vid_id){
-  $vid_id = mysql_real_escape_string($vid_id);
-  $query = "select * from $DB.videos_db WHERE video_id = '$vid_id'";
-  return mysql_query($query);
-}
-
-function getAllVideos() {
-  $query = "select * from $DB.videos_db ORDER BY video_date desc, video_time desc";
-  return mysql_query($query);
-}
-
-function getLastVideos() {
-  $query = "select * from $DB.videos_db ORDER BY video_id desc";
-  return mysql_query($query);
-}
-
-function getVideosByType($type) {
-  $type = mysql_real_escape_string($type);
-  $query = "select * from $DB.videos_db WHERE video_type='$type' ORDER BY video_date desc";
-  return mysql_query($query);
-}
-
-function getVideosByYearAndTypeAndTendu($year, $type, $tendu) {
-  $year = mysql_real_escape_string($year);
-  $type = mysql_real_escape_string($type);
-  $tendu = mysql_real_escape_string($tendu);
-  if ($year == 0)
-    $query = "select * from $DB.videos_db
-	      WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)<='2000'
-	      ORDER BY video_date desc";
-  else
-    $query = "select * from $DB.videos_db
-	      WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)='$year'
-	      ORDER BY video_date desc";
-  return mysql_query($query);
-}
-
-function getLastVideosByTendu($tendu) {
-  $tendu = mysql_real_escape_string($tendu);
-  $query = "select * from $DB.videos_db WHERE video_tendu<='$tendu' ORDER BY video_id desc";
-  return mysql_query($query);
-}
-
-##################################
-##########  SQL CONTACTS  ########
-##################################
-
-function getAssoInfos() {
-  $query = "select * from $DB.asso_db";
-  return mysql_query($query);
-}
-
-function getOneLinkById($id) {
-  $id = mysql_real_escape_string($id);
-  $query = "select * from $DB.links_db WHERE link_id='$id'";
-  return mysql_query($query);
-}
-
-function getAllLinks() {
-  $query = "select * from $DB.links_db";
-  return mysql_query($query);
-}
-
-###############################
-##########  SQL USERS  ########
-###############################
-
-
-function getOneUserByName($login) {
-  $login = mysql_real_escape_string($login);
-  $query = "select * from $DB.users_db WHERE user_login='$login'";
-  return mysql_query($query);
-}
-
-function getOneUserByPseudo($pseudo) {
-  $pseudo = mysql_real_escape_string($pseudo);
-  $query = "select * from $DB.users_db WHERE user_pseudo='$pseudo'";
-  return mysql_query($query);
-}
-
-function getOneUserById($id) {
-  $id = mysql_real_escape_string($id);
-  $query = "select * from $DB.users_db WHERE user_id='$id'";
-  return mysql_query($query);
-}
-
-function getAllUsers() {
-  $query = "select * from $DB.users_db WHERE user_right < 7 ORDER BY user_right desc";
-  return mysql_query($query);
-}
-
-function getUsersByStatut($statut) {
-  $statut = mysql_real_escape_string($statut);
-  $query = "SELECT * FROM $DB.users_db WHERE user_statut='$statut' ORDER BY user_right desc";
-  return mysql_query($query);
-}
-
-################################
-##########  SQL MEMBERS  ########
-################################
-
-function getAllMembers() {
-  $query = "select * from $DB.users_db WHERE user_right >= 7";
-  return mysql_query($query);
-}
-
-function getAnExistingStatut($statut) {
-  $statut = mysql_real_escape_string($statut);
-  $query = "select * from $DB.users_db WHERE user_statut = '$statut'";
-  return mysql_query($query);
-}
-
-####################################
-##########   SQL Blacklist  ########
-####################################
-
-function getOneBlacklistById($id) {
-  $id = mysql_real_escape_string($id);
-  $query = "select * from $DB.blacklist_db WHERE blacklist_id='$id'";
-  return mysql_query($query);
-}
-
-function getOneBlacklistByLogin($login) {
-  $login = mysql_real_escape_string($login);
-  $query = "select * from $DB.blacklist_db WHERE blacklist_login='$login'";
-  return mysql_query($query);
-}
-
-function getAllBlacklist() {
-  $query = "select * from $DB.blacklist_db";
-  return mysql_query($query);
-}
-
-function getAllBlacksite() {
-  $query = "select * from $DB.blacksites_db";
-  return mysql_query($query);
-}
-
-function getOneBlacksiteById($id) {
-  $id = mysql_real_escape_string($id);
-  $query = "select * from $DB.blacksites_db WHERE blacksite_id='$id'";
-  return mysql_query($query);
-}
-
-?>
\ No newline at end of file
diff --git a/include/home.php b/include/home.php
index f65996de0be086a411f36a7365475e107cad6e16..6cebd98ddccf5b3a49b26d9b0763ffb1a64abf41 100644
--- a/include/home.php
+++ b/include/home.php
@@ -6,7 +6,7 @@ function dispHome() {
   $str .= '</div>';
   $str .= '<div id="left_side">
             <div id="newsbox">
-                <h1><img alt="" src="images/puce.png" /> <strong>Derni&egrave;res actualit&eacute;s</strong></h1>
+                <h1><img alt="" src="images/puce.png" />&nbsp;<strong>Derni&egrave;res actualit&eacute;s</strong>&nbsp;<a type="application/rss+xml" href="?rss=News"><img alt="Flux RSS Actuali&eacute;s" src="images/rss.png" height="14px" /></a></h1>
                 <ul>';
 
   $str .=dispNewsRows(15);
@@ -17,7 +17,7 @@ function dispHome() {
 
         <div id="right_side">
             <div class="rightbox">
-                <h1><img alt="" src="images/puce.png" /><strong>Edito</strong></h1>
+                <h1><img alt="" src="images/puce.png" />&nbsp;<strong>Edito</strong></h1>
                 ';
 
   $str .= dispHomeEdito();
@@ -25,7 +25,7 @@ function dispHome() {
   $str .= '
             </div>
             <div class="rightbox">
-                <h1><img alt="" src="images/puce.png" /> <strong>Derni&egrave;res vid&eacute;o</strong></h1>
+                <h1><img alt="" src="images/puce.png" />&nbsp;<strong>Derni&egrave;res vid&eacute;o</strong>&nbsp;<a type="application/rss+xml" href="?rss=Videos"><img alt="Flux RSS Vid&eacute;os" src="images/rss.png" height="14px" /></a></h1>
                 ';
 
   $str .= dispHomeLastVideos();
diff --git a/include/html.php b/include/html.php
index bdadd289264efae742968fd5e460d8bcb761ccc4..28d48590f5c2d731adc3cd4bd27465c8570389b9 100644
--- a/include/html.php
+++ b/include/html.php
@@ -37,6 +37,8 @@ function dispHTMLHeader() {
   echo ' <title>EPTV</title>';
   echo ' <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />';
   echo ' <link rel="icon" type="image/vnd.microsoft.icon" href="images/eptv.ico" />';
+  echo ' <link rel="alternate" type="application/rss+xml"  href="?rss=News" title="Acutalit&eacute;s" />';
+  echo ' <link rel="alternate" type="application/rss+xml"  href="?rss=Videos" title="Vid&eacute;os" />';
   echo ' <style type="text/css" media="screen" title="EPTV Default">';
   echo '  @import url(css/default.css);';
   echo ' </style>';
@@ -47,7 +49,6 @@ function dispHTMLHeader() {
 // display html body
 function dispHTMLBody() {
   echo '<body>';
-  echo ' <basefont face="lucida" />';
   //  echo ' <div id="main_container">';
   echo '  <div id="main_header">';
   dispMenu();
diff --git a/include/rss.php b/include/rss.php
new file mode 100644
index 0000000000000000000000000000000000000000..22a5dbedbbe62fd6c92ce028553aeac8a1cc7c37
--- /dev/null
+++ b/include/rss.php
@@ -0,0 +1,57 @@
+<?php
+
+function getRss() {
+  $tab_rss = array();
+  $tab_rss["News"] = dispRssChannelNews;
+  $tab_rss["Videos"] = dispRssChannelVideos;
+
+  if (!isset($_GET['rss']) or !array_key_exists($_GET['rss'], $tab_rss))
+    die("Flux RSS introuvable!");
+
+  header('Content-type: application/rss+xml; charset=utf-8');
+  echo '<?xml version="1.0" encoding="utf-8" ?>';
+  echo '<rss version="2.0">';
+  $tab_rss[$_GET['rss']]();
+  echo '</rss>';
+  }
+
+function dispRssChannelNews() {
+  $str = '<channel>';
+  $str .= '<title>Actualités EPTV</title>';
+  $str .= '<link>http://www.eptv.fr/?html=News</link>';
+  $str .= '<description>L\'actualités d\'EPTV</description>';
+  $str .= '<language>fr</language>';
+  $str .= '<copyright>EPTV</copyright>';
+  $result = getLastNews(0);
+  if (mysql_num_rows($result))
+    while ($news = mysql_fetch_array($result)) {
+      $str .= '<item>';
+      $str .= '<title>'.htmlspecialchars(strip_tags($news["news_title"])).'</title>';
+      $str .= '<description>'.htmlspecialchars(strip_tags($news["news_comment"])).'</description>';
+      $str .= '<pubDate>'.htmlspecialchars(date("r", strtotime($news["news_date"]))).'</pubDate>';
+      $str .= '</item>';
+    }
+  $str .= '</channel>';
+  echo $str;
+}
+
+function dispRssChannelVideos() {
+  $str = '<channel>';
+  $str .= '<title>Vidéos EPTV</title>';
+  $str .= '<link>http://www.eptv.fr/?html=Videos</link>';
+  $str .= '<description>Le flux des vidéos d\'EPTV</description>';
+  $str .= '<language>fr</language>';
+  $str .= '<copyright>EPTV</copyright>';
+  $result = getLastVideosByTendu(0);
+  if (mysql_num_rows($result))
+    while ($video = mysql_fetch_array($result)) {
+      $str .= '<item>';
+      $str .= '<title>'.htmlspecialchars(strip_tags($video["video_name"])).'</title>';
+      $str .= '<description>'.htmlspecialchars(strip_tags($video["video_comment"])).'</description>';
+      $str .= '<pubDate>'.htmlspecialchars(date("r", strtotime($video["video_date"]))).'</pubDate>';
+      $str .= '</item>';
+    }
+  $str .= '</channel>';
+  echo $str;
+}
+?>
diff --git a/include/script.js b/include/script.js
index 6d72fd152f67b4f1858d32522db6e2e41102970f..b54602816357780ba4d32c13f78ce984f91e3846 100644
--- a/include/script.js
+++ b/include/script.js
@@ -1,7 +1,5 @@
-<script language="JavaScript">
-<!--
-function popup_video_dailymotion(url) {
-    window.open(url, '', 'width=510,height=418,toolbar=no,directories=no,status=no,menubar=no,location=no,scrollbars=no,resizable=yes');
-}
--->
+<script type="text/javascript">
+     function popup_video_dailymotion(url) {
+     window.open(url, '', 'width=510,height=418,toolbar=no,directories=no,status=no,menubar=no,location=no,scrollbars=no,resizable=yes');
+ }
 </script>
diff --git a/include/functions_sql_admin.php b/include/sql.php
similarity index 73%
rename from include/functions_sql_admin.php
rename to include/sql.php
index fc5fcf8fe27ff55b53f087ca269c416da65d7917..a0f9934fb77fe68aa788d562099550985d5cc54e 100644
--- a/include/functions_sql_admin.php
+++ b/include/sql.php
@@ -1,102 +1,200 @@
-<?
+<?php
+
+################################
+##########  CONNECTION #########
+################################
+function sql_init() {
+  include_once("db.php");
+  $db = mysql_connect($db_host, $db_user, $db_pass) or die("<font color=red>can't connect</font>");
+  mysql_select_db($db_name, $db) or die("<font color=red>can't find database</font>");
+  mysql_set_charset("utf8", $db);
+}
 
-include "include/db_connect.php";
+################################
+##########   SQL NEWS   ########
+################################
 
+function getOneNews($news_id) {
+  $news_id = mysql_real_escape_string($news_id);
+  $query = "select * from $DB.news_db WHERE news_id = '$news_id'";
+  return mysql_query($query);
+}
 
-#######################################################
-####################    PHOTOS   ######################
-#######################################################
+function getLastNews($tendu) {
+  $tendu = mysql_real_escape_string($tendu);
+  $query = "SELECT * FROM $DB.news_db INNER JOIN $DB.users_db ON news_db.news_user_id = users_db.user_id WHERE news_tendu<='$tendu' ORDER BY news_date desc, news_time desc";
+  return mysql_query($query);
+}
 
+################################
+##########  SQL EDITO   ########
+################################
 
+function getOneEdito($edito_id) {
+  $edito_id = mysql_real_escape_string($edito_id);
+  $query = "select * from $DB.editos_db WHERE edito_id = '$edito_id'";
+  return mysql_query($query);
+}
 
-function adminAddPhoto(){
+function getLastEdito() {
+  $query = "select * from $DB.editos_db ORDER BY edito_date DESC";
+  return mysql_query($query);
+}
 
-  $name = $_POST['photo_get_name'];
-  $path = $_POST['photo_get_path'];
-  $tar = $_POST['photo_img_path'];
-  $size = $_POST['photo_get_size'];
-  $date = $_POST['photo_get_date'];
-  $time = get_time();
-  $type = $_POST['photo_type'];
-  $comment = $_POST['photo_comment'];
-  $tendu =  $_POST['photo_tendu'];
+function getAllEdito() {
+  $query = "select * from $DB.editos_db ORDER BY edito_date DESC";
+  return mysql_query($query);
+}
 
-  $id_user = $_SESSION["user_id"];
+################################
+##########  SQL VIDEOS  ########
+################################
 
-  $query = " INSERT INTO `photos_db` ";
-  $query .= "( `photo_id`, `photo_name`, `photo_path`, `photo_size`, `photo_date`,
-		`photo_time`, `photo_type`, `photo_comment`, `photo_tendu`, `photo_img_path`, `photo_user_id`) ";
+function getOneVideo($vid_id){
+  $vid_id = mysql_real_escape_string($vid_id);
+  $query = "select * from $DB.videos_db WHERE video_id = '$vid_id'";
+  return mysql_query($query);
+}
 
-  $query .= "VALUES ( '', '$name', '$path' , '$size', '$date',
-		'$time', '$type', '$comment', '$tendu', NULL, '$id_user') ";
-  mysql_query($query)
-    or die("Add photo Query failed");
+function getAllVideos() {
+  $query = "select * from $DB.videos_db ORDER BY video_date desc, video_time desc";
+  return mysql_query($query);
+}
 
+function getLastVideos() {
+  $query = "select * from $DB.videos_db ORDER BY video_id desc";
+  return mysql_query($query);
+}
 
-$auto_news = $_POST['auto_www_news'];
+function getVideosByType($type) {
+  $type = mysql_real_escape_string($type);
+  $query = "select * from $DB.videos_db WHERE video_type='$type' ORDER BY video_date desc";
+  return mysql_query($query);
+}
 
-if ($auto_news)
-{
-  $title = 'Nouvel Album Photo: '.$name;
+function getVideosByYearAndTypeAndTendu($year, $type, $tendu) {
+  $year = mysql_real_escape_string($year);
+  $type = mysql_real_escape_string($type);
+  $tendu = mysql_real_escape_string($tendu);
+  if ($year == 0)
+    $query = "select * from $DB.videos_db
+	      WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)<='2000'
+	      ORDER BY video_date desc";
+  else
+    $query = "select * from $DB.videos_db
+	      WHERE video_type='$type' AND video_tendu<='$tendu' AND YEAR(video_date)='$year'
+	      ORDER BY video_date desc";
+  return mysql_query($query);
+}
 
-  $query = " INSERT INTO `news_db` ";
-  $query .= "( `news_id`, `news_title`, `news_date`, `news_time`, `news_comment`, `news_user_id`, `news_tendu`)";
+function getLastVideosByTendu($tendu) {
+  $tendu = mysql_real_escape_string($tendu);
+  $query = "select * from $DB.videos_db WHERE video_tendu<='$tendu' ORDER BY video_id desc";
+  return mysql_query($query);
+}
 
-  $query .= "VALUES ( '', '$title', '$date', '$time', '$comment', '$id_user', '$tendu') ";
-  mysql_query($query)
-    or die("Query fucked");
+##################################
+##########  SQL CONTACTS  ########
+##################################
+
+function getAssoInfos() {
+  $query = "select * from $DB.asso_db";
+  return mysql_query($query);
 }
 
+function getOneLinkById($id) {
+  $id = mysql_real_escape_string($id);
+  $query = "select * from $DB.links_db WHERE link_id='$id'";
+  return mysql_query($query);
+}
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminPhotos"> '; // automatique redirection
+function getAllLinks() {
+  $query = "select * from $DB.links_db";
+  return mysql_query($query);
 }
 
+###############################
+##########  SQL USERS  ########
+###############################
 
-function adminModifPhoto(){
+function getOneUserByLogin($login) {
+  $login = mysql_real_escape_string($login);
+  $query = "select * from $DB.users_db WHERE user_login='$login'";
+  return mysql_query($query);
+}
 
-  $name = $_POST['photo_get_upname'];
-  $path = $_POST['photo_get_path'];
-  $tar = $_POST['photo_img_path'];
-  $size = $_POST['photo_get_size'];
-  $date = $_POST['photo_get_date'];
-  $type = $_POST['photo_get_type'];
-  $comment = $_POST['photo_get_comment'];
-  $tendu =  $_POST['photo_get_tendu'];
+function getOneUserByPseudo($pseudo) {
+  $pseudo = mysql_real_escape_string($pseudo);
+  $query = "select * from $DB.users_db WHERE user_pseudo='$pseudo'";
+  return mysql_query($query);
+}
 
-  $vid_id =  $_GET['vid_id'];
+function getOneUserById($id) {
+  $id = mysql_real_escape_string($id);
+  $query = "select * from $DB.users_db WHERE user_id='$id'";
+  return mysql_query($query);
+}
 
-  $query = " UPDATE `photos_db` ";
-  $query .= " SET `photo_name` = '$name', `photo_path` = '$path', `photo_date` = '$date', `photo_size` = '$size',
-		 `photo_time` = 'get_time()', `photo_type` = '$type', `photo_comment` = '$comment', `photo_tendu` = '$tendu' ";
-  $query .=  " WHERE `photo_id` = '$vid_id' LIMIT 1";
+function getAllUsers() {
+  $query = "select * from $DB.users_db WHERE user_right < 7 ORDER BY user_right desc";
+  return mysql_query($query);
+}
 
-  mysql_query($query)
-    or die("Query failed");
+function getUsersByStatut($statut) {
+  $statut = mysql_real_escape_string($statut);
+  $query = "SELECT * FROM $DB.users_db WHERE user_statut='$statut' ORDER BY user_right desc";
+  return mysql_query($query);
+}
 
+################################
+##########  SQL MEMBERS  ########
+################################
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminPhotos"> '; // automatique redirection
+function getAllMembers() {
+  $query = "select * from $DB.users_db WHERE user_right >= 7";
+  return mysql_query($query);
+}
 
+function getAnExistingStatut($statut) {
+  $statut = mysql_real_escape_string($statut);
+  $query = "select * from $DB.users_db WHERE user_statut = '$statut'";
+  return mysql_query($query);
 }
 
- function adminDeletePhoto(){
+####################################
+##########   SQL Blacklist  ########
+####################################
 
-  $name = $_POST['photo_get_upname'];
-  $path = $_POST['file_serveur'];
-  $date = $_POST['photo_get_date'];
-  $up_date = get_time();
-  $vid_id =  $_GET['vid_id'];
+function getOneBlacklistById($id) {
+  $id = mysql_real_escape_string($id);
+  $query = "select * from $DB.blacklist_db WHERE blacklist_id='$id'";
+  return mysql_query($query);
+}
 
-  $query = " DELETE FROM `photos_db` ";
-  $query .=  " WHERE `photo_id` = '$vid_id' LIMIT 1";
+function getOneBlacklistByLogin($login) {
+  $login = mysql_real_escape_string($login);
+  $query = "select * from $DB.blacklist_db WHERE blacklist_login='$login'";
+  return mysql_query($query);
+}
 
-  mysql_query($query)
-    or die("Query failed");
+function getAllBlacklist() {
+  $query = "select * from $DB.blacklist_db";
+  return mysql_query($query);
+}
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminPhotos"> '; // automatique redirection
+function getAllBlacksite() {
+  $query = "select * from $DB.blacksites_db";
+  return mysql_query($query);
 }
 
+function getOneBlacksiteById($id) {
+  $id = mysql_real_escape_string($id);
+  $query = "select * from $DB.blacksites_db WHERE blacksite_id='$id'";
+  return mysql_query($query);
+}
 
 
+/* FIXME: Check strip under here */
 
 
 #######################################################
@@ -622,7 +720,7 @@ function adminAddBlacklist(){
   mysql_query($query)
     or die("Query failed");
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
+  echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
 }
 
 
@@ -673,7 +771,7 @@ function adminAddBlacksite(){
   mysql_query($query)
     or die("Query failed");
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
+  echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
 }
 
 
@@ -690,7 +788,7 @@ function adminModifBlacksite(){
   mysql_query($query)
     or die("Query failed");
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
+  echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
 }
 
 
@@ -704,9 +802,7 @@ function adminDelBlacksite(){
   mysql_query($query)
     or die("Query failed");
 
-echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
+  echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL=index.php?html=AdminHome&section_admin=AdminBlacklist"> '; // automatique redirection
 }
 
-
-
 ?>
\ No newline at end of file
diff --git a/index.php b/index.php
index 1380e74f557f1a6538f0df3cd760a120cf42e78b..ca3fc7c7e2f9d4e0d4487bc6a463ac5832a5cffc 100644
--- a/index.php
+++ b/index.php
@@ -2,11 +2,12 @@
 session_start();
 
 // include all stuff
-include_once "include/db_connect.php";
-include_once "include/functions_sql.php";
+include_once "include/global.php";
+include_once "include/sql.php";
+include_once "include/auth.php";
 include_once "include/functions_www.php";
 include_once "include/functions_display.php";
-include_once "include/global.php";
+include_once "include/rss.php";
 include_once "include/html.php";
 include_once "include/menu.php";
 include_once "include/footer.php";
@@ -19,32 +20,13 @@ include_once "include/contacts.php";
 include_once "include/dailymotion.php";
 include_once "include/admin_home.php";
 
-// define user right and id if new session
-if (!$_SESSION["user_id"] or !$_SESSION["user_right"]) {
-  $_SESSION["user_id"] = 0;
-  $_SESSION["user_right"] = 0;
- }
-
-// if user is blacklisted redirect it
-if ($_SESSION["user_right"] == -1) {
-  go_random_blacksite();
-  return;
- }
-
-// No logged user is allowed without https!
-if ($_SERVER['HTTPS'] != "on" && $_SESSION["user_id"] > 0)
-  userDisconnect();
-
-// Authentification process
-if ($_GET['connect']) {
-  $connect_tv = $_GET['connect'];
-  if ($connect_tv == 1)
-      checkUser($_POST['user_login'], $_POST['user_pass']);
-  else if ($connect_tv == -1)
-    userDisconnect();
- }
-
-// Download video
+// initinialize db connections
+sql_init();
+
+// initialize auth system
+auth_init();
+
+// Video download
 if ($_GET['video'])
   return getVideo();
 
@@ -52,6 +34,10 @@ if ($_GET['video'])
 if ($_GET['dailymotion'])
   return getDailymotion();
 
+// Get an rss stream
+if ($_GET['rss'])
+  return getRss();
+
 // Display section
 getHtml();
 ?>